diff --git a/xActiveDirectory.psd1 b/ActiveDirectoryDsc.psd1 similarity index 78% rename from xActiveDirectory.psd1 rename to ActiveDirectoryDsc.psd1 index 4fd5c709f..a063f957b 100644 --- a/xActiveDirectory.psd1 +++ b/ActiveDirectoryDsc.psd1 @@ -15,9 +15,9 @@ CompanyName = 'Microsoft Corporation' Copyright = '(c) 2014 Microsoft Corporation. All rights reserved.' # Description of the functionality provided by this module -Description = 'The xActiveDirectory module is originally part of the Windows PowerShell Desired State Configuration (DSC) Resource Kit. This version has been modified for use in Azure. This module contains the xADDomain, xADDomainController, xADUser, and xWaitForDomain resources. These DSC Resources allow you to configure and manage Active Directory. +Description = 'The ActiveDirectoryDsc module contains DSC resources for deployment and configuration of Active Directory. -All of the resources in the DSC Resource Kit are provided AS IS, and are not supported through any Microsoft standard support program or service.' +These DSC resources allow you to configure new domains, child domains, and high availability domain controllers, establish cross-domain trusts and manage users, groups and OUs.' # Minimum version of the Windows PowerShell engine required by this module PowerShellVersion = '4.0' @@ -40,16 +40,16 @@ PrivateData = @{ Tags = @('DesiredStateConfiguration', 'DSC', 'DSCResourceKit', 'DSCResource') # A URL to the license for this module. - LicenseUri = 'https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE' + LicenseUri = 'https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE' # A URL to the main website for this project. - ProjectUri = 'https://github.com/PowerShell/xActiveDirectory' + ProjectUri = 'https://github.com/PowerShell/ActiveDirectoryDsc' # A URL to an icon representing this module. # IconUri = '' # ReleaseNotes of this module - ReleaseNotes = '- Changes to xActiveDirectory + ReleaseNotes = '- Changes to ActiveDirectoryDsc - Added new helper functions in xADCommon, see each functions comment-based help for more information. - Convert-PropertyMapToObjectProperties @@ -61,16 +61,16 @@ PrivateData = @{ - Common Tests - Custom Script Analyzer Rules - Common Tests - Required Script Analyzer Rules - Common Tests - Flagged Script Analyzer Rules - - Common Tests - Validate Module Files ([issue 282](https://github.com/PowerShell/xActiveDirectory/issues/282)) - - Common Tests - Validate Script Files ([issue 283](https://github.com/PowerShell/xActiveDirectory/issues/283)) - - Common Tests - Relative Path Length ([issue 284](https://github.com/PowerShell/xActiveDirectory/issues/284)) - - Common Tests - Validate Markdown Links ([issue 280](https://github.com/PowerShell/xActiveDirectory/issues/280)) - - Common Tests - Validate Localization ([issue 281](https://github.com/PowerShell/xActiveDirectory/issues/281)) - - Common Tests - Validate Example Files ([issue 279](https://github.com/PowerShell/xActiveDirectory/issues/279)) - - Common Tests - Validate Example Files To Be Published ([issue 311](https://github.com/PowerShell/xActiveDirectory/issues/311)) - - Move resource descriptions to Wiki using auto-documentation ([issue 289](https://github.com/PowerShell/xActiveDirectory/issues/289)) + - Common Tests - Validate Module Files ([issue 282](https://github.com/PowerShell/ActiveDirectoryDsc/issues/282)) + - Common Tests - Validate Script Files ([issue 283](https://github.com/PowerShell/ActiveDirectoryDsc/issues/283)) + - Common Tests - Relative Path Length ([issue 284](https://github.com/PowerShell/ActiveDirectoryDsc/issues/284)) + - Common Tests - Validate Markdown Links ([issue 280](https://github.com/PowerShell/ActiveDirectoryDsc/issues/280)) + - Common Tests - Validate Localization ([issue 281](https://github.com/PowerShell/ActiveDirectoryDsc/issues/281)) + - Common Tests - Validate Example Files ([issue 279](https://github.com/PowerShell/ActiveDirectoryDsc/issues/279)) + - Common Tests - Validate Example Files To Be Published ([issue 311](https://github.com/PowerShell/ActiveDirectoryDsc/issues/311)) + - Move resource descriptions to Wiki using auto-documentation ([issue 289](https://github.com/PowerShell/ActiveDirectoryDsc/issues/289)) - Move helper functions from MSFT_xADCommon to the module - xActiveDirectory.Common ([issue 288](https://github.com/PowerShell/xActiveDirectory/issues/288)). + ActiveDirectoryDsc.Common ([issue 288](https://github.com/PowerShell/ActiveDirectoryDsc/issues/288)). - Removed helper function `Test-ADDomain` since it was not used. The helper function had design flaws too. - Now the helper function `Test-Members` outputs all the members that @@ -83,13 +83,13 @@ PrivateData = @{ xADComputer. - Cleanup of code - Removed semicolon throughout where it is not needed. - - Migrate tests to Pester syntax v4.x ([issue 322](https://github.com/PowerShell/xActiveDirectory/issues/322)). + - Migrate tests to Pester syntax v4.x ([issue 322](https://github.com/PowerShell/ActiveDirectoryDsc/issues/322)). - Removed `-MockWith {}` in unit tests. - Use fully qualified type names for parameters and variables - ([issue 374](https://github.com/PowerShell/xActiveDirectory/issues/374)). + ([issue 374](https://github.com/PowerShell/ActiveDirectoryDsc/issues/374)). - Removed unused legacy test files from the root of the repository. - Updated Example List README with missing resources. - - Added missing examples for xADReplicationSubnet, xADServicePrincipalName and xWaitForADDomain. ([issue 395](https://github.com/PowerShell/xActiveDirectory/issues/395)). + - Added missing examples for xADReplicationSubnet, xADServicePrincipalName and xWaitForADDomain. ([issue 395](https://github.com/PowerShell/ActiveDirectoryDsc/issues/395)). - Changes to xADComputer - Refactored the resource and the unit tests. - BREAKING CHANGE: The `Enabled` property is **DEPRECATED** and is no @@ -106,8 +106,8 @@ PrivateData = @{ - Moved examples from the README.md to separate example files in the Examples folder. - Fix the RestoreFromRecycleBin description. - - Fix unnecessary cast in `Test-TargetResource` ([issue 295](https://github.com/PowerShell/xActiveDirectory/issues/295)). - - Fix ServicePrincipalNames property empty string exception ([issue 382](https://github.com/PowerShell/xActiveDirectory/issues/382)). + - Fix unnecessary cast in `Test-TargetResource` ([issue 295](https://github.com/PowerShell/ActiveDirectoryDsc/issues/295)). + - Fix ServicePrincipalNames property empty string exception ([issue 382](https://github.com/PowerShell/ActiveDirectoryDsc/issues/382)). - Changes to xADGroup - Change the description of the property RestoreFromRecycleBin. - Code cleanup. @@ -119,11 +119,11 @@ PrivateData = @{ - Changes to xADOrganizationalUnit - Change the description of the property RestoreFromRecycleBin. - Code cleanup. - - Fix incorrect verbose message when this resource has Ensure set to Absent ([issue 276](https://github.com/PowerShell/xActiveDirectory/issues/276)). + - Fix incorrect verbose message when this resource has Ensure set to Absent ([issue 276](https://github.com/PowerShell/ActiveDirectoryDsc/issues/276)). - Changes to xADUser - Change the description of the property RestoreFromRecycleBin. - - Added ServicePrincipalNames property ([issue 153](https://github.com/PowerShell/xActiveDirectory/issues/153)). - - Added ChangePasswordAtLogon property ([issue 246](https://github.com/PowerShell/xActiveDirectory/issues/246)). + - Added ServicePrincipalNames property ([issue 153](https://github.com/PowerShell/ActiveDirectoryDsc/issues/153)). + - Added ChangePasswordAtLogon property ([issue 246](https://github.com/PowerShell/ActiveDirectoryDsc/issues/246)). - Code cleanup. - Added LogonWorkstations property - Added Organization property @@ -133,10 +133,10 @@ PrivateData = @{ - Added CompoundIdentitySupported property - Added PasswordNotRequired property - Added SmartcardLogonRequired property - - Added ProxyAddresses property ([Issue 254](https://github.com/PowerShell/xActiveDirectory/issues/254)). + - Added ProxyAddresses property ([Issue 254](https://github.com/PowerShell/ActiveDirectoryDsc/issues/254)). - Fix Password property being updated whenever another property is changed - ([issue 384](https://github.com/PowerShell/xActiveDirectory/issues/384)). - - Replace Write-Error with the correct helper function ([Issue 331](https://github.com/PowerShell/xActiveDirectory/issues/331)). + ([issue 384](https://github.com/PowerShell/ActiveDirectoryDsc/issues/384)). + - Replace Write-Error with the correct helper function ([Issue 331](https://github.com/PowerShell/ActiveDirectoryDsc/issues/331)). - Changes to xADDomainController - Change the `Requires` statement in the Examples to require the correct module. @@ -156,15 +156,15 @@ PrivateData = @{ - Suppressing the Script Analyzer rule `PSAvoidGlobalVars` since the resource is using the `$global:DSCMachineStatus` variable to trigger a reboot. - - Added missing property schema descriptions ([issue 369](https://github.com/PowerShell/xActiveDirectory/issues/369)). + - Added missing property schema descriptions ([issue 369](https://github.com/PowerShell/ActiveDirectoryDsc/issues/369)). - Code cleanup. - Changes to xADRecycleBin - Remove unneeded example and resource designer files. - - Added missing property schema descriptions ([issue 368](https://github.com/PowerShell/xActiveDirectory/issues/368)). + - Added missing property schema descriptions ([issue 368](https://github.com/PowerShell/ActiveDirectoryDsc/issues/368)). - Code cleanup. - It now sets back the `$ErrorActionPreference` that was set prior to setting it to `"Stop"`. - - Replace Write-Error with the correct helper function ([issue 327](https://github.com/PowerShell/xActiveDirectory/issues/327)). + - Replace Write-Error with the correct helper function ([issue 327](https://github.com/PowerShell/ActiveDirectoryDsc/issues/327)). - Changes to xADReplicationSiteLink - Fix ADIdentityNotFoundException when creating a new site link. - Code cleanup. diff --git a/CHANGELOG.md b/CHANGELOG.md index b35f43447..0ab94feca 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,94 +1,123 @@ -# Change log for xActiveDirectory +# Change log for ActiveDirectoryDsc ## Unreleased -- Changes to xActiveDirectory +- Changes to ActiveDirectoryDsc + - BREAKING CHANGE: Renamed the xActiveDirectory to ActiveDirectoryDsc + and removed the 'x' from all resource names ([issue #312](https://github.com/PowerShell/ActiveDirectoryDsc/issues/312)). - Added a Requirements section to every DSC resource README with the bullet point stating "Target machine must be running Windows Server - 2008 R2 or later" ([issue #399](https://github.com/PowerShell/xActiveDirectory/issues/399)). + 2008 R2 or later" ([issue #399](https://github.com/PowerShell/ActiveDirectoryDsc/issues/399)). - Added 'about_\.help.txt' file to all resources - ([issue #404](https://github.com/PowerShell/xActiveDirectory/issues/404)). + ([issue #404](https://github.com/PowerShell/ActiveDirectoryDsc/issues/404)). - Fixed an issue that the helper function `Add-ADCommonGroupMember` was not outputting the correct group name in a verbose message and in an error message. - Style guideline cleanup. - Cleaned up some minor style violations in the code. - All localized strings in the resources now has a string ID suffix - ([issue #419](https://github.com/PowerShell/xActiveDirectory/issues/419)). + ([issue #419](https://github.com/PowerShell/ActiveDirectoryDsc/issues/419)). - All schema properties description now ends with full stop (.) - ([issue #420](https://github.com/PowerShell/xActiveDirectory/issues/420)). + ([issue #420](https://github.com/PowerShell/ActiveDirectoryDsc/issues/420)). - Updated all types in the resources schema to use PascalCase. - Updated all resource read-only parameters to start the description with 'Returns...' so it is more clear that the property cannot be assigned a value. - The default value on resource parameters are now reflected in the parameter descriptions in the schema.mof (so that Wiki will be updated) - ([issue #426](https://github.com/PowerShell/xActiveDirectory/issues/426)). + ([issue #426](https://github.com/PowerShell/ActiveDirectoryDsc/issues/426)). - Removed unnecessary Script Analyzer rule overrides from tests. - Added new helper functions in xActiveDirectory.Common. - New-CimCredentialInstance - Add-TypeAssembly - New-ADDirectoryContext - - Changes to xActiveDirectory.Common: + - Changes to ActiveDirectoryDsc.Common: - Removed unused parameter `ModuleName` from `Assert-MemberParameters` function. - Removed unused parameter `ModuleName` from `ConvertTo-DeploymentForestMode` function. - Removed unused parameter `ModuleName` from `ConvertTo-DeploymentDomainMode` function. - - Added function help ([issue #321](https://github.com/PowerShell/xActiveDirectory/issues/321)). + - Added function help ([issue #321](https://github.com/PowerShell/ActiveDirectoryDsc/issues/321)). - Removed the helper function `ThrowInvalidOperationError` and `ThrowInvalidArgumentError` in favor of the [new helper functions for localization](https://github.com/PowerShell/DscResources/blob/master/StyleGuidelines.md#helper-functions-for-localization) - ([issue #316](https://github.com/PowerShell/xActiveDirectory/issues/316), - [issue #317](https://github.com/PowerShell/xActiveDirectory/issues/317)). -- Changes to xADManagedServiceAccount + ([issue #316](https://github.com/PowerShell/ActiveDirectoryDsc/issues/316), + [issue #317](https://github.com/PowerShell/ActiveDirectoryDsc/issues/317)). + - Removed the alias `DomainAdministratorCredential` from the parameter + `Credential` in the function `Restore-ADCommonObject` + - Removed the alias `DomainAdministratorCredential` from the parameter + `Credential` in the function `Get-ADCommonParameters` + - Updated all the examples files to be prefixed with the resource + name so they are more easily discovered in PowerShell Gallery and + Azure Automation ([issue #416](https://github.com/PowerShell/ActiveDirectoryDsc/issues/416)). +- Changes to ADManagedServiceAccount - Added a requirement to README stating "Group Managed Service Accounts need at least one Windows Server 2012 Domain Controller" - ([issue #399](https://github.com/PowerShell/xActiveDirectory/issues/399)). -- Changes to xADComputer + ([issue #399](https://github.com/PowerShell/ActiveDirectoryDsc/issues/399)). +- Changes to ADComputer + - BREAKING CHANGE: The previously made obsolete parameter `Enabled` has + been removed and is now a read-only property. See resource documentation + how to enforce the `Enabled` property. + - BREAKING CHANGE: Renamed the parameter `DomainAdministratorCredential` + to `Credential` to better indicate that it is possible to impersonate + any credential with enough permission to perform the task ([issue #269](https://github.com/PowerShell/ActiveDirectoryDsc/issues/269)). - Fixed the GUID in Example 3-AddComputerAccountSpecificPath_Config - ([issue #410](https://github.com/PowerShell/xActiveDirectory/issues/410)). -- Changes to xADOrganizationalUnit + ([issue #410](https://github.com/PowerShell/ActiveDirectoryDsc/issues/410)). +- Changes to ADOrganizationalUnit - Catch exception when the path property specifies a non-existing path - ([issue #408](https://github.com/PowerShell/xActiveDirectory/issues/408)). + ([issue #408](https://github.com/PowerShell/ActiveDirectoryDsc/issues/408)). - The unit tests are using the stub classes so the tests can be run locally. - - Added comment-based help ([issue #339](https://github.com/PowerShell/xActiveDirectory/issues/339)). -- Changes to xADUser + - Added comment-based help ([issue #339](https://github.com/PowerShell/ActiveDirectoryDsc/issues/339)). +- Changes to ADUser + - BREAKING CHANGE: Renamed the parameter `DomainAdministratorCredential` + to `Credential` to better indicate that it is possible to impersonate + any credential with enough permission to perform the task ([issue #269](https://github.com/PowerShell/ActiveDirectoryDsc/issues/269)). - Fixes exception when creating a user with an empty string property - ([issue #407](https://github.com/PowerShell/xActiveDirectory/issues/407)). + ([issue #407](https://github.com/PowerShell/ActiveDirectoryDsc/issues/407)). - Fixes exception when updating `CommonName` and `Path` concurrently - ([issue #402](https://github.com/PowerShell/xActiveDirectory/issues/402)). + ([issue #402](https://github.com/PowerShell/ActiveDirectoryDsc/issues/402)). - Fixes ChangePasswordAtLogon Property to be only set to `true` at User - Creation ([issue #414](https://github.com/PowerShell/xActiveDirectory/issues/414)). - - Added comment-based help ([issue #340](https://github.com/PowerShell/xActiveDirectory/issues/340)). -- xADDomain + Creation ([issue #414](https://github.com/PowerShell/ActiveDirectoryDsc/issues/414)). + - Added comment-based help ([issue #340](https://github.com/PowerShell/ActiveDirectoryDsc/issues/340)). + - Now it correctly tests passwords when parameter DomainName is set to + distinguished name and parameter Credential is used ([issue #451](https://github.com/PowerShell/ActiveDirectoryDsc/issues/451)). + - Added integration tests ([issue #359](https://github.com/PowerShell/ActiveDirectoryDsc/issues/359)). +- Changes to ADDomain + - BREAKING CHANGE: Renamed the parameter `DomainAdministratorCredential` + to `Credential` to better indicate that it is possible to impersonate + any credential with enough permission to perform the task ([issue #269](https://github.com/PowerShell/ActiveDirectoryDsc/issues/269)). - Updated tests and replaced `Write-Error` with `throw` - ([issue #332](https://github.com/PowerShell/xActiveDirectory/pull/332)). -- Changes to xADRecycleBin + ([issue #332](https://github.com/PowerShell/ActiveDirectoryDsc/pull/332)). + - Added comment-based help ([issue #335](https://github.com/PowerShell/ActiveDirectoryDsc/issues/335)). +- Changes to ADRecycleBin - Updated tests and remove unnecessary mocks of `Write-Error`. - Removed `SupportsShouldProcess` from the resource since DSC does not - support that interactive function ([issue #328](https://github.com/PowerShell/xActiveDirectory/issues/328)). - - Added comment-based help ([issue #330](https://github.com/PowerShell/xActiveDirectory/issues/330)). -- Changes to xADServicePrincipalName + support that interactive function ([issue #328](https://github.com/PowerShell/ActiveDirectoryDsc/issues/328)). + - Added comment-based help ([issue #330](https://github.com/PowerShell/ActiveDirectoryDsc/issues/330)). +- Changes to ADServicePrincipalName - Minor change to the unit tests that did not correct assert the localized string when an account is not found. -- Changes to xADDomainTrust +- Changes to ADDomainTrust + - BREAKING CHANGE: Renamed the parameter `TargetDomainAdministratorCredential` + to `TargetCredential` to better indicate that it is possible to impersonate + any credential with enough permission to perform the task ([issue #269](https://github.com/PowerShell/ActiveDirectoryDsc/issues/269)). - Refactored the resource to enable unit tests, and at the same time changed it to use the same code pattern as the resource xADObjectEnabledState. - - Added unit tests ([issue #324](https://github.com/PowerShell/xActiveDirectory/issues/324)). - - Added comment-based help ([issue #337](https://github.com/PowerShell/xActiveDirectory/issues/337)). - - Added integration tests ([issue #348](https://github.com/PowerShell/xActiveDirectory/issues/348)). -- Changes to xWaitForADDomain - - Added comment-based help ([issue #341](https://github.com/PowerShell/xActiveDirectory/issues/341)) -- Changes to xADDomainController + - Added unit tests ([issue #324](https://github.com/PowerShell/ActiveDirectoryDsc/issues/324)). + - Added comment-based help ([issue #337](https://github.com/PowerShell/ActiveDirectoryDsc/issues/337)). + - Added integration tests ([issue #348](https://github.com/PowerShell/ActiveDirectoryDsc/issues/348)). +- Changes to WaitForADDomain + - Added comment-based help ([issue #341](https://github.com/PowerShell/ActiveDirectoryDsc/issues/341)) +- Changes to ADDomainController + - BREAKING CHANGE: Renamed the parameter `DomainAdministratorCredential` + to `Credential` to better indicate that it is possible to impersonate + any credential with enough permission to perform the task ([issue #269](https://github.com/PowerShell/ActiveDirectoryDsc/issues/269)). - Add support for creating Read-Only Domain Controller (RODC) - ([issue #40](https://github.com/PowerShell/xActiveDirectory/issues/40)). + ([issue #40](https://github.com/PowerShell/ActiveDirectoryDsc/issues/40)). [Svilen @SSvilen](https://github.com/SSvilen) - Refactored unit tests for Test-TargetResource. - - Add InstallDns parameter to enable promotion without installing local DNS Server Service. - ([issue #87](https://github.com/PowerShell/xActiveDirectory/issues/87)). -- Changes to xADObjectPermissionEntry - - Remove remnants of the `SupportsShouldProcess` ([issue #329](https://github.com/PowerShell/xActiveDirectory/issues/329)). -- Changes to xADDomain - - Added comment-based help ([issue #335](https://github.com/PowerShell/xActiveDirectory/issues/335)). + - Added InstallDns parameter to enable promotion without installing local DNS Server Service. + ([issue #87](https://github.com/PowerShell/ActiveDirectoryDsc/issues/87)). +- Changes to ADObjectPermissionEntry + - Remove remnants of the `SupportsShouldProcess` ([issue #329](https://github.com/PowerShell/ActiveDirectoryDsc/issues/329)). ## 3.0.0.0 @@ -104,16 +133,16 @@ - Common Tests - Custom Script Analyzer Rules - Common Tests - Required Script Analyzer Rules - Common Tests - Flagged Script Analyzer Rules - - Common Tests - Validate Module Files ([issue #282](https://github.com/PowerShell/xActiveDirectory/issues/282)) - - Common Tests - Validate Script Files ([issue #283](https://github.com/PowerShell/xActiveDirectory/issues/283)) - - Common Tests - Relative Path Length ([issue #284](https://github.com/PowerShell/xActiveDirectory/issues/284)) - - Common Tests - Validate Markdown Links ([issue #280](https://github.com/PowerShell/xActiveDirectory/issues/280)) - - Common Tests - Validate Localization ([issue #281](https://github.com/PowerShell/xActiveDirectory/issues/281)) - - Common Tests - Validate Example Files ([issue #279](https://github.com/PowerShell/xActiveDirectory/issues/279)) - - Common Tests - Validate Example Files To Be Published ([issue #311](https://github.com/PowerShell/xActiveDirectory/issues/311)) - - Move resource descriptions to Wiki using auto-documentation ([issue #289](https://github.com/PowerShell/xActiveDirectory/issues/289)) + - Common Tests - Validate Module Files ([issue #282](https://github.com/PowerShell/ActiveDirectoryDsc/issues/282)) + - Common Tests - Validate Script Files ([issue #283](https://github.com/PowerShell/ActiveDirectoryDsc/issues/283)) + - Common Tests - Relative Path Length ([issue #284](https://github.com/PowerShell/ActiveDirectoryDsc/issues/284)) + - Common Tests - Validate Markdown Links ([issue #280](https://github.com/PowerShell/ActiveDirectoryDsc/issues/280)) + - Common Tests - Validate Localization ([issue #281](https://github.com/PowerShell/ActiveDirectoryDsc/issues/281)) + - Common Tests - Validate Example Files ([issue #279](https://github.com/PowerShell/ActiveDirectoryDsc/issues/279)) + - Common Tests - Validate Example Files To Be Published ([issue #311](https://github.com/PowerShell/ActiveDirectoryDsc/issues/311)) + - Move resource descriptions to Wiki using auto-documentation ([issue #289](https://github.com/PowerShell/ActiveDirectoryDsc/issues/289)) - Move helper functions from MSFT_xADCommon to the module - xActiveDirectory.Common ([issue #288](https://github.com/PowerShell/xActiveDirectory/issues/288)). + xActiveDirectory.Common ([issue #288](https://github.com/PowerShell/ActiveDirectoryDsc/issues/288)). - Removed helper function `Test-ADDomain` since it was not used. The helper function had design flaws too. - Now the helper function `Test-Members` outputs all the members that @@ -126,14 +155,14 @@ xADComputer. - Cleanup of code - Removed semicolon throughout where it is not needed. - - Migrate tests to Pester syntax v4.x ([issue #322](https://github.com/PowerShell/xActiveDirectory/issues/322)). + - Migrate tests to Pester syntax v4.x ([issue #322](https://github.com/PowerShell/ActiveDirectoryDsc/issues/322)). - Removed `-MockWith {}` in unit tests. - Use fully qualified type names for parameters and variables - ([issue #374](https://github.com/PowerShell/xActiveDirectory/issues/374)). + ([issue #374](https://github.com/PowerShell/ActiveDirectoryDsc/issues/374)). - Removed unused legacy test files from the root of the repository. - Updated Example List README with missing resources. - Added missing examples for xADReplicationSubnet, xADServicePrincipalName - and xWaitForADDomain ([issue #395](https://github.com/PowerShell/xActiveDirectory/issues/395)). + and xWaitForADDomain ([issue #395](https://github.com/PowerShell/ActiveDirectoryDsc/issues/395)). - Changes to xADComputer - Refactored the resource and the unit tests. - BREAKING CHANGE: The `Enabled` property is **DEPRECATED** and is no @@ -150,8 +179,8 @@ - Moved examples from the README.md to separate example files in the Examples folder. - Fix the RestoreFromRecycleBin description. - - Fix unnecessary cast in `Test-TargetResource` ([issue #295](https://github.com/PowerShell/xActiveDirectory/issues/295)). - - Fix ServicePrincipalNames property empty string exception ([issue #382](https://github.com/PowerShell/xActiveDirectory/issues/382)). + - Fix unnecessary cast in `Test-TargetResource` ([issue #295](https://github.com/PowerShell/ActiveDirectoryDsc/issues/295)). + - Fix ServicePrincipalNames property empty string exception ([issue #382](https://github.com/PowerShell/ActiveDirectoryDsc/issues/382)). - Changes to xADGroup - Change the description of the property RestoreFromRecycleBin. - Code cleanup. @@ -164,11 +193,11 @@ - Change the description of the property RestoreFromRecycleBin. - Code cleanup. - Fix incorrect verbose message when this resource has Ensure set to - Absent ([issue #276](https://github.com/PowerShell/xActiveDirectory/issues/276)). + Absent ([issue #276](https://github.com/PowerShell/ActiveDirectoryDsc/issues/276)). - Changes to xADUser - Change the description of the property RestoreFromRecycleBin. - - Added ServicePrincipalNames property ([issue #153](https://github.com/PowerShell/xActiveDirectory/issues/153)). - - Added ChangePasswordAtLogon property ([issue #246](https://github.com/PowerShell/xActiveDirectory/issues/246)). + - Added ServicePrincipalNames property ([issue #153](https://github.com/PowerShell/ActiveDirectoryDsc/issues/153)). + - Added ChangePasswordAtLogon property ([issue #246](https://github.com/PowerShell/ActiveDirectoryDsc/issues/246)). - Code cleanup. - Added LogonWorkstations property - Added Organization property @@ -178,10 +207,10 @@ - Added CompoundIdentitySupported property - Added PasswordNotRequired property - Added SmartcardLogonRequired property - - Added ProxyAddresses property ([Issue #254](https://github.com/PowerShell/xActiveDirectory/issues/254)). + - Added ProxyAddresses property ([Issue #254](https://github.com/PowerShell/ActiveDirectoryDsc/issues/254)). - Fix Password property being updated whenever another property is changed - ([issue #384](https://github.com/PowerShell/xActiveDirectory/issues/384)). - - Replace Write-Error with the correct helper function ([Issue #331](https://github.com/PowerShell/xActiveDirectory/issues/331)). + ([issue #384](https://github.com/PowerShell/ActiveDirectoryDsc/issues/384)). + - Replace Write-Error with the correct helper function ([Issue #331](https://github.com/PowerShell/ActiveDirectoryDsc/issues/331)). - Changes to xADDomainController - Change the `#Requires` statement in the Examples to require the correct module. @@ -201,15 +230,15 @@ - Suppressing the Script Analyzer rule `PSAvoidGlobalVars` since the resource is using the `$global:DSCMachineStatus` variable to trigger a reboot. - - Added missing property schema descriptions ([issue #369](https://github.com/PowerShell/xActiveDirectory/issues/369)). + - Added missing property schema descriptions ([issue #369](https://github.com/PowerShell/ActiveDirectoryDsc/issues/369)). - Code cleanup. - Changes to xADRecycleBin - Remove unneeded example and resource designer files. - - Added missing property schema descriptions ([issue #368](https://github.com/PowerShell/xActiveDirectory/issues/368)). + - Added missing property schema descriptions ([issue #368](https://github.com/PowerShell/ActiveDirectoryDsc/issues/368)). - Code cleanup. - It now sets back the `$ErrorActionPreference` that was set prior to setting it to `'Stop'`. - - Replace Write-Error with the correct helper function ([issue #327](https://github.com/PowerShell/xActiveDirectory/issues/327)). + - Replace Write-Error with the correct helper function ([issue #327](https://github.com/PowerShell/ActiveDirectoryDsc/issues/327)). - Changes to xADReplicationSiteLink - Fix ADIdentityNotFoundException when creating a new site link. - Code cleanup. @@ -238,13 +267,13 @@ - Added localization module -DscResource.LocalizationHelper* containing the helper functions `Get-LocalizedData`, `New-InvalidArgumentException`, `New-InvalidOperationException`, `New-ObjectNotFoundException`, and - `New-InvalidResultException` ([issue #257](https://github.com/PowerShell/xActiveDirectory/issues/257)). + `New-InvalidResultException` ([issue #257](https://github.com/PowerShell/ActiveDirectoryDsc/issues/257)). For more information around these helper functions and localization in resources, see [Localization section in the Style Guideline](https://github.com/PowerShell/DscResources/blob/master/StyleGuidelines.md#localization). - Added common module *DscResource.Common* containing the helper function `Test-DscParameterState`. The goal is that all resource common functions are moved to this module (functions that are or can be used by more - than one resource) ([issue #257](https://github.com/PowerShell/xActiveDirectory/issues/257)). + than one resource) ([issue #257](https://github.com/PowerShell/ActiveDirectoryDsc/issues/257)). - Added xADManagedServiceAccount resource to manage Managed Service Accounts (MSAs). [Andrew Wickham (@awickham10)](https://github.com/awickham10) and [@kungfu71186](https://github.com/kungfu71186) @@ -256,7 +285,7 @@ - Make use of the new localization helper functions. - Changes to xAdDomainController - Added new parameter to disable or enable the Global Catalog (GC) - ([issue #75](https://github.com/PowerShell/xActiveDirectory/issues/75)). + ([issue #75](https://github.com/PowerShell/ActiveDirectoryDsc/issues/75)). [Eric Foskett @Merto410](https://github.com/Merto410) - Fixed a bug with the parameter `InstallationMediaPath` that it would not be added if it was specified in a configuration. Now the parameter @@ -269,22 +298,22 @@ - Restoring a computer account from the recycle bin no longer fails if there is more than one object with the same name in the recycle bin. Now it uses the object that was changed last using the property - `whenChanged` ([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)). + `whenChanged` ([issue #271](https://github.com/PowerShell/ActiveDirectoryDsc/issues/271)). - Changes to xADGroup - Restoring a group from the recycle bin no longer fails if there is more than one object with the same name in the recycle bin. Now it uses the object that was changed last using the property `whenChanged` - ([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)). + ([issue #271](https://github.com/PowerShell/ActiveDirectoryDsc/issues/271)). - Changes to xADOrganizationalUnit - Restoring an organizational unit from the recycle bin no longer fails if there is more than one object with the same name in the recycle bin. Now it uses the object that was changed last using the property `whenChanged` - ([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)). + ([issue #271](https://github.com/PowerShell/ActiveDirectoryDsc/issues/271)). - Changes to xADUser - Restoring a user from the recycle bin no longer fails if there is more than one object with the same name in the recycle bin. Now it uses the object that was changed last using the property `whenChanged` - ([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)). + ([issue #271](https://github.com/PowerShell/ActiveDirectoryDsc/issues/271)). ## 2.25.0.0 @@ -296,13 +325,13 @@ - Changes to xADUser - Added TrustedForDelegation parameter to xADUser to support enabling/disabling Kerberos delegation - Minor clean up of unit tests. -- Added Ensure Read property to xADDomainController to fix Get-TargetResource return bug ([issue #155](https://github.com/PowerShell/xActiveDirectory/issues/155)). +- Added Ensure Read property to xADDomainController to fix Get-TargetResource return bug ([issue #155](https://github.com/PowerShell/ActiveDirectoryDsc/issues/155)). - Updated readme and add release notes -- Updated xADGroup to support group membership from multiple domains ([issue #152](https://github.com/PowerShell/xActiveDirectory/issues/152)). [Robert Biddle (@robbiddle)](https://github.com/RobBiddle) and [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) +- Updated xADGroup to support group membership from multiple domains ([issue #152](https://github.com/PowerShell/ActiveDirectoryDsc/issues/152)). [Robert Biddle (@robbiddle)](https://github.com/RobBiddle) and [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) ## 2.24.0.0 -- Added parameter to xADDomainController to support InstallationMediaPath ([issue #108](https://github.com/PowerShell/xActiveDirectory/issues/108)). +- Added parameter to xADDomainController to support InstallationMediaPath ([issue #108](https://github.com/PowerShell/ActiveDirectoryDsc/issues/108)). - Updated xADDomainController schema to be standard and provide Descriptions. ## 2.23.0.0 @@ -322,30 +351,30 @@ - Added xADObjectPermissionEntry - New resource added to control the AD object permissions entries [Claudio Spizzi (@claudiospizzi)](https://github.com/claudiospizzi) - Changes to xADCommon - - Assert-Module has been extended with a parameter ImportModule to also import the module ([issue #218](https://github.com/PowerShell/xActiveDirectory/issues/218)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) + - Assert-Module has been extended with a parameter ImportModule to also import the module ([issue #218](https://github.com/PowerShell/ActiveDirectoryDsc/issues/218)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) - Changes to xADDomain - - xADDomain makes use of new parameter ImportModule of Assert-Module in order to import the ADDSDeployment module ([issue #218](https://github.com/PowerShell/xActiveDirectory/issues/218)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) -- xADComputer, xADGroup, xADOrganizationalUnit and xADUser now support restoring from AD recycle bin ([Issue #221](https://github.com/PowerShell/xActiveDirectory/issues/211)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) + - xADDomain makes use of new parameter ImportModule of Assert-Module in order to import the ADDSDeployment module ([issue #218](https://github.com/PowerShell/ActiveDirectoryDsc/issues/218)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) +- xADComputer, xADGroup, xADOrganizationalUnit and xADUser now support restoring from AD recycle bin ([Issue #221](https://github.com/PowerShell/ActiveDirectoryDsc/issues/211)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) ## 2.20.0.0 - Changes to xActiveDirectory - - Changed MSFT_xADUser.schema.mof version to "1.0.0.0" to match other resources ([issue #190](https://github.com/PowerShell/xActiveDirectory/issues/190)). [thequietman44 (@thequietman44)](https://github.com/thequietman44) - - Removed duplicated code from examples in README.md ([issue #198](https://github.com/PowerShell/xActiveDirectory/issues/198)). [thequietman44 (@thequietman44)](https://github.com/thequietman44) - - xADDomain is now capable of setting the forest and domain functional level ([issue #187](https://github.com/PowerShell/xActiveDirectory/issues/187)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) + - Changed MSFT_xADUser.schema.mof version to "1.0.0.0" to match other resources ([issue #190](https://github.com/PowerShell/ActiveDirectoryDsc/issues/190)). [thequietman44 (@thequietman44)](https://github.com/thequietman44) + - Removed duplicated code from examples in README.md ([issue #198](https://github.com/PowerShell/ActiveDirectoryDsc/issues/198)). [thequietman44 (@thequietman44)](https://github.com/thequietman44) + - xADDomain is now capable of setting the forest and domain functional level ([issue #187](https://github.com/PowerShell/ActiveDirectoryDsc/issues/187)). [Jan-Hendrik Peters (@nyanhp)](https://github.com/nyanhp) ## 2.19.0.0 - Changes to xActiveDirectory - Activated the GitHub App Stale on the GitHub repository. - The resources are now in alphabetical order in the README.md - ([issue #194](https://github.com/PowerShell/xActiveDirectory/issues/194)). + ([issue #194](https://github.com/PowerShell/ActiveDirectoryDsc/issues/194)). - Adding a Branches section to the README.md with Codecov badges for both - master and dev branch ([issue #192](https://github.com/PowerShell/xActiveDirectory/issues/192)). - - xADGroup no longer resets GroupScope and Category to default values ([issue #183](https://github.com/PowerShell/xActiveDirectory/issues/183)). + master and dev branch ([issue #192](https://github.com/PowerShell/ActiveDirectoryDsc/issues/192)). + - xADGroup no longer resets GroupScope and Category to default values ([issue #183](https://github.com/PowerShell/ActiveDirectoryDsc/issues/183)). - The helper function script file MSFT_xADCommon.ps1 was renamed to MSFT_xADCommon.psm1 to be a module script file instead. This makes it - possible to report code coverage for the helper functions ([issue #201](https://github.com/PowerShell/xActiveDirectory/issues/201)). + possible to report code coverage for the helper functions ([issue #201](https://github.com/PowerShell/ActiveDirectoryDsc/issues/201)). ## 2.18.0.0 diff --git a/DSCResources/MSFT_xADComputer/MSFT_xADComputer.psm1 b/DSCResources/MSFT_ADComputer/MSFT_ADComputer.psm1 similarity index 88% rename from DSCResources/MSFT_xADComputer/MSFT_xADComputer.psm1 rename to DSCResources/MSFT_ADComputer/MSFT_ADComputer.psm1 index 5e9984694..8084cbf23 100644 --- a/DSCResources/MSFT_xADComputer/MSFT_xADComputer.psm1 +++ b/DSCResources/MSFT_ADComputer/MSFT_ADComputer.