Barracuda API – Manage a domain using PowerShell

0
1378

Here’s how you can use the Barracuda API and PowerShell to manage domain settings:
$URL = “https://barracudaurl.com/cgi-mod/api.cgi?password=123”
$DomainName = “domain.com”
$auth_sso_ldap_port = “389” # Domain SSO LDAP Port
$auth_sso_ldap_server = “10.1.1.1 10.1.1.2” # Domain SSO LDAP Server
$auth_sso_ldap_uid = “sAMAccountName”
$auth_sso_ldap_username = “barracudaldap@domain.com” # Domain SSO LDAP Username
$auth_type = “LDAP”
$mta_ldap_advanced_email_attr = “mail” # Domain LDAP Email Attribute
$mta_ldap_advanced_filter = ‘(|(othermailbox=smtp$${recipient_email})(othermailbox=smtp:${recipient_email})(proxyaddresses=smtp$${recipient_email})(proxyaddresses=smtp:${recipient_email})(mail=${recipient_email})(userPrincipalName=${recipient_email}))’ # Domain LDAP Filter
$mta_ldap_advanced_host = “10.1.1.1 10.1.1.2” # Domain LDAP Server
$mta_ldap_advanced_password = “LDAPPassword” # Domain LDAP Password
$mta_ldap_advanced_port = “389” # Domain LDAP Server Port
$mta_ldap_advanced_searchbase = ‘${defaultNamingContext}’ # Domain LDAP Search Base
$mta_ldap_advanced_searchbase_blank = “No” # Blank LDAP searchbase
$mta_ldap_advanced_server_type = “Active Directory”
$mta_ldap_advanced_tls_mode = “No” # Domain LDAP SSL/TLS Mode
$mta_ldap_advanced_tls_require = “No” # Domain LDAP SSL/TLS Constraint
$mta_ldap_advanced_unique_attr = “sAMAccountName” # Domain LDAP Unique Attribute
$mta_ldap_advanced_username = “barracudaldap@domain.com” # Domain LDAP Username
$mta_recipient_verify_advanced_exchange = “Yes” # Domain Use LDAP Flag
$mta_recipient_verify_advanced_unify = “Yes” # Domain Account Unification Flag
$mta_relay_advanced_host = “” # Domain Destination Relay Server
$mta_relay_advanced_port = “25” # Domain Destination Relay Server Port
$mta_relay_advanced_use_mx = “No” # Use MX Instead of A Record For Forwarding
$scana_pd_block_level = “5” # Domain Spam Block Score
$scana_pd_pu_preferences = “Yes” # Domain Per-User Preferences
$scana_pd_pu_quarantine = “Yes” # Domain Per-User Quarantine Flag
$scana_pd_quarantine_email = “quarantine@domain.com” # Domain Global Quarantine Email Address
$scana_pd_quarantine_level = “3” # Domain Spam Quarantine Score
$scana_pd_spam_scan = “Yes” # Domain Spam Scan Flag
$scana_pd_spoof_protect = “No” # Domain Spoof Protect Flag
$scana_pd_tag_level = “10” # Per-Domain Spam Tag Score
$scana_pd_virus_scan = “Yes” # Domain Virus Flag

$Xml = “<methodCall>
<methodName>config.set</methodName>
<params>
<param>
<value>
<struct>

<member>
<name>auth_sso_ldap_port</name>
<value>$auth_sso_ldap_port</value>
</member>
<member>
<name>auth_sso_ldap_server</name>
<value>$auth_sso_ldap_server</value>
</member>

<member>
<name>auth_sso_ldap_uid</name>
<value>$auth_sso_ldap_uid</value>
</member>

<member>
<name>auth_sso_ldap_username</name>
<value>$auth_sso_ldap_username</value>
</member>

<member>
<name>auth_type</name>
<value>$auth_type</value>
</member>

<member>
<name>mta_ldap_advanced_email_attr</name>
<value>$mta_ldap_advanced_email_attr</value>
</member>

