Fix readme and manifest

README.md

@@ -14,16 +14,13 @@ The Universal Orchestrator is part of the Keyfactor software distribution and is
 The Universal Orchestrator is the successor to the Windows Orchestrator. This Orchestrator Extension plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator.
 
 
-
-
 ## Support for Citrix Netscaler Universal Orchestrator
 
 Citrix Netscaler Universal Orchestrator is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket with your Keyfactor representative.
 
 ###### To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.
 
 
-
 ---
 
 
@@ -120,6 +117,13 @@ API Endpoint|Methods
 /nitro/v1/config/sslcertkey_service_binding| get, update, add, delete
 /nitro/v1/config/systemfile| get, add, delete
 
+Here is a sample policy with Min Permissions:
+* Action: 
+Allow
+* Command Spec: 
+(^stat\s+(cr|cs|lb|system|vpn))|(^(add|rm|show)\s+system\s+file\s+.*)|(^\S+\s+ssl\s+.*)|(^(show|stat|sync)\s+HA\s+.*)|(^save\s+ns\s+config)|(^(switch|show)\s+ns\s+partition.*)
+
+
 ### Upgrade Procedures
 
 * Upgrade From v1.0.2 to v2.0.0
@@ -160,7 +164,7 @@ API Endpoint|Methods
 **Basic Settings**
 
 CONFIG ELEMENT	| VALUE | DESCRIPTION
-------------------|------------------
+------------------|------------------|----------------
 Name  |Citrix ADC	|A descriptive name for the extension.  Example:  CitrixAdc
 Short Name|CitrixADC|The short name that identifies the registered functionality of the orchestrator. Must be CitrixAdc.
 Custom Capability|Unchecked|Store type name orchestrator will register with.
@@ -174,7 +178,7 @@ Supports Entry Password|Unchecked |Determined if an individual entry within a st
 **Advanced Settings**
 
 CONFIG ELEMENT	| VALUE | DESCRIPTION
-------------------|------------------
+------------------|------------------|----------------
 Store Path Type	|Freeform	|Determines what restrictions are applied to the store path field when configuring a new store.
 Supports Custom	Alias		|Required	|Determines if an individual entry within a store can have a custom Alias.
 Private Keys	|Required	|This determines if Keyfactor can send the private key associated with a certificate to the store.  This is required since Citrix ADC will need the private key material to establish TLS connections.
@@ -192,17 +196,10 @@ ServerUseSsl|Use SSL|Bool|True|Yes|Determine whether the server uses SSL or not
 
 Name|Display Name|Type|Default Value|Required|Description
 ---|---|---|---|---|---
-virtualServerName|Virtual Server Name|String| |Leave All Unchecked|Contains the name of the VServer the operation should be performed upon
+virtualServerName|Virtual Server Name|String| |Leave All Unchecked|When Enrolling, this can be a single or comma separated list of VServers in NetScaler to replace. <br/>**NOTE:** When adding multiple VServers, each certificate will contain the same alias name.
 sniCert|SNI Cert|String|false
 
 
-#### STORE TYPE ENTRY PARAMS
-CONFIG ELEMENT	| DESCRIPTION
-------------------|------------------
-Alias | When Enrolling, this is the name of the Certificate that will be installed on NetScaler.
-Virtual Server	| When Enrolling, this can be a single or comma separated list of VServers in NetScaler to replace. <br/>**NOTE:** When adding multiple VServers, each certificate will contain the same alias name.
-SNI Cert| When multiple VServers are used, a comma separated value must be accompanied with each VServer name.
-
 </details>
 