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADComputer' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADComputer' <# A property map that maps the resource parameters to the corresponding @@ -68,25 +68,20 @@ $script:computerObjectPropertyMap = @( .PARAMETER RequestFile Specifies the full path to the Offline Domain Join Request file to create. - .PARAMETER Enabled - DEPRECATED - DO NOT USE. - - It is a parameter in Get-TargetResource to write the deprecated message. - .PARAMETER EnabledOnCreation Specifies if the computer account is created enabled or disabled. By default the Enabled property of the computer account will be set to the default value of the cmdlet New-ADComputer. This property is ignored if the parameter RequestFile is specified in the same configuration. This parameter does not enforce the property `Enabled`. To enforce the - property `Enabled` see the resource xADObjectEnabledState. + property `Enabled` see the resource ADObjectEnabledState. .PARAMETER DomainController Specifies the Active Directory Domain Services instance to connect to perform the task. Used by Get-ADCommonParameters and is returned as a common parameter. - .PARAMETER DomainAdministratorCredential + .PARAMETER Credential Specifies the user account credentials to use to perform the task. Used by Get-ADCommonParameters and is returned as a common parameter. @@ -110,11 +105,6 @@ function Get-TargetResource [System.String] $RequestFile, - [Parameter()] - [ValidateNotNull()] - [System.Boolean] - $Enabled, - [Parameter()] [ValidateNotNull()] [System.String] @@ -124,7 +114,7 @@ function Get-TargetResource [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] - $DomainAdministratorCredential, + $Credential, [Parameter()] [ValidateNotNull()] @@ -137,15 +127,6 @@ function Get-TargetResource $EnabledOnCreation ) - <# - We have the deprecated message in Get-TargetResource so that it is - shown when using Get-DscConfiguration or Invoke-DscResource. - #> - if ($PSBoundParameters.ContainsKey('Enabled')) - { - Write-Warning -Message $script:localizedData.EnabledDeprecatedMessage - } - Assert-Module -ModuleName 'ActiveDirectory' -ImportModule <# @@ -153,25 +134,25 @@ function Get-TargetResource Computer account object. #> $getTargetResourceReturnValue = @{ - Ensure = 'Absent' - ComputerName = $null - Location = $null - DnsHostName = $null - ServicePrincipalNames = $null - UserPrincipalName = $null - DisplayName = $null - Path = $null - Description = $null - Enabled = $false - Manager = $null - DomainController = $DomainController - DomainAdministratorCredential = $DomainAdministratorCredential - RequestFile = $RequestFile - RestoreFromRecycleBin = $RestoreFromRecycleBin - EnabledOnCreation = $EnabledOnCreation - DistinguishedName = $null - SID = $null - SamAccountName = $null + Ensure = 'Absent' + ComputerName = $null + Location = $null + DnsHostName = $null + ServicePrincipalNames = $null + UserPrincipalName = $null + DisplayName = $null + Path = $null + Description = $null + Enabled = $false + Manager = $null + DomainController = $DomainController + Credential = $Credential + RequestFile = $RequestFile + RestoreFromRecycleBin = $RestoreFromRecycleBin + EnabledOnCreation = $EnabledOnCreation + DistinguishedName = $null + SID = $null + SamAccountName = $null } $getADComputerResult = $null @@ -219,7 +200,7 @@ function Get-TargetResource $getTargetResourceReturnValue['Enabled'] = $getADComputerResult.Enabled $getTargetResourceReturnValue['Manager'] = $getADComputerResult.ManagedBy $getTargetResourceReturnValue['DomainController'] = $DomainController - $getTargetResourceReturnValue['DomainAdministratorCredential'] = $DomainAdministratorCredential + $getTargetResourceReturnValue['Credential'] = $Credential $getTargetResourceReturnValue['RequestFile'] = $RequestFile $getTargetResourceReturnValue['RestoreFromRecycleBin'] = $RestoreFromRecycleBin $getTargetResourceReturnValue['EnabledOnCreation'] = $EnabledOnCreation @@ -282,13 +263,10 @@ function Get-TargetResource .PARAMETER RequestFile Specifies the full path to the Offline Domain Join Request file to create. - .PARAMETER Enabled - DEPRECATED - DO NOT USE. - .PARAMETER DomainController Specifies the Active Directory Domain Services instance to connect to perform the task. - .PARAMETER DomainAdministratorCredential + .PARAMETER Credential Specifies the user account credentials to use to perform the task. .PARAMETER RestoreFromRecycleBin @@ -301,7 +279,7 @@ function Get-TargetResource the default value of the cmdlet New-ADComputer. This property is ignored if the parameter RequestFile is specified in the same configuration. This parameter does not enforce the property `Enabled`. To enforce the - property `Enabled` see the resource xADObjectEnabledState. + property `Enabled` see the resource ADObjectEnabledState. #> function Test-TargetResource { @@ -364,11 +342,6 @@ function Test-TargetResource [System.String] $RequestFile, - [Parameter()] - [ValidateNotNull()] - [System.Boolean] - $Enabled, - [Parameter()] [ValidateNotNull()] [System.String] @@ -378,7 +351,7 @@ function Test-TargetResource [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] - $DomainAdministratorCredential, + $Credential, [Parameter()] [ValidateNotNull()] @@ -395,22 +368,13 @@ function Test-TargetResource $script:localizedData.TestConfiguration -f $ComputerName ) - <# - We have the deprecated message in Test-TargetResource so that it is - shown when using Start-DscConfiguration or Invoke-DscResource. - #> - if ($PSBoundParameters.ContainsKey('Enabled')) - { - Write-Warning -Message $script:localizedData.EnabledDeprecatedMessage - } - $getTargetResourceParameters = @{ - ComputerName = $ComputerName - RequestFile = $RequestFile - DomainController = $DomainController - DomainAdministratorCredential = $DomainAdministratorCredential - RestoreFromRecycleBin = $RestoreFromRecycleBin - EnabledOnCreation = $EnabledOnCreation + ComputerName = $ComputerName + RequestFile = $RequestFile + DomainController = $DomainController + Credential = $Credential + RestoreFromRecycleBin = $RestoreFromRecycleBin + EnabledOnCreation = $EnabledOnCreation } # Need the @() around this to get a new array to enumerate. @@ -455,7 +419,8 @@ function Test-TargetResource - Ignore to compare the parameter ServicePrincipalNames here because it needs a special comparison, so it is handled afterwards. - - Ignores the Enabled property because it is DEPRECATED. + - Ignores the Enabled property because it is not enforced in this + resource. #> $compareTargetResourceStateParameters = @{ CurrentValues = $getTargetResourceResult @@ -544,13 +509,10 @@ function Test-TargetResource .PARAMETER RequestFile Specifies the full path to the Offline Domain Join Request file to create. - .PARAMETER Enabled - DEPRECATED - DO NOT USE. - .PARAMETER DomainController Specifies the Active Directory Domain Services instance to connect to perform the task. - .PARAMETER DomainAdministratorCredential + .PARAMETER Credential Specifies the user account credentials to use to perform the task. .PARAMETER RestoreFromRecycleBin @@ -563,7 +525,7 @@ function Test-TargetResource the default value of the cmdlet New-ADComputer. This property is ignored if the parameter RequestFile is specified in the same configuration. This parameter does not enforce the property `Enabled`. To enforce the - property `Enabled` see the resource xADObjectEnabledState. + property `Enabled` see the resource ADObjectEnabledState. #> function Set-TargetResource { @@ -624,11 +586,6 @@ function Set-TargetResource [System.String] $RequestFile, - [Parameter()] - [ValidateNotNull()] - [System.Boolean] - $Enabled, - [Parameter()] [ValidateNotNull()] [System.String] @@ -638,7 +595,7 @@ function Set-TargetResource [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] - $DomainAdministratorCredential, + $Credential, [Parameter()] [ValidateNotNull()] @@ -651,22 +608,13 @@ function Set-TargetResource $EnabledOnCreation ) - <# - We have the deprecated message in Test-TargetResource so that it is - shown when using Start-DscConfiguration or Invoke-DscResource. - #> - if ($PSBoundParameters.ContainsKey('Enabled')) - { - Write-Warning -Message $script:localizedData.EnabledDeprecatedMessage - } - $getTargetResourceParameters = @{ - ComputerName = $ComputerName - RequestFile = $RequestFile - DomainController = $DomainController - DomainAdministratorCredential = $DomainAdministratorCredential - RestoreFromRecycleBin = $RestoreFromRecycleBin - EnabledOnCreation = $EnabledOnCreation + ComputerName = $ComputerName + RequestFile = $RequestFile + DomainController = $DomainController + Credential = $Credential + RestoreFromRecycleBin = $RestoreFromRecycleBin + EnabledOnCreation = $EnabledOnCreation } # Need the @() around this to get a new array to enumerate. @@ -825,7 +773,8 @@ function Set-TargetResource - Ignore to compare the parameter ServicePrincipalNames here because it needs a special comparison, so it is handled afterwards. - - Ignores the Enabled property because it is DEPRECATED. + - Ignores the Enabled property because it is not enforced in this + resource. #> $compareTargetResourceStateParameters = @{ CurrentValues = $getTargetResourceResult diff --git a/DSCResources/MSFT_xADComputer/MSFT_xADComputer.schema.mof b/DSCResources/MSFT_ADComputer/MSFT_ADComputer.schema.mof similarity index 81% rename from DSCResources/MSFT_xADComputer/MSFT_xADComputer.schema.mof rename to DSCResources/MSFT_ADComputer/MSFT_ADComputer.schema.mof index 384319a98..868a496ac 100644 --- a/DSCResources/MSFT_xADComputer/MSFT_xADComputer.schema.mof +++ b/DSCResources/MSFT_ADComputer/MSFT_ADComputer.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADComputer")] -class MSFT_xADComputer : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADComputer")] +class MSFT_ADComputer : OMI_BaseResource { [Key, Description("Specifies the name of the Active Directory computer account to manage. You can identify a computer by its distinguished name, GUID, security identifier (SID) or Security Accounts Manager (SAM) account name.")] String ComputerName; [Write, Description("Specifies the location of the computer, such as an office number.")] String Location; @@ -9,15 +9,15 @@ class MSFT_xADComputer : OMI_BaseResource [Write, Description("Specifies the display name of the computer account.")] String DisplayName; [Write, Description("Specifies the X.500 path of the Organizational Unit (OU) or container where the computer is located.")] String Path; [Write, Description("Specifies a description of the computer account.")] String Description; - [Write, Description("DEPRECATED - DO NOT USE. Please see the parameter EnabledOnCreation in this resource, and the resource xADObjectEnabledState on how to enforce the Enabled property. This parameter no longer sets or enforces the Enabled property. If this parameter is used then a warning message will be outputted saying that the Enabled parameter has been deprecated.")] Boolean Enabled; [Write, Description("Specifies the user or group Distinguished Name that manages the computer account. Valid values are the user's or group's DistinguishedName, ObjectGUID, SID or SamAccountName.")] String Manager; [Write, Description("Specifies the Active Directory Domain Services instance to connect to perform the task.")] String DomainController; - [Write, Description("Specifies the user account credentials to use to perform the task."), EmbeddedInstance("MSFT_Credential")] String DomainAdministratorCredential; + [Write, Description("Specifies the user account credentials to use to perform the task."), EmbeddedInstance("MSFT_Credential")] String Credential; [Write, Description("Specifies the full path to the Offline Domain Join Request file to create.")] String RequestFile; [Write, Description("Specifies whether the computer account is present or absent. Default value is 'Present'."), ValueMap{"Present", "Absent"},Values{"Present", "Absent"}] String Ensure; [Write, Description("Try to restore the computer account from the recycle bin before creating a new one.")] Boolean RestoreFromRecycleBin; - [Write, Description("Specifies if the computer account is created enabled or disabled. By default the Enabled property of the computer account will be set to the default value of the cmdlet New-ADComputer. This property is ignored if the parameter RequestFile is specified in the same configuration. This parameter does not enforce the property Enabled. To enforce the property Enabled see the resource xADObjectEnabledState.")] Boolean EnabledOnCreation; + [Write, Description("Specifies if the computer account is created enabled or disabled. By default the Enabled property of the computer account will be set to the default value of the cmdlet New-ADComputer. This property is ignored if the parameter RequestFile is specified in the same configuration. This parameter does not enforce the property Enabled. To enforce the property Enabled see the resource ADObjectEnabledState.")] Boolean EnabledOnCreation; [Read, Description("Returns the X.500 path of the computer object.")] String DistinguishedName; [Read, Description("Returns the security identifier of the computer object.")] String SID; [Read, Description("Returns the security identifier of the computer object.")] String SamAccountName; + [Read, Description("Returns $true if the computer object is enabled, otherwise it returns $false.")] Boolean Enabled; }; diff --git a/DSCResources/MSFT_xADComputer/README.md b/DSCResources/MSFT_ADComputer/README.md similarity index 89% rename from DSCResources/MSFT_xADComputer/README.md rename to DSCResources/MSFT_ADComputer/README.md index 4c1c70116..1d5eab5c4 100644 --- a/DSCResources/MSFT_xADComputer/README.md +++ b/DSCResources/MSFT_ADComputer/README.md @@ -1,6 +1,6 @@ # Description -The xADComputer DSC resource will manage computer accounts within Active Directory. +The ADComputer DSC resource will manage computer accounts within Active Directory. This resource can be used to provision a computer account before the computer is added to the domain. These pre-created computer objects can be used with offline domain join, unsecure domain Join and RODC domain join scenarios. diff --git a/DSCResources/MSFT_xADComputer/en-US/MSFT_xADComputer.strings.psd1 b/DSCResources/MSFT_ADComputer/en-US/MSFT_ADComputer.strings.psd1 similarity index 90% rename from DSCResources/MSFT_xADComputer/en-US/MSFT_xADComputer.strings.psd1 rename to DSCResources/MSFT_ADComputer/en-US/MSFT_ADComputer.strings.psd1 index 59e4c0d1f..d160755e8 100644 --- a/DSCResources/MSFT_xADComputer/en-US/MSFT_xADComputer.strings.psd1 +++ b/DSCResources/MSFT_ADComputer/en-US/MSFT_ADComputer.strings.psd1 @@ -1,6 +1,5 @@ # culture="en-US" ConvertFrom-StringData @' - EnabledDeprecatedMessage = DEPRECATED parameter Enabled is being used in this configuration. The parameter Enabled no longer sets or enforces the Enabled property. Please see more information at https://github.com/PowerShell/xActiveDirectory/blob/master/README.md#xadcomputer. (ADC0001) RetrievingComputerAccount = Retrieving the information about the computer account '{0}' from Active Directory. (ADC0002) ComputerAccountIsPresent = The computer account '{0}' is present in Active Directory. (ADC0003) ComputerAccountIsAbsent = The computer account '{0}' is absent from Active Directory. (ADC0004) diff --git a/DSCResources/MSFT_xADComputer/en-US/about_xADComputer.help.txt b/DSCResources/MSFT_ADComputer/en-US/about_ADComputer.help.txt similarity index 73% rename from DSCResources/MSFT_xADComputer/en-US/about_xADComputer.help.txt rename to DSCResources/MSFT_ADComputer/en-US/about_ADComputer.help.txt index d2fa39117..ebe5b7e28 100644 --- a/DSCResources/MSFT_xADComputer/en-US/about_xADComputer.help.txt +++ b/DSCResources/MSFT_ADComputer/en-US/about_ADComputer.help.txt @@ -1,8 +1,8 @@ .NAME - xADComputer + ADComputer .DESCRIPTION - The xADComputer DSC resource will manage computer accounts within Active Directory. + The ADComputer DSC resource will manage computer accounts within Active Directory. This resource can be used to provision a computer account before the computer is added to the domain. These pre-created computer objects can be used with offline domain join, unsecure domain Join and RODC domain join scenarios. @@ -49,10 +49,6 @@ Write - String Specifies a description of the computer account. -.PARAMETER Enabled - Write - Boolean - DEPRECATED - DO NOT USE. Please see the parameter EnabledOnCreation in this resource, and the resource xADObjectEnabledState on how to enforce the Enabled property. This parameter no longer sets or enforces the Enabled property. If this parameter is used then a warning message will be outputted saying that the Enabled parameter has been deprecated. - .PARAMETER Manager Write - String Specifies the user or group Distinguished Name that manages the computer account. Valid values are the user's or group's DistinguishedName, ObjectGUID, SID or SamAccountName. @@ -61,7 +57,7 @@ Write - String Specifies the Active Directory Domain Services instance to connect to perform the task. -.PARAMETER DomainAdministratorCredential +.PARAMETER Credential Write - String Specifies the user account credentials to use to perform the task. @@ -80,7 +76,7 @@ .PARAMETER EnabledOnCreation Write - Boolean - Specifies if the computer account is created enabled or disabled. By default the Enabled property of the computer account will be set to the default value of the cmdlet New-ADComputer. This property is ignored if the parameter RequestFile is specified in the same configuration. This parameter does not enforce the property Enabled. To enforce the property Enabled see the resource xADObjectEnabledState. + Specifies if the computer account is created enabled or disabled. By default the Enabled property of the computer account will be set to the default value of the cmdlet New-ADComputer. This property is ignored if the parameter RequestFile is specified in the same configuration. This parameter does not enforce the property Enabled. To enforce the property Enabled see the resource ADObjectEnabledState. .PARAMETER DistinguishedName Read - String @@ -94,34 +90,42 @@ Read - String Returns the security identifier of the computer object. +.PARAMETER Enabled + Read - Boolean + Returns $true if the computer object is enabled, otherwise it returns $false. + .EXAMPLE 1 This configuration will create two Active Directory computer accounts enabled. The property Enabled will not be enforced in either case. -Configuration AddComputerAccount_Config +Configuration ADComputer_AddComputerAccount_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateEnabled_SQL01' + ADComputer 'CreateEnabled_SQL01' { ComputerName = 'SQL01' + + PsDscRunAsCredential = $Credential } - xADComputer 'CreateEnabled_SQL02' + ADComputer 'CreateEnabled_SQL02' { ComputerName = 'SQL02' EnabledOnCreation = $true + + PsDscRunAsCredential = $Credential } } } @@ -131,24 +135,26 @@ Configuration AddComputerAccount_Config This configuration will create an Active Directory computer account disabled. The property Enabled will not be enforced. -Configuration AddComputerAccountDisabled_Config +Configuration ADComputer_AddComputerAccountDisabled_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateDisabled' + ADComputer 'CreateDisabled' { ComputerName = 'CLU_CNO01' EnabledOnCreation = $false + + PsDscRunAsCredential = $Credential } } } @@ -159,26 +165,26 @@ This configuration will create an Active Directory computer account on the specified domain controller and in the specific organizational unit. -Configuration AddComputerAccountSpecificPath_Config +Configuration ADComputer_AddComputerAccountSpecificPath_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateComputerAccount' + ADComputer 'CreateComputerAccount' { - DomainController = 'DC01' - ComputerName = 'SQL01' - Path = 'OU=Servers,DC=contoso,DC=com' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainController = 'DC01' + ComputerName = 'SQL01' + Path = 'OU=Servers,DC=contoso,DC=com' + Credential = $Credential } } } @@ -190,27 +196,27 @@ on the specified domain controller and in the specific organizational unit. After the account is create an Offline Domain Join Request file is created to the specified path. -Configuration AddComputerAccountAndCreateODJRequest_Config +Configuration ADComputer_AddComputerAccountAndCreateODJRequest_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateComputerAccount' + ADComputer 'CreateComputerAccount' { - DomainController = 'DC01' - ComputerName = 'NANO-200' - Path = 'OU=Servers,DC=contoso,DC=com' - RequestFile = 'D:\ODJFiles\NANO-200.txt' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainController = 'DC01' + ComputerName = 'NANO-200' + Path = 'OU=Servers,DC=contoso,DC=com' + RequestFile = 'D:\ODJFiles\NANO-200.txt' + Credential = $Credential } } } diff --git a/DSCResources/MSFT_xADDomain/MSFT_xADDomain.psm1 b/DSCResources/MSFT_ADDomain/MSFT_ADDomain.psm1 similarity index 93% rename from DSCResources/MSFT_xADDomain/MSFT_xADDomain.psm1 rename to DSCResources/MSFT_ADDomain/MSFT_ADDomain.psm1 index 016ada0e0..c2894616c 100644 --- a/DSCResources/MSFT_xADDomain/MSFT_xADDomain.psm1 +++ b/DSCResources/MSFT_ADDomain/MSFT_ADDomain.psm1 @@ -1,23 +1,23 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomain' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADDomain' <# .SYNOPSIS - Retrieves the name of the file that tracks the status of the xADDomain resource with the + Retrieves the name of the file that tracks the status of the ADDomain resource with the specified domain name. .PARAMETER DomainName - The domain name of the xADDomain resource to retrieve the tracking file name of. + The domain name of the ADDomain resource to retrieve the tracking file name of. .NOTES The tracking file is currently output to the environment's temp directory. - This file is NOT removed when a configuration completes, so if another call to a xADDomain + This file is NOT removed when a configuration completes, so if another call to a ADDomain resource with the same domain name occurs in the same environment, this file will already be present. @@ -30,7 +30,7 @@ $script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomain' If in the future this functionality needs to change so that future configurations are not affected, $env:temp should be changed to the resource's cache location which is removed after each configuration. - ($env:systemRoot\system32\Configuration\BuiltinProvCache\MSFT_xADDomain) + ($env:systemRoot\system32\Configuration\BuiltinProvCache\MSFT_ADDomain) #> function Get-TrackingFilename { @@ -43,7 +43,7 @@ function Get-TrackingFilename $DomainName ) - return Join-Path -Path ($env:temp) -ChildPath ('{0}.xADDomain.completed' -f $DomainName) + return Join-Path -Path ($env:temp) -ChildPath ('{0}.ADDomain.completed' -f $DomainName) } <# @@ -53,8 +53,9 @@ function Get-TrackingFilename .PARAMETER DomainName The fully qualified domain name (FQDN) of the new domain. - .PARAMETER DomainAdministratorCredential - Credentials used to query for domain existence. + .PARAMETER Credential + Specifies the user name and password that corresponds to the account + used to install the domain controller. .PARAMETER SafemodeAdministratorPassword Password for the administrator account when the computer is started in Safe Mode. @@ -95,7 +96,7 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential, + $Credential, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] @@ -164,14 +165,14 @@ function Get-TargetResource else { Write-Verbose ($script:localizedData.QueryDomainWithCredential -f $domainFQDN) - $domain = Get-ADDomain -Identity $domainFQDN -Credential $DomainAdministratorCredential -ErrorAction Stop - $forest = Get-ADForest -Identity $domain.Forest -Credential $DomainAdministratorCredential -ErrorAction Stop + $domain = Get-ADDomain -Identity $domainFQDN -Credential $Credential -ErrorAction Stop + $forest = Get-ADForest -Identity $domain.Forest -Credential $Credential -ErrorAction Stop } <# No need to check whether the node is actually a domain controller. If we don't throw an exception, the domain is already UP - and this resource shouldn't run. Domain controller functionality - should be checked by the xADDomainController resource? + should be checked by the ADDomainController resource? #> Write-Verbose ($script:localizedData.DomainFound -f $domain.DnsRoot) @@ -237,8 +238,9 @@ function Get-TargetResource .PARAMETER DomainName The fully qualified domain name (FQDN) of the new domain. - .PARAMETER DomainAdministratorCredential - Credentials used to query for domain existence. + .PARAMETER Credential + Specifies the user name and password that corresponds to the account + used to install the domain controller. .PARAMETER SafemodeAdministratorPassword Password for the administrator account when the computer is started in Safe Mode. @@ -279,7 +281,7 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential, + $Credential, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] @@ -376,8 +378,9 @@ function Test-TargetResource .PARAMETER DomainName The fully qualified domain name (FQDN) of the new domain. - .PARAMETER DomainAdministratorCredential - Credentials used to query for domain existence. + .PARAMETER Credential + Specifies the user name and password that corresponds to the account + used to install the domain controller. .PARAMETER SafemodeAdministratorPassword Password for the administrator account when the computer is started in Safe Mode. @@ -429,7 +432,7 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential, + $Credential, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] @@ -517,7 +520,7 @@ function Set-TargetResource if ($PSBoundParameters.ContainsKey('ParentDomainName')) { Write-Verbose -Message ($script:localizedData.CreatingChildDomain -f $DomainName, $ParentDomainName) - $installADDSParams['Credential'] = $DomainAdministratorCredential + $installADDSParams['Credential'] = $Credential $installADDSParams['NewDomainName'] = $DomainName $installADDSParams['ParentDomainName'] = $ParentDomainName $installADDSParams['DomainType'] = 'ChildDomain' diff --git a/DSCResources/MSFT_xADDomain/MSFT_xADDomain.schema.mof b/DSCResources/MSFT_ADDomain/MSFT_ADDomain.schema.mof similarity index 83% rename from DSCResources/MSFT_xADDomain/MSFT_xADDomain.schema.mof rename to DSCResources/MSFT_ADDomain/MSFT_ADDomain.schema.mof index 48e9220e1..99488a5fe 100644 --- a/DSCResources/MSFT_xADDomain/MSFT_xADDomain.schema.mof +++ b/DSCResources/MSFT_ADDomain/MSFT_ADDomain.schema.mof @@ -1,8 +1,8 @@ -[ClassVersion("1.0.1.0"), FriendlyName("xADDomain")] -class MSFT_xADDomain : OMI_BaseResource +[ClassVersion("1.0.1.0"), FriendlyName("ADDomain")] +class MSFT_ADDomain : OMI_BaseResource { [Key, Description("The fully qualified domain name (FQDN) of the new domain.")] String DomainName; - [Required, Description("Credentials used to query for domain existence."), EmbeddedInstance("MSFT_Credential")] String DomainAdministratorCredential; + [Required, Description("Specifies the user name and password that corresponds to the account used to install the domain controller."), EmbeddedInstance("MSFT_Credential")] String Credential; [Required, Description("Password for the administrator account when the computer is started in Safe Mode."), EmbeddedInstance("MSFT_Credential")] String SafemodeAdministratorPassword; [Write, Description("Fully qualified domain name (FQDN) of the parent domain.")] String ParentDomainName; [Write, Description("NetBIOS name for the new domain.")] String DomainNetbiosName; diff --git a/DSCResources/MSFT_ADDomain/README.md b/DSCResources/MSFT_ADDomain/README.md new file mode 100644 index 000000000..9dc0c25cc --- /dev/null +++ b/DSCResources/MSFT_ADDomain/README.md @@ -0,0 +1,7 @@ +# Description + +The ADDomain resource creates a new domain in a new forest or a child domain in an existing forest. While it is possible to set the forest functional level and the domain functional level during deployment with this resource the common restrictions apply. For more information see [TechNet](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels). + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADDomain/en-US/MSFT_xADDomain.strings.psd1 b/DSCResources/MSFT_ADDomain/en-US/MSFT_ADDomain.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADDomain/en-US/MSFT_xADDomain.strings.psd1 rename to DSCResources/MSFT_ADDomain/en-US/MSFT_ADDomain.strings.psd1 diff --git a/DSCResources/MSFT_ADDomain/en-US/about_ADDomain.help.txt b/DSCResources/MSFT_ADDomain/en-US/about_ADDomain.help.txt new file mode 100644 index 000000000..7675b8f66 --- /dev/null +++ b/DSCResources/MSFT_ADDomain/en-US/about_ADDomain.help.txt @@ -0,0 +1,152 @@ +.NAME + ADDomain + +.DESCRIPTION + The ADDomain resource creates a new domain in a new forest or a child domain in an existing forest. While it is possible to set the forest functional level and the domain functional level during deployment with this resource the common restrictions apply. For more information see [TechNet](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels). + + ## Requirements + + * Target machine must be running Windows Server 2008 R2 or later. + +.PARAMETER DomainName + Key - String + The fully qualified domain name (FQDN) of the new domain. + +.PARAMETER Credential + Required - String + Specifies the user name and password that corresponds to the account used to install the domain controller. + +.PARAMETER SafemodeAdministratorPassword + Required - String + Password for the administrator account when the computer is started in Safe Mode. + +.PARAMETER ParentDomainName + Write - String + Fully qualified domain name (FQDN) of the parent domain. + +.PARAMETER DomainNetbiosName + Write - String + NetBIOS name for the new domain. + +.PARAMETER DnsDelegationCredential + Write - String + Credential used for creating DNS delegation. + +.PARAMETER DatabasePath + Write - String + Path to a directory that contains the domain database. + +.PARAMETER LogPath + Write - String + Path to a directory for the log file that will be written. + +.PARAMETER SysvolPath + Write - String + Path to a directory where the Sysvol file will be written. + +.PARAMETER ForestMode + Write - String + Allowed values: Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold + The Forest Functional Level for the entire forest. + +.PARAMETER DomainMode + Write - String + Allowed values: Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold + The Domain Functional Level for the entire domain. + +.EXAMPLE 1 + +This configuration will create a new domain with a new forest and a forest +functional level of Server 2016. + +Configuration ADDomain_NewForest_Config +{ + param + ( + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword + ) + + Import-DscResource -ModuleName PSDscResources + Import-DscResource -ModuleName ActiveDirectoryDsc + + node 'localhost' + { + WindowsFeature 'ADDS' + { + Name = 'AD-Domain-Services' + Ensure = 'Present' + } + + WindowsFeature 'RSAT' + { + Name = 'RSAT-AD-PowerShell' + Ensure = 'Present' + } + + ADDomain 'contoso.com' + { + DomainName = 'contoso.com' + Credential = $Credential + SafemodeAdministratorPassword = $SafeModePassword + ForestMode = 'WinThreshold' + } + } +} + +.EXAMPLE 2 + +This configuration will create a new child domain in an existing forest with +a Domain Functional Level of Windows Server 2012R2. + +Configuration ADDomain_NewChildDomain_Config +{ + param + ( + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword + ) + + Import-DscResource -ModuleName PSDscResources + Import-DscResource -ModuleName ActiveDirectoryDsc + + node 'localhost' + { + WindowsFeature 'ADDS' + { + Name = 'AD-Domain-Services' + Ensure = 'Present' + } + + WindowsFeature 'RSAT' + { + Name = 'RSAT-AD-PowerShell' + Ensure = 'Present' + } + + ADDomain 'child' + { + DomainName = 'child' + Credential = $Credential + SafemodeAdministratorPassword = $SafeModePassword + DomainMode = 'Win2012R2' + ParentDomainName = 'contoso.com' + } + } +} + + diff --git a/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.psm1 b/DSCResources/MSFT_ADDomainController/MSFT_ADDomainController.psm1 similarity index 97% rename from DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.psm1 rename to DSCResources/MSFT_ADDomainController/MSFT_ADDomainController.psm1 index 026ca5f36..a63dc8ddd 100644 --- a/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.psm1 +++ b/DSCResources/MSFT_ADDomainController/MSFT_ADDomainController.