<member>
<name>mta_ldap_advanced_filter</name>
<value>$mta_ldap_advanced_filter</value>
</member>

<member>
<name>mta_ldap_advanced_host</name>
<value>$mta_ldap_advanced_host</value>
</member>

<member>
<name>mta_ldap_advanced_password</name>
<value>$mta_ldap_advanced_password</value>
</member>

<member>
<name>mta_ldap_advanced_port</name>
<value>$mta_ldap_advanced_port</value>
</member>

<member>
<name>mta_ldap_advanced_searchbase</name>
<value>$mta_ldap_advanced_searchbase</value>
</member>

<member>
<name>mta_ldap_advanced_searchbase_blank</name>
<value>$mta_ldap_advanced_searchbase_blank</value>
</member>

<member>
<name>mta_ldap_advanced_server_type</name>
<value>$mta_ldap_advanced_server_type</value>
</member>

<member>
<name>mta_ldap_advanced_tls_require</name>
<value>$mta_ldap_advanced_tls_require</value>
</member>

<member>
<name>mta_ldap_advanced_tls_mode</name>
<value>$mta_ldap_advanced_tls_mode</value>
</member>

<member>
<name>mta_ldap_advanced_unique_attr</name>
<value>$mta_ldap_advanced_unique_attr</value>
</member>

<member>
<name>mta_ldap_advanced_username</name>
<value>$mta_ldap_advanced_username</value>
</member>

<member>
<name>mta_recipient_verify_advanced_exchange</name>
<value>$mta_recipient_verify_advanced_exchange</value>
</member>

<member>
<name>mta_recipient_verify_advanced_unify</name>
<value>$mta_recipient_verify_advanced_unify</value>
</member>

<member>
<name>mta_relay_advanced_host</name>
<value>$mta_relay_advanced_host</value>
</member>

<member>
<name>mta_relay_advanced_port</name>
<value>$mta_relay_advanced_port</value>
</member>
<member>
<name>mta_relay_advanced_use_mx</name>
<value>$mta_relay_advanced_use_mx</value>
</member>
<member>
<name>scana_pd_block_level</name>
<value>$scana_pd_block_level</value>
</member>
<member>
<name>scana_pd_pu_preferences</name>
<value>$scana_pd_pu_preferences</value>
</member>
<member>
<name>scana_pd_pu_quarantine</name>
<value>$scana_pd_pu_quarantine</value>
</member>
<member>
<name>scana_pd_quarantine_email</name>
<value>$scana_pd_quarantine_email</value>
</member>
<member>
<name>scana_pd_quarantine_level</name>
<value>$scana_pd_quarantine_level</value>
</member>
<member>
<name>scana_pd_spam_scan</name>
<value>$scana_pd_spam_scan</value>
</member>
<member>
<name>scana_pd_spoof_protect</name>
<value>$scana_pd_spoof_protect</value>
</member>
<member>
<name>scana_pd_tag_level</name>
<value>$scana_pd_tag_level</value>
</member>
<member>
<name>scana_pd_virus_scan</name>
<value>$scana_pd_virus_scan</value>
</member>

#Member to affect and member type
<member>
<name>path</name>
<value>
<string><![CDATA[$DomainName]]></string>
</value>
</member>

<member>
<name>type</name>
<value>
<string><![CDATA[domain]]></string>
</value>
</member>

</struct>
</value>
</param>
</params>
</methodCall>”
$http_request = New-Object -ComObject Msxml2.XMLHTTP
$http_request.open(‘POST’, $URL, $false)
$http_request.setRequestHeader(“Content-type”, “text/xml”)
$http_request.setRequestHeader(“Content-length”, $Xml.length)
$http_request.setRequestHeader(“Connection”, “close”)
$http_request.send($Xml)
$http_request.statusText
$http_request.responseText

If you would like to take this example and set other variables, you can download a configuration backup which will show you all available variables and their current values. This is a good starting point as the variable names often don’t match the GUI.

Hope this makes your life that little bit easier 🙂

LEAVE A REPLY