 <details>

integration-manifest.json

@@ -1,34 +1,115 @@
 {
-  "$schema": "https://keyfactor.github.io/integration-manifest-schema.json",
-  "integration_type": "orchestrator",
-  "name": "Citrix Netscaler Universal Orchestrator",
-  "status": "production",
-  "link_github": true,
-  "update_catalog": true,
-  "support_level": "kf-supported",
-  "description": "Orchestrator to manage certificates and keys on one to many VServers in Netscaler.  The integration supports Enrollment, Renewal, Inventory and Remove from Store.",
-  "about": {
-    "orchestrator": {
-      "UOFramework": "10.1",
-      "pam_support": true,
-      "win": {
-        "supportsCreateStore": false,
-        "supportsDiscovery": false,
-        "supportsManagementAdd": true,
-        "supportsManagementRemove": true,
-        "supportsReenrollment": false,
-        "supportsInventory": true,
-        "platformSupport": "Unused"
-      },
-      "linux": {
-        "supportsCreateStore": false,
-        "supportsDiscovery": false,
-        "supportsManagementAdd": true,
-        "supportsManagementRemove": true,
-        "supportsReenrollment": false,
-        "supportsInventory": true,
-        "platformSupport": "Unused"
+   "$schema":"https://keyfactor.github.io/integration-manifest-schema.json",
+   "integration_type":"orchestrator",
+   "name":"Citrix Netscaler Universal Orchestrator",
+   "status":"production",
+   "link_github":true,
+   "update_catalog":true,
+   "support_level":"kf-supported",
+   "description":"Orchestrator to manage certificates and keys on one to many VServers in Netscaler.  The integration supports Enrollment, Renewal, Inventory and Remove from Store.",
+   "about":{
+      "orchestrator":{
+         "UOFramework":"10.1",
+         "pam_support":true,
+         "win":{
+            "supportsCreateStore":false,
+            "supportsDiscovery":false,
+            "supportsManagementAdd":true,
+            "supportsManagementRemove":true,
+            "supportsReenrollment":false,
+            "supportsInventory":true,
+            "platformSupport":"Unused"
+         },
+         "linux":{
+            "supportsCreateStore":false,
+            "supportsDiscovery":false,
+            "supportsManagementAdd":true,
+            "supportsManagementRemove":true,
+            "supportsReenrollment":false,
+            "supportsInventory":true,
+            "platformSupport":"Unused"
+         },
+         "store_types":{
+            "CitrixAdc":{
+               "Name":"CitrixAdc",
+               "ShortName":"CitrixAdc",
+               "Capability":"CitrixAdc",
+               "LocalStore":false,
+               "SupportedOperations":{
+                  "Add":true,
+                  "Create":false,
+                  "Discovery":false,
+                  "Enrollment":false,
+                  "Remove":true
+               },
+               "Properties":[
+                  {
+                     "Name":"ServerUsername",
+                     "DisplayName":"Server Username",
+                     "Type":"Secret",
+                     "DependsOn":null,
+                     "DefaultValue":null,
+                     "Required":false
+                  },
+                  {
+                     "Name":"ServerPassword",
+                     "DisplayName":"Server Password",
+                     "Type":"Secret",
+                     "DependsOn":null,
+                     "DefaultValue":null,
+                     "Required":false
+                  },
+                  {
+                     "Name":"ServerUseSsl",
+                     "DisplayName":"Use SSL",
+                     "Type":"Bool",
+                     "DependsOn":null,
+                     "DefaultValue":"true",
+                     "Required":true
+                  }
+               ],
+               "EntryParameters":[
+                  {
+                     "Name":"virtualServerName",
+                     "DisplayName":"Virtual Server Name",
+                     "Type":"String",
+                     "RequiredWhen":{
+                        "HasPrivateKey":false,
+                        "OnAdd":false,
+                        "OnRemove":false,
+                        "OnReenrollment":false
+                     }
+                  },
+                  {
+                     "Name":"sniCert",
+                     "DisplayName":"SNI Cert",
+                     "Type":"String",
+                     "RequiredWhen":{
+                        "HasPrivateKey":false,
+                        "OnAdd":true,
+                        "OnRemove":false,
+                        "OnReenrollment":false
+                     },
+                     "DefaultValue":"FALSE"
+                  }
+               ],
+               "PasswordOptions":{
+                  "EntrySupported":false,
+                  "StoreRequired":false,
+                  "Style":"Default"
+               },
+               "PrivateKeyAllowed":"Required",
+               "JobProperties":[
+                  "virtualServerName",
+                  "sniCert"
+               ],
+               "ServerRequired":true,
+               "PowerShell":false,
+               "BlueprintAllowed":false,
+               "CustomAliasAllowed":"Required",
+               "InventoryEndpoint":"/AnyInventory/Update"
+            }
+         }
       }
-    }
-  }
+   }
 }

readme_source.md

@@ -16,6 +16,13 @@ API Endpoint|Methods
 /nitro/v1/config/sslcertkey_service_binding| get, update, add, delete
 /nitro/v1/config/systemfile| get, add, delete
 