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomainController' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADDomainController' <# .SYNOPSIS @@ -13,7 +13,7 @@ $script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomainControlle .PARAMETER DomainName Provide the FQDN of the domain the Domain Controller is being added to. - .PARAMETER DomainAdministrationCredential + .PARAMETER Credential Specifies the credential for the account used to install the domain controller. This account must have permission to access the other domain controllers in the domain to be able replicate domain information. @@ -50,7 +50,7 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential, + $Credential, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] @@ -81,7 +81,7 @@ function Get-TargetResource $getTargetResourceResult = @{ DomainName = $DomainName - DomainAdministratorCredential = $DomainAdministratorCredential + Credential = $Credential SafemodeAdministratorPassword = $SafemodeAdministratorPassword Ensure = $false IsGlobalCatalog = $false @@ -97,7 +97,7 @@ function Get-TargetResource try { - $domain = Get-ADDomain -Identity $DomainName -Credential $DomainAdministratorCredential + $domain = Get-ADDomain -Identity $DomainName -Credential $Credential } catch { @@ -109,7 +109,7 @@ function Get-TargetResource $script:localizedData.DomainPresent -f $DomainName ) - $domainControllerObject = Get-DomainControllerObject -DomainName $DomainName -ComputerName $env:COMPUTERNAME -Credential $DomainAdministratorCredential + $domainControllerObject = Get-DomainControllerObject -DomainName $DomainName -ComputerName $env:COMPUTERNAME -Credential $Credential if ($domainControllerObject) { Write-Verbose -Message ( @@ -153,7 +153,7 @@ function Get-TargetResource .PARAMETER DomainName Provide the FQDN of the domain the Domain Controller is being added to. - .PARAMETER DomainAdministrationCredential + .PARAMETER Credential Specifies the credential for the account used to install the domain controller. This account must have permission to access the other domain controllers in the domain to be able replicate domain information. @@ -218,7 +218,7 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential, + $Credential, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] @@ -283,7 +283,7 @@ function Set-TargetResource $installADDSDomainControllerParameters = @{ DomainName = $DomainName SafeModeAdministratorPassword = $SafemodeAdministratorPassword.Password - Credential = $DomainAdministratorCredential + Credential = $Credential NoRebootOnCompletion = $true Force = $true } @@ -363,7 +363,7 @@ function Set-TargetResource $script:localizedData.IsDomainController -f $env:COMPUTERNAME, $DomainName ) - $domainControllerObject = Get-DomainControllerObject -DomainName $DomainName -ComputerName $env:COMPUTERNAME -Credential $DomainAdministratorCredential + $domainControllerObject = Get-DomainControllerObject -DomainName $DomainName -ComputerName $env:COMPUTERNAME -Credential $Credential # Check if Node Global Catalog state is correct if ($PSBoundParameters.ContainsKey('IsGlobalCatalog') -and $targetResource.IsGlobalCatalog -ne $IsGlobalCatalog) @@ -395,7 +395,7 @@ function Set-TargetResource # DC is not in correct site. Move it. Write-Verbose -Message ($script:localizedData.MovingDomainController -f $targetResource.SiteName, $SiteName) - Move-ADDirectoryServer -Identity $env:COMPUTERNAME -Site $SiteName -Credential $DomainAdministratorCredential + Move-ADDirectoryServer -Identity $env:COMPUTERNAME -Site $SiteName -Credential $Credential } if ($PSBoundParameters.ContainsKey('AllowPasswordReplicationAccountName')) @@ -502,7 +502,7 @@ function Set-TargetResource .PARAMETER DomainName Provide the FQDN of the domain the Domain Controller is being added to. - .PARAMETER DomainAdministrationCredential + .PARAMETER Credential Specifies the credential for the account used to install the domain controller. This account must have permission to access the other domain controllers in the domain to be able replicate domain information. @@ -558,7 +558,7 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential, + $Credential, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] @@ -619,7 +619,7 @@ function Test-TargetResource if ($PSBoundParameters.ContainsKey('SiteName')) { - if (-not (Test-ADReplicationSite -SiteName $SiteName -DomainName $DomainName -Credential $DomainAdministratorCredential)) + if (-not (Test-ADReplicationSite -SiteName $SiteName -DomainName $DomainName -Credential $Credential)) { $errorMessage = $script:localizedData.FailedToFindSite -f $SiteName, $DomainName New-ObjectNotFoundException -Message $errorMessage diff --git a/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.schema.mof b/DSCResources/MSFT_ADDomainController/MSFT_ADDomainController.schema.mof similarity index 92% rename from DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.schema.mof rename to DSCResources/MSFT_ADDomainController/MSFT_ADDomainController.schema.mof index b6b374c72..2305054fa 100644 --- a/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.schema.mof +++ b/DSCResources/MSFT_ADDomainController/MSFT_ADDomainController.schema.mof @@ -1,8 +1,8 @@ -[ClassVersion("1.0.1.0"), FriendlyName("xADDomainController")] -class MSFT_xADDomainController : OMI_BaseResource +[ClassVersion("1.0.1.0"), FriendlyName("ADDomainController")] +class MSFT_ADDomainController : OMI_BaseResource { [Key, Description("The fully qualified domain name (FQDN) of the domain the Domain Controller will be joining.")] String DomainName; - [Required, Description("The credentials (as a 'PSCredential' object) of a user that has Domain Administrator rights to add the Domain Controller to the domain."), EmbeddedInstance("MSFT_Credential")] String DomainAdministratorCredential; + [Required, Description("The credentials (as a 'PSCredential' object) of a user that has Domain Administrator rights to add the Domain Controller to the domain."), EmbeddedInstance("MSFT_Credential")] String Credential; [Required, Description("The 'PSCredential' object containing the password to use for Directory Services Restore Mode (DSRM)."), EmbeddedInstance("MSFT_Credential")] String SafemodeAdministratorPassword; [Write, Description("The path where the database will be stored.")] String DatabasePath; [Write, Description("The path where the logs will be stored.")] String LogPath; diff --git a/DSCResources/MSFT_xADDomainController/README.md b/DSCResources/MSFT_ADDomainController/README.md similarity index 81% rename from DSCResources/MSFT_xADDomainController/README.md rename to DSCResources/MSFT_ADDomainController/README.md index a4c1e3f86..027785dc6 100644 --- a/DSCResources/MSFT_xADDomainController/README.md +++ b/DSCResources/MSFT_ADDomainController/README.md @@ -1,6 +1,6 @@ # Description -The xADDomainController DSC resource will install and configure domain +The ADDomainController DSC resource will install and configure domain controllers in Active Directory. Installation of Read-Only Domain Controllers (RODC) is also supported. @@ -10,13 +10,13 @@ on the domain controller. If this is not set, the default for the parameter Inst [Install-ADDSDomainController](https://docs.microsoft.com/en-us/powershell/module/addsdeployment/install-addsdomaincontroller) is used. ->**Note:** If the account used for the parameter `DomainAdministratorCredential` +>**Note:** If the account used for the parameter `Credential` >cannot connect to another domain controller, for example using a credential >without the domain name, then the cmdlet `Install-ADDSDomainController` will >seemingly halt (without reporting an error) when trying to replicate >information from another domain controller. >Make sure to use a correct domain account with the correct permission as ->the account for the parameter `DomainAdministratorCredential`. +>the account for the parameter `Credential`. ## Requirements diff --git a/DSCResources/MSFT_xADDomainController/en-US/MSFT_xADDomainController.strings.psd1 b/DSCResources/MSFT_ADDomainController/en-US/MSFT_ADDomainController.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADDomainController/en-US/MSFT_xADDomainController.strings.psd1 rename to DSCResources/MSFT_ADDomainController/en-US/MSFT_ADDomainController.strings.psd1 diff --git a/DSCResources/MSFT_xADDomainController/en-US/about_xADDomainController.help.txt b/DSCResources/MSFT_ADDomainController/en-US/about_ADDomainController.help.txt similarity index 71% rename from DSCResources/MSFT_xADDomainController/en-US/about_xADDomainController.help.txt rename to DSCResources/MSFT_ADDomainController/en-US/about_ADDomainController.help.txt index e71ad79d7..1a84944ed 100644 --- a/DSCResources/MSFT_xADDomainController/en-US/about_xADDomainController.help.txt +++ b/DSCResources/MSFT_ADDomainController/en-US/about_ADDomainController.help.txt @@ -1,18 +1,18 @@ .NAME - xADDomainController + ADDomainController .DESCRIPTION - The xADDomainController DSC resource will install and configure domain + The ADDomainController DSC resource will install and configure domain controllers in Active Directory. Installation of Read-Only Domain Controllers (RODC) is also supported. - >**Note:** If the account used for the parameter `DomainAdministratorCredential` + >**Note:** If the account used for the parameter `Credential` >cannot connect to another domain controller, for example using a credential >without the domain name, then the cmdlet `Install-ADDSDomainController` will >seemingly halt (without reporting an error) when trying to replicate >information from another domain controller. >Make sure to use a correct domain account with the correct permission as - >the account for the parameter `DomainAdministratorCredential`. + >the account for the parameter `Credential`. ## Requirements @@ -22,7 +22,7 @@ Key - String The fully qualified domain name (FQDN) of the domain the Domain Controller will be joining. -.PARAMETER DomainAdministratorCredential +.PARAMETER Credential Required - String The credentials (as a 'PSCredential' object) of a user that has Domain Administrator rights to add the Domain Controller to the domain. @@ -75,18 +75,23 @@ This configuration will add a domain controller to the domain contoso.com. -Configuration AddDomainControllerToDomainMinimal_Config +Configuration ADDomainController_AddDomainControllerToDomainMinimal_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -104,23 +109,23 @@ Configuration AddDomainControllerToDomainMinimal_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'DomainControllerMinimal' + ADDomainController 'DomainControllerMinimal' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } @@ -130,18 +135,23 @@ Configuration AddDomainControllerToDomainMinimal_Config This configuration will add a domain controller to the domain contoso.com, specifying all properties of the resource. -Configuration AddDomainControllerToDomainAllProperties_Config +Configuration ADDomainController_AddDomainControllerToDomainAllProperties_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -159,28 +169,28 @@ Configuration AddDomainControllerToDomainAllProperties_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'DomainControllerAllProperties' + ADDomainController 'DomainControllerAllProperties' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword DatabasePath = 'C:\Windows\NTDS' LogPath = 'C:\Windows\Logs' SysvolPath = 'C:\Windows\SYSVOL' SiteName = 'Europe' IsGlobalCatalog = $true - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } @@ -190,18 +200,23 @@ Configuration AddDomainControllerToDomainAllProperties_Config This configuration will add a domain controller to the domain contoso.com using the information from media. -Configuration AddDomainControllerToDomainUsingIFM_Config +Configuration ADDomainController_AddDomainControllerToDomainUsingIFM_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -219,24 +234,24 @@ Configuration AddDomainControllerToDomainUsingIFM_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'DomainControllerWithIFM' + ADDomainController 'DomainControllerWithIFM' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword InstallationMediaPath = 'F:\IFM' - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } @@ -246,18 +261,23 @@ Configuration AddDomainControllerToDomainUsingIFM_Config This configuration will add a read-only domain controller to the domain contoso.com and specify a list of account, whose passwords are allowed/denied for synchronisation. -Configuration AddReadOnlyDomainController_Config +Configuration ADDomainController_AddReadOnlyDomainController_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -275,27 +295,27 @@ Configuration AddReadOnlyDomainController_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'Read-OnlyDomainController(RODC)' + ADDomainController 'Read-OnlyDomainController(RODC)' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword ReadOnlyReplica = $true SiteName = 'Default-First-Site-Name' AllowPasswordReplicationAccountName = @('pvdi.test1', 'pvdi.test') DenyPasswordReplicationAccountName = @('SVC_PVS', 'TA2SCVMM') - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.psm1 b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/MSFT_ADDomainDefaultPasswordPolicy.psm1 similarity index 97% rename from DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.psm1 rename to DSCResources/MSFT_ADDomainDefaultPasswordPolicy/MSFT_ADDomainDefaultPasswordPolicy.psm1 index 888c33c69..a01ee7ec5 100644 --- a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.psm1 +++ b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/MSFT_ADDomainDefaultPasswordPolicy.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomainDefaultPasswordPolicy' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADDomainDefaultPasswordPolicy' # List of changeable policy properties $mutablePropertyMap = @( diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.schema.mof b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/MSFT_ADDomainDefaultPasswordPolicy.schema.mof similarity index 91% rename from DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.schema.mof rename to DSCResources/MSFT_ADDomainDefaultPasswordPolicy/MSFT_ADDomainDefaultPasswordPolicy.schema.mof index eace07876..d34e317d5 100644 --- a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.schema.mof +++ b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/MSFT_ADDomainDefaultPasswordPolicy.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0"), FriendlyName("xADDomainDefaultPasswordPolicy")] -class MSFT_xADDomainDefaultPasswordPolicy : OMI_BaseResource +[ClassVersion("1.0.0"), FriendlyName("ADDomainDefaultPasswordPolicy")] +class MSFT_ADDomainDefaultPasswordPolicy : OMI_BaseResource { [Key, Description("Name of the domain to which the password policy will be applied.")] String DomainName; [Write, Description("Whether password complexity is enabled for the default password policy.")] Boolean ComplexityEnabled; diff --git a/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/README.md b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/README.md new file mode 100644 index 000000000..117554be9 --- /dev/null +++ b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/README.md @@ -0,0 +1,7 @@ +# Description + +The ADDomainDefaultPasswordPolicy DSC resource will manage an Active Directory domain's default password policy. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/MSFT_xADDomainDefaultPasswordPolicy.strings.psd1 b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/en-US/MSFT_ADDomainDefaultPasswordPolicy.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/MSFT_xADDomainDefaultPasswordPolicy.strings.psd1 rename to DSCResources/MSFT_ADDomainDefaultPasswordPolicy/en-US/MSFT_ADDomainDefaultPasswordPolicy.strings.psd1 diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/about_xADDomainDefaultPasswordPolicy.help.txt b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/en-US/about_ADDomainDefaultPasswordPolicy.help.txt similarity index 81% rename from DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/about_xADDomainDefaultPasswordPolicy.help.txt rename to DSCResources/MSFT_ADDomainDefaultPasswordPolicy/en-US/about_ADDomainDefaultPasswordPolicy.help.txt index 9ceea6f2a..f18206efd 100644 --- a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/about_xADDomainDefaultPasswordPolicy.help.txt +++ b/DSCResources/MSFT_ADDomainDefaultPasswordPolicy/en-US/about_ADDomainDefaultPasswordPolicy.help.txt @@ -1,8 +1,8 @@ .NAME - xADDomainDefaultPasswordPolicy + ADDomainDefaultPasswordPolicy .DESCRIPTION - The xADDomainDefaultPasswordPolicy DSC resource will manage an Active Directory domain's default password policy. + The ADDomainDefaultPasswordPolicy DSC resource will manage an Active Directory domain's default password policy. ## Requirements @@ -61,28 +61,28 @@ This configuration will set an Active Directory domain's default password policy to set the minimum password length and complexity. -Configuration ConfigureDefaultPasswordPolicy_Config +Configuration ADDomainDefaultPasswordPolicy_ConfigureDefaultPasswordPolicy_Config { Param ( - [parameter(Mandatory = $true)] + [Parameter(Mandatory = $true)] [System.String] $DomainName, - [parameter(Mandatory = $true)] + [Parameter(Mandatory = $true)] [System.Boolean] $ComplexityEnabled, - [parameter(Mandatory = $true)] + [Parameter(Mandatory = $true)] [System.Int32] $MinPasswordLength ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADDomainDefaultPasswordPolicy 'DefaultPasswordPolicy' + ADDomainDefaultPasswordPolicy 'DefaultPasswordPolicy' { DomainName = $DomainName ComplexityEnabled = $ComplexityEnabled diff --git a/DSCResources/MSFT_xADDomainTrust/MSFT_xADDomainTrust.psm1 b/DSCResources/MSFT_ADDomainTrust/MSFT_ADDomainTrust.psm1 similarity index 90% rename from DSCResources/MSFT_xADDomainTrust/MSFT_xADDomainTrust.psm1 rename to DSCResources/MSFT_ADDomainTrust/MSFT_ADDomainTrust.psm1 index 0bc70b70b..51252549c 100644 --- a/DSCResources/MSFT_xADDomainTrust/MSFT_xADDomainTrust.psm1 +++ b/DSCResources/MSFT_ADDomainTrust/MSFT_ADDomainTrust.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomainTrust' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADDomainTrust' <# .SYNOPSIS @@ -17,7 +17,7 @@ $script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomainTrust' .PARAMETER TargetDomainName Specifies the name of the Active Directory domain that is being trusted. - .PARAMETER TargetDomainAdministratorCredential + .PARAMETER TargetCredential Specifies the credentials to authenticate to the target domain. .PARAMETER TrustType @@ -43,7 +43,7 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $TargetDomainAdministratorCredential, + $TargetCredential, [Parameter(Mandatory = $true)] [ValidateSet('External', 'Forest')] @@ -57,19 +57,19 @@ function Get-TargetResource ) # Return a credential object without the password. - $cimCredentialInstance = New-CimCredentialInstance -Credential $TargetDomainAdministratorCredential + $cimCredentialInstance = New-CimCredentialInstance -Credential $TargetCredential $returnValue = @{ - SourceDomainName = $SourceDomainName - TargetDomainName = $TargetDomainName - TargetDomainAdministratorCredential = $cimCredentialInstance + SourceDomainName = $SourceDomainName + TargetDomainName = $TargetDomainName + TargetCredential = $cimCredentialInstance } $getTrustTargetAndSourceObject = @{ - SourceDomainName = $SourceDomainName - TargetDomainName = $TargetDomainName - TargetDomainAdministratorCredential = $TargetDomainAdministratorCredential - TrustType = $TrustType + SourceDomainName = $SourceDomainName + TargetDomainName = $TargetDomainName + TargetCredential = $TargetCredential + TrustType = $TrustType } $trustSource, $trustTarget = Get-TrustSourceAndTargetObject @getTrustTargetAndSourceObject @@ -114,7 +114,7 @@ function Get-TargetResource .PARAMETER TargetDomainName Specifies the name of the Active Directory domain that is being trusted. - .PARAMETER TargetDomainAdministratorCredential + .PARAMETER TargetCredential Specifies the credentials to authenticate to the target domain. .PARAMETER TrustType @@ -143,7 +143,7 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $TargetDomainAdministratorCredential, + $TargetCredential, [Parameter(Mandatory = $true)] [ValidateSet('External', 'Forest')] @@ -162,10 +162,10 @@ function Set-TargetResource ) $getTrustTargetAndSourceObject = @{ - SourceDomainName = $SourceDomainName - TargetDomainName = $TargetDomainName - TargetDomainAdministratorCredential = $TargetDomainAdministratorCredential - TrustType = $TrustType + SourceDomainName = $SourceDomainName + TargetDomainName = $TargetDomainName + TargetCredential = $TargetCredential + TrustType = $TrustType } $trustSource, $trustTarget = Get-TrustSourceAndTargetObject @getTrustTargetAndSourceObject @@ -283,7 +283,7 @@ function Set-TargetResource .PARAMETER TargetDomainName Specifies the name of the Active Directory domain that is being trusted. - .PARAMETER TargetDomainAdministratorCredential + .PARAMETER TargetCredential Specifies the credentials to authenticate to the target domain. .PARAMETER TrustType @@ -313,7 +313,7 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $TargetDomainAdministratorCredential, + $TargetCredential, [Parameter(Mandatory = $true)] [ValidateSet('External', 'Forest')] @@ -369,7 +369,7 @@ function Test-TargetResource .PARAMETER TargetDomainName Specifies the name of the Active Directory domain that is being trusted. - .PARAMETER TargetDomainAdministratorCredential + .PARAMETER TargetCredential Specifies the credentials to authenticate to the target domain. .PARAMETER TrustType @@ -398,7 +398,7 @@ function Compare-TargetResourceState [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $TargetDomainAdministratorCredential, + $TargetCredential, [Parameter(Mandatory = $true)] [ValidateSet('External', 'Forest')] @@ -417,11 +417,11 @@ function Compare-TargetResourceState ) $getTargetResourceParameters = @{ - SourceDomainName = $SourceDomainName - TargetDomainName = $TargetDomainName - TargetDomainAdministratorCredential = $TargetDomainAdministratorCredential - TrustType = $TrustType - TrustDirection = $TrustDirection + SourceDomainName = $SourceDomainName + TargetDomainName = $TargetDomainName + TargetCredential = $TargetCredential + TrustType = $TrustType + TrustDirection = $TrustDirection } $getTargetResourceResult = Get-TargetResource @getTargetResourceParameters @@ -476,7 +476,7 @@ function Compare-TargetResourceState .NOTES This is a wrapper to enable unit testing of this resource. - see issue https://github.com/PowerShell/xActiveDirectory/issues/324 + see issue https://github.com/PowerShell/ActiveDirectoryDsc/issues/324 for more information. #> function Get-ActiveDirectoryDomain @@ -505,7 +505,7 @@ function Get-ActiveDirectoryDomain .NOTES This is a wrapper to enable unit testing of this resource. - see issue https://github.com/PowerShell/xActiveDirectory/issues/324 + see issue https://github.com/PowerShell/ActiveDirectoryDsc/issues/324 for more information. #> function Get-ActiveDirectoryForest @@ -604,7 +604,7 @@ function ConvertFrom-DirectoryContextType .PARAMETER TargetDomainName Specifies the name of the Active Directory domain that is being trusted. - .PARAMETER TargetDomainAdministratorCredential + .PARAMETER TargetCredential Specifies the credentials to authenticate to the target domain. .PARAMETER TrustType @@ -632,7 +632,7 @@ function Get-TrustSourceAndTargetObject [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $TargetDomainAdministratorCredential, + $TargetCredential, [Parameter(Mandatory = $true)] [ValidateSet('External', 'Forest')] @@ -646,7 +646,7 @@ function Get-TrustSourceAndTargetObject $getADDirectoryContextParameters = @{ DirectoryContextType = $directoryContextType Name = $TargetDomainName - Credential = $TargetDomainAdministratorCredential + Credential = $TargetCredential } $targetDirectoryContext = Get-ADDirectoryContext @getADDirectoryContextParameters diff --git a/DSCResources/MSFT_xADDomainTrust/MSFT_xADDomainTrust.schema.mof b/DSCResources/MSFT_ADDomainTrust/MSFT_ADDomainTrust.schema.mof similarity index 86% rename from DSCResources/MSFT_xADDomainTrust/MSFT_xADDomainTrust.schema.mof rename to DSCResources/MSFT_ADDomainTrust/MSFT_ADDomainTrust.schema.mof index 4c7a3837e..0e6fd0b7e 100644 --- a/DSCResources/MSFT_xADDomainTrust/MSFT_xADDomainTrust.schema.mof +++ b/DSCResources/MSFT_ADDomainTrust/MSFT_ADDomainTrust.schema.mof @@ -1,8 +1,8 @@ -[ClassVersion("1.0.1.0"), FriendlyName("xADDomainTrust")] -class MSFT_xADDomainTrust : OMI_BaseResource +[ClassVersion("1.0.1.0"), FriendlyName("ADDomainTrust")] +class MSFT_ADDomainTrust : OMI_BaseResource { [Write, Description("Specifies whether the computer account is present or absent. Default value is 'Present'."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; - [Required, Description("Specifies the credentials to authenticate to the target domain."), EmbeddedInstance("MSFT_Credential")] String TargetDomainAdministratorCredential; + [Required, Description("Specifies the credentials to authenticate to the target domain."), EmbeddedInstance("MSFT_Credential")] String TargetCredential; [Key, Description("Specifies the name of the Active Directory domain that is being trusted.")] String TargetDomainName; [Required, Description("Specifies the type of trust. The value 'External' means the context Domain, while the value 'Forest' means the context 'Forest'."), ValueMap{"External","Forest"}, Values{"External","Forest"}] String TrustType; [Required, Description("Specifies the direction of the trust."), ValueMap{"Bidirectional","Inbound","Outbound"}, Values{"Bidirectional","Inbound","Outbound"}] String TrustDirection; diff --git a/DSCResources/MSFT_ADDomainTrust/README.md b/DSCResources/MSFT_ADDomainTrust/README.md new file mode 100644 index 000000000..f8743205d --- /dev/null +++ b/DSCResources/MSFT_ADDomainTrust/README.md @@ -0,0 +1,7 @@ +# Description + +The ADDomainTrust DSC resource will manage Domain Trusts within Active Directory. A trust is a relationship, which you establish between domains or forests. To understand more about trusts in Active Directory, please see the article [Forest Design Models](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/forest-design-models) for more information. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADDomainTrust/en-US/MSFT_xADDomainTrust.strings.psd1 b/DSCResources/MSFT_ADDomainTrust/en-US/MSFT_ADDomainTrust.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADDomainTrust/en-US/MSFT_xADDomainTrust.strings.psd1 rename to DSCResources/MSFT_ADDomainTrust/en-US/MSFT_ADDomainTrust.strings.psd1 diff --git a/DSCResources/MSFT_xADDomainTrust/en-US/about_xADDomainTrust.help.txt b/DSCResources/MSFT_ADDomainTrust/en-US/about_ADDomainTrust.help.txt similarity index 60% rename from DSCResources/MSFT_xADDomainTrust/en-US/about_xADDomainTrust.help.txt rename to DSCResources/MSFT_ADDomainTrust/en-US/about_ADDomainTrust.help.txt index 4d815b085..c1b955a39 100644 --- a/DSCResources/MSFT_xADDomainTrust/en-US/about_xADDomainTrust.help.txt +++ b/DSCResources/MSFT_ADDomainTrust/en-US/about_ADDomainTrust.help.txt @@ -1,8 +1,8 @@ .NAME - xADDomainTrust + ADDomainTrust .DESCRIPTION - The xADDomainTrust DSC resource will manage Domain Trusts within Active Directory. A trust is a relationship, which you establish between domains or forests. To understand more about trusts in Active Directory, please see the article [Forest Design Models](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/forest-design-models) for more information. + The ADDomainTrust DSC resource will manage Domain Trusts within Active Directory. A trust is a relationship, which you establish between domains or forests. To understand more about trusts in Active Directory, please see the article [Forest Design Models](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/forest-design-models) for more information. ## Requirements @@ -13,7 +13,7 @@ Allowed values: Present, Absent Specifies whether the computer account is present or absent. Default value is 'Present'. -.PARAMETER TargetDomainAdministratorCredential +.PARAMETER TargetCredential Required - String Specifies the credentials to authenticate to the target domain. @@ -40,7 +40,7 @@ This configuration will create a new one way inbound trust between two domains. -Configuration NewOneWayTrust_Config +Configuration ADDomainTrust_NewOneWayTrust_Config { param ( @@ -57,18 +57,18 @@ Configuration NewOneWayTrust_Config $TargetDomainAdminCred ) - Import-DscResource -module xActiveDirectory + Import-DscResource -module ActiveDirectoryDsc node localhost { - xADDomainTrust 'Trust' + ADDomainTrust 'Trust' { - Ensure = 'Present' - SourceDomainName = $SourceDomain - TargetDomainName = $TargetDomain - TargetDomainAdministratorCredential = $TargetDomainAdminCred - TrustDirection = 'Inbound' - TrustType = 'External' + Ensure = 'Present' + SourceDomainName = $SourceDomain + TargetDomainName = $TargetDomain + TargetCredential = $TargetDomainAdminCred + TrustDirection = 'Inbound' + TrustType = 'External' } } } diff --git a/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.psm1 b/DSCResources/MSFT_ADForestProperties/MSFT_ADForestProperties.psm1 similarity index 98% rename from DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.psm1 rename to DSCResources/MSFT_ADForestProperties/MSFT_ADForestProperties.psm1 index ae0e28089..48753f750 100644 --- a/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.psm1 +++ b/DSCResources/MSFT_ADForestProperties/MSFT_ADForestProperties.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADForestProperties' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADForestProperties' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.schema.mof b/DSCResources/MSFT_ADForestProperties/MSFT_ADForestProperties.schema.mof similarity index 93% rename from DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.schema.mof rename to DSCResources/MSFT_ADForestProperties/MSFT_ADForestProperties.schema.mof index 598344895..4e1901592 100644 --- a/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.schema.mof +++ b/DSCResources/MSFT_ADForestProperties/MSFT_ADForestProperties.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADForestProperties")] -class MSFT_xADForestProperties : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADForestProperties")] +class MSFT_ADForestProperties : OMI_BaseResource { [Write, Description("Specifies the user account credentials to use to perform this task."), EmbeddedInstance("MSFT_Credential")] String Credential; [Key, Description("Specifies the target Active Directory forest for the change.")] String ForestName; diff --git a/DSCResources/MSFT_ADForestProperties/README.md b/DSCResources/MSFT_ADForestProperties/README.md new file mode 100644 index 000000000..b99d888c4 --- /dev/null +++ b/DSCResources/MSFT_ADForestProperties/README.md @@ -0,0 +1,7 @@ +# Description + +The ADForestProperties DSC resource will manage User Principal Name (UPN) suffixes and Service Principal Name (SPN) suffixes in a forest. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADForestProperties/en-US/MSFT_xADForestProperties.strings.psd1 b/DSCResources/MSFT_ADForestProperties/en-US/MSFT_ADForestProperties.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADForestProperties/en-US/MSFT_xADForestProperties.strings.psd1 rename to DSCResources/MSFT_ADForestProperties/en-US/MSFT_ADForestProperties.strings.psd1 diff --git a/DSCResources/MSFT_xADForestProperties/en-US/about_xADForestProperties.help.txt b/DSCResources/MSFT_ADForestProperties/en-US/about_ADForestProperties.help.txt similarity index 76% rename from DSCResources/MSFT_xADForestProperties/en-US/about_xADForestProperties.help.txt rename to DSCResources/MSFT_ADForestProperties/en-US/about_ADForestProperties.help.txt index ebd50ebac..6aaae6968 100644 --- a/DSCResources/MSFT_xADForestProperties/en-US/about_xADForestProperties.help.txt +++ b/DSCResources/MSFT_ADForestProperties/en-US/about_ADForestProperties.help.txt @@ -1,8 +1,8 @@ .NAME - xADForestProperties + ADForestProperties .DESCRIPTION - The xADForestProperties DSC resource will manage User Principal Name (UPN) suffixes and Service Principal Name (SPN) suffixes in a forest. + The ADForestProperties DSC resource will manage User Principal Name (UPN) suffixes and Service Principal Name (SPN) suffixes in a forest. ## Requirements @@ -46,46 +46,34 @@ This configuration will manage the Service and User Principal name suffixes in the forest by replacing any existing suffixes with the ones specified in the configuration. -Configuration ReplaceForestProperties_Config +Configuration ADForestProperties_ReplaceForestProperties_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc - node $AllNodes.NodeName + node 'localhost' { - xADForestProperties $Node.ForestName + ADForestProperties $Node.ForestName { - ForestName = $Node.ForestName - UserPrincipalNameSuffix = $Node.UserPrincipalNameSuffix - ServicePrincipalNameSuffix = $Node.ServicePrincipalNameSuffix - } - } -} - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'dc.contoso.com' ForestName = 'contoso.com' UserPrincipalNameSuffix = 'fabrikam.com', 'industry.com' ServicePrincipalNameSuffix = 'corporate.com' } - ) + } } - .EXAMPLE 2 This configuration will manage the Service and User Principal name suffixes in the forest by adding and removing the desired suffixes. This will not overwrite existing suffixes in the forest. -Configuration AddRemoveForestProperties_Config +Configuration ADForestProperties_AddRemoveForestProperties_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADForestProperties 'ContosoProperties' + ADForestProperties 'ContosoProperties' { ForestName = 'contoso.com' ServicePrincipalNameSuffixToAdd = 'test.net' diff --git a/DSCResources/MSFT_xADGroup/MSFT_xADGroup.psm1 b/DSCResources/MSFT_ADGroup/MSFT_ADGroup.psm1 similarity index 99% rename from DSCResources/MSFT_xADGroup/MSFT_xADGroup.psm1 rename to DSCResources/MSFT_ADGroup/MSFT_ADGroup.psm1 index 85ece60a3..6f121e385 100644 --- a/DSCResources/MSFT_xADGroup/MSFT_xADGroup.psm1 +++ b/DSCResources/MSFT_ADGroup/MSFT_ADGroup.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADGroup' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADGroup' function Get-TargetResource { diff --git a/DSCResources/MSFT_xADGroup/MSFT_xADGroup.schema.mof b/DSCResources/MSFT_ADGroup/MSFT_ADGroup.schema.mof similarity index 95% rename from DSCResources/MSFT_xADGroup/MSFT_xADGroup.schema.mof rename to DSCResources/MSFT_ADGroup/MSFT_ADGroup.schema.mof index 00f1e56e3..56d434be6 100644 --- a/DSCResources/MSFT_xADGroup/MSFT_xADGroup.schema.mof +++ b/DSCResources/MSFT_ADGroup/MSFT_ADGroup.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.1.0"), FriendlyName("xADGroup")] -class MSFT_xADGroup : OMI_BaseResource +[ClassVersion("1.0.1.0"), FriendlyName("ADGroup")] +class MSFT_ADGroup : OMI_BaseResource { [Key, Description("Name of the Active Directory group.")] String GroupName; [Write, Description("Active Directory group scope. Default value is 'Group'."), ValueMap{"DomainLocal","Global","Universal"}, Values{"DomainLocal","Global","Universal"}] String GroupScope; diff --git a/DSCResources/MSFT_xADGroup/README.md b/DSCResources/MSFT_ADGroup/README.md similarity index 58% rename from DSCResources/MSFT_xADGroup/README.md rename to DSCResources/MSFT_ADGroup/README.md index 20ddd1779..f77571175 100644 --- a/DSCResources/MSFT_xADGroup/README.md +++ b/DSCResources/MSFT_ADGroup/README.md @@ -1,6 +1,6 @@ # Description -The xADGroup DSC resource will manage groups within Active Directory. +The ADGroup DSC resource will manage groups within Active Directory. ## Requirements diff --git a/DSCResources/MSFT_xADGroup/en-US/MSFT_xADGroup.strings.psd1 b/DSCResources/MSFT_ADGroup/en-US/MSFT_ADGroup.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADGroup/en-US/MSFT_xADGroup.strings.psd1 rename to DSCResources/MSFT_ADGroup/en-US/MSFT_ADGroup.strings.psd1 diff --git a/DSCResources/MSFT_xADGroup/en-US/about_xADGroup.help.txt b/DSCResources/MSFT_ADGroup/en-US/about_ADGroup.help.txt similarity index 88% rename from DSCResources/MSFT_xADGroup/en-US/about_xADGroup.help.txt rename to DSCResources/MSFT_ADGroup/en-US/about_ADGroup.help.txt index b832d0e4f..b721b4159 100644 --- a/DSCResources/MSFT_xADGroup/en-US/about_xADGroup.help.txt +++ b/DSCResources/MSFT_ADGroup/en-US/about_ADGroup.help.txt @@ -1,8 +1,8 @@ .NAME - xADGroup + ADGroup .DESCRIPTION - The xADGroup DSC resource will manage groups within Active Directory. + The ADGroup DSC resource will manage groups within Active Directory. ## Requirements @@ -80,7 +80,7 @@ This configuration will create a new domain-local group -Configuration NewGroup_Config +Configuration ADGroup_NewGroup_Config { param ( @@ -101,11 +101,11 @@ Configuration NewGroup_Config $Description ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADGroup 'ExampleGroup' + ADGroup 'ExampleGroup' { GroupName = $GroupName GroupScope = $Scope @@ -120,13 +120,13 @@ Configuration NewGroup_Config This configuration will create a new domain-local group with three members. -Configuration NewGroupWithMembers_Config +Configuration ADGroup_NewGroupWithMembers_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADGroup 'dl1' + ADGroup 'dl1' { GroupName = 'DL_APP_1' GroupScope = 'DomainLocal' @@ -140,13 +140,13 @@ Configuration NewGroupWithMembers_Config This configuration will create a new domain-local group in contoso with three members in different domains. -Configuration NewGroupMultiDomainMembers_Config +Configuration ADGroup_NewGroupMultiDomainMembers_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADGroup 'dl1' + ADGroup 'dl1' { GroupName = 'DL_APP_1' GroupScope = 'DomainLocal' diff --git a/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.psm1 b/DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.psm1 similarity index 99% rename from DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.psm1 rename to DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.psm1 index da9c670bb..34880dd47 100644 --- a/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.psm1 +++ b/DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADKDSKey' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADKDSKey' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.schema.mof b/DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.schema.mof similarity index 96% rename from DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.schema.mof rename to DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.schema.mof index 770a9b757..50ea5f464 100644 --- a/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.schema.mof +++ b/DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.1.0"), FriendlyName("xADKDSKey")] -class MSFT_xADKDSKey : OMI_BaseResource +[ClassVersion("1.0.1.0"), FriendlyName("ADKDSKey")] +class MSFT_ADKDSKey : OMI_BaseResource { [Key, Description("Specifies the Effective time when a KDS root key can be used. There is a 10 hour minimum from creation date to allow active directory to properly replicate across all domain controllers. For this reason, the date must be set in the future for creation. While this parameter accepts a string, it will be converted into a DateTime object. This will also try to take into account cultural settings. Example: '05/01/1999 13:00 using default or 'en-US' culture would be May 1st, but using 'de-DE' culture would be 5th of January. The culture is automatically pulled from the operating system and this can be checked using 'Get-Culture'.")] String EffectiveTime; [Write, Description("Specifies if this KDS Root Key should be present or absent. Default value is 'Present'."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; diff --git a/DSCResources/MSFT_ADKDSKey/README.md b/DSCResources/MSFT_ADKDSKey/README.md new file mode 100644 index 000000000..fe951027c --- /dev/null +++ b/DSCResources/MSFT_ADKDSKey/README.md @@ -0,0 +1,7 @@ +# Description + +The ADKDSKey DSC resource will manage KDS Root Keys within Active Directory. The KDS root keys are used to begin generating Group Managed Service Account (gMSA) passwords. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADKDSKey/en-US/MSFT_xADKDSKey.strings.psd1 b/DSCResources/MSFT_ADKDSKey/en-US/MSFT_ADKDSKey.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADKDSKey/en-US/MSFT_xADKDSKey.strings.psd1 rename to DSCResources/MSFT_ADKDSKey/en-US/MSFT_ADKDSKey.strings.psd1 diff --git a/DSCResources/MSFT_xADKDSKey/en-US/about_xADKDSKey.help.txt b/DSCResources/MSFT_ADKDSKey/en-US/about_ADKDSKey.help.txt similarity index 85% rename from DSCResources/MSFT_xADKDSKey/en-US/about_xADKDSKey.help.txt rename to DSCResources/MSFT_ADKDSKey/en-US/about_ADKDSKey.help.txt index de8a0579d..9d72ef3d1 100644 --- a/DSCResources/MSFT_xADKDSKey/en-US/about_xADKDSKey.help.txt +++ b/DSCResources/MSFT_ADKDSKey/en-US/about_ADKDSKey.help.txt @@ -1,8 +1,8 @@ .NAME - xADKDSKey + ADKDSKey .DESCRIPTION - The xADKDSKey DSC resource will manage KDS Root Keys within Active Directory. The KDS root keys are used to begin generating Group Managed Service Account (gMSA) passwords. + The ADKDSKey DSC resource will manage KDS Root Keys within Active Directory. The KDS root keys are used to begin generating Group Managed Service Account (gMSA) passwords. ## Requirements @@ -43,13 +43,13 @@ This configuration will create a KDS root key. If the date is set to a time slightly ahead in the future, the key won't be usable for at least 10 hours from the creation time. -Configuration CreateKDSRootKey_Config +Configuration ADKDSKey_CreateKDSRootKey_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADKDSKey 'ExampleKDSRootKey' + ADKDSKey 'ExampleKDSRootKey' { Ensure = 'Present' EffectiveTime = '1/1/2030 13:00' @@ -65,13 +65,13 @@ the key to be used right away, but if all the domain controllers haven't replicated yet, there may be issues when retrieving the gMSA password. Use with caution -Configuration CreateKDSRootKeyInPast_Config +Configuration ADKDSKey_CreateKDSRootKeyInPast_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADKDSKey 'ExampleKDSRootKeyInPast' + ADKDSKey 'ExampleKDSRootKeyInPast' { Ensure = 'Present' EffectiveTime = '1/1/1999 13:00' @@ -86,13 +86,13 @@ This configuration will remove the last KDS root key. Use with caution. If gMSAs are installed on the network, they will not be able to reset their passwords and it may cause services to fail. -Configuration CreateKDSRootKeyRemoveLastKey_Config +Configuration ADKDSKey_CreateKDSRootKeyRemoveLastKey_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADKDSKey 'ExampleKDSRootKeyForceRemove' + ADKDSKey 'ExampleKDSRootKeyForceRemove' { Ensure = 'Absent' EffectiveTime = '1/1/2030 13:00' diff --git a/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.psm1 b/DSCResources/MSFT_ADManagedServiceAccount/MSFT_ADManagedServiceAccount.psm1 similarity index 99% rename from DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.psm1 rename to DSCResources/MSFT_ADManagedServiceAccount/MSFT_ADManagedServiceAccount.psm1 index 2e794a1e0..c2006b21b 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.psm1 +++ b/DSCResources/MSFT_ADManagedServiceAccount/MSFT_ADManagedServiceAccount.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADManagedServiceAccount' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADManagedServiceAccount' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.schema.mof b/DSCResources/MSFT_ADManagedServiceAccount/MSFT_ADManagedServiceAccount.schema.mof similarity index 95% rename from DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.schema.mof rename to DSCResources/MSFT_ADManagedServiceAccount/MSFT_ADManagedServiceAccount.schema.mof index fc6a69a6a..4fd5b245a 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.schema.mof +++ b/DSCResources/MSFT_ADManagedServiceAccount/MSFT_ADManagedServiceAccount.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.1.0"), FriendlyName("xADManagedServiceAccount")] -class MSFT_xADManagedServiceAccount : OMI_BaseResource +[ClassVersion("1.0.1.0"), FriendlyName("ADManagedServiceAccount")] +class MSFT_ADManagedServiceAccount : OMI_BaseResource { [Key, Description("Specifies the Security Account Manager (SAM) account name of the managed service account (ldapDisplayName 'sAMAccountName'). To be compatible with older operating systems, create a SAM account name that is 20 characters or less. Once created, the user's SamAccountName and CN cannot be changed.")] String ServiceAccountName; [Write, Description("Specifies whether the user account is created or deleted. If not specified, this value defaults to Present."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; diff --git a/DSCResources/MSFT_xADManagedServiceAccount/README.md b/DSCResources/MSFT_ADManagedServiceAccount/README.md similarity index 50% rename from DSCResources/MSFT_xADManagedServiceAccount/README.md rename to DSCResources/MSFT_ADManagedServiceAccount/README.md index 0194eeb6b..059ae005a 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/README.md +++ b/DSCResources/MSFT_ADManagedServiceAccount/README.md @@ -1,6 +1,6 @@ # Description -The xADManagedServiceAccount DSC resource will manage Single and Group Managed Service Accounts (MSAs) within Active Directory. A Managed Service Account is a managed domain account that provides automatic password management, simplified service principal name (SPN) management and the ability to delegate management to other administrators. +The ADManagedServiceAccount DSC resource will manage Single and Group Managed Service Accounts (MSAs) within Active Directory. A Managed Service Account is a managed domain account that provides automatic password management, simplified service principal name (SPN) management and the ability to delegate management to other administrators. A Single Managed Service Account can only be used on a single computer, whereas a Group Managed Service Account can be shared across multiple computers. ## Requirements diff --git a/DSCResources/MSFT_xADManagedServiceAccount/en-US/MSFT_xADManagedServiceAccount.strings.psd1 b/DSCResources/MSFT_ADManagedServiceAccount/en-US/MSFT_ADManagedServiceAccount.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADManagedServiceAccount/en-US/MSFT_xADManagedServiceAccount.strings.psd1 rename to DSCResources/MSFT_ADManagedServiceAccount/en-US/MSFT_ADManagedServiceAccount.strings.psd1 diff --git a/DSCResources/MSFT_xADManagedServiceAccount/en-US/about_xADManagedServiceAccount.help.txt b/DSCResources/MSFT_ADManagedServiceAccount/en-US/about_ADManagedServiceAccount.help.txt similarity index 81% rename from DSCResources/MSFT_xADManagedServiceAccount/en-US/about_xADManagedServiceAccount.help.txt rename to DSCResources/MSFT_ADManagedServiceAccount/en-US/about_ADManagedServiceAccount.help.txt index 430539200..9eb5b9b97 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/en-US/about_xADManagedServiceAccount.help.txt +++ b/DSCResources/MSFT_ADManagedServiceAccount/en-US/about_ADManagedServiceAccount.help.txt @@ -1,8 +1,8 @@ .NAME - xADManagedServiceAccount + ADManagedServiceAccount .DESCRIPTION - The xADManagedServiceAccount DSC resource will manage Single and Group Managed Service Accounts (MSAs) within Active Directory. A Managed Service Account is a managed domain account that provides automatic password management, simplified service principal name (SPN) management and the ability to delegate management to other administrators. + The ADManagedServiceAccount DSC resource will manage Single and Group Managed Service Accounts (MSAs) within Active Directory. A Managed Service Account is a managed domain account that provides automatic password management, simplified service principal name (SPN) management and the ability to delegate management to other administrators. A Single Managed Service Account can only be used on a single computer, whereas a Group Managed Service Account can be shared across multiple computers. ## Requirements @@ -69,13 +69,13 @@ This configuration will create a managed service account. -Configuration CreateManagedServiceAccount_Config +Configuration ADManagedServiceAccount_CreateManagedServiceAccount_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADManagedServiceAccount 'ExampleSingleMSA' + ADManagedServiceAccount 'ExampleSingleMSA' { Ensure = 'Present' ServiceAccountName = 'Service01' @@ -87,13 +87,13 @@ Configuration CreateManagedServiceAccount_Config This configuration will create a group managed service account. -Configuration CreateGroupManagedServiceAccount_Config +Configuration ADManagedServiceAccount_CreateGroupManagedServiceAccount_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADManagedServiceAccount 'ExampleGroupMSA' + ADManagedServiceAccount 'ExampleGroupMSA' { Ensure = 'Present' ServiceAccountName = 'Service01' @@ -107,13 +107,13 @@ Configuration CreateGroupManagedServiceAccount_Config This configuration will create a group managed service account with members. -Configuration CreateGroupManagedServiceAccountWithMembers_Config +Configuration ADManagedServiceAccount_CreateGroupManagedServiceAccountWithMembers_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADManagedServiceAccount 'AddingMembersUsingSamAccountName' + ADManagedServiceAccount 'AddingMembersUsingSamAccountName' { Ensure = 'Present' ServiceAccountName = 'Service01' @@ -122,7 +122,7 @@ Configuration CreateGroupManagedServiceAccountWithMembers_Config Members = 'User01', 'Computer01$' } - xADManagedServiceAccount 'AddingMembersUsingDN' + ADManagedServiceAccount 'AddingMembersUsingDN' { Ensure = 'Present' ServiceAccountName = 'Service02' diff --git a/DSCResources/MSFT_xADObjectEnabledState/MSFT_xADObjectEnabledState.psm1 b/DSCResources/MSFT_ADObjectEnabledState/MSFT_ADObjectEnabledState.psm1 similarity index 98% rename from DSCResources/MSFT_xADObjectEnabledState/MSFT_xADObjectEnabledState.psm1 rename to DSCResources/MSFT_ADObjectEnabledState/MSFT_ADObjectEnabledState.psm1 index f0aa78316..905e268c6 100644 --- a/DSCResources/MSFT_xADObjectEnabledState/MSFT_xADObjectEnabledState.psm1 +++ b/DSCResources/MSFT_ADObjectEnabledState/MSFT_ADObjectEnabledState.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADObjectEnabledState' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADObjectEnabledState' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADObjectEnabledState/MSFT_xADObjectEnabledState.schema.mof b/DSCResources/MSFT_ADObjectEnabledState/MSFT_ADObjectEnabledState.schema.mof similarity index 88% rename from DSCResources/MSFT_xADObjectEnabledState/MSFT_xADObjectEnabledState.schema.mof rename to DSCResources/MSFT_ADObjectEnabledState/MSFT_ADObjectEnabledState.schema.mof index 4c44b69a7..fa7b0b0dc 100644 --- a/DSCResources/MSFT_xADObjectEnabledState/MSFT_xADObjectEnabledState.schema.mof +++ b/DSCResources/MSFT_ADObjectEnabledState/MSFT_ADObjectEnabledState.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADObjectEnabledState")] -class MSFT_xADObjectEnabledState : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADObjectEnabledState")] +class MSFT_ADObjectEnabledState : OMI_BaseResource { [Key, Description("Specifies the identity of an object that has the object class specified in the parameter ObjectClass. When ObjectClass is set to 'Computer' then this property can be set to either distinguished name, GUID (objectGUID), security identifier (objectSid), or security Accounts Manager account name (sAMAccountName).")] String Identity; [Key, Description("Specifies the object class."), ValueMap{"Computer"}, Values{"Computer"}] String ObjectClass; diff --git a/DSCResources/MSFT_xADObjectEnabledState/README.md b/DSCResources/MSFT_ADObjectEnabledState/README.md similarity index 100% rename from DSCResources/MSFT_xADObjectEnabledState/README.md rename to DSCResources/MSFT_ADObjectEnabledState/README.md diff --git a/DSCResources/MSFT_xADObjectEnabledState/en-US/MSFT_xADObjectEnabledState.strings.psd1 b/DSCResources/MSFT_ADObjectEnabledState/en-US/MSFT_ADObjectEnabledState.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADObjectEnabledState/en-US/MSFT_xADObjectEnabledState.strings.psd1 rename to DSCResources/MSFT_ADObjectEnabledState/en-US/MSFT_ADObjectEnabledState.strings.psd1 diff --git a/DSCResources/MSFT_xADObjectEnabledState/en-US/about_xADObjectEnabledState.help.txt b/DSCResources/MSFT_ADObjectEnabledState/en-US/about_ADObjectEnabledState.help.txt similarity index 78% rename from DSCResources/MSFT_xADObjectEnabledState/en-US/about_xADObjectEnabledState.help.txt rename to DSCResources/MSFT_ADObjectEnabledState/en-US/about_ADObjectEnabledState.help.txt index bf022084f..66cc24821 100644 --- a/DSCResources/MSFT_xADObjectEnabledState/en-US/about_xADObjectEnabledState.help.txt +++ b/DSCResources/MSFT_ADObjectEnabledState/en-US/about_ADObjectEnabledState.help.txt @@ -1,5 +1,5 @@ .NAME - xADObjectEnabledState + ADObjectEnabledState .DESCRIPTION This resource enforces the property `Enabled` on the object class *Computer*. @@ -42,25 +42,25 @@ This configuration will create a computer account disabled, and enforcing the account to be enabled. -Configuration EnabledComputerAccount_Config +Configuration ADObjectEnabledState_EnabledComputerAccount_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateDisabled' + ADComputer 'CreateDisabled' { ComputerName = 'CLU_CNO01' EnabledOnCreation = $false } - xADObjectEnabledState 'EnforceEnabledPropertyToEnabled' + ADObjectEnabledState 'EnforceEnabledPropertyToEnabled' { Identity = 'CLU_CNO01' ObjectClass = 'Computer' Enabled = $true - DependsOn = '[xADComputer]CreateDisabled' + DependsOn = '[ADComputer]CreateDisabled' } } } @@ -71,22 +71,22 @@ This configuration will create a computer account disabled, configure a cluster using the disabled computer account, and enforcing the computer account to be enabled. -Configuration CreateClusterComputerAccount_Config +Configuration ADObjectEnabledState_CreateClusterComputerAccount_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc Import-DscResource -ModuleName xFailoverCluster node localhost { - xADComputer 'ClusterAccount' + ADComputer 'ClusterAccount' { ComputerName = 'CLU_CNO01' EnabledOnCreation = $false @@ -96,12 +96,12 @@ Configuration CreateClusterComputerAccount_Config { Name = 'CLU_CNO01' StaticIPAddress = '192.168.100.20/24' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainAdministratorCredential = $Credential - DependsOn = '[xADComputer]ClusterAccount' + DependsOn = '[ADComputer]ClusterAccount' } - xADObjectEnabledState 'EnforceEnabledPropertyToEnabled' + ADObjectEnabledState 'EnforceEnabledPropertyToEnabled' { Identity = 'CLU_CNO01' ObjectClass = 'Computer' @@ -117,17 +117,17 @@ Configuration CreateClusterComputerAccount_Config This configuration will configure a cluster using a pre-staged computer account, and enforcing the pre-staged computer account to be enabled. -Configuration EnabledPrestagedClusterComputerAccount_Config +Configuration ADObjectEnabledState_EnabledPrestagedClusterComputerAccount_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc Import-DscResource -ModuleName xFailoverCluster node localhost @@ -136,10 +136,10 @@ Configuration EnabledPrestagedClusterComputerAccount_Config { Name = 'CLU_CNO01' StaticIPAddress = '192.168.100.20/24' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainAdministratorCredential = $Credential } - xADObjectEnabledState 'EnforceEnabledPropertyToEnabled' + ADObjectEnabledState 'EnforceEnabledPropertyToEnabled' { Identity = 'CLU_CNO01' ObjectClass = 'Computer' diff --git a/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.psm1 b/DSCResources/MSFT_ADObjectPermissionEntry/MSFT_ADObjectPermissionEntry.psm1 similarity index 98% rename from DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.psm1 rename to DSCResources/MSFT_ADObjectPermissionEntry/MSFT_ADObjectPermissionEntry.psm1 index 5fa03f2a9..e58b8c170 100644 --- a/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.psm1 +++ b/DSCResources/MSFT_ADObjectPermissionEntry/MSFT_ADObjectPermissionEntry.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADObjectPermissionEntry' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADObjectPermissionEntry' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.schema.mof b/DSCResources/MSFT_ADObjectPermissionEntry/MSFT_ADObjectPermissionEntry.schema.mof similarity index 95% rename from DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.schema.mof rename to DSCResources/MSFT_ADObjectPermissionEntry/MSFT_ADObjectPermissionEntry.schema.mof index 433d4d004..b5e4770a5 100644 --- a/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.schema.mof +++ b/DSCResources/MSFT_ADObjectPermissionEntry/MSFT_ADObjectPermissionEntry.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADObjectPermissionEntry")] -class MSFT_xADObjectPermissionEntry : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADObjectPermissionEntry")] +class MSFT_ADObjectPermissionEntry : OMI_BaseResource { [Write, Description("Indicates if the access will be added (Present) or will be removed (Absent). Default value is 'Present'."), ValueMap{"Present", "Absent"}, Values{"Present", "Absent"}] String Ensure; [Key, Description("Active Directory path of the target object to add or remove the permission entry, specified as a Distinguished Name.")] String Path; diff --git a/DSCResources/MSFT_xADObjectPermissionEntry/README.md b/DSCResources/MSFT_ADObjectPermissionEntry/README.md similarity index 74% rename from DSCResources/MSFT_xADObjectPermissionEntry/README.md rename to DSCResources/MSFT_ADObjectPermissionEntry/README.md index 6d45c3916..993ab745d 100644 --- a/DSCResources/MSFT_xADObjectPermissionEntry/README.md +++ b/DSCResources/MSFT_ADObjectPermissionEntry/README.md @@ -1,6 +1,6 @@ # Description -The xADObjectPermissionEntry DSC resource will manage access control lists on Active Directory objects. The resource is +The ADObjectPermissionEntry DSC resource will manage access control lists on Active Directory objects. The resource is designed to to manage just one entry in the list of permissios (ACL) for one AD object. It will only interact with the one permission and leave all others as they were. The resource can be used multiple times to add multiple entries into one ACL. diff --git a/DSCResources/MSFT_xADObjectPermissionEntry/en-US/MSFT_xADObjectPermissionEntry.strings.psd1 b/DSCResources/MSFT_ADObjectPermissionEntry/en-US/MSFT_ADObjectPermissionEntry.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADObjectPermissionEntry/en-US/MSFT_xADObjectPermissionEntry.strings.psd1 rename to DSCResources/MSFT_ADObjectPermissionEntry/en-US/MSFT_ADObjectPermissionEntry.strings.psd1 diff --git a/DSCResources/MSFT_xADObjectPermissionEntry/en-US/about_xADObjectPermissionEntry.help.txt b/DSCResources/MSFT_ADObjectPermissionEntry/en-US/about_ADObjectPermissionEntry.help.txt similarity index 87% rename from DSCResources/MSFT_xADObjectPermissionEntry/en-US/about_xADObjectPermissionEntry.help.txt rename to DSCResources/MSFT_ADObjectPermissionEntry/en-US/about_ADObjectPermissionEntry.help.txt index 95fcc8bbf..9803a6454 100644 --- a/DSCResources/MSFT_xADObjectPermissionEntry/en-US/about_xADObjectPermissionEntry.help.txt +++ b/DSCResources/MSFT_ADObjectPermissionEntry/en-US/about_ADObjectPermissionEntry.help.txt @@ -1,8 +1,8 @@ .NAME - xADObjectPermissionEntry + ADObjectPermissionEntry .DESCRIPTION - The xADObjectPermissionEntry DSC resource will manage access control lists on Active Directory objects. The resource is + The ADObjectPermissionEntry DSC resource will manage access control lists on Active Directory objects. The resource is designed to to manage just one entry in the list of permissios (ACL) for one AD object. It will only interact with the one permission and leave all others as they were. The resource can be used multiple times to add multiple entries into one ACL. @@ -54,13 +54,13 @@ the virtual computer object (VCO) ROLE01 for a cluster name object (CNO) CONTOSO\CLUSTER01$. This is used so that the Windows Failover Cluster can control the roles AD objects. -Configuration DelegateFullControl_Config +Configuration ADObjectPermissionEntry_DelegateFullControl_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADObjectPermissionEntry 'ADObjectPermissionEntry' + ADObjectPermissionEntry 'ADObjectPermissionEntry' { Ensure = 'Present' Path = 'CN=ROLE01,CN=Computers,DC=contoso,DC=com' @@ -80,13 +80,13 @@ This configuration will add a group permission to create and delete (CreateChild,DeleteChild) computer objects in an OU and any sub-OUs that may get created. -Configuration CreateDeleteComputerObject_Config +Configuration ADObjectPermissionEntry_CreateDeleteComputerObject_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADObjectPermissionEntry 'ADObjectPermissionEntry' + ADObjectPermissionEntry 'ADObjectPermissionEntry' { Ensure = 'Present' Path = 'OU=ContosoComputers,DC=contoso,DC=com' @@ -106,13 +106,13 @@ This configuration will add a group permission to allow read and write (ReadProperty, WriteProperty) of all properties of computer objects in an OU and any sub-OUs that may get created. -Configuration ReadWriteComputerObjectProperties_Config +Configuration ADObjectPermissionEntry_ReadWriteComputerObjectProperties_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADObjectPermissionEntry 'ADObjectPermissionEntry' + ADObjectPermissionEntry 'ADObjectPermissionEntry' { Ensure = 'Present' Path = 'OU=ContosoComputers,DC=contoso,DC=com' diff --git a/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.psm1 b/DSCResources/MSFT_ADOrganizationalUnit/MSFT_ADOrganizationalUnit.psm1 similarity index 98% rename from DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.psm1 rename to DSCResources/MSFT_ADOrganizationalUnit/MSFT_ADOrganizationalUnit.psm1 index f4c5e0fde..fac251dbc 100644 --- a/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.psm1 +++ b/DSCResources/MSFT_ADOrganizationalUnit/MSFT_ADOrganizationalUnit.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADOrganizationalUnit' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADOrganizationalUnit' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.schema.mof b/DSCResources/MSFT_ADOrganizationalUnit/MSFT_ADOrganizationalUnit.schema.mof similarity index 89% rename from DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.schema.mof rename to DSCResources/MSFT_ADOrganizationalUnit/MSFT_ADOrganizationalUnit.schema.mof index 2a6778e5c..7c33ed85b 100644 --- a/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.schema.mof +++ b/DSCResources/MSFT_ADOrganizationalUnit/MSFT_ADOrganizationalUnit.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADOrganizationalUnit")] -class MSFT_xADOrganizationalUnit : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADOrganizationalUnit")] +class MSFT_ADOrganizationalUnit : OMI_BaseResource { [Key, Description("The name of Organization Unit (OU).")] String Name; [Key, Description("Specifies the X.500 path of the Organization Unit (OU) or container where the new object is created.")] String Path; diff --git a/DSCResources/MSFT_ADOrganizationalUnit/README.md b/DSCResources/MSFT_ADOrganizationalUnit/README.md new file mode 100644 index 000000000..6858c2bb0 --- /dev/null +++ b/DSCResources/MSFT_ADOrganizationalUnit/README.md @@ -0,0 +1,7 @@ +# Description + +The ADOrganizational Unit DSC resource will manage Organizational Units (OUs) within Active Directory. An OU is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADOrganizationalUnit/en-US/MSFT_xADOrganizationalUnit.strings.psd1 b/DSCResources/MSFT_ADOrganizationalUnit/en-US/MSFT_ADOrganizationalUnit.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADOrganizationalUnit/en-US/MSFT_xADOrganizationalUnit.strings.psd1 rename to DSCResources/MSFT_ADOrganizationalUnit/en-US/MSFT_ADOrganizationalUnit.strings.psd1 diff --git a/DSCResources/MSFT_xADOrganizationalUnit/en-US/about_xADOrganizationalUnit.help.txt b/DSCResources/MSFT_ADOrganizationalUnit/en-US/about_ADOrganizationalUnit.help.txt similarity index 82% rename from DSCResources/MSFT_xADOrganizationalUnit/en-US/about_xADOrganizationalUnit.help.txt rename to DSCResources/MSFT_ADOrganizationalUnit/en-US/about_ADOrganizationalUnit.help.txt index 9fbd1e224..9abd8f88f 100644 --- a/DSCResources/MSFT_xADOrganizationalUnit/en-US/about_xADOrganizationalUnit.help.txt +++ b/DSCResources/MSFT_ADOrganizationalUnit/en-US/about_ADOrganizationalUnit.help.txt @@ -1,8 +1,8 @@ .NAME - xADOrganizationalUnit + ADOrganizationalUnit .DESCRIPTION - The xADOrganizational Unit DSC resource will manage Organizational Units (OUs) within Active Directory. An OU is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. + The ADOrganizational Unit DSC resource will manage Organizational Units (OUs) within Active Directory. An OU is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. ## Requirements @@ -42,7 +42,7 @@ This configuration will add an Active Directory organizational unit to the domain. -Configuration CreateADOU_Config +Configuration ADOrganizationalUnit_CreateADOU_Config { param ( @@ -64,11 +64,11 @@ Configuration CreateADOU_Config $Description = '' ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADOrganizationalUnit 'ExampleOU' + ADOrganizationalUnit 'ExampleOU' { Name = $Name Path = $Path diff --git a/DSCResources/MSFT_xADRecycleBin/MSFT_xADRecycleBin.psm1 b/DSCResources/MSFT_ADRecycleBin/MSFT_ADRecycleBin.psm1 similarity index 97% rename from DSCResources/MSFT_xADRecycleBin/MSFT_xADRecycleBin.psm1 rename to DSCResources/MSFT_ADRecycleBin/MSFT_ADRecycleBin.psm1 index 6a869e2d0..43e6110b6 100644 --- a/DSCResources/MSFT_xADRecycleBin/MSFT_xADRecycleBin.psm1 +++ b/DSCResources/MSFT_ADRecycleBin/MSFT_ADRecycleBin.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADRecycleBin' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADRecycleBin' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADRecycleBin/MSFT_xADRecycleBin.schema.mof b/DSCResources/MSFT_ADRecycleBin/MSFT_ADRecycleBin.schema.mof similarity index 83% rename from DSCResources/MSFT_xADRecycleBin/MSFT_xADRecycleBin.schema.mof rename to DSCResources/MSFT_ADRecycleBin/MSFT_ADRecycleBin.schema.mof index 1c26d1d4a..f5be95be0 100644 --- a/DSCResources/MSFT_xADRecycleBin/MSFT_xADRecycleBin.schema.mof +++ b/DSCResources/MSFT_ADRecycleBin/MSFT_ADRecycleBin.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADRecycleBin")] -class MSFT_xADRecycleBin : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADRecycleBin")] +class MSFT_ADRecycleBin : OMI_BaseResource { [Key, Description("The fully qualified domain name (FQDN) of the forest in which to change the Recycle Bin feature.")] String ForestFQDN; [Required, Description("The user account credentials to use to perform this task."), EmbeddedInstance("MSFT_Credential")] String EnterpriseAdministratorCredential; diff --git a/DSCResources/MSFT_xADRecycleBin/README.md b/DSCResources/MSFT_ADRecycleBin/README.md similarity index 76% rename from DSCResources/MSFT_xADRecycleBin/README.md rename to DSCResources/MSFT_ADRecycleBin/README.md index ccfab56b5..46943bdb8 100644 --- a/DSCResources/MSFT_xADRecycleBin/README.md +++ b/DSCResources/MSFT_ADRecycleBin/README.md @@ -1,6 +1,6 @@ # Description -The xADRecycleBin DSC resource will enable the Active Directory Recycle Bin feature for the target forest. +The ADRecycleBin DSC resource will enable the Active Directory Recycle Bin feature for the target forest. This resource first verifies that the forest mode is Windows Server 2008 R2 or greater. If the forest mode is insufficient, then the resource will exit with an error message. The change is executed against the Domain Naming Master FSMO of the forest. diff --git a/DSCResources/MSFT_xADRecycleBin/en-US/MSFT_xADRecycleBin.strings.psd1 b/DSCResources/MSFT_ADRecycleBin/en-US/MSFT_ADRecycleBin.