+Here is a sample policy with Min Permissions:
+* Action: 
+Allow
+* Command Spec: 
+(^stat\s+(cr|cs|lb|system|vpn))|(^(add|rm|show)\s+system\s+file\s+.*)|(^\S+\s+ssl\s+.*)|(^(show|stat|sync)\s+HA\s+.*)|(^save\s+ns\s+config)|(^(switch|show)\s+ns\s+partition.*)
+
+
 ### Upgrade Procedures
 
 * Upgrade From v1.0.2 to v2.0.0
@@ -56,7 +63,7 @@ API Endpoint|Methods
 **Basic Settings**
 
 CONFIG ELEMENT	| VALUE | DESCRIPTION
-------------------|------------------
+------------------|------------------|----------------
 Name  |Citrix ADC	|A descriptive name for the extension.  Example:  CitrixAdc
 Short Name|CitrixADC|The short name that identifies the registered functionality of the orchestrator. Must be CitrixAdc.
 Custom Capability|Unchecked|Store type name orchestrator will register with.
@@ -70,7 +77,7 @@ Supports Entry Password|Unchecked |Determined if an individual entry within a st
 **Advanced Settings**
 
 CONFIG ELEMENT	| VALUE | DESCRIPTION
-------------------|------------------
+------------------|------------------|----------------
 Store Path Type	|Freeform	|Determines what restrictions are applied to the store path field when configuring a new store.
 Supports Custom	Alias		|Required	|Determines if an individual entry within a store can have a custom Alias.
 Private Keys	|Required	|This determines if Keyfactor can send the private key associated with a certificate to the store.  This is required since Citrix ADC will need the private key material to establish TLS connections.
@@ -88,17 +95,10 @@ ServerUseSsl|Use SSL|Bool|True|Yes|Determine whether the server uses SSL or not
 
 Name|Display Name|Type|Default Value|Required|Description
 ---|---|---|---|---|---
-virtualServerName|Virtual Server Name|String| |Leave All Unchecked|Contains the name of the VServer the operation should be performed upon
+virtualServerName|Virtual Server Name|String| |Leave All Unchecked|When Enrolling, this can be a single or comma separated list of VServers in NetScaler to replace. <br/>**NOTE:** When adding multiple VServers, each certificate will contain the same alias name.
 sniCert|SNI Cert|String|false
 
 
-#### STORE TYPE ENTRY PARAMS
-CONFIG ELEMENT	| DESCRIPTION
-------------------|------------------
-Alias | When Enrolling, this is the name of the Certificate that will be installed on NetScaler.
-Virtual Server	| When Enrolling, this can be a single or comma separated list of VServers in NetScaler to replace. <br/>**NOTE:** When adding multiple VServers, each certificate will contain the same alias name.
-SNI Cert| When multiple VServers are used, a comma separated value must be accompanied with each VServer name.
-
 </details>
 
 <details>
@@ -142,4 +142,4 @@ Case Number|Case Name|Enrollment Params|Expected Results|Passed|Screenshot
 13	|Add Sni Cert To Multiple VServers and bind|**Alias:** TC13.boingy.com<br/>**Virtual Server Name:** TestVServer,TestVServer2<br/>**Sni Cert:** false,true|Adds and binds Cert to TestVServer and adds and binds Sni Cert to TestVServer2|True|![](Images/TC13.gif)
 14	|Inventory |No Params|Will Perform Inventory and pull down all Certs Tied to VServers|True|![](Images/TC14.gif)
 
-</details>
+</details>