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADRecycleBin/en-US/MSFT_xADRecycleBin.strings.psd1 rename to DSCResources/MSFT_ADRecycleBin/en-US/MSFT_ADRecycleBin.strings.psd1 diff --git a/DSCResources/MSFT_xADRecycleBin/en-US/about_xADRecycleBin.help.txt b/DSCResources/MSFT_ADRecycleBin/en-US/about_ADRecycleBin.help.txt similarity index 83% rename from DSCResources/MSFT_xADRecycleBin/en-US/about_xADRecycleBin.help.txt rename to DSCResources/MSFT_ADRecycleBin/en-US/about_ADRecycleBin.help.txt index a16b5f819..b9622ee9d 100644 --- a/DSCResources/MSFT_xADRecycleBin/en-US/about_xADRecycleBin.help.txt +++ b/DSCResources/MSFT_ADRecycleBin/en-US/about_ADRecycleBin.help.txt @@ -1,8 +1,8 @@ .NAME - xADRecycleBin + ADRecycleBin .DESCRIPTION - The xADRecycleBin DSC resource will enable the Active Directory Recycle Bin feature for the target forest. + The ADRecycleBin DSC resource will enable the Active Directory Recycle Bin feature for the target forest. This resource first verifies that the forest mode is Windows Server 2008 R2 or greater. If the forest mode is insufficient, then the resource will exit with an error message. The change is executed against the Domain Naming Master FSMO of the forest. @@ -32,7 +32,7 @@ This configuration will enable the Active Directory Recycle Bin for a specified Domain -Configuration EnableADRecycleBin_Config +Configuration ADRecycleBin_EnableADRecycleBin_Config { param ( @@ -45,11 +45,11 @@ Configuration EnableADRecycleBin_Config $EACredential ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADRecycleBin 'RecycleBin' + ADRecycleBin 'RecycleBin' { EnterpriseAdministratorCredential = $EACredential ForestFQDN = $ForestFQDN diff --git a/DSCResources/MSFT_xADReplicationSite/MSFT_xADReplicationSite.psm1 b/DSCResources/MSFT_ADReplicationSite/MSFT_ADReplicationSite.psm1 similarity index 96% rename from DSCResources/MSFT_xADReplicationSite/MSFT_xADReplicationSite.psm1 rename to DSCResources/MSFT_ADReplicationSite/MSFT_ADReplicationSite.psm1 index 0db147091..b90fde471 100644 --- a/DSCResources/MSFT_xADReplicationSite/MSFT_xADReplicationSite.psm1 +++ b/DSCResources/MSFT_ADReplicationSite/MSFT_ADReplicationSite.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADReplicationSite' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADReplicationSite' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADReplicationSite/MSFT_xADReplicationSite.schema.mof b/DSCResources/MSFT_ADReplicationSite/MSFT_ADReplicationSite.schema.mof similarity index 81% rename from DSCResources/MSFT_xADReplicationSite/MSFT_xADReplicationSite.schema.mof rename to DSCResources/MSFT_ADReplicationSite/MSFT_ADReplicationSite.schema.mof index eba1a2801..024c63c7f 100644 --- a/DSCResources/MSFT_xADReplicationSite/MSFT_xADReplicationSite.schema.mof +++ b/DSCResources/MSFT_ADReplicationSite/MSFT_ADReplicationSite.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADReplicationSite")] -class MSFT_xADReplicationSite : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADReplicationSite")] +class MSFT_ADReplicationSite : OMI_BaseResource { [Write, Description("Specifies if the Active Directory replication site should be present or absent. Default value is 'Present'."), ValueMap{"Present", "Absent"}, Values{"Present", "Absent"}] String Ensure; [Key, Description("Specifies the name of the Active Directory replication site.")] String Name; diff --git a/DSCResources/MSFT_ADReplicationSite/README.md b/DSCResources/MSFT_ADReplicationSite/README.md new file mode 100644 index 000000000..43ef6b03c --- /dev/null +++ b/DSCResources/MSFT_ADReplicationSite/README.md @@ -0,0 +1,7 @@ +# Description + +The ADReplicationSite DSC resource will manage Replication Sites within Active Directory. Sites are used in Active Directory to either enable clients to discover network resources (published shares, domain controllers) close to the physical location of a client computer or to reduce network traffic over wide area network (WAN) links. Sites can also be used to optimize replication between domain controllers. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADReplicationSite/en-US/MSFT_xADReplicationSite.strings.psd1 b/DSCResources/MSFT_ADReplicationSite/en-US/MSFT_ADReplicationSite.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADReplicationSite/en-US/MSFT_xADReplicationSite.strings.psd1 rename to DSCResources/MSFT_ADReplicationSite/en-US/MSFT_ADReplicationSite.strings.psd1 diff --git a/DSCResources/MSFT_xADReplicationSite/en-US/about_xADReplicationSite.help.txt b/DSCResources/MSFT_ADReplicationSite/en-US/about_ADReplicationSite.help.txt similarity index 60% rename from DSCResources/MSFT_xADReplicationSite/en-US/about_xADReplicationSite.help.txt rename to DSCResources/MSFT_ADReplicationSite/en-US/about_ADReplicationSite.help.txt index 39276e295..bfe0abf62 100644 --- a/DSCResources/MSFT_xADReplicationSite/en-US/about_xADReplicationSite.help.txt +++ b/DSCResources/MSFT_ADReplicationSite/en-US/about_ADReplicationSite.help.txt @@ -1,8 +1,8 @@ .NAME - xADReplicationSite + ADReplicationSite .DESCRIPTION - The xADReplicationSite DSC resource will manage Replication Sites within Active Directory. Sites are used in Active Directory to either enable clients to discover network resources (published shares, domain controllers) close to the physical location of a client computer or to reduce network traffic over wide area network (WAN) links. Sites can also be used to optimize replication between domain controllers. + The ADReplicationSite DSC resource will manage Replication Sites within Active Directory. Sites are used in Active Directory to either enable clients to discover network resources (published shares, domain controllers) close to the physical location of a client computer or to reduce network traffic over wide area network (WAN) links. Sites can also be used to optimize replication between domain controllers. ## Requirements @@ -26,13 +26,13 @@ This configuration will create an Active Directory replication site called 'Seattle'. -Configuration CreateADReplicationSite_Config +Configuration ADReplicationSite_CreateADReplicationSite_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSite 'SeattleSite' + ADReplicationSite 'SeattleSite' { Ensure = 'Present' Name = 'Seattle' @@ -46,13 +46,13 @@ This configuration will create an Active Directory replication site called 'Seattle'. If the 'Default-First-Site-Name' site exists, it will rename this site instead of create a new one. -Configuration CreateADReplicationSiteRenameDefault_Config +Configuration ADReplicationSite_CreateADReplicationSiteRenameDefault_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSite 'SeattleSite' + ADReplicationSite 'SeattleSite' { Ensure = 'Present' Name = 'Seattle' @@ -66,13 +66,13 @@ Configuration CreateADReplicationSiteRenameDefault_Config This configuration will remove the Active Directory replication site called 'Cupertino'. -Configuration RemoveADReplicationSite_Config +Configuration ADReplicationSite_RemoveADReplicationSite_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSite 'CupertinoSite' + ADReplicationSite 'CupertinoSite' { Ensure = 'Absent' Name = 'Cupertino' diff --git a/DSCResources/MSFT_xADReplicationSiteLink/MSFT_xADReplicationSiteLink.psm1 b/DSCResources/MSFT_ADReplicationSiteLink/MSFT_ADReplicationSiteLink.psm1 similarity index 98% rename from DSCResources/MSFT_xADReplicationSiteLink/MSFT_xADReplicationSiteLink.psm1 rename to DSCResources/MSFT_ADReplicationSiteLink/MSFT_ADReplicationSiteLink.psm1 index e59103951..a51f6ac85 100644 --- a/DSCResources/MSFT_xADReplicationSiteLink/MSFT_xADReplicationSiteLink.psm1 +++ b/DSCResources/MSFT_ADReplicationSiteLink/MSFT_ADReplicationSiteLink.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADReplicationSiteLink' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADReplicationSiteLink' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADReplicationSiteLink/MSFT_xADReplicationSiteLink.schema.mof b/DSCResources/MSFT_ADReplicationSiteLink/MSFT_ADReplicationSiteLink.schema.mof similarity index 88% rename from DSCResources/MSFT_xADReplicationSiteLink/MSFT_xADReplicationSiteLink.schema.mof rename to DSCResources/MSFT_ADReplicationSiteLink/MSFT_ADReplicationSiteLink.schema.mof index 371a2abd6..7d3bce5dd 100644 --- a/DSCResources/MSFT_xADReplicationSiteLink/MSFT_xADReplicationSiteLink.schema.mof +++ b/DSCResources/MSFT_ADReplicationSiteLink/MSFT_ADReplicationSiteLink.schema.mof @@ -1,6 +1,6 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADReplicationSiteLink")] -class MSFT_xADReplicationSiteLink : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADReplicationSiteLink")] +class MSFT_ADReplicationSiteLink : OMI_BaseResource { [Key, Description("Specifies the name of the site link.")] String Name; [Write, Description("Specifies the cost to be placed on the site link.")] SInt32 Cost; diff --git a/DSCResources/MSFT_ADReplicationSiteLink/README.md b/DSCResources/MSFT_ADReplicationSiteLink/README.md new file mode 100644 index 000000000..dc6e75bce --- /dev/null +++ b/DSCResources/MSFT_ADReplicationSiteLink/README.md @@ -0,0 +1,7 @@ +# Description + +The ADReplicationSiteLink DSC resource will manage Replication Site Links within Active Directory. A site link connects two or more sites. Site links reflect the administrative policy for how sites are to be interconnected and the methods used to transfer replication traffic. You must connect sites with site links so that domain controllers at each site can replicate Active Directory changes. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADReplicationSiteLink/en-US/MSFT_xADReplicationSiteLink.strings.psd1 b/DSCResources/MSFT_ADReplicationSiteLink/en-US/MSFT_ADReplicationSiteLink.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADReplicationSiteLink/en-US/MSFT_xADReplicationSiteLink.strings.psd1 rename to DSCResources/MSFT_ADReplicationSiteLink/en-US/MSFT_ADReplicationSiteLink.strings.psd1 diff --git a/DSCResources/MSFT_xADReplicationSiteLink/en-US/about_xADReplicationSiteLink.help.txt b/DSCResources/MSFT_ADReplicationSiteLink/en-US/about_ADReplicationSiteLink.help.txt similarity index 70% rename from DSCResources/MSFT_xADReplicationSiteLink/en-US/about_xADReplicationSiteLink.help.txt rename to DSCResources/MSFT_ADReplicationSiteLink/en-US/about_ADReplicationSiteLink.help.txt index 311e21a50..d8d342cb4 100644 --- a/DSCResources/MSFT_xADReplicationSiteLink/en-US/about_xADReplicationSiteLink.help.txt +++ b/DSCResources/MSFT_ADReplicationSiteLink/en-US/about_ADReplicationSiteLink.help.txt @@ -1,8 +1,8 @@ .NAME - xADReplicationSiteLink + ADReplicationSiteLink .DESCRIPTION - The xADReplicationSiteLink DSC resource will manage Replication Site Links within Active Directory. A site link connects two or more sites. Site links reflect the administrative policy for how sites are to be interconnected and the methods used to transfer replication traffic. You must connect sites with site links so that domain controllers at each site can replicate Active Directory changes. + The ADReplicationSiteLink DSC resource will manage Replication Site Links within Active Directory. A site link connects two or more sites. Site links reflect the administrative policy for how sites are to be interconnected and the methods used to transfer replication traffic. You must connect sites with site links so that domain controllers at each site can replicate Active Directory changes. ## Requirements @@ -41,13 +41,13 @@ This configuration will create an AD Replication Site Link. -Configuration CreateReplicationSiteLink_Config +Configuration ADReplicationSiteLink_CreateReplicationSiteLink_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSiteLink 'HQSiteLink' + ADReplicationSiteLink 'HQSiteLink' { Name = 'HQSiteLInk' SitesIncluded = @('site1', 'site2') @@ -62,13 +62,13 @@ Configuration CreateReplicationSiteLink_Config This configuration will modify an existing AD Replication Site Link. -Configuration ModifyExistingReplicationSiteLink_Config +Configuration ADReplicationSiteLink_ModifyExistingReplicationSiteLink_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSiteLink 'HQSiteLink' + ADReplicationSiteLink 'HQSiteLink' { Name = 'HQSiteLInk' SitesIncluded = 'site1' diff --git a/DSCResources/MSFT_xADReplicationSubnet/MSFT_xADReplicationSubnet.psm1 b/DSCResources/MSFT_ADReplicationSubnet/MSFT_ADReplicationSubnet.psm1 similarity index 97% rename from DSCResources/MSFT_xADReplicationSubnet/MSFT_xADReplicationSubnet.psm1 rename to DSCResources/MSFT_ADReplicationSubnet/MSFT_ADReplicationSubnet.psm1 index d4f483ae0..25dce1a5b 100644 --- a/DSCResources/MSFT_xADReplicationSubnet/MSFT_xADReplicationSubnet.psm1 +++ b/DSCResources/MSFT_ADReplicationSubnet/MSFT_ADReplicationSubnet.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADReplicationSubnet' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADReplicationSubnet' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADReplicationSubnet/MSFT_xADReplicationSubnet.schema.mof b/DSCResources/MSFT_ADReplicationSubnet/MSFT_ADReplicationSubnet.schema.mof similarity index 83% rename from DSCResources/MSFT_xADReplicationSubnet/MSFT_xADReplicationSubnet.schema.mof rename to DSCResources/MSFT_ADReplicationSubnet/MSFT_ADReplicationSubnet.schema.mof index a02c4e7b1..73aec6d8b 100644 --- a/DSCResources/MSFT_xADReplicationSubnet/MSFT_xADReplicationSubnet.schema.mof +++ b/DSCResources/MSFT_ADReplicationSubnet/MSFT_ADReplicationSubnet.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADReplicationSubnet")] -class MSFT_xADReplicationSubnet : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADReplicationSubnet")] +class MSFT_ADReplicationSubnet : OMI_BaseResource { [Write, Description("Specifies if the Active Directory replication subnet should be present or absent. Default value is 'Present'."), ValueMap{"Present", "Absent"}, Values{"Present", "Absent"}] String Ensure; [Key, Description("The name of the Active Directory replication subnet, e.g. 10.0.0.0/24.")] String Name; diff --git a/DSCResources/MSFT_xADReplicationSubnet/README.md b/DSCResources/MSFT_ADReplicationSubnet/README.md similarity index 58% rename from DSCResources/MSFT_xADReplicationSubnet/README.md rename to DSCResources/MSFT_ADReplicationSubnet/README.md index 47002ef54..1826571de 100644 --- a/DSCResources/MSFT_xADReplicationSubnet/README.md +++ b/DSCResources/MSFT_ADReplicationSubnet/README.md @@ -1,6 +1,6 @@ # Description -The xADReplicationSubnet DSC resource will manage replication subnets. +The ADReplicationSubnet DSC resource will manage replication subnets. ## Requirements diff --git a/DSCResources/MSFT_xADReplicationSubnet/en-US/MSFT_xADReplicationSubnet.strings.psd1 b/DSCResources/MSFT_ADReplicationSubnet/en-US/MSFT_ADReplicationSubnet.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADReplicationSubnet/en-US/MSFT_xADReplicationSubnet.strings.psd1 rename to DSCResources/MSFT_ADReplicationSubnet/en-US/MSFT_ADReplicationSubnet.strings.psd1 diff --git a/DSCResources/MSFT_xADReplicationSubnet/en-US/about_xADReplicationSubnet.help.txt b/DSCResources/MSFT_ADReplicationSubnet/en-US/about_ADReplicationSubnet.help.txt similarity index 78% rename from DSCResources/MSFT_xADReplicationSubnet/en-US/about_xADReplicationSubnet.help.txt rename to DSCResources/MSFT_ADReplicationSubnet/en-US/about_ADReplicationSubnet.help.txt index 7c6974bc5..204f84423 100644 --- a/DSCResources/MSFT_xADReplicationSubnet/en-US/about_xADReplicationSubnet.help.txt +++ b/DSCResources/MSFT_ADReplicationSubnet/en-US/about_ADReplicationSubnet.help.txt @@ -1,8 +1,8 @@ .NAME - xADReplicationSubnet + ADReplicationSubnet .DESCRIPTION - The xADReplicationSubnet DSC resource will manage replication subnets. + The ADReplicationSubnet DSC resource will manage replication subnets. ## Requirements @@ -29,13 +29,13 @@ This configuration will create an AD Replication Subnet. -Configuration CreateReplicationSubnet_Config +Configuration ADReplicationSubnet_CreateReplicationSubnet_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSubnet 'LondonSubnet' + ADReplicationSubnet 'LondonSubnet' { Name = '10.0.0.0/24' Site = 'London' diff --git a/DSCResources/MSFT_xADServicePrincipalName/MSFT_xADServicePrincipalName.psm1 b/DSCResources/MSFT_ADServicePrincipalName/MSFT_ADServicePrincipalName.psm1 similarity index 97% rename from DSCResources/MSFT_xADServicePrincipalName/MSFT_xADServicePrincipalName.psm1 rename to DSCResources/MSFT_ADServicePrincipalName/MSFT_ADServicePrincipalName.psm1 index f90697c8e..ba737ea8e 100644 --- a/DSCResources/MSFT_xADServicePrincipalName/MSFT_xADServicePrincipalName.psm1 +++ b/DSCResources/MSFT_ADServicePrincipalName/MSFT_ADServicePrincipalName.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADServicePrincipalName' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADServicePrincipalName' <# .SYNOPSIS diff --git a/DSCResources/MSFT_xADServicePrincipalName/MSFT_xADServicePrincipalName.schema.mof b/DSCResources/MSFT_ADServicePrincipalName/MSFT_ADServicePrincipalName.schema.mof similarity index 80% rename from DSCResources/MSFT_xADServicePrincipalName/MSFT_xADServicePrincipalName.schema.mof rename to DSCResources/MSFT_ADServicePrincipalName/MSFT_ADServicePrincipalName.schema.mof index 6e237bbe9..9bae042da 100644 --- a/DSCResources/MSFT_xADServicePrincipalName/MSFT_xADServicePrincipalName.schema.mof +++ b/DSCResources/MSFT_ADServicePrincipalName/MSFT_ADServicePrincipalName.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADServicePrincipalName")] -class MSFT_xADServicePrincipalName : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADServicePrincipalName")] +class MSFT_ADServicePrincipalName : OMI_BaseResource { [Write, Description("Specifies if the service principal name should be added or remove. Default value is 'Present'."), ValueMap{"Present", "Absent"}, Values{"Present", "Absent"}] String Ensure; [Key, Description("The full SPN to add or remove, e.g. HOST/LON-DC1.")] String ServicePrincipalName; diff --git a/DSCResources/MSFT_ADServicePrincipalName/README.md b/DSCResources/MSFT_ADServicePrincipalName/README.md new file mode 100644 index 000000000..fbad07f76 --- /dev/null +++ b/DSCResources/MSFT_ADServicePrincipalName/README.md @@ -0,0 +1,7 @@ +# Description + +The ADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADServicePrincipalName/en-US/MSFT_xADServicePrincipalName.strings.psd1 b/DSCResources/MSFT_ADServicePrincipalName/en-US/MSFT_ADServicePrincipalName.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xADServicePrincipalName/en-US/MSFT_xADServicePrincipalName.strings.psd1 rename to DSCResources/MSFT_ADServicePrincipalName/en-US/MSFT_ADServicePrincipalName.strings.psd1 diff --git a/DSCResources/MSFT_xADServicePrincipalName/en-US/about_xADServicePrincipalName.help.txt b/DSCResources/MSFT_ADServicePrincipalName/en-US/about_ADServicePrincipalName.help.txt similarity index 58% rename from DSCResources/MSFT_xADServicePrincipalName/en-US/about_xADServicePrincipalName.help.txt rename to DSCResources/MSFT_ADServicePrincipalName/en-US/about_ADServicePrincipalName.help.txt index 9f6b9d704..4d070b48b 100644 --- a/DSCResources/MSFT_xADServicePrincipalName/en-US/about_xADServicePrincipalName.help.txt +++ b/DSCResources/MSFT_ADServicePrincipalName/en-US/about_ADServicePrincipalName.help.txt @@ -1,8 +1,8 @@ .NAME - xADServicePrincipalName + ADServicePrincipalName .DESCRIPTION - The xADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. + The ADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. ## Requirements @@ -25,13 +25,13 @@ This configuration will add a Service Principal Name to a user account. -Configuration AddUserServicePrincipalName_Config +Configuration ADServicePrincipalName_AddUserServicePrincipalName_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADServicePrincipalName 'SQL01Svc' + ADServicePrincipalName 'SQL01Svc' { ServicePrincipalName = 'MSSQLSvc/sql01.contoso.com:1433' Account = 'SQL01Svc' @@ -43,13 +43,13 @@ Configuration AddUserServicePrincipalName_Config This configuration will add a Service Principal Name to a computer account. -Configuration AddComputerServicePrincipalName_Config +Configuration ADServicePrincipalName_AddComputerServicePrincipalName_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADServicePrincipalName 'web.contoso.com' + ADServicePrincipalName 'web.contoso.com' { ServicePrincipalName = 'HTTP/web.contoso.com' Account = 'IIS01$' diff --git a/DSCResources/MSFT_xADUser/MSFT_xADUser.psm1 b/DSCResources/MSFT_ADUser/MSFT_ADUser.psm1 similarity index 81% rename from DSCResources/MSFT_xADUser/MSFT_xADUser.psm1 rename to DSCResources/MSFT_ADUser/MSFT_ADUser.psm1 index 26713d661..6a9817a60 100644 --- a/DSCResources/MSFT_xADUser/MSFT_xADUser.psm1 +++ b/DSCResources/MSFT_ADUser/MSFT_ADUser.psm1 @@ -5,10 +5,10 @@ param() $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADUser' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADUser' # Create a property map that maps the DSC resource parameters to the # Active Directory user attributes. @@ -410,7 +410,7 @@ $adPropertyMap = @( Specifies the Active Directory Domain Services instance to use to perform the task. - .PARAMETER DomainAdministratorCredential + .PARAMETER Credential Specifies the user account credentials to use to perform this task. .PARAMETER PasswordAuthentication @@ -438,355 +438,296 @@ function Get-TargetResource [OutputType([System.Collections.Hashtable])] param ( - # Name of the domain where the user account is located (only used if password is managed) [Parameter(Mandatory = $true)] [System.String] $DomainName, - # Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName') [Parameter(Mandatory = $true)] [System.String] $UserName, - # Specifies a new password value for an account [Parameter()] [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] $Password, - # Specifies whether the user account is created or deleted [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] $Ensure = 'Present', - # Specifies the common name assigned to the user account (ldapDisplayName 'cn') [Parameter()] [ValidateNotNull()] [System.String] $CommonName = $UserName, - # Specifies the UPN assigned to the user account (ldapDisplayName 'userPrincipalName') [Parameter()] [ValidateNotNull()] [System.String] $UserPrincipalName, - # Specifies the display name of the object (ldapDisplayName 'displayName') [Parameter()] [ValidateNotNull()] [System.String] $DisplayName, - # Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created [Parameter()] [ValidateNotNull()] [System.String] $Path, - # Specifies the user's given name (ldapDisplayName 'givenName') [Parameter()] [ValidateNotNull()] [System.String] $GivenName, - # Specifies the initials that represent part of a user's name (ldapDisplayName 'initials') [Parameter()] [ValidateNotNull()] [System.String] $Initials, - # Specifies the user's last name or surname (ldapDisplayName 'sn') [Parameter()] [ValidateNotNull()] [System.String] $Surname, - # Specifies a description of the object (ldapDisplayName 'description') [Parameter()] [ValidateNotNull()] [System.String] $Description, - # Specifies the user's street address (ldapDisplayName 'streetAddress') [Parameter()] [ValidateNotNull()] [System.String] $StreetAddress, - # Specifies the user's post office box number (ldapDisplayName 'postOfficeBox') [Parameter()] [ValidateNotNull()] [System.String] $POBox, - # Specifies the user's town or city (ldapDisplayName 'l') [Parameter()] [ValidateNotNull()] [System.String] $City, - # Specifies the user's or Organizational Unit's state or province (ldapDisplayName 'st') [Parameter()] [ValidateNotNull()] [System.String] $State, - # Specifies the user's postal code or zip code (ldapDisplayName 'postalCode') [Parameter()] [ValidateNotNull()] [System.String] $PostalCode, - # Specifies the country or region code for the user's language of choice (ldapDisplayName 'c') [Parameter()] [ValidateNotNull()] [System.String] $Country, - # Specifies the user's department (ldapDisplayName 'department') [Parameter()] [ValidateNotNull()] [System.String] $Department, - # Specifies the user's division (ldapDisplayName 'division') [Parameter()] [ValidateNotNull()] [System.String] $Division, - # Specifies the user's company (ldapDisplayName 'company') [Parameter()] [ValidateNotNull()] [System.String] $Company, - # Specifies the location of the user's office or place of business (ldapDisplayName 'physicalDeliveryOfficeName') [Parameter()] [ValidateNotNull()] [System.String] $Office, - # Specifies the user's title (ldapDisplayName 'title') [Parameter()] [ValidateNotNull()] [System.String] $JobTitle, - # Specifies the user's e-mail address (ldapDisplayName 'mail') [Parameter()] [ValidateNotNull()] [System.String] $EmailAddress, - # Specifies the user's employee ID (ldapDisplayName 'employeeID') [Parameter()] [ValidateNotNull()] [System.String] $EmployeeID, - # Specifies the user's employee number (ldapDisplayName 'employeeNumber') [Parameter()] [ValidateNotNull()] [System.String] $EmployeeNumber, - # Specifies a user's home directory path (ldapDisplayName 'homeDirectory') [Parameter()] [ValidateNotNull()] [System.String] $HomeDirectory, - # Specifies a drive that is associated with the UNC path defined by the HomeDirectory property (ldapDisplayName 'homeDrive') [Parameter()] [ValidateNotNull()] [System.String] $HomeDrive, - # Specifies the URL of the home page of the object (ldapDisplayName 'wWWHomePage') [Parameter()] [ValidateNotNull()] [System.String] $HomePage, - # Specifies a path to the user's profile (ldapDisplayName 'profilePath') [Parameter()] [ValidateNotNull()] [System.String] $ProfilePath, - # Specifies a path to the user's log on script (ldapDisplayName 'scriptPath') [Parameter()] [ValidateNotNull()] [System.String] $LogonScript, - # Specifies the notes attached to the user's account (ldapDisplayName 'info') [Parameter()] [ValidateNotNull()] [System.String] $Notes, - # Specifies the user's office telephone number (ldapDisplayName 'telephoneNumber') [Parameter()] [ValidateNotNull()] [System.String] $OfficePhone, - # Specifies the user's mobile phone number (ldapDisplayName 'mobile') [Parameter()] [ValidateNotNull()] [System.String] $MobilePhone, - # Specifies the user's fax phone number (ldapDisplayName 'facsimileTelephoneNumber') [Parameter()] [ValidateNotNull()] [System.String] $Fax, - # Specifies the user's home telephone number (ldapDisplayName 'homePhone') [Parameter()] [ValidateNotNull()] [System.String] $HomePhone, - # Specifies the user's pager number (ldapDisplayName 'pager') [Parameter()] [ValidateNotNull()] [System.String] $Pager, - # Specifies the user's IP telephony phone number (ldapDisplayName 'ipPhone') [Parameter()] [ValidateNotNull()] [System.String] $IPPhone, - # Specifies the user's manager specified as a Distinguished Name (ldapDisplayName 'manager') [Parameter()] [ValidateNotNull()] [System.String] $Manager, - # Specifies the computers that the user can access. (ldapDisplayName 'userWorkStations') [Parameter()] [ValidateNotNull()] [System.String] $LogonWorkstations, - # Specifies the user's organization (ldapDisplayName 'o') [Parameter()] [ValidateNotNull()] [System.String] $Organization, - # Specifies a name in addition to a user's given name and surname (ldaDisplayName 'middleName') [Parameter()] [ValidateNotNull()] [System.String] $OtherName, - # Specifies if the account is enabled (default True) [Parameter()] [ValidateNotNull()] [System.Boolean] $Enabled = $true, - # Specifies whether the account password can be changed [Parameter()] [ValidateNotNull()] [System.Boolean] $CannotChangePassword, - # Specifies whether the account password must be changed during the next logon attempt [Parameter()] [ValidateNotNull()] [System.Boolean] $ChangePasswordAtLogon, - # Specifies whether the password of an account can expire [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNeverExpires, - # Specifies whether an account is trusted for Kerberos delegation [Parameter()] [ValidateNotNull()] [System.Boolean] $TrustedForDelegation, - # Indicates whether the security context of the user is delegated to a service. [Parameter()] [ValidateNotNull()] [System.Boolean] $AccountNotDelegated, - # Indicates whether reversible password encryption is allowed for the account. [Parameter()] [ValidateNotNull()] [System.Boolean] $AllowReversiblePasswordEncryption, - # Specifies whether an account supports Kerberos service tickets which includes the authorization data for the user's device. [Parameter()] [ValidateNotNull()] [System.Boolean] $CompoundIdentitySupported, - # Specifies whether the account requires a password. A password is not required for a new account. [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNotRequired, - # Specifies whether a smart card is required to logon. [Parameter()] [ValidateNotNull()] [System.Boolean] $SmartcardLogonRequired, - # Specifies the Active Directory Domain Services instance to use to perform the task. [Parameter()] [ValidateNotNull()] [System.String] $DomainController, - # Specifies the user account credentials to use to perform this task. Ideally this should just be called 'Credential' but is here for backwards compatibility [Parameter()] [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] - $DomainAdministratorCredential, + $Credential, - # Specifies the authentication context type when testing user passwords #61 [Parameter()] [ValidateSet('Default', 'Negotiate')] [System.String] $PasswordAuthentication = 'Default', - # Specifies whether an existing user's password should be reset (default $false). [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNeverResets = $false, - # Try to restore the organizational unit from the recycle bin before creating a new one. [Parameter()] [ValidateNotNull()] [System.Boolean] $RestoreFromRecycleBin, - # Specifies the service principal names registered on the user account [Parameter()] [ValidateNotNull()] [System.String[]] $ServicePrincipalNames, - # Specifies the Proxy Addresses registered on the user account [Parameter()] [ValidateNotNull()] [System.String[]] @@ -1116,7 +1057,7 @@ function Get-TargetResource Specifies the Active Directory Domain Services instance to use to perform the task. - .PARAMETER DomainAdministratorCredential + .PARAMETER Credential Specifies the user account credentials to use to perform this task. .PARAMETER PasswordAuthentication @@ -1144,355 +1085,296 @@ function Test-TargetResource [OutputType([System.Boolean])] param ( - # Name of the domain where the user account is located (only used if password is managed) [Parameter(Mandatory = $true)] [System.String] $DomainName, - # Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName') [Parameter(Mandatory = $true)] [System.String] $UserName, - # Specifies a new password value for an account [Parameter()] [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] $Password, - # Specifies whether the user account is created or deleted [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] $Ensure = 'Present', - # Specifies the common name assigned to the user account (ldapDisplayName 'cn') [Parameter()] [ValidateNotNull()] [System.String] $CommonName = $UserName, - # Specifies the UPN assigned to the user account (ldapDisplayName 'userPrincipalName') [Parameter()] [ValidateNotNull()] [System.String] $UserPrincipalName, - # Specifies the display name of the object (ldapDisplayName 'displayName') [Parameter()] [ValidateNotNull()] [System.String] $DisplayName, - # Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created [Parameter()] [ValidateNotNull()] [System.String] $Path, - # Specifies the user's given name (ldapDisplayName 'givenName') [Parameter()] [ValidateNotNull()] [System.String] $GivenName, - # Specifies the initials that represent part of a user's name (ldapDisplayName 'initials') [Parameter()] [ValidateNotNull()] [System.String] $Initials, - # Specifies the user's last name or surname (ldapDisplayName 'sn') [Parameter()] [ValidateNotNull()] [System.String] $Surname, - # Specifies a description of the object (ldapDisplayName 'description') [Parameter()] [ValidateNotNull()] [System.String] $Description, - # Specifies the user's street address (ldapDisplayName 'streetAddress') [Parameter()] [ValidateNotNull()] [System.String] $StreetAddress, - # Specifies the user's post office box number (ldapDisplayName 'postOfficeBox') [Parameter()] [ValidateNotNull()] [System.String] $POBox, - # Specifies the user's town or city (ldapDisplayName 'l') [Parameter()] [ValidateNotNull()] [System.String] $City, - # Specifies the user's or Organizational Unit's state or province (ldapDisplayName 'st') [Parameter()] [ValidateNotNull()] [System.String] $State, - # Specifies the user's postal code or zip code (ldapDisplayName 'postalCode') [Parameter()] [ValidateNotNull()] [System.String] $PostalCode, - # Specifies the country or region code for the user's language of choice (ldapDisplayName 'c') [Parameter()] [ValidateNotNull()] [System.String] $Country, - # Specifies the user's department (ldapDisplayName 'department') [Parameter()] [ValidateNotNull()] [System.String] $Department, - # Specifies the user's division (ldapDisplayName 'division') [Parameter()] [ValidateNotNull()] [System.String] $Division, - # Specifies the user's company (ldapDisplayName 'company') [Parameter()] [ValidateNotNull()] [System.String] $Company, - # Specifies the location of the user's office or place of business (ldapDisplayName 'physicalDeliveryOfficeName') [Parameter()] [ValidateNotNull()] [System.String] $Office, - # Specifies the user's title (ldapDisplayName 'title') [Parameter()] [ValidateNotNull()] [System.String] $JobTitle, - # Specifies the user's e-mail address (ldapDisplayName 'mail') [Parameter()] [ValidateNotNull()] [System.String] $EmailAddress, - # Specifies the user's employee ID (ldapDisplayName 'employeeID') [Parameter()] [ValidateNotNull()] [System.String] $EmployeeID, - # Specifies the user's employee number (ldapDisplayName 'employeeNumber') [Parameter()] [ValidateNotNull()] [System.String] $EmployeeNumber, - # Specifies a user's home directory path (ldapDisplayName 'homeDirectory') [Parameter()] [ValidateNotNull()] [System.String] $HomeDirectory, - # Specifies a drive that is associated with the UNC path defined by the HomeDirectory property (ldapDisplayName 'homeDrive') [Parameter()] [ValidateNotNull()] [System.String] $HomeDrive, - # Specifies the URL of the home page of the object (ldapDisplayName 'wWWHomePage') [Parameter()] [ValidateNotNull()] [System.String] $HomePage, - # Specifies a path to the user's profile (ldapDisplayName 'profilePath') [Parameter()] [ValidateNotNull()] [System.String] $ProfilePath, - # Specifies a path to the user's log on script (ldapDisplayName 'scriptPath') [Parameter()] [ValidateNotNull()] [System.String] $LogonScript, - # Specifies the notes attached to the user's account (ldapDisplayName 'info') [Parameter()] [ValidateNotNull()] [System.String] $Notes, - # Specifies the user's office telephone number (ldapDisplayName 'telephoneNumber') [Parameter()] [ValidateNotNull()] [System.String] $OfficePhone, - # Specifies the user's mobile phone number (ldapDisplayName 'mobile') [Parameter()] [ValidateNotNull()] [System.String] $MobilePhone, - # Specifies the user's fax phone number (ldapDisplayName 'facsimileTelephoneNumber') [Parameter()] [ValidateNotNull()] [System.String] $Fax, - # Specifies the user's home telephone number (ldapDisplayName 'homePhone') [Parameter()] [ValidateNotNull()] [System.String] $HomePhone, - # Specifies the user's pager number (ldapDisplayName 'pager') [Parameter()] [ValidateNotNull()] [System.String] $Pager, - # Specifies the user's IP telephony phone number (ldapDisplayName 'ipPhone') [Parameter()] [ValidateNotNull()] [System.String] $IPPhone, - # Specifies the user's manager specified as a Distinguished Name (ldapDisplayName 'manager') [Parameter()] [ValidateNotNull()] [System.String] $Manager, - # Specifies the computers that the user can access. (ldapDisplayName 'userWorkStations') [Parameter()] [ValidateNotNull()] [System.String] $LogonWorkstations, - # Specifies the user's organization (ldapDisplayName 'o') [Parameter()] [ValidateNotNull()] [System.String] $Organization, - # Specifies a name in addition to a user's given name and surname (ldaDisplayName 'middleName') [Parameter()] [ValidateNotNull()] [System.String] $OtherName, - # Specifies if the account is enabled (default True) [Parameter()] [ValidateNotNull()] [System.Boolean] $Enabled = $true, - # Specifies whether the account password can be changed [Parameter()] [ValidateNotNull()] [System.Boolean] $CannotChangePassword, - # Specifies whether the account password must be changed during the next logon attempt [Parameter()] [ValidateNotNull()] [System.Boolean] $ChangePasswordAtLogon, - # Specifies whether the password of an account can expire [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNeverExpires, - # Specifies whether an account is trusted for Kerberos delegation [Parameter()] [ValidateNotNull()] [System.Boolean] $TrustedForDelegation, - # Indicates whether the security context of the user is delegated to a service. [Parameter()] [ValidateNotNull()] [System.Boolean] $AccountNotDelegated, - # Indicates whether reversible password encryption is allowed for the account. [Parameter()] [ValidateNotNull()] [System.Boolean] $AllowReversiblePasswordEncryption, - # Specifies whether an account supports Kerberos service tickets which includes the authorization data for the user's device. [Parameter()] [ValidateNotNull()] [System.Boolean] $CompoundIdentitySupported, - # Specifies whether the account requires a password. A password is not required for a new account. [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNotRequired, - # Specifies whether a smart card is required to logon. [Parameter()] [ValidateNotNull()] [System.Boolean] $SmartcardLogonRequired, - # Specifies the Active Directory Domain Services instance to use to perform the task. [Parameter()] [ValidateNotNull()] [System.String] $DomainController, - # Specifies the user account credentials to use to perform this task. Ideally this should just be called 'Credential' but is here for backwards compatibility [Parameter()] [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] - $DomainAdministratorCredential, + $Credential, - # Specifies the authentication context type when testing user passwords #61 [Parameter()] [ValidateSet('Default', 'Negotiate')] [System.String] $PasswordAuthentication = 'Default', - # Specifies whether an existing user's password should be reset (default $false). [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNeverResets = $false, - # Try to restore the organizational unit from the recycle bin before creating a new one. [Parameter()] [ValidateNotNull()] [System.Boolean] $RestoreFromRecycleBin, - # Specifies the service principal names registered on the user account [Parameter()] [ValidateNotNull()] [System.String[]] $ServicePrincipalNames, - # Specifies the Proxy Addresses registered on the user account [Parameter()] [ValidateNotNull()] [System.String[]] @@ -1530,9 +1412,9 @@ function Test-TargetResource PasswordAuthentication = $PasswordAuthentication } - if ($DomainAdministratorCredential) + if ($Credential) { - $testPasswordParams['DomainAdministratorCredential'] = $DomainAdministratorCredential + $testPasswordParams['Credential'] = $Credential } if (-not (Test-Password @testPasswordParams)) @@ -1792,7 +1674,7 @@ function Test-TargetResource Specifies the Active Directory Domain Services instance to use to perform the task. - .PARAMETER DomainAdministratorCredential + .PARAMETER Credential Specifies the user account credentials to use to perform this task. .PARAMETER PasswordAuthentication @@ -1819,355 +1701,296 @@ function Set-TargetResource [CmdletBinding()] param ( - # Name of the domain where the user account is located (only used if password is managed) [Parameter(Mandatory = $true)] [System.String] $DomainName, - # Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName') [Parameter(Mandatory = $true)] [System.String] $UserName, - # Specifies a new password value for an account [Parameter()] [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] $Password, - # Specifies whether the user account is created or deleted [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] $Ensure = 'Present', - # Specifies the common name assigned to the user account (ldapDisplayName 'cn') [Parameter()] [ValidateNotNull()] [System.String] $CommonName = $UserName, - # Specifies the UPN assigned to the user account (ldapDisplayName 'userPrincipalName') [Parameter()] [ValidateNotNull()] [System.String] $UserPrincipalName, - # Specifies the display name of the object (ldapDisplayName 'displayName') [Parameter()] [ValidateNotNull()] [System.String] $DisplayName, - # Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created [Parameter()] [ValidateNotNull()] [System.String] $Path, - # Specifies the user's given name (ldapDisplayName 'givenName') [Parameter()] [ValidateNotNull()] [System.String] $GivenName, - # Specifies the initials that represent part of a user's name (ldapDisplayName 'initials') [Parameter()] [ValidateNotNull()] [System.String] $Initials, - # Specifies the user's last name or surname (ldapDisplayName 'sn') [Parameter()] [ValidateNotNull()] [System.String] $Surname, - # Specifies a description of the object (ldapDisplayName 'description') [Parameter()] [ValidateNotNull()] [System.String] $Description, - # Specifies the user's street address (ldapDisplayName 'streetAddress') [Parameter()] [ValidateNotNull()] [System.String] $StreetAddress, - # Specifies the user's post office box number (ldapDisplayName 'postOfficeBox') [Parameter()] [ValidateNotNull()] [System.String] $POBox, - # Specifies the user's town or city (ldapDisplayName 'l') [Parameter()] [ValidateNotNull()] [System.String] $City, - # Specifies the user's or Organizational Unit's state or province (ldapDisplayName 'st') [Parameter()] [ValidateNotNull()] [System.String] $State, - # Specifies the user's postal code or zip code (ldapDisplayName 'postalCode') [Parameter()] [ValidateNotNull()] [System.String] $PostalCode, - # Specifies the country or region code for the user's language of choice (ldapDisplayName 'c') [Parameter()] [ValidateNotNull()] [System.String] $Country, - # Specifies the user's department (ldapDisplayName 'department') [Parameter()] [ValidateNotNull()] [System.String] $Department, - # Specifies the user's division (ldapDisplayName 'division') [Parameter()] [ValidateNotNull()] [System.String] $Division, - # Specifies the user's company (ldapDisplayName 'company') [Parameter()] [ValidateNotNull()] [System.String] $Company, - # Specifies the location of the user's office or place of business (ldapDisplayName 'physicalDeliveryOfficeName') [Parameter()] [ValidateNotNull()] [System.String] $Office, - # Specifies the user's title (ldapDisplayName 'title') [Parameter()] [ValidateNotNull()] [System.String] $JobTitle, - # Specifies the user's e-mail address (ldapDisplayName 'mail') [Parameter()] [ValidateNotNull()] [System.String] $EmailAddress, - # Specifies the user's employee ID (ldapDisplayName 'employeeID') [Parameter()] [ValidateNotNull()] [System.String] $EmployeeID, - # Specifies the user's employee number (ldapDisplayName 'employeeNumber') [Parameter()] [ValidateNotNull()] [System.String] $EmployeeNumber, - # Specifies a user's home directory path (ldapDisplayName 'homeDirectory') [Parameter()] [ValidateNotNull()] [System.String] $HomeDirectory, - # Specifies a drive that is associated with the UNC path defined by the HomeDirectory property (ldapDisplayName 'homeDrive') [Parameter()] [ValidateNotNull()] [System.String] $HomeDrive, - # Specifies the URL of the home page of the object (ldapDisplayName 'wWWHomePage') [Parameter()] [ValidateNotNull()] [System.String] $HomePage, - # Specifies a path to the user's profile (ldapDisplayName 'profilePath') [Parameter()] [ValidateNotNull()] [System.String] $ProfilePath, - # Specifies a path to the user's log on script (ldapDisplayName 'scriptPath') [Parameter()] [ValidateNotNull()] [System.String] $LogonScript, - # Specifies the notes attached to the user's account (ldapDisplayName 'info') [Parameter()] [ValidateNotNull()] [System.String] $Notes, - # Specifies the user's office telephone number (ldapDisplayName 'telephoneNumber') [Parameter()] [ValidateNotNull()] [System.String] $OfficePhone, - # Specifies the user's mobile phone number (ldapDisplayName 'mobile') [Parameter()] [ValidateNotNull()] [System.String] $MobilePhone, - # Specifies the user's fax phone number (ldapDisplayName 'facsimileTelephoneNumber') [Parameter()] [ValidateNotNull()] [System.String] $Fax, - # Specifies the user's home telephone number (ldapDisplayName 'homePhone') [Parameter()] [ValidateNotNull()] [System.String] $HomePhone, - # Specifies the user's pager number (ldapDisplayName 'pager') [Parameter()] [ValidateNotNull()] [System.String] $Pager, - # Specifies the user's IP telephony phone number (ldapDisplayName 'ipPhone') [Parameter()] [ValidateNotNull()] [System.String] $IPPhone, - # Specifies the user's manager specified as a Distinguished Name (ldapDisplayName 'manager') [Parameter()] [ValidateNotNull()] [System.String] $Manager, - # Specifies the computers that the user can access. (ldapDisplayName 'userWorkStations') [Parameter()] [ValidateNotNull()] [System.String] $LogonWorkstations, - # Specifies the user's organization (ldapDisplayName 'o') [Parameter()] [ValidateNotNull()] [System.String] $Organization, - # Specifies a name in addition to a user's given name and surname (ldaDisplayName 'middleName') [Parameter()] [ValidateNotNull()] [System.String] $OtherName, - # Specifies if the account is enabled (default True) [Parameter()] [ValidateNotNull()] [System.Boolean] $Enabled = $true, - # Specifies whether the account password can be changed [Parameter()] [ValidateNotNull()] [System.Boolean] $CannotChangePassword, - # Specifies whether the account password must be changed during the next logon attempt [Parameter()] [ValidateNotNull()] [System.Boolean] $ChangePasswordAtLogon, - # Specifies whether the password of an account can expire [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNeverExpires, - # Specifies whether an account is trusted for Kerberos delegation [Parameter()] [ValidateNotNull()] [System.Boolean] $TrustedForDelegation, - # Indicates whether the security context of the user is delegated to a service. [Parameter()] [ValidateNotNull()] [System.Boolean] $AccountNotDelegated, - # Indicates whether reversible password encryption is allowed for the account. [Parameter()] [ValidateNotNull()] [System.Boolean] $AllowReversiblePasswordEncryption, - # Specifies whether an account supports Kerberos service tickets which includes the authorization data for the user's device. [Parameter()] [ValidateNotNull()] [System.Boolean] $CompoundIdentitySupported, - # Specifies whether the account requires a password. A password is not required for a new account. [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNotRequired, - # Specifies whether a smart card is required to logon. [Parameter()] [ValidateNotNull()] [System.Boolean] $SmartcardLogonRequired, - # Specifies the Active Directory Domain Services instance to use to perform the task. [Parameter()] [ValidateNotNull()] [System.String] $DomainController, - # Specifies the user account credentials to use to perform this task. Ideally this should just be called 'Credential' but is here for backwards compatibility [Parameter()] [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] - $DomainAdministratorCredential, + $Credential, - # Specifies the authentication context type when testing user passwords #61 [Parameter()] [ValidateSet('Default', 'Negotiate')] [System.String] $PasswordAuthentication = 'Default', - # Specifies whether an existing user's password should be reset (default $false). [Parameter()] [ValidateNotNull()] [System.Boolean] $PasswordNeverResets = $false, - # Try to restore the organizational unit from the recycle bin before creating a new one. [Parameter()] [ValidateNotNull()] [System.Boolean] $RestoreFromRecycleBin, - # Specifies the service principal names registered on the user account [Parameter()] [ValidateNotNull()] [System.String[]] $ServicePrincipalNames, - # Specifies the Proxy Addresses registered on the user account [Parameter()] [ValidateNotNull()] [System.String[]] @@ -2255,9 +2078,9 @@ function Set-TargetResource PasswordAuthentication = $PasswordAuthentication } - if ($DomainAdministratorCredential) + if ($Credential) { - $testPasswordParams['DomainAdministratorCredential'] = $DomainAdministratorCredential + $testPasswordParams['Credential'] = $Credential } if (-not (Test-Password @testPasswordParams)) @@ -2486,7 +2309,7 @@ function Assert-Parameters .PARAMETER Password Specifies a new password value for the account. - .PARAMETER DomainAdministratorCredential + .PARAMETER Credential Specifies the user account credentials to use to perform this task. .PARAMETER PasswordAuthentication @@ -2516,7 +2339,7 @@ function Test-Password [ValidateNotNull()] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] - $DomainAdministratorCredential, + $Credential, # Specifies the authentication context type when testing user passwords #61 [Parameter(Mandatory = $true)] @@ -2529,13 +2352,29 @@ function Test-Password Add-Type -AssemblyName 'System.DirectoryServices.AccountManagement' - if ($DomainAdministratorCredential) + <# + If the domain name contains a distinguished name, set it to the fully + qualified domain name (FQDN) instead. + If the $DomainName does not contain a distinguished name the function + Get-ADDomainNameFromDistinguishedName returns $null. + #> + $fullyQualifiedDomainName = Get-ADDomainNameFromDistinguishedName -DistinguishedName $DomainName + if ($fullyQualifiedDomainName) + { + $DomainName = $fullyQualifiedDomainName + } + + if ($Credential) { + Write-Verbose -Message ( + $script:localizedData.TestPasswordUsingImpersonation -f $Credential.UserName, $UserName + ) + $principalContext = New-Object -TypeName 'System.DirectoryServices.AccountManagement.PrincipalContext' -ArgumentList @( [System.DirectoryServices.AccountManagement.ContextType]::Domain, $DomainName, - $DomainAdministratorCredential.UserName, - $DomainAdministratorCredential.GetNetworkCredential().Password + $Credential.UserName, + $Credential.GetNetworkCredential().Password ) } else diff --git a/DSCResources/MSFT_xADUser/MSFT_xADUser.schema.mof b/DSCResources/MSFT_ADUser/MSFT_ADUser.schema.mof similarity index 98% rename from DSCResources/MSFT_xADUser/MSFT_xADUser.schema.mof rename to DSCResources/MSFT_ADUser/MSFT_ADUser.schema.mof index a153e7da9..d2c7766ec 100644 --- a/DSCResources/MSFT_xADUser/MSFT_xADUser.schema.mof +++ b/DSCResources/MSFT_ADUser/MSFT_ADUser.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xADUser")] -class MSFT_xADUser : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("ADUser")] +class MSFT_ADUser : OMI_BaseResource { [Key, Description("Name of the domain where the user account is located (only used if password is managed).")] String DomainName; [Key, Description("Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName').")] String UserName; @@ -48,7 +48,7 @@ class MSFT_xADUser : OMI_BaseResource [Write, Description("Specifies whether the account password must be changed during the next logon attempt. This will only be enabled when the user is initially created. This parameter cannot be set to $true if the parameter PasswordNeverExpires is also set to $true.")] Boolean ChangePasswordAtLogon; [Write, Description("Specifies whether the password of an account can expire.")] Boolean PasswordNeverExpires; [Write, Description("Specifies the Active Directory Domain Services instance to use to perform the task.")] String DomainController; - [Write, Description("Specifies the user account credentials to use to perform this task."), EmbeddedInstance("MSFT_Credential")] String DomainAdministratorCredential; + [Write, Description("Specifies the user account credentials to use to perform this task."), EmbeddedInstance("MSFT_Credential")] String Credential; [Write, Description("Specifies the authentication context type used when testing passwords. Default value is 'Default'."), ValueMap{"Default","Negotiate"},Values{"Default","Negotiate"}] String PasswordAuthentication; [Write, Description("Specifies whether existing user's password should be reset. Default value is $false.")] Boolean PasswordNeverResets; [Write, Description("Specifies whether an account is trusted for Kerberos delegation. Default value is $false.")] Boolean TrustedForDelegation; diff --git a/DSCResources/MSFT_xADUser/README.md b/DSCResources/MSFT_ADUser/README.md similarity index 59% rename from DSCResources/MSFT_xADUser/README.md rename to DSCResources/MSFT_ADUser/README.md index dfdb065eb..aa6b2c504 100644 --- a/DSCResources/MSFT_xADUser/README.md +++ b/DSCResources/MSFT_ADUser/README.md @@ -1,6 +1,6 @@ # Description -The xADUser DSC resource will manage Users within Active Directory. +The ADUser DSC resource will manage Users within Active Directory. ## Requirements diff --git a/DSCResources/MSFT_xADUser/en-US/MSFT_xADUser.strings.psd1 b/DSCResources/MSFT_ADUser/en-US/MSFT_ADUser.strings.psd1 similarity index 94% rename from DSCResources/MSFT_xADUser/en-US/MSFT_xADUser.strings.psd1 rename to DSCResources/MSFT_ADUser/en-US/MSFT_ADUser.strings.psd1 index e9f3a8d94..1bdd43482 100644 --- a/DSCResources/MSFT_xADUser/en-US/MSFT_xADUser.strings.psd1 +++ b/DSCResources/MSFT_ADUser/en-US/MSFT_ADUser.strings.psd1 @@ -18,4 +18,5 @@ ConvertFrom-StringData @' MovingADUser = Moving user from '{0}' to '{1}'. (ADU0016) RenamingADUser = Renaming user from '{0}' to '{1}'. (ADU0017) RestoringUser = Attempting to restore the user object {0} from the recycle bin. (ADU0018) + TestPasswordUsingImpersonation = Impersonating the credentials ''{0}'' to test password for user ''{1}''. '@ diff --git a/DSCResources/MSFT_xADUser/en-US/about_xADUser.help.txt b/DSCResources/MSFT_ADUser/en-US/about_ADUser.help.txt similarity index 96% rename from DSCResources/MSFT_xADUser/en-US/about_xADUser.help.txt rename to DSCResources/MSFT_ADUser/en-US/about_ADUser.help.txt index 1c2dab5ae..9e83a95e0 100644 --- a/DSCResources/MSFT_xADUser/en-US/about_xADUser.help.txt +++ b/DSCResources/MSFT_ADUser/en-US/about_ADUser.help.txt @@ -1,8 +1,8 @@ .NAME - xADUser + ADUser .DESCRIPTION - The xADUser DSC resource will manage Users within Active Directory. + The ADUser DSC resource will manage Users within Active Directory. ## Requirements @@ -197,7 +197,7 @@ Write - String Specifies the Active Directory Domain Services instance to use to perform the task. -.PARAMETER DomainAdministratorCredential +.PARAMETER Credential Write - String Specifies the user account credentials to use to perform this task. @@ -255,7 +255,7 @@ This configuration will create a user with a managed password. This might be used to manage the lifecycle of a service account. -Configuration CreateUserAndManagePassword_Config +Configuration ADUser_CreateUserAndManagePassword_Config { param ( @@ -265,11 +265,11 @@ Configuration CreateUserAndManagePassword_Config $Password ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADUser 'Contoso\ExampleUser' + ADUser 'Contoso\ExampleUser' { Ensure = 'Present' UserName = 'ExampleUser' @@ -286,7 +286,7 @@ This configuration will create a user with a password and then ignore when the password has changed. This might be used with a traditional user account where a managed password is not desired. -Configuration CreateUserAndIgnorePasswordChanges_Config +Configuration ADUser_CreateUserAndIgnorePasswordChanges_Config { param ( @@ -296,11 +296,11 @@ Configuration CreateUserAndIgnorePasswordChanges_Config $Password ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADUser 'Contoso\ExampleUser' + ADUser 'Contoso\ExampleUser' { Ensure = 'Present' UserName = 'ExampleUser' diff --git a/DSCResources/MSFT_xWaitForADDomain/MSFT_xWaitForADDomain.psm1 b/DSCResources/MSFT_WaitForADDomain/MSFT_WaitForADDomain.psm1 similarity index 96% rename from DSCResources/MSFT_xWaitForADDomain/MSFT_xWaitForADDomain.psm1 rename to DSCResources/MSFT_WaitForADDomain/MSFT_WaitForADDomain.psm1 index 9cd34e1f4..730bb3122 100644 --- a/DSCResources/MSFT_xWaitForADDomain/MSFT_xWaitForADDomain.psm1 +++ b/DSCResources/MSFT_WaitForADDomain/MSFT_WaitForADDomain.psm1 @@ -1,10 +1,10 @@ $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' -Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xWaitForADDomain' +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_WaitForADDomain' <# .SYNOPSIS @@ -137,7 +137,7 @@ function Set-TargetResource ) - $rebootLogFile = "$env:temp\xWaitForADDomain_Reboot.tmp" + $rebootLogFile = "$env:temp\WaitForADDomain_Reboot.tmp" for ($count = 0; $count -lt $RetryCount; $count++) { @@ -238,7 +238,7 @@ function Test-TargetResource ) - $rebootLogFile = "$env:temp\xWaitForADDomain_Reboot.tmp" + $rebootLogFile = "$env:temp\WaitForADDomain_Reboot.tmp" $domain = Get-Domain -DomainName $DomainName -DomainUserCredential $DomainUserCredential diff --git a/DSCResources/MSFT_xWaitForADDomain/MSFT_xWaitForADDomain.schema.mof b/DSCResources/MSFT_WaitForADDomain/MSFT_WaitForADDomain.schema.mof similarity index 85% rename from DSCResources/MSFT_xWaitForADDomain/MSFT_xWaitForADDomain.schema.mof rename to DSCResources/MSFT_WaitForADDomain/MSFT_WaitForADDomain.schema.mof index 2bf2d84bf..03674d3b8 100644 --- a/DSCResources/MSFT_xWaitForADDomain/MSFT_xWaitForADDomain.schema.mof +++ b/DSCResources/MSFT_WaitForADDomain/MSFT_WaitForADDomain.schema.mof @@ -1,5 +1,5 @@ -[ClassVersion("1.0.1.0"), FriendlyName("xWaitForADDomain")] -class MSFT_xWaitForADDomain : OMI_BaseResource +[ClassVersion("1.0.1.0"), FriendlyName("WaitForADDomain")] +class MSFT_WaitForADDomain : OMI_BaseResource { [Key, Description("The name of the Active Directory domain to wait for.")] String DomainName; [Write, Description("The user account credentials to use to perform this task."), EmbeddedInstance("MSFT_Credential")] String DomainUserCredential; diff --git a/DSCResources/MSFT_xWaitForADDomain/README.md b/DSCResources/MSFT_WaitForADDomain/README.md similarity index 52% rename from DSCResources/MSFT_xWaitForADDomain/README.md rename to DSCResources/MSFT_WaitForADDomain/README.md index c5d61873b..c0eafac10 100644 --- a/DSCResources/MSFT_xWaitForADDomain/README.md +++ b/DSCResources/MSFT_WaitForADDomain/README.md @@ -1,6 +1,6 @@ # Description -The xWaitForADDomain resource is used to wait for Active Directory to become available. +The WaitForADDomain resource is used to wait for Active Directory to become available. ## Requirements diff --git a/DSCResources/MSFT_xWaitForADDomain/en-US/MSFT_xWaitForADDomain.strings.psd1 b/DSCResources/MSFT_WaitForADDomain/en-US/MSFT_WaitForADDomain.strings.psd1 similarity index 100% rename from DSCResources/MSFT_xWaitForADDomain/en-US/MSFT_xWaitForADDomain.strings.psd1 rename to DSCResources/MSFT_WaitForADDomain/en-US/MSFT_WaitForADDomain.strings.psd1 diff --git a/DSCResources/MSFT_xWaitForADDomain/en-US/about_xWaitForADDomain.help.txt b/DSCResources/MSFT_WaitForADDomain/en-US/about_WaitForADDomain.help.txt similarity index 83% rename from DSCResources/MSFT_xWaitForADDomain/en-US/about_xWaitForADDomain.help.txt rename to DSCResources/MSFT_WaitForADDomain/en-US/about_WaitForADDomain.help.txt index 6708ac3d9..84b091723 100644 --- a/DSCResources/MSFT_xWaitForADDomain/en-US/about_xWaitForADDomain.help.txt +++ b/DSCResources/MSFT_WaitForADDomain/en-US/about_WaitForADDomain.help.txt @@ -1,8 +1,8 @@ .NAME - xWaitForADDomain + WaitForADDomain .DESCRIPTION - The xWaitForADDomain resource is used to wait for Active Directory to become available. + The WaitForADDomain resource is used to wait for Active Directory to become available. ## Requirements @@ -34,11 +34,11 @@ This configuration will wait for an AD Domain to respond before returning. Configuration WaitForADDomain_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xWaitForADDomain 'contoso.com' + WaitForADDomain 'contoso.com' { DomainName = 'contoso.com' RetryIntervalSec = 60 diff --git a/DSCResources/MSFT_xADDomain/README.md b/DSCResources/MSFT_xADDomain/README.md deleted file mode 100644 index 1f32426fd..000000000 --- a/DSCResources/MSFT_xADDomain/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADDomain resource creates a new domain in a new forest or a child domain in an existing forest. While it is possible to set the forest functional level and the domain functional level during deployment with this resource the common restrictions apply. For more information see [TechNet](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels). - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADDomain/en-US/about_xADDomain.help.txt b/DSCResources/MSFT_xADDomain/en-US/about_xADDomain.help.txt deleted file mode 100644 index 7a2639b0e..000000000 --- a/DSCResources/MSFT_xADDomain/en-US/about_xADDomain.help.txt +++ /dev/null @@ -1,400 +0,0 @@ -.NAME - xADDomain - -.DESCRIPTION - The xADDomain resource creates a new domain in a new forest or a child domain in an existing forest. While it is possible to set the forest functional level and the domain functional level during deployment with this resource the common restrictions apply. For more information see [TechNet](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels). - - ## Requirements - - * Target machine must be running Windows Server 2008 R2 or later. - -.PARAMETER DomainName - Key - String - The fully qualified domain name (FQDN) of the new domain. - -.PARAMETER DomainAdministratorCredential - Required - String - Credentials used to query for domain existence. - -.PARAMETER SafemodeAdministratorPassword - Required - String - Password for the administrator account when the computer is started in Safe Mode. - -.PARAMETER ParentDomainName - Write - String - Fully qualified domain name (FQDN) of the parent domain. - -.PARAMETER DomainNetbiosName - Write - String - NetBIOS name for the new domain. - -.PARAMETER DnsDelegationCredential - Write - String - Credential used for creating DNS delegation. - -.PARAMETER DatabasePath - Write - String - Path to a directory that contains the domain database. - -.PARAMETER LogPath - Write - String - Path to a directory for the log file that will be written. - -.PARAMETER SysvolPath - Write - String - Path to a directory where the Sysvol file will be written. - -.PARAMETER ForestMode - Write - String - Allowed values: Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold - The Forest Functional Level for the entire forest. - -.PARAMETER DomainMode - Write - String - Allowed values: Win2008, Win2008R2, Win2012, Win2012R2, WinThreshold - The Domain Functional Level for the entire domain. - -.EXAMPLE 1 - -This configuration will create a new domain with a new forest and a forest -functional level of Server 2016. - -Configuration NewForest_Config -{ - param - ( - [Parameter(Mandatory = $true)] - [ValidateNotNullOrEmpty()] - [System.Management.Automation.PSCredential] - $DomainAdministratorCredential - ) - - Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory - - node $AllNodes.NodeName - { - WindowsFeature 'ADDS' - { - Name = 'AD-Domain-Services' - Ensure = 'Present' - } - - WindowsFeature 'RSAT' - { - Name = 'RSAT-AD-PowerShell' - Ensure = 'Present' - } - - xADDomain $Node.DomainName - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential - ForestMode = $Node.FFL - } - } -} - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'localhost' - FFL = 'WinThreshold' - DomainName = 'contoso.com' - } - ) -} - -.EXAMPLE 2 - -This configuration will create a new child domain in an existing forest with -a Domain Functional Level of Windows Server 2012R2. - -Configuration NewChildDomain_Config -{ - param - ( - [Parameter(Mandatory = $true)] - [ValidateNotNullOrEmpty()] - [System.Management.Automation.PSCredential] - $DomainAdministratorCredential - ) - - Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory - - node $AllNodes.NodeName - { - WindowsFeature 'ADDS' - { - Name = 'AD-Domain-Services' - Ensure = 'Present' - } - - WindowsFeature 'RSAT' - { - Name = 'RSAT-AD-PowerShell' - Ensure = 'Present' - } - - xADDomain $Node.DomainName - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential - DomainMode = $Node.DFL - ParentDomainName = $node.ParentDomain - } - } -} - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'localhost' - DFL = 'Win2012R2' - DomainName = 'child' - ParentDomain = 'contoso.com' - } - ) -} - -.EXAMPLE 3 - -This configuration will create a domain, and then create a child domain on -another node. - -Configuration NewForestWithParentAndChildDomain_Config -{ - param - ( - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $SafemodeAdministratorCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $DomainCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $DnsDelegationCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $NewADUserCred - ) - - Import-DscResource -ModuleName xActiveDirectory - - Node $AllNodes.Where{ $_.Role -eq 'Parent DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xADDomain 'FirstDS' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DnsDelegationCredential = $DnsDelegationCred - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.DomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[xADDomain]FirstDS' - } - - xADUser 'FirstUser' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domaincred - UserName = 'dummy' - Password = $NewADUserCred - Ensure = 'Present' - DependsOn = '[xWaitForADDomain]DscForestWait' - } - - } - - Node $AllNodes.Where{ $_.Role -eq 'Child DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.ParentDomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xADDomain 'ChildDS' - { - DomainName = $Node.DomainName - ParentDomainName = $Node.ParentDomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DependsOn = '[xWaitForADDomain]DscForestWait' - } - } -} - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'dsc-testNode1' - Role = 'Parent DC' - DomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 50 - RetryIntervalSec = 30 - }, - - @{ - NodeName = 'dsc-testNode2' - Role = 'Child DC' - DomainName = 'dsc-child' - ParentDomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 50 - RetryIntervalSec = 30 - } - ) -} - -.EXAMPLE 4 - -This configuration will create a highly available domain by adding -a second domain controller to the newly created domain. -The xWaitForDomain resource is used to ensure that the domain is -present before the second domain controller is added. - -Configuration NewDomainWithTwoDCs_Config -{ - param - ( - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $SafemodeAdministratorCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $domainCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $DNSDelegationCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $NewADUserCred - ) - - Import-DscResource -ModuleName xActiveDirectory - - Node $AllNodes.Where{ $_.Role -eq 'Primary DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xADDomain 'FirstDS' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DnsDelegationCredential = $DNSDelegationCred - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.DomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[xADDomain]FirstDS' - } - - xADUser 'FirstUser' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - UserName = 'dummy' - Password = $NewADUserCred - Ensure = 'Present' - DependsOn = '[xWaitForADDomain]DscForestWait' - } - } - - Node $AllNodes.Where{ $_.Role -eq 'Replica DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.DomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xADDomainController 'SecondDC' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DependsOn = '[xWaitForADDomain]DscForestWait' - } - } -} - -# Configuration Data for AD -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'dsc-testNode1' - Role = 'Primary DC' - DomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 20 - RetryIntervalSec = 30 - }, - @{ - NodeName = 'dsc-testNode2' - Role = 'Replica DC' - DomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 20 - RetryIntervalSec = 30 - } - ) -} - - diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md b/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md deleted file mode 100644 index b00b9fe8e..000000000 --- a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADDomainDefaultPasswordPolicy DSC resource will manage an Active Directory domain's default password policy. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADDomainTrust/README.md b/DSCResources/MSFT_xADDomainTrust/README.md deleted file mode 100644 index 744487b31..000000000 --- a/DSCResources/MSFT_xADDomainTrust/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADDomainTrust DSC resource will manage Domain Trusts within Active Directory. A trust is a relationship, which you establish between domains or forests. To understand more about trusts in Active Directory, please see the article [Forest Design Models](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/forest-design-models) for more information. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADForestProperties/README.md b/DSCResources/MSFT_xADForestProperties/README.md deleted file mode 100644 index 546c1e6b8..000000000 --- a/DSCResources/MSFT_xADForestProperties/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADForestProperties DSC resource will manage User Principal Name (UPN) suffixes and Service Principal Name (SPN) suffixes in a forest. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADKDSKey/README.md b/DSCResources/MSFT_xADKDSKey/README.md deleted file mode 100644 index 25873edf4..000000000 --- a/DSCResources/MSFT_xADKDSKey/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADKDSKey DSC resource will manage KDS Root Keys within Active Directory. The KDS root keys are used to begin generating Group Managed Service Account (gMSA) passwords. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADOrganizationalUnit/README.md b/DSCResources/MSFT_xADOrganizationalUnit/README.md deleted file mode 100644 index 5e9a3d9b0..000000000 --- a/DSCResources/MSFT_xADOrganizationalUnit/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADOrganizational Unit DSC resource will manage Organizational Units (OUs) within Active Directory. An OU is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADReplicationSite/README.md b/DSCResources/MSFT_xADReplicationSite/README.md deleted file mode 100644 index 456ae9f92..000000000 --- a/DSCResources/MSFT_xADReplicationSite/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADReplicationSite DSC resource will manage Replication Sites within Active Directory. Sites are used in Active Directory to either enable clients to discover network resources (published shares, domain controllers) close to the physical location of a client computer or to reduce network traffic over wide area network (WAN) links. Sites can also be used to optimize replication between domain controllers. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADReplicationSiteLink/README.md b/DSCResources/MSFT_xADReplicationSiteLink/README.md deleted file mode 100644 index 2b24326f3..000000000 --- a/DSCResources/MSFT_xADReplicationSiteLink/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADReplicationSiteLink DSC resource will manage Replication Site Links within Active Directory. A site link connects two or more sites. Site links reflect the administrative policy for how sites are to be interconnected and the methods used to transfer replication traffic. You must connect sites with site links so that domain controllers at each site can replicate Active Directory changes. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/DSCResources/MSFT_xADServicePrincipalName/README.md b/DSCResources/MSFT_xADServicePrincipalName/README.md deleted file mode 100644 index df5b1bedd..000000000 --- a/DSCResources/MSFT_xADServicePrincipalName/README.md +++ /dev/null @@ -1,7 +0,0 @@ -# Description - -The xADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. - -## Requirements - -* Target machine must be running Windows Server 2008 R2 or later. diff --git a/Examples/README.md b/Examples/README.md index acf0b6f8f..daca77aa6 100644 --- a/Examples/README.md +++ b/Examples/README.md @@ -1,28 +1,28 @@ # Examples This will help to understand how to setup certain scenarios with the -xActiveDirectory resource module. +ActiveDirectoryDsc resource module. ## Resource examples These are the links to the examples for each individual resource: -- [xADComputer](Resources/xADComputer) -- [xADDomain](Resources/xADDomain) -- [xADDomainController](Resources/xADDomainController) -- [xADDomainDefaultPasswordPolicy](Resources/xADDomainDefaultPasswordPolicy) -- [xADDomainTrust](Resources/xADDomainTrust) -- [xADForestProperties](Resources/xADForestProperties) -- [xADGroup](Resources/xADGroup) -- [xADKDSKey](Resources/xADKDSKey) -- [xADManagedServiceAccount](Resources/xADManagedServiceAccount) -- [xADObjectEnabledState](Resources/xADObjectEnabledState) -- [xADObjectPermissionEntry](Resources/xADObjectPermissionEntry) -- [xADOrganizationalUnit](Resources/xADOrganizationalUnit) -- [xADRecycleBin](Resources/xADRecycleBin) -- [xADReplicationSite](Resources/xADReplicationSite) -- [xADReplicationSiteLink](Resources/xADReplicationSiteLink) -- [xADReplicationSubnet](Resources/xADReplicationSubnet) -- [xADServicePrincipalName](Resources/xADServicePrincipalName) -- [xADUser](Resources/xADUser) -- [xWaitForADDomain](Resources/xWaitForADDomain) +- [ADComputer](Resources/ADComputer) +- [ADDomain](Resources/ADDomain) +- [ADDomainController](Resources/ADDomainController) +- [ADDomainDefaultPasswordPolicy](Resources/ADDomainDefaultPasswordPolicy) +- [ADDomainTrust](Resources/ADDomainTrust) +- [ADForestProperties](Resources/ADForestProperties) +- [ADGroup](Resources/ADGroup) +- [ADKDSKey](Resources/ADKDSKey) +- [ADManagedServiceAccount](Resources/ADManagedServiceAccount) +- [ADObjectEnabledState](Resources/ADObjectEnabledState) +- [ADObjectPermissionEntry](Resources/ADObjectPermissionEntry) +- [ADOrganizationalUnit](Resources/ADOrganizationalUnit) +- [ADRecycleBin](Resources/ADRecycleBin) +- [ADReplicationSite](Resources/ADReplicationSite) +- [ADReplicationSiteLink](Resources/ADReplicationSiteLink) +- [ADReplicationSubnet](Resources/ADReplicationSubnet) +- [ADServicePrincipalName](Resources/ADServicePrincipalName) +- [ADUser](Resources/ADUser) +- [WaitForADDomain](Resources/WaitForADDomain) diff --git a/Examples/Resources/xADComputer/1-AddComputerAccount_Config.ps1 b/Examples/Resources/ADComputer/1-ADComputer_AddComputerAccount_Config.ps1 similarity index 65% rename from Examples/Resources/xADComputer/1-AddComputerAccount_Config.ps1 rename to Examples/Resources/ADComputer/1-ADComputer_AddComputerAccount_Config.ps1 index a66f7eb67..d0f2604a9 100644 --- a/Examples/Resources/xADComputer/1-AddComputerAccount_Config.ps1 +++ b/Examples/Resources/ADComputer/1-ADComputer_AddComputerAccount_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,37 +15,40 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create two Active Directory computer accounts enabled. The property Enabled will not be enforced in either case. #> - -Configuration AddComputerAccount_Config +Configuration ADComputer_AddComputerAccount_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateEnabled_SQL01' + ADComputer 'CreateEnabled_SQL01' { ComputerName = 'SQL01' + + PsDscRunAsCredential = $Credential } - xADComputer 'CreateEnabled_SQL02' + ADComputer 'CreateEnabled_SQL02' { ComputerName = 'SQL02' EnabledOnCreation = $true + + PsDscRunAsCredential = $Credential } } } diff --git a/Examples/Resources/xADComputer/2-AddComputerAccountDisabled_Config.ps1 b/Examples/Resources/ADComputer/2-ADComputer_AddComputerAccountDisabled_Config.ps1 similarity index 68% rename from Examples/Resources/xADComputer/2-AddComputerAccountDisabled_Config.ps1 rename to Examples/Resources/ADComputer/2-ADComputer_AddComputerAccountDisabled_Config.ps1 index 72e4b8cbe..953b73b76 100644 --- a/Examples/Resources/xADComputer/2-AddComputerAccountDisabled_Config.ps1 +++ b/Examples/Resources/ADComputer/2-ADComputer_AddComputerAccountDisabled_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,32 +15,33 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create an Active Directory computer account disabled. The property Enabled will not be enforced. #> - -Configuration AddComputerAccountDisabled_Config +Configuration ADComputer_AddComputerAccountDisabled_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateDisabled' + ADComputer 'CreateDisabled' { ComputerName = 'CLU_CNO01' EnabledOnCreation = $false + + PsDscRunAsCredential = $Credential } } } diff --git a/Examples/Resources/xADComputer/3-AddComputerAccountSpecificPath_Config.ps1 b/Examples/Resources/ADComputer/3-ADComputer_AddComputerAccountSpecificPath_Config.ps1 similarity index 56% rename from Examples/Resources/xADComputer/3-AddComputerAccountSpecificPath_Config.ps1 rename to Examples/Resources/ADComputer/3-ADComputer_AddComputerAccountSpecificPath_Config.ps1 index cb417f571..b00ade1c4 100644 --- a/Examples/Resources/xADComputer/3-AddComputerAccountSpecificPath_Config.ps1 +++ b/Examples/Resources/ADComputer/3-ADComputer_AddComputerAccountSpecificPath_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,27 +23,26 @@ on the specified domain controller and in the specific organizational unit. #> - -Configuration AddComputerAccountSpecificPath_Config +Configuration ADComputer_AddComputerAccountSpecificPath_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateComputerAccount' + ADComputer 'CreateComputerAccount' { - DomainController = 'DC01' - ComputerName = 'SQL01' - Path = 'OU=Servers,DC=contoso,DC=com' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainController = 'DC01' + ComputerName = 'SQL01' + Path = 'OU=Servers,DC=contoso,DC=com' + Credential = $Credential } } } diff --git a/Examples/Resources/xADComputer/4-AddComputerAccountAndCreateODJRequest_Config.ps1 b/Examples/Resources/ADComputer/4-ADComputer_AddComputerAccountAndCreateODJRequest_Config.ps1 similarity index 56% rename from Examples/Resources/xADComputer/4-AddComputerAccountAndCreateODJRequest_Config.ps1 rename to Examples/Resources/ADComputer/4-ADComputer_AddComputerAccountAndCreateODJRequest_Config.ps1 index 7040c61f8..427aec7c6 100644 --- a/Examples/Resources/xADComputer/4-AddComputerAccountAndCreateODJRequest_Config.ps1 +++ b/Examples/Resources/ADComputer/4-ADComputer_AddComputerAccountAndCreateODJRequest_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -24,28 +24,27 @@ unit. After the account is create an Offline Domain Join Request file is created to the specified path. #> - -Configuration AddComputerAccountAndCreateODJRequest_Config +Configuration ADComputer_AddComputerAccountAndCreateODJRequest_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateComputerAccount' + ADComputer 'CreateComputerAccount' { - DomainController = 'DC01' - ComputerName = 'NANO-200' - Path = 'OU=Servers,DC=contoso,DC=com' - RequestFile = 'D:\ODJFiles\NANO-200.txt' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainController = 'DC01' + ComputerName = 'NANO-200' + Path = 'OU=Servers,DC=contoso,DC=com' + RequestFile = 'D:\ODJFiles\NANO-200.txt' + Credential = $Credential } } } diff --git a/Examples/Resources/xADDomain/1-NewForest_Config.ps1 b/Examples/Resources/ADDomain/1-ADDomain_NewForest_Config.ps1 similarity index 54% rename from Examples/Resources/xADDomain/1-NewForest_Config.ps1 rename to Examples/Resources/ADDomain/1-ADDomain_NewForest_Config.ps1 index 1a2380843..ba9094e36 100644 --- a/Examples/Resources/xADDomain/1-NewForest_Config.ps1 +++ b/Examples/Resources/ADDomain/1-ADDomain_NewForest_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,28 +15,32 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a new domain with a new forest and a forest functional level of Server 2016. #> - -Configuration NewForest_Config +Configuration ADDomain_NewForest_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc - node $AllNodes.NodeName + node 'localhost' { WindowsFeature 'ADDS' { @@ -50,22 +54,12 @@ Configuration NewForest_Config Ensure = 'Present' } - xADDomain $Node.DomainName + ADDomain 'contoso.com' { - DomainName = $Node.DomainName - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential - ForestMode = $Node.FFL + DomainName = 'contoso.com' + Credential = $Credential + SafemodeAdministratorPassword = $SafeModePassword + ForestMode = 'WinThreshold' } } } - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'localhost' - FFL = 'WinThreshold' - DomainName = 'contoso.com' - } - ) -} diff --git a/Examples/Resources/xADDomain/2-NewChildDomain_Config.ps1 b/Examples/Resources/ADDomain/2-ADDomain_NewChildDomain_Config.ps1 similarity index 51% rename from Examples/Resources/xADDomain/2-NewChildDomain_Config.ps1 rename to Examples/Resources/ADDomain/2-ADDomain_NewChildDomain_Config.ps1 index 76d24176f..14cc80feb 100644 --- a/Examples/Resources/xADDomain/2-NewChildDomain_Config.ps1 +++ b/Examples/Resources/ADDomain/2-ADDomain_NewChildDomain_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,28 +15,32 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a new child domain in an existing forest with a Domain Functional Level of Windows Server 2012R2. #> - -Configuration NewChildDomain_Config +Configuration ADDomain_NewChildDomain_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc - node $AllNodes.NodeName + node 'localhost' { WindowsFeature 'ADDS' { @@ -50,24 +54,13 @@ Configuration NewChildDomain_Config Ensure = 'Present' } - xADDomain $Node.DomainName + ADDomain 'child' { - DomainName = $Node.DomainName - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential - DomainMode = $Node.DFL - ParentDomainName = $node.ParentDomain + DomainName = 'child' + Credential = $Credential + SafemodeAdministratorPassword = $SafeModePassword + DomainMode = 'Win2012R2' + ParentDomainName = 'contoso.com' } } } - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'localhost' - DFL = 'Win2012R2' - DomainName = 'child' - ParentDomain = 'contoso.com' - } - ) -} diff --git a/Examples/Resources/xADDomainController/1-AddDomainControllerToDomainMinimal_Config.ps1 b/Examples/Resources/ADDomainController/1-ADDomainController_AddDomainControllerToDomainMinimal_Config.ps1 similarity index 62% rename from Examples/Resources/xADDomainController/1-AddDomainControllerToDomainMinimal_Config.ps1 rename to Examples/Resources/ADDomainController/1-ADDomainController_AddDomainControllerToDomainMinimal_Config.ps1 index 6db30d42f..eddf198c8 100644 --- a/Examples/Resources/xADDomainController/1-AddDomainControllerToDomainMinimal_Config.ps1 +++ b/Examples/Resources/ADDomainController/1-ADDomainController_AddDomainControllerToDomainMinimal_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,26 +15,30 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will add a domain controller to the domain contoso.com. #> - -Configuration AddDomainControllerToDomainMinimal_Config +Configuration ADDomainController_AddDomainControllerToDomainMinimal_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -52,23 +56,23 @@ Configuration AddDomainControllerToDomainMinimal_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'DomainControllerMinimal' + ADDomainController 'DomainControllerMinimal' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } diff --git a/Examples/Resources/xADDomainController/2-AddDomainControllerToDomainAllProperties_Config.ps1 b/Examples/Resources/ADDomainController/2-ADDomainController_AddDomainControllerToDomainAllProperties_Config.ps1 similarity index 67% rename from Examples/Resources/xADDomainController/2-AddDomainControllerToDomainAllProperties_Config.ps1 rename to Examples/Resources/ADDomainController/2-ADDomainController_AddDomainControllerToDomainAllProperties_Config.ps1 index 242742d3d..da7f2649f 100644 --- a/Examples/Resources/xADDomainController/2-AddDomainControllerToDomainAllProperties_Config.ps1 +++ b/Examples/Resources/ADDomainController/2-ADDomainController_AddDomainControllerToDomainAllProperties_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,26 +15,30 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will add a domain controller to the domain contoso.com, specifying all properties of the resource. #> - -Configuration AddDomainControllerToDomainAllProperties_Config +Configuration ADDomainController_AddDomainControllerToDomainAllProperties_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -52,28 +56,28 @@ Configuration AddDomainControllerToDomainAllProperties_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'DomainControllerAllProperties' + ADDomainController 'DomainControllerAllProperties' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword DatabasePath = 'C:\Windows\NTDS' LogPath = 'C:\Windows\Logs' SysvolPath = 'C:\Windows\SYSVOL' SiteName = 'Europe' IsGlobalCatalog = $true - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } diff --git a/Examples/Resources/xADDomainController/3-AddDomainControllerToDomainUsingIFM_Config.ps1 b/Examples/Resources/ADDomainController/3-ADDomainController_AddDomainControllerToDomainUsingIFM_Config.ps1 similarity index 64% rename from Examples/Resources/xADDomainController/3-AddDomainControllerToDomainUsingIFM_Config.ps1 rename to Examples/Resources/ADDomainController/3-ADDomainController_AddDomainControllerToDomainUsingIFM_Config.ps1 index 1e4b91fac..6709511e9 100644 --- a/Examples/Resources/xADDomainController/3-AddDomainControllerToDomainUsingIFM_Config.ps1 +++ b/Examples/Resources/ADDomainController/3-ADDomainController_AddDomainControllerToDomainUsingIFM_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,26 +15,30 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will add a domain controller to the domain contoso.com using the information from media. #> - -Configuration AddDomainControllerToDomainUsingIFM_Config +Configuration ADDomainController_AddDomainControllerToDomainUsingIFM_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -52,24 +56,24 @@ Configuration AddDomainControllerToDomainUsingIFM_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'DomainControllerWithIFM' + ADDomainController 'DomainControllerWithIFM' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword InstallationMediaPath = 'F:\IFM' - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } diff --git a/Examples/Resources/xADDomainController/4-AddReadOnlyDomainController_Config.ps1 b/Examples/Resources/ADDomainController/4-ADDomainController_AddReadOnlyDomainController_Config.ps1 similarity index 67% rename from Examples/Resources/xADDomainController/4-AddReadOnlyDomainController_Config.ps1 rename to Examples/Resources/ADDomainController/4-ADDomainController_AddReadOnlyDomainController_Config.ps1 index ab7abe65c..8bacbd6aa 100644 --- a/Examples/Resources/xADDomainController/4-AddReadOnlyDomainController_Config.ps1 +++ b/Examples/Resources/ADDomainController/4-ADDomainController_AddReadOnlyDomainController_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,25 +15,30 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will add a read-only domain controller to the domain contoso.com and specify a list of account, whose passwords are allowed/denied for synchronisation. #> -Configuration AddReadOnlyDomainController_Config +Configuration ADDomainController_AddReadOnlyDomainController_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential, + + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [System.Management.Automation.PSCredential] + $SafeModePassword ) Import-DscResource -ModuleName PSDscResources - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { @@ -51,27 +56,27 @@ Configuration AddReadOnlyDomainController_Config DependsOn = '[WindowsFeature]InstallADDomainServicesFeature' } - xWaitForADDomain 'WaitForestAvailability' + WaitForADDomain 'WaitForestAvailability' { DomainName = 'contoso.com' - DomainUserCredential = $DomainAdministratorCredential + DomainUserCredential = $Credential RetryCount = 10 RetryIntervalSec = 120 DependsOn = '[WindowsFeature]RSATADPowerShell' } - xADDomainController 'Read-OnlyDomainController(RODC)' + ADDomainController 'Read-OnlyDomainController(RODC)' { DomainName = 'contoso.com' - DomainAdministratorCredential = $DomainAdministratorCredential - SafemodeAdministratorPassword = $DomainAdministratorCredential + Credential = $Credential + SafeModeAdministratorPassword = $SafeModePassword ReadOnlyReplica = $true SiteName = 'Default-First-Site-Name' AllowPasswordReplicationAccountName = @('pvdi.test1', 'pvdi.test') DenyPasswordReplicationAccountName = @('SVC_PVS', 'TA2SCVMM') - DependsOn = '[xWaitForADDomain]WaitForestAvailability' + DependsOn = '[WaitForADDomain]WaitForestAvailability' } } } diff --git a/Examples/Resources/xADDomainController/5-AddDomainControllerUsingInstallDns_Config.ps1 b/Examples/Resources/ADDomainController/5-AddDomainControllerUsingInstallDns_Config.ps1 similarity index 100% rename from Examples/Resources/xADDomainController/5-AddDomainControllerUsingInstallDns_Config.ps1 rename to Examples/Resources/ADDomainController/5-AddDomainControllerUsingInstallDns_Config.ps1 diff --git a/Examples/Resources/xADDomainDefaultPasswordPolicy/1-ConfigureDefaultPasswordPolicy_Config.ps1 b/Examples/Resources/ADDomainDefaultPasswordPolicy/1-ADDomainDefaultPasswordPolicy_ConfigureDefaultPasswordPolicy_Config.ps1 similarity index 64% rename from Examples/Resources/xADDomainDefaultPasswordPolicy/1-ConfigureDefaultPasswordPolicy_Config.ps1 rename to Examples/Resources/ADDomainDefaultPasswordPolicy/1-ADDomainDefaultPasswordPolicy_ConfigureDefaultPasswordPolicy_Config.ps1 index 2c2256414..caf13014e 100644 --- a/Examples/Resources/xADDomainDefaultPasswordPolicy/1-ConfigureDefaultPasswordPolicy_Config.ps1 +++ b/Examples/Resources/ADDomainDefaultPasswordPolicy/1-ADDomainDefaultPasswordPolicy_ConfigureDefaultPasswordPolicy_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,36 +15,35 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will set an Active Directory domain's default password policy to set the minimum password length and complexity. #> - -Configuration ConfigureDefaultPasswordPolicy_Config +Configuration ADDomainDefaultPasswordPolicy_ConfigureDefaultPasswordPolicy_Config { Param ( - [parameter(Mandatory = $true)] + [Parameter(Mandatory = $true)] [System.String] $DomainName, - [parameter(Mandatory = $true)] + [Parameter(Mandatory = $true)] [System.Boolean] $ComplexityEnabled, - [parameter(Mandatory = $true)] + [Parameter(Mandatory = $true)] [System.Int32] $MinPasswordLength ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADDomainDefaultPasswordPolicy 'DefaultPasswordPolicy' + ADDomainDefaultPasswordPolicy 'DefaultPasswordPolicy' { DomainName = $DomainName ComplexityEnabled = $ComplexityEnabled diff --git a/Examples/Resources/xADDomainTrust/1-NewOneWayTrust_Config.ps1 b/Examples/Resources/ADDomainTrust/1-ADDomainTrust_NewOneWayTrust_Config.ps1 similarity index 55% rename from Examples/Resources/xADDomainTrust/1-NewOneWayTrust_Config.ps1 rename to Examples/Resources/ADDomainTrust/1-ADDomainTrust_NewOneWayTrust_Config.ps1 index a9d6d5b5c..ba52ad64f 100644 --- a/Examples/Resources/xADDomainTrust/1-NewOneWayTrust_Config.ps1 +++ b/Examples/Resources/ADDomainTrust/1-ADDomainTrust_NewOneWayTrust_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,15 +15,14 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a new one way inbound trust between two domains. #> - -Configuration NewOneWayTrust_Config +Configuration ADDomainTrust_NewOneWayTrust_Config { param ( @@ -40,18 +39,18 @@ Configuration NewOneWayTrust_Config $TargetDomainAdminCred ) - Import-DscResource -module xActiveDirectory + Import-DscResource -module ActiveDirectoryDsc node localhost { - xADDomainTrust 'Trust' + ADDomainTrust 'Trust' { - Ensure = 'Present' - SourceDomainName = $SourceDomain - TargetDomainName = $TargetDomain - TargetDomainAdministratorCredential = $TargetDomainAdminCred - TrustDirection = 'Inbound' - TrustType = 'External' + Ensure = 'Present' + SourceDomainName = $SourceDomain + TargetDomainName = $TargetDomain + TargetCredential = $TargetDomainAdminCred + TrustDirection = 'Inbound' + TrustType = 'External' } } } diff --git a/Examples/Resources/xADForestProperties/1-ReplaceForestProperties_Config.ps1 b/Examples/Resources/ADForestProperties/1-ADForestProperties_ReplaceForestProperties_Config.ps1 similarity index 53% rename from Examples/Resources/xADForestProperties/1-ReplaceForestProperties_Config.ps1 rename to Examples/Resources/ADForestProperties/1-ADForestProperties_ReplaceForestProperties_Config.ps1 index 6d886a5dd..34d1d128f 100644 --- a/Examples/Resources/xADForestProperties/1-ReplaceForestProperties_Config.ps1 +++ b/Examples/Resources/ADForestProperties/1-ADForestProperties_ReplaceForestProperties_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,30 +23,17 @@ in the forest by replacing any existing suffixes with the ones specified in the configuration. #> - -Configuration ReplaceForestProperties_Config +Configuration ADForestProperties_ReplaceForestProperties_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc - node $AllNodes.NodeName + node 'localhost' { - xADForestProperties $Node.ForestName + ADForestProperties 'contoso.com' { - ForestName = $Node.ForestName - UserPrincipalNameSuffix = $Node.UserPrincipalNameSuffix - ServicePrincipalNameSuffix = $Node.ServicePrincipalNameSuffix - } - } -} - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'dc.contoso.com' ForestName = 'contoso.com' UserPrincipalNameSuffix = 'fabrikam.com', 'industry.com' ServicePrincipalNameSuffix = 'corporate.com' } - ) + } } - diff --git a/Examples/Resources/xADForestProperties/2-AddRemoveForestProperties_Config.ps1 b/Examples/Resources/ADForestProperties/2-ADForestProperties_AddRemoveForestProperties_Config.ps1 similarity index 73% rename from Examples/Resources/xADForestProperties/2-AddRemoveForestProperties_Config.ps1 rename to Examples/Resources/ADForestProperties/2-ADForestProperties_AddRemoveForestProperties_Config.ps1 index 94e0ba6f5..8b95b9e41 100644 --- a/Examples/Resources/xADForestProperties/2-AddRemoveForestProperties_Config.ps1 +++ b/Examples/Resources/ADForestProperties/2-ADForestProperties_AddRemoveForestProperties_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,14 +23,13 @@ the forest by adding and removing the desired suffixes. This will not overwrite existing suffixes in the forest. #> - -Configuration AddRemoveForestProperties_Config +Configuration ADForestProperties_AddRemoveForestProperties_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADForestProperties 'ContosoProperties' + ADForestProperties 'ContosoProperties' { ForestName = 'contoso.com' ServicePrincipalNameSuffixToAdd = 'test.net' diff --git a/Examples/Resources/xADGroup/1-NewGroup_Config.ps1 b/Examples/Resources/ADGroup/1-ADGroup_NewGroup_Config.ps1 similarity index 78% rename from Examples/Resources/xADGroup/1-NewGroup_Config.ps1 rename to Examples/Resources/ADGroup/1-ADGroup_NewGroup_Config.ps1 index a2149b046..67741d97b 100644 --- a/Examples/Resources/xADGroup/1-NewGroup_Config.ps1 +++ b/Examples/Resources/ADGroup/1-ADGroup_NewGroup_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,14 +15,13 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a new domain-local group #> - -Configuration NewGroup_Config +Configuration ADGroup_NewGroup_Config { param ( @@ -43,11 +42,11 @@ Configuration NewGroup_Config $Description ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADGroup 'ExampleGroup' + ADGroup 'ExampleGroup' { GroupName = $GroupName GroupScope = $Scope diff --git a/Examples/Resources/xADGroup/2-NewGroupWithMembers_Config.ps1 b/Examples/Resources/ADGroup/2-ADGroup_NewGroupWithMembers_Config.ps1 similarity index 67% rename from Examples/Resources/xADGroup/2-NewGroupWithMembers_Config.ps1 rename to Examples/Resources/ADGroup/2-ADGroup_NewGroupWithMembers_Config.ps1 index 93aa6ed43..e05af7dad 100644 --- a/Examples/Resources/xADGroup/2-NewGroupWithMembers_Config.ps1 +++ b/Examples/Resources/ADGroup/2-ADGroup_NewGroupWithMembers_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a new domain-local group with three members. #> - -Configuration NewGroupWithMembers_Config +Configuration ADGroup_NewGroupWithMembers_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADGroup 'dl1' + ADGroup 'dl1' { GroupName = 'DL_APP_1' GroupScope = 'DomainLocal' diff --git a/Examples/Resources/xADGroup/3-NewGroupMultidomainMembers_Config.ps1 b/Examples/Resources/ADGroup/3-ADGroup_NewGroupMultidomainMembers_Config.ps1 similarity index 74% rename from Examples/Resources/xADGroup/3-NewGroupMultidomainMembers_Config.ps1 rename to Examples/Resources/ADGroup/3-ADGroup_NewGroupMultidomainMembers_Config.ps1 index 2d4402f6b..92f05a10a 100644 --- a/Examples/Resources/xADGroup/3-NewGroupMultidomainMembers_Config.ps1 +++ b/Examples/Resources/ADGroup/3-ADGroup_NewGroupMultidomainMembers_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,21 +15,20 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a new domain-local group in contoso with three members in different domains. #> - -Configuration NewGroupMultiDomainMembers_Config +Configuration ADGroup_NewGroupMultiDomainMembers_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADGroup 'dl1' + ADGroup 'dl1' { GroupName = 'DL_APP_1' GroupScope = 'DomainLocal' diff --git a/Examples/Resources/xADKDSKey/1-CreateKDSRootKey_Config.ps1 b/Examples/Resources/ADKDSKey/1-ADKDSKey_CreateKDSRootKey_Config.ps1 similarity index 70% rename from Examples/Resources/xADKDSKey/1-CreateKDSRootKey_Config.ps1 rename to Examples/Resources/ADKDSKey/1-ADKDSKey_CreateKDSRootKey_Config.ps1 index 5ebbe20ac..767bf74c8 100644 --- a/Examples/Resources/xADKDSKey/1-CreateKDSRootKey_Config.ps1 +++ b/Examples/Resources/ADKDSKey/1-ADKDSKey_CreateKDSRootKey_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,14 +23,13 @@ slightly ahead in the future, the key won't be usable for at least 10 hours from the creation time. #> - -Configuration CreateKDSRootKey_Config +Configuration ADKDSKey_CreateKDSRootKey_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADKDSKey 'ExampleKDSRootKey' + ADKDSKey 'ExampleKDSRootKey' { Ensure = 'Present' EffectiveTime = '1/1/2030 13:00' diff --git a/Examples/Resources/xADKDSKey/2-CreateKDSRootKeyInPast_Config.ps1 b/Examples/Resources/ADKDSKey/2-ADKDSKey_CreateKDSRootKeyInPast_Config.ps1 similarity index 72% rename from Examples/Resources/xADKDSKey/2-CreateKDSRootKeyInPast_Config.ps1 rename to Examples/Resources/ADKDSKey/2-ADKDSKey_CreateKDSRootKeyInPast_Config.ps1 index 8314d020b..da93e787e 100644 --- a/Examples/Resources/xADKDSKey/2-CreateKDSRootKeyInPast_Config.ps1 +++ b/Examples/Resources/ADKDSKey/2-ADKDSKey_CreateKDSRootKeyInPast_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -24,14 +24,13 @@ replicated yet, there may be issues when retrieving the gMSA password. Use with caution #> - -Configuration CreateKDSRootKeyInPast_Config +Configuration ADKDSKey_CreateKDSRootKeyInPast_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADKDSKey 'ExampleKDSRootKeyInPast' + ADKDSKey 'ExampleKDSRootKeyInPast' { Ensure = 'Present' EffectiveTime = '1/1/1999 13:00' diff --git a/Examples/Resources/xADKDSKey/3-CreateKDSRootKeyRemoveLastKey_Config.ps1 b/Examples/Resources/ADKDSKey/3-ADKDSKey_CreateKDSRootKeyRemoveLastKey_Config.ps1 similarity index 70% rename from Examples/Resources/xADKDSKey/3-CreateKDSRootKeyRemoveLastKey_Config.ps1 rename to Examples/Resources/ADKDSKey/3-ADKDSKey_CreateKDSRootKeyRemoveLastKey_Config.ps1 index 5b98d3816..ac3535dc0 100644 --- a/Examples/Resources/xADKDSKey/3-CreateKDSRootKeyRemoveLastKey_Config.ps1 +++ b/Examples/Resources/ADKDSKey/3-ADKDSKey_CreateKDSRootKeyRemoveLastKey_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,14 +23,13 @@ If gMSAs are installed on the network, they will not be able to reset their passwords and it may cause services to fail. #> - -Configuration CreateKDSRootKeyRemoveLastKey_Config +Configuration ADKDSKey_CreateKDSRootKeyRemoveLastKey_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADKDSKey 'ExampleKDSRootKeyForceRemove' + ADKDSKey 'ExampleKDSRootKeyForceRemove' { Ensure = 'Absent' EffectiveTime = '1/1/2030 13:00' diff --git a/Examples/Resources/xADManagedServiceAccount/1-CreateManagedServiceAccount_Config.ps1 b/Examples/Resources/ADManagedServiceAccount/1-ADManagedServiceAccount_CreateManagedServiceAccount_Config.ps1 similarity index 61% rename from Examples/Resources/xADManagedServiceAccount/1-CreateManagedServiceAccount_Config.ps1 rename to Examples/Resources/ADManagedServiceAccount/1-ADManagedServiceAccount_CreateManagedServiceAccount_Config.ps1 index de68b62a8..3c47008e4 100644 --- a/Examples/Resources/xADManagedServiceAccount/1-CreateManagedServiceAccount_Config.ps1 +++ b/Examples/Resources/ADManagedServiceAccount/1-ADManagedServiceAccount_CreateManagedServiceAccount_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a managed service account. #> - -Configuration CreateManagedServiceAccount_Config +Configuration ADManagedServiceAccount_CreateManagedServiceAccount_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADManagedServiceAccount 'ExampleSingleMSA' + ADManagedServiceAccount 'ExampleSingleMSA' { Ensure = 'Present' ServiceAccountName = 'Service01' diff --git a/Examples/Resources/xADManagedServiceAccount/2-CreateGroupManagedServiceAccount_Config.ps1 b/Examples/Resources/ADManagedServiceAccount/2-ADManagedServiceAccount_CreateGroupManagedServiceAccount_Config.ps1 similarity index 65% rename from Examples/Resources/xADManagedServiceAccount/2-CreateGroupManagedServiceAccount_Config.ps1 rename to Examples/Resources/ADManagedServiceAccount/2-ADManagedServiceAccount_CreateGroupManagedServiceAccount_Config.ps1 index 9f07142ef..8e6d115d3 100644 --- a/Examples/Resources/xADManagedServiceAccount/2-CreateGroupManagedServiceAccount_Config.ps1 +++ b/Examples/Resources/ADManagedServiceAccount/2-ADManagedServiceAccount_CreateGroupManagedServiceAccount_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a group managed service account. #> - -Configuration CreateGroupManagedServiceAccount_Config +Configuration ADManagedServiceAccount_CreateGroupManagedServiceAccount_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADManagedServiceAccount 'ExampleGroupMSA' + ADManagedServiceAccount 'ExampleGroupMSA' { Ensure = 'Present' ServiceAccountName = 'Service01' diff --git a/Examples/Resources/xADManagedServiceAccount/3-CreateGroupManagedServiceAccountWithMembers_Config.ps1 b/Examples/Resources/ADManagedServiceAccount/3-ADManagedServiceAccount_CreateGroupManagedServiceAccountWithMembers_Config.ps1 similarity index 71% rename from Examples/Resources/xADManagedServiceAccount/3-CreateGroupManagedServiceAccountWithMembers_Config.ps1 rename to Examples/Resources/ADManagedServiceAccount/3-ADManagedServiceAccount_CreateGroupManagedServiceAccountWithMembers_Config.ps1 index 989b79a4a..f2debd498 100644 --- a/Examples/Resources/xADManagedServiceAccount/3-CreateGroupManagedServiceAccountWithMembers_Config.ps1 +++ b/Examples/Resources/ADManagedServiceAccount/3-ADManagedServiceAccount_CreateGroupManagedServiceAccountWithMembers_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a group managed service account with members. #> - -Configuration CreateGroupManagedServiceAccountWithMembers_Config +Configuration ADManagedServiceAccount_CreateGroupManagedServiceAccountWithMembers_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADManagedServiceAccount 'AddingMembersUsingSamAccountName' + ADManagedServiceAccount 'AddingMembersUsingSamAccountName' { Ensure = 'Present' ServiceAccountName = 'Service01' @@ -37,7 +36,7 @@ Configuration CreateGroupManagedServiceAccountWithMembers_Config Members = 'User01', 'Computer01$' } - xADManagedServiceAccount 'AddingMembersUsingDN' + ADManagedServiceAccount 'AddingMembersUsingDN' { Ensure = 'Present' ServiceAccountName = 'Service02' diff --git a/Examples/Resources/xADObjectEnabledState/1-EnabledComputerAccount_Config.ps1 b/Examples/Resources/ADObjectEnabledState/1-ADObjectEnabledState_EnabledComputerAccount_Config.ps1 similarity index 63% rename from Examples/Resources/xADObjectEnabledState/1-EnabledComputerAccount_Config.ps1 rename to Examples/Resources/ADObjectEnabledState/1-ADObjectEnabledState_EnabledComputerAccount_Config.ps1 index 37cc542e1..9b4724806 100644 --- a/Examples/Resources/xADObjectEnabledState/1-EnabledComputerAccount_Config.ps1 +++ b/Examples/Resources/ADObjectEnabledState/1-ADObjectEnabledState_EnabledComputerAccount_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,32 +15,32 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a computer account disabled, and enforcing the account to be enabled. #> -Configuration EnabledComputerAccount_Config +Configuration ADObjectEnabledState_EnabledComputerAccount_Config { - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { - xADComputer 'CreateDisabled' + ADComputer 'CreateDisabled' { ComputerName = 'CLU_CNO01' EnabledOnCreation = $false } - xADObjectEnabledState 'EnforceEnabledPropertyToEnabled' + ADObjectEnabledState 'EnforceEnabledPropertyToEnabled' { Identity = 'CLU_CNO01' ObjectClass = 'Computer' Enabled = $true - DependsOn = '[xADComputer]CreateDisabled' + DependsOn = '[ADComputer]CreateDisabled' } } } diff --git a/Examples/Resources/xADObjectEnabledState/2-CreateClusterComputerAccount_Config.ps1 b/Examples/Resources/ADObjectEnabledState/2-ADObjectEnabledState_CreateClusterComputerAccount_Config.ps1 similarity index 70% rename from Examples/Resources/xADObjectEnabledState/2-CreateClusterComputerAccount_Config.ps1 rename to Examples/Resources/ADObjectEnabledState/2-ADObjectEnabledState_CreateClusterComputerAccount_Config.ps1 index 485ab0b6e..9c39a66a6 100644 --- a/Examples/Resources/xADObjectEnabledState/2-CreateClusterComputerAccount_Config.ps1 +++ b/Examples/Resources/ADObjectEnabledState/2-ADObjectEnabledState_CreateClusterComputerAccount_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc #Requires -module xFailoverCluster <# @@ -24,22 +24,22 @@ a cluster using the disabled computer account, and enforcing the computer account to be enabled. #> -Configuration CreateClusterComputerAccount_Config +Configuration ADObjectEnabledState_CreateClusterComputerAccount_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc Import-DscResource -ModuleName xFailoverCluster node localhost { - xADComputer 'ClusterAccount' + ADComputer 'ClusterAccount' { ComputerName = 'CLU_CNO01' EnabledOnCreation = $false @@ -49,12 +49,12 @@ Configuration CreateClusterComputerAccount_Config { Name = 'CLU_CNO01' StaticIPAddress = '192.168.100.20/24' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainAdministratorCredential = $Credential - DependsOn = '[xADComputer]ClusterAccount' + DependsOn = '[ADComputer]ClusterAccount' } - xADObjectEnabledState 'EnforceEnabledPropertyToEnabled' + ADObjectEnabledState 'EnforceEnabledPropertyToEnabled' { Identity = 'CLU_CNO01' ObjectClass = 'Computer' diff --git a/Examples/Resources/xADObjectEnabledState/3-EnabledPrestagedClusterComputerAccount_Config.ps1 b/Examples/Resources/ADObjectEnabledState/3-ADObjectEnabledState_EnabledPrestagedClusterComputerAccount_Config.ps1 similarity index 72% rename from Examples/Resources/xADObjectEnabledState/3-EnabledPrestagedClusterComputerAccount_Config.ps1 rename to Examples/Resources/ADObjectEnabledState/3-ADObjectEnabledState_EnabledPrestagedClusterComputerAccount_Config.ps1 index 76502d6b7..9f40aa0f3 100644 --- a/Examples/Resources/xADObjectEnabledState/3-EnabledPrestagedClusterComputerAccount_Config.ps1 +++ b/Examples/Resources/ADObjectEnabledState/3-ADObjectEnabledState_EnabledPrestagedClusterComputerAccount_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc #Requires -module xFailoverCluster <# @@ -23,17 +23,17 @@ This configuration will configure a cluster using a pre-staged computer account, and enforcing the pre-staged computer account to be enabled. #> -Configuration EnabledPrestagedClusterComputerAccount_Config +Configuration ADObjectEnabledState_EnabledPrestagedClusterComputerAccount_Config { param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] - $DomainAdministratorCredential + $Credential ) - Import-DscResource -ModuleName xActiveDirectory + Import-DscResource -ModuleName ActiveDirectoryDsc Import-DscResource -ModuleName xFailoverCluster node localhost @@ -42,10 +42,10 @@ Configuration EnabledPrestagedClusterComputerAccount_Config { Name = 'CLU_CNO01' StaticIPAddress = '192.168.100.20/24' - DomainAdministratorCredential = $DomainAdministratorCredential + DomainAdministratorCredential = $Credential } - xADObjectEnabledState 'EnforceEnabledPropertyToEnabled' + ADObjectEnabledState 'EnforceEnabledPropertyToEnabled' { Identity = 'CLU_CNO01' ObjectClass = 'Computer' diff --git a/Examples/Resources/xADObjectPermissionEntry/1-DelegateFullControl_Config.ps1 b/Examples/Resources/ADObjectPermissionEntry/1-ADObjectPermissionEntry_DelegateFullControl_Config.ps1 similarity index 78% rename from Examples/Resources/xADObjectPermissionEntry/1-DelegateFullControl_Config.ps1 rename to Examples/Resources/ADObjectPermissionEntry/1-ADObjectPermissionEntry_DelegateFullControl_Config.ps1 index 3605d4bc2..0a8fda26c 100644 --- a/Examples/Resources/xADObjectPermissionEntry/1-DelegateFullControl_Config.ps1 +++ b/Examples/Resources/ADObjectPermissionEntry/1-ADObjectPermissionEntry_DelegateFullControl_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -24,14 +24,13 @@ CONTOSO\CLUSTER01$. This is used so that the Windows Failover Cluster can control the roles AD objects. #> - -Configuration DelegateFullControl_Config +Configuration ADObjectPermissionEntry_DelegateFullControl_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADObjectPermissionEntry 'ADObjectPermissionEntry' + ADObjectPermissionEntry 'ADObjectPermissionEntry' { Ensure = 'Present' Path = 'CN=ROLE01,CN=Computers,DC=contoso,DC=com' diff --git a/Examples/Resources/xADObjectPermissionEntry/2-CreateDeleteComputerObject_Config.ps1 b/Examples/Resources/ADObjectPermissionEntry/2-ADObjectPermissionEntry_CreateDeleteComputerObject_Config.ps1 similarity index 77% rename from Examples/Resources/xADObjectPermissionEntry/2-CreateDeleteComputerObject_Config.ps1 rename to Examples/Resources/ADObjectPermissionEntry/2-ADObjectPermissionEntry_CreateDeleteComputerObject_Config.ps1 index 290e172e7..8ba6d7dc7 100644 --- a/Examples/Resources/xADObjectPermissionEntry/2-CreateDeleteComputerObject_Config.ps1 +++ b/Examples/Resources/ADObjectPermissionEntry/2-ADObjectPermissionEntry_CreateDeleteComputerObject_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,14 +23,13 @@ (CreateChild,DeleteChild) computer objects in an OU and any sub-OUs that may get created. #> - -Configuration CreateDeleteComputerObject_Config +Configuration ADObjectPermissionEntry_CreateDeleteComputerObject_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADObjectPermissionEntry 'ADObjectPermissionEntry' + ADObjectPermissionEntry 'ADObjectPermissionEntry' { Ensure = 'Present' Path = 'OU=ContosoComputers,DC=contoso,DC=com' diff --git a/Examples/Resources/xADObjectPermissionEntry/3-ReadWriteComputerObjectProperties_Config.ps1 b/Examples/Resources/ADObjectPermissionEntry/3-ADObjectPermissionEntry_ReadWriteComputerObjectProperties_Config.ps1 similarity index 77% rename from Examples/Resources/xADObjectPermissionEntry/3-ReadWriteComputerObjectProperties_Config.ps1 rename to Examples/Resources/ADObjectPermissionEntry/3-ADObjectPermissionEntry_ReadWriteComputerObjectProperties_Config.ps1 index 791775b1f..057e2c45d 100644 --- a/Examples/Resources/xADObjectPermissionEntry/3-ReadWriteComputerObjectProperties_Config.ps1 +++ b/Examples/Resources/ADObjectPermissionEntry/3-ADObjectPermissionEntry_ReadWriteComputerObjectProperties_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,14 +23,13 @@ (ReadProperty, WriteProperty) of all properties of computer objects in an OU and any sub-OUs that may get created. #> - -Configuration ReadWriteComputerObjectProperties_Config +Configuration ADObjectPermissionEntry_ReadWriteComputerObjectProperties_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADObjectPermissionEntry 'ADObjectPermissionEntry' + ADObjectPermissionEntry 'ADObjectPermissionEntry' { Ensure = 'Present' Path = 'OU=ContosoComputers,DC=contoso,DC=com' diff --git a/Examples/Resources/xADOrganizationalUnit/1-CreateADOU_Config.ps1 b/Examples/Resources/ADOrganizationalUnit/1-ADOrganizationalUnit_CreateADOU_Config.ps1 similarity index 78% rename from Examples/Resources/xADOrganizationalUnit/1-CreateADOU_Config.ps1 rename to Examples/Resources/ADOrganizationalUnit/1-ADOrganizationalUnit_CreateADOU_Config.ps1 index 167f42df8..d0743606a 100644 --- a/Examples/Resources/xADOrganizationalUnit/1-CreateADOU_Config.ps1 +++ b/Examples/Resources/ADOrganizationalUnit/1-ADOrganizationalUnit_CreateADOU_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,15 +15,14 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will add an Active Directory organizational unit to the domain. #> - -Configuration CreateADOU_Config +Configuration ADOrganizationalUnit_CreateADOU_Config { param ( @@ -45,11 +44,11 @@ Configuration CreateADOU_Config $Description = '' ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADOrganizationalUnit 'ExampleOU' + ADOrganizationalUnit 'ExampleOU' { Name = $Name Path = $Path diff --git a/Examples/Resources/xADRecycleBin/1-EnableADRecycleBin_Config.ps1 b/Examples/Resources/ADRecycleBin/1-ADRecycleBin_EnableADRecycleBin_Config.ps1 similarity index 73% rename from Examples/Resources/xADRecycleBin/1-EnableADRecycleBin_Config.ps1 rename to Examples/Resources/ADRecycleBin/1-ADRecycleBin_EnableADRecycleBin_Config.ps1 index da56b979c..84f544ef2 100644 --- a/Examples/Resources/xADRecycleBin/1-EnableADRecycleBin_Config.ps1 +++ b/Examples/Resources/ADRecycleBin/1-ADRecycleBin_EnableADRecycleBin_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,15 +15,14 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will enable the Active Directory Recycle Bin for a specified Domain #> - -Configuration EnableADRecycleBin_Config +Configuration ADRecycleBin_EnableADRecycleBin_Config { param ( @@ -36,11 +35,11 @@ Configuration EnableADRecycleBin_Config $EACredential ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADRecycleBin 'RecycleBin' + ADRecycleBin 'RecycleBin' { EnterpriseAdministratorCredential = $EACredential ForestFQDN = $ForestFQDN diff --git a/Examples/Resources/xADReplicationSite/1-CreateADReplicationSite_Config.ps1 b/Examples/Resources/ADReplicationSite/1-ADReplicationSite_CreateADReplicationSite_Config.ps1 similarity index 63% rename from Examples/Resources/xADReplicationSite/1-CreateADReplicationSite_Config.ps1 rename to Examples/Resources/ADReplicationSite/1-ADReplicationSite_CreateADReplicationSite_Config.ps1 index dcbbce429..3137c4560 100644 --- a/Examples/Resources/xADReplicationSite/1-CreateADReplicationSite_Config.ps1 +++ b/Examples/Resources/ADReplicationSite/1-ADReplicationSite_CreateADReplicationSite_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,21 +15,20 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create an Active Directory replication site called 'Seattle'. #> - -Configuration CreateADReplicationSite_Config +Configuration ADReplicationSite_CreateADReplicationSite_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSite 'SeattleSite' + ADReplicationSite 'SeattleSite' { Ensure = 'Present' Name = 'Seattle' diff --git a/Examples/Resources/xADReplicationSite/2-CreateADReplicationSiteRenameDefault_Config.ps1 b/Examples/Resources/ADReplicationSite/2-ADReplicationSite_CreateADReplicationSiteRenameDefault_Config.ps1 similarity index 69% rename from Examples/Resources/xADReplicationSite/2-CreateADReplicationSiteRenameDefault_Config.ps1 rename to Examples/Resources/ADReplicationSite/2-ADReplicationSite_CreateADReplicationSiteRenameDefault_Config.ps1 index 9cb903ecb..0acb248e0 100644 --- a/Examples/Resources/xADReplicationSite/2-CreateADReplicationSiteRenameDefault_Config.ps1 +++ b/Examples/Resources/ADReplicationSite/2-ADReplicationSite_CreateADReplicationSiteRenameDefault_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,14 +23,13 @@ 'Seattle'. If the 'Default-First-Site-Name' site exists, it will rename this site instead of create a new one. #> - -Configuration CreateADReplicationSiteRenameDefault_Config +Configuration ADReplicationSite_CreateADReplicationSiteRenameDefault_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSite 'SeattleSite' + ADReplicationSite 'SeattleSite' { Ensure = 'Present' Name = 'Seattle' diff --git a/Examples/Resources/xADReplicationSite/3-RemoveADReplicationSite_Config.ps1 b/Examples/Resources/ADReplicationSite/3-ADReplicationSite_RemoveADReplicationSite_Config.ps1 similarity index 63% rename from Examples/Resources/xADReplicationSite/3-RemoveADReplicationSite_Config.ps1 rename to Examples/Resources/ADReplicationSite/3-ADReplicationSite_RemoveADReplicationSite_Config.ps1 index 9d254ac0c..60c4b0da8 100644 --- a/Examples/Resources/xADReplicationSite/3-RemoveADReplicationSite_Config.ps1 +++ b/Examples/Resources/ADReplicationSite/3-ADReplicationSite_RemoveADReplicationSite_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,21 +15,20 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will remove the Active Directory replication site called 'Cupertino'. #> - -Configuration RemoveADReplicationSite_Config +Configuration ADReplicationSite_RemoveADReplicationSite_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSite 'CupertinoSite' + ADReplicationSite 'CupertinoSite' { Ensure = 'Absent' Name = 'Cupertino' diff --git a/Examples/Resources/xADReplicationSiteLInk/1-CreateReplicationSiteLink_Config.ps1 b/Examples/Resources/ADReplicationSiteLink/1-ADReplicationSiteLink_CreateReplicationSiteLink_Config.ps1 similarity index 68% rename from Examples/Resources/xADReplicationSiteLInk/1-CreateReplicationSiteLink_Config.ps1 rename to Examples/Resources/ADReplicationSiteLink/1-ADReplicationSiteLink_CreateReplicationSiteLink_Config.ps1 index a85928046..b18482fba 100644 --- a/Examples/Resources/xADReplicationSiteLInk/1-CreateReplicationSiteLink_Config.ps1 +++ b/Examples/Resources/ADReplicationSiteLink/1-ADReplicationSiteLink_CreateReplicationSiteLink_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create an AD Replication Site Link. #> - -Configuration CreateReplicationSiteLink_Config +Configuration ADReplicationSiteLink_CreateReplicationSiteLink_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSiteLink 'HQSiteLink' + ADReplicationSiteLink 'HQSiteLink' { Name = 'HQSiteLInk' SitesIncluded = @('site1', 'site2') diff --git a/Examples/Resources/xADReplicationSiteLInk/2-ModifyExistingReplicationSiteLink_Config.ps1 b/Examples/Resources/ADReplicationSiteLink/2-ADReplicationSiteLink_ModifyExistingReplicationSiteLink_Config.ps1 similarity index 69% rename from Examples/Resources/xADReplicationSiteLInk/2-ModifyExistingReplicationSiteLink_Config.ps1 rename to Examples/Resources/ADReplicationSiteLink/2-ADReplicationSiteLink_ModifyExistingReplicationSiteLink_Config.ps1 index 6dc26fa1e..fdc91994e 100644 --- a/Examples/Resources/xADReplicationSiteLInk/2-ModifyExistingReplicationSiteLink_Config.ps1 +++ b/Examples/Resources/ADReplicationSiteLink/2-ADReplicationSiteLink_ModifyExistingReplicationSiteLink_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will modify an existing AD Replication Site Link. #> - -Configuration ModifyExistingReplicationSiteLink_Config +Configuration ADReplicationSiteLink_ModifyExistingReplicationSiteLink_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSiteLink 'HQSiteLink' + ADReplicationSiteLink 'HQSiteLink' { Name = 'HQSiteLInk' SitesIncluded = 'site1' diff --git a/Examples/Resources/xADReplicationSubnet/1-CreateReplicationSubnet_Config.ps1 b/Examples/Resources/ADReplicationSubnet/1-ADReplicationSubnet_CreateReplicationSubnet_Config.ps1 similarity index 63% rename from Examples/Resources/xADReplicationSubnet/1-CreateReplicationSubnet_Config.ps1 rename to Examples/Resources/ADReplicationSubnet/1-ADReplicationSubnet_CreateReplicationSubnet_Config.ps1 index 068fc5775..7f045d5e1 100644 --- a/Examples/Resources/xADReplicationSubnet/1-CreateReplicationSubnet_Config.ps1 +++ b/Examples/Resources/ADReplicationSubnet/1-ADReplicationSubnet_CreateReplicationSubnet_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create an AD Replication Subnet. #> - -Configuration CreateReplicationSubnet_Config +Configuration ADReplicationSubnet_CreateReplicationSubnet_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADReplicationSubnet 'LondonSubnet' + ADReplicationSubnet 'LondonSubnet' { Name = '10.0.0.0/24' Site = 'London' diff --git a/Examples/Resources/xADServicePrincipalName/1-AddUserServicePrincipalName_Config.ps1 b/Examples/Resources/ADServicePrincipalName/1-ADServicePrincipalName_AddUserServicePrincipalName_Config.ps1 similarity index 63% rename from Examples/Resources/xADServicePrincipalName/1-AddUserServicePrincipalName_Config.ps1 rename to Examples/Resources/ADServicePrincipalName/1-ADServicePrincipalName_AddUserServicePrincipalName_Config.ps1 index 8df95de5e..abf9b84c6 100644 --- a/Examples/Resources/xADServicePrincipalName/1-AddUserServicePrincipalName_Config.ps1 +++ b/Examples/Resources/ADServicePrincipalName/1-ADServicePrincipalName_AddUserServicePrincipalName_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will add a Service Principal Name to a user account. #> - -Configuration AddUserServicePrincipalName_Config +Configuration ADServicePrincipalName_AddUserServicePrincipalName_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADServicePrincipalName 'SQL01Svc' + ADServicePrincipalName 'SQL01Svc' { ServicePrincipalName = 'MSSQLSvc/sql01.contoso.com:1433' Account = 'SQL01Svc' diff --git a/Examples/Resources/xADServicePrincipalName/2-AddComputerServicePrincipalName_Config.ps1 b/Examples/Resources/ADServicePrincipalName/2-ADServicePrincipalName_AddComputerServicePrincipalName_Config.ps1 similarity index 62% rename from Examples/Resources/xADServicePrincipalName/2-AddComputerServicePrincipalName_Config.ps1 rename to Examples/Resources/ADServicePrincipalName/2-ADServicePrincipalName_AddComputerServicePrincipalName_Config.ps1 index d2933ad5c..b385cf55a 100644 --- a/Examples/Resources/xADServicePrincipalName/2-AddComputerServicePrincipalName_Config.ps1 +++ b/Examples/Resources/ADServicePrincipalName/2-ADServicePrincipalName_AddComputerServicePrincipalName_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will add a Service Principal Name to a computer account. #> - -Configuration AddComputerServicePrincipalName_Config +Configuration ADServicePrincipalName_AddComputerServicePrincipalName_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADServicePrincipalName 'web.contoso.com' + ADServicePrincipalName 'web.contoso.com' { ServicePrincipalName = 'HTTP/web.contoso.com' Account = 'IIS01$' diff --git a/Examples/Resources/xADUser/1-CreateUserAndManagePassword_Config.ps1 b/Examples/Resources/ADUser/1-ADUser_CreateUserAndManagePassword_Config.ps1 similarity index 74% rename from Examples/Resources/xADUser/1-CreateUserAndManagePassword_Config.ps1 rename to Examples/Resources/ADUser/1-ADUser_CreateUserAndManagePassword_Config.ps1 index 0c13c2828..e3432b82a 100644 --- a/Examples/Resources/xADUser/1-CreateUserAndManagePassword_Config.ps1 +++ b/Examples/Resources/ADUser/1-ADUser_CreateUserAndManagePassword_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,15 +15,14 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will create a user with a managed password. This might be used to manage the lifecycle of a service account. #> - -Configuration CreateUserAndManagePassword_Config +Configuration ADUser_CreateUserAndManagePassword_Config { param ( @@ -33,11 +32,11 @@ Configuration CreateUserAndManagePassword_Config $Password ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADUser 'Contoso\ExampleUser' + ADUser 'Contoso\ExampleUser' { Ensure = 'Present' UserName = 'ExampleUser' diff --git a/Examples/Resources/xADUser/2-CreateUserAndIgnorePasswordChanges_Config.ps1 b/Examples/Resources/ADUser/2-ADUser_CreateUserAndIgnorePasswordChanges_Config.ps1 similarity index 76% rename from Examples/Resources/xADUser/2-CreateUserAndIgnorePasswordChanges_Config.ps1 rename to Examples/Resources/ADUser/2-ADUser_CreateUserAndIgnorePasswordChanges_Config.ps1 index 33f55a1d6..6a1bd37f3 100644 --- a/Examples/Resources/xADUser/2-CreateUserAndIgnorePasswordChanges_Config.ps1 +++ b/Examples/Resources/ADUser/2-ADUser_CreateUserAndIgnorePasswordChanges_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,7 +15,7 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION @@ -23,8 +23,7 @@ when the password has changed. This might be used with a traditional user account where a managed password is not desired. #> - -Configuration CreateUserAndIgnorePasswordChanges_Config +Configuration ADUser_CreateUserAndIgnorePasswordChanges_Config { param ( @@ -34,11 +33,11 @@ Configuration CreateUserAndIgnorePasswordChanges_Config $Password ) - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xADUser 'Contoso\ExampleUser' + ADUser 'Contoso\ExampleUser' { Ensure = 'Present' UserName = 'ExampleUser' diff --git a/Examples/Resources/xWaitForADDomain/1-WaitForADDomain_Config.ps1 b/Examples/Resources/WaitForADDomain/1-WaitForADDomain_Config.ps1 similarity index 72% rename from Examples/Resources/xWaitForADDomain/1-WaitForADDomain_Config.ps1 rename to Examples/Resources/WaitForADDomain/1-WaitForADDomain_Config.ps1 index 5bb23d831..fc832b6bd 100644 --- a/Examples/Resources/xWaitForADDomain/1-WaitForADDomain_Config.ps1 +++ b/Examples/Resources/WaitForADDomain/1-WaitForADDomain_Config.ps1 @@ -5,8 +5,8 @@ .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory +.LICENSEURI https://github.com/PowerShell/ActiveDirectoryDsc/blob/master/LICENSE +.PROJECTURI https://github.com/PowerShell/ActiveDirectoryDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS @@ -15,20 +15,19 @@ .PRIVATEDATA #> -#Requires -module xActiveDirectory +#Requires -module ActiveDirectoryDsc <# .DESCRIPTION This configuration will wait for an AD Domain to respond before returning. #> - Configuration WaitForADDomain_Config { - Import-DscResource -Module xActiveDirectory + Import-DscResource -Module ActiveDirectoryDsc Node localhost { - xWaitForADDomain 'contoso.com' + WaitForADDomain 'contoso.com' { DomainName = 'contoso.com' RetryIntervalSec = 60 diff --git a/Examples/Resources/xADDomain/3-NewForestwithParentAndChildDomain_Config.ps1 b/Examples/Resources/xADDomain/3-NewForestwithParentAndChildDomain_Config.ps1 deleted file mode 100644 index 91fcb3780..000000000 --- a/Examples/Resources/xADDomain/3-NewForestwithParentAndChildDomain_Config.ps1 +++ /dev/null @@ -1,138 +0,0 @@ -<#PSScriptInfo -.VERSION 1.0 -.GUID aad067ec-0e7a-4a41-874d-432a3ff73437 -.AUTHOR Microsoft Corporation -.COMPANYNAME Microsoft Corporation -.COPYRIGHT (c) Microsoft Corporation. All rights reserved. -.TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory -.ICONURI -.EXTERNALMODULEDEPENDENCIES -.REQUIREDSCRIPTS -.EXTERNALSCRIPTDEPENDENCIES -.RELEASENOTES -.PRIVATEDATA -#> - -#Requires -module xActiveDirectory - -<# - .DESCRIPTION - This configuration will create a domain, and then create a child domain on - another node. -#> - -Configuration NewForestWithParentAndChildDomain_Config -{ - param - ( - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $SafemodeAdministratorCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $DomainCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $DnsDelegationCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $NewADUserCred - ) - - Import-DscResource -ModuleName xActiveDirectory - - Node $AllNodes.Where{ $_.Role -eq 'Parent DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xADDomain 'FirstDS' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DnsDelegationCredential = $DnsDelegationCred - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.DomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[xADDomain]FirstDS' - } - - xADUser 'FirstUser' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domaincred - UserName = 'dummy' - Password = $NewADUserCred - Ensure = 'Present' - DependsOn = '[xWaitForADDomain]DscForestWait' - } - - } - - Node $AllNodes.Where{ $_.Role -eq 'Child DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.ParentDomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xADDomain 'ChildDS' - { - DomainName = $Node.DomainName - ParentDomainName = $Node.ParentDomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DependsOn = '[xWaitForADDomain]DscForestWait' - } - } -} - -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'dsc-testNode1' - Role = 'Parent DC' - DomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 50 - RetryIntervalSec = 30 - }, - - @{ - NodeName = 'dsc-testNode2' - Role = 'Child DC' - DomainName = 'dsc-child' - ParentDomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 50 - RetryIntervalSec = 30 - } - ) -} diff --git a/Examples/Resources/xADDomain/4-NewDomainWithTwoDCs_Config.ps1 b/Examples/Resources/xADDomain/4-NewDomainWithTwoDCs_Config.ps1 deleted file mode 100644 index 8d0d9d848..000000000 --- a/Examples/Resources/xADDomain/4-NewDomainWithTwoDCs_Config.ps1 +++ /dev/null @@ -1,137 +0,0 @@ -<#PSScriptInfo -.VERSION 1.0 -.GUID 400370df-41bc-44d4-8730-0aa9a135383f -.AUTHOR Microsoft Corporation -.COMPANYNAME Microsoft Corporation -.COPYRIGHT (c) Microsoft Corporation. All rights reserved. -.TAGS DSCConfiguration -.LICENSEURI https://github.com/PowerShell/xActiveDirectory/blob/master/LICENSE -.PROJECTURI https://github.com/PowerShell/xActiveDirectory -.ICONURI -.EXTERNALMODULEDEPENDENCIES -.REQUIREDSCRIPTS -.EXTERNALSCRIPTDEPENDENCIES -.RELEASENOTES -.PRIVATEDATA -#> - -#Requires -module xActiveDirectory - -<# - .DESCRIPTION - This configuration will create a highly available domain by adding - a second domain controller to the newly created domain. - The xWaitForDomain resource is used to ensure that the domain is - present before the second domain controller is added. -#> - -Configuration NewDomainWithTwoDCs_Config -{ - param - ( - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $SafemodeAdministratorCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $domainCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $DNSDelegationCred, - - [Parameter(Mandatory = $true)] - [System.Management.Automation.PSCredential] - $NewADUserCred - ) - - Import-DscResource -ModuleName xActiveDirectory - - Node $AllNodes.Where{ $_.Role -eq 'Primary DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xADDomain 'FirstDS' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DnsDelegationCredential = $DNSDelegationCred - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.DomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[xADDomain]FirstDS' - } - - xADUser 'FirstUser' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - UserName = 'dummy' - Password = $NewADUserCred - Ensure = 'Present' - DependsOn = '[xWaitForADDomain]DscForestWait' - } - } - - Node $AllNodes.Where{ $_.Role -eq 'Replica DC' }.NodeName - { - WindowsFeature 'ADDSInstall' - { - Ensure = 'Present' - Name = 'AD-Domain-Services' - } - - xWaitForADDomain 'DscForestWait' - { - DomainName = $Node.DomainName - DomainUserCredential = $domainCred - RetryCount = $Node.RetryCount - RetryIntervalSec = $Node.RetryIntervalSec - DependsOn = '[WindowsFeature]ADDSInstall' - } - - xADDomainController 'SecondDC' - { - DomainName = $Node.DomainName - DomainAdministratorCredential = $domainCred - SafemodeAdministratorPassword = $SafemodeAdministratorCred - DependsOn = '[xWaitForADDomain]DscForestWait' - } - } -} - -# Configuration Data for AD -$ConfigurationData = @{ - AllNodes = @( - @{ - NodeName = 'dsc-testNode1' - Role = 'Primary DC' - DomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 20 - RetryIntervalSec = 30 - }, - @{ - NodeName = 'dsc-testNode2' - Role = 'Replica DC' - DomainName = 'dsc-test.contoso.com' - CertificateFile = 'C:\publicKeys\targetNode.cer' - Thumbprint = 'AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8' - RetryCount = 20 - RetryIntervalSec = 30 - } - ) -} diff --git a/Modules/xActiveDirectory.Common/xActiveDirectory.Common.psm1 b/Modules/ActiveDirectoryDsc.Common/ActiveDirectoryDsc.Common.psm1 similarity index 99% rename from Modules/xActiveDirectory.Common/xActiveDirectory.Common.psm1 rename to Modules/ActiveDirectoryDsc.Common/ActiveDirectoryDsc.Common.psm1 index e4e4f4069..4f9cc7cb9 100644 --- a/Modules/xActiveDirectory.Common/xActiveDirectory.Common.psm1 +++ b/Modules/ActiveDirectoryDsc.Common/ActiveDirectoryDsc.Common.psm1 @@ -1032,7 +1032,7 @@ function ConvertFrom-TimeSpan Returns common AD cmdlet connection parameter for splatting. .PARAMETER CommonName - When specified, a CommonName overrides theUsed by the xADUser + When specified, a CommonName overrides theUsed by the ADUser cmdletReturns the Identity as the Name key. For example, the Get-ADUser, Set-ADUser and Remove-ADUser cmdlets take an Identity parameter, but the New-ADUser cmdlet uses the Name parameter. @@ -1073,7 +1073,6 @@ function Get-ADCommonParameters [Parameter()] [ValidateNotNull()] - [Alias('DomainAdministratorCredential')] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] $Credential, @@ -1322,7 +1321,6 @@ function Restore-ADCommonObject [Parameter()] [ValidateNotNull()] - [Alias('DomainAdministratorCredential')] [System.Management.Automation.PSCredential] [System.Management.Automation.CredentialAttribute()] $Credential, @@ -2111,7 +2109,7 @@ function Get-ADDirectoryContext return New-Object @newObjectParameters } -$script:localizedData = Get-LocalizedData -ResourceName 'xActiveDirectory.Common' -ScriptRoot $PSScriptRoot +$script:localizedData = Get-LocalizedData -ResourceName 'ActiveDirectoryDsc.Common' -ScriptRoot $PSScriptRoot Export-ModuleMember -Function @( 'New-InvalidArgumentException' diff --git a/Modules/xActiveDirectory.Common/en-US/xActiveDirectory.Common.strings.psd1 b/Modules/ActiveDirectoryDsc.Common/en-US/ActiveDirectoryDsc.Common.strings.psd1 similarity index 98% rename from Modules/xActiveDirectory.Common/en-US/xActiveDirectory.Common.strings.psd1 rename to Modules/ActiveDirectoryDsc.Common/en-US/ActiveDirectoryDsc.Common.strings.psd1 index 16692289e..5541b8eaf 100644 --- a/Modules/xActiveDirectory.Common/en-US/xActiveDirectory.Common.strings.psd1 +++ b/Modules/ActiveDirectoryDsc.Common/en-US/ActiveDirectoryDsc.Common.strings.psd1 @@ -1,4 +1,4 @@ -# Localized resources for helper module xActiveDirectory.Common. +# Localized resources for helper module ActiveDirectoryDsc.Common. ConvertFrom-StringData @' WasExpectingDomainController = The operating system product type code returned 2, which indicates that this is domain controller, but was unable to retrieve the domain controller object. (ADCOMMON0001) diff --git a/README.md b/README.md index 4a73a8a6a..f6e61c138 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# xActiveDirectory +# ActiveDirectoryDsc -The **xActiveDirectory** module contains DSC resources for deployment and +The **ActiveDirectoryDsc** module contains DSC resources for deployment and configuration of Active Directory. These DSC resources allow you to configure new domains, child domains, and high @@ -12,23 +12,23 @@ For more information see the [Code of Conduct FAQ](https://opensource.microsoft. ## Documentation and Examples -For a full list of resources in xActiveDirectory and examples on their use, check -out the [xActiveDirectory wiki](https://github.com/PowerShell/xActiveDirectory/wiki). +For a full list of resources in ActiveDirectoryDsc and examples on their use, check +out the [ActiveDirectoryDsc wiki](https://github.com/PowerShell/ActiveDirectoryDsc/wiki). ## Branches ### master -[![Build status](https://ci.appveyor.com/api/projects/status/p4jejr60jrgb8ity/branch/master?svg=true)](https://ci.appveyor.com/project/PowerShell/xActiveDirectory/branch/master) -[![codecov](https://codecov.io/gh/PowerShell/xActiveDirectory/branch/master/graph/badge.svg)](https://codecov.io/gh/PowerShell/xActiveDirectory/branch/master) +[![Build status](https://ci.appveyor.com/api/projects/status/x9haeb92nw57gjkh/branch/master?svg=true)](https://ci.appveyor.com/project/PowerShell/ActiveDirectoryDsc/branch/master) +[![codecov](https://codecov.io/gh/PowerShell/ActiveDirectoryDsc/branch/master/graph/badge.svg)](https://codecov.io/gh/PowerShell/ActiveDirectoryDsc/branch/master) This is the branch containing the latest release - no contributions should be made directly to this branch. ### dev -[![Build status](https://ci.appveyor.com/api/projects/status/p4jejr60jrgb8ity/branch/dev?svg=true)](https://ci.appveyor.com/project/PowerShell/xActiveDirectory/branch/dev) -[![codecov](https://codecov.io/gh/PowerShell/xActiveDirectory/branch/dev/graph/badge.svg)](https://codecov.io/gh/PowerShell/xActiveDirectory/branch/dev) +[![Build status](https://ci.appveyor.com/api/projects/status/x9haeb92nw57gjkh/branch/dev?svg=true)](https://ci.appveyor.com/project/PowerShell/ActiveDirectoryDsc/branch/dev) +[![codecov](https://codecov.io/gh/PowerShell/ActiveDirectoryDsc/branch/dev/graph/badge.svg)](https://codecov.io/gh/PowerShell/ActiveDirectoryDsc/branch/dev) This is the development branch to which contributions should be proposed by contributors as pull requests. diff --git a/Tests/Integration/MSFT_xADComputer.Integration.Tests.ps1 b/Tests/Integration/MSFT_ADComputer.Integration.Tests.ps1 similarity index 98% rename from Tests/Integration/MSFT_xADComputer.Integration.Tests.ps1 rename to Tests/Integration/MSFT_ADComputer.Integration.Tests.ps1 index 26266a982..e8825cf58 100644 --- a/Tests/Integration/MSFT_xADComputer.Integration.Tests.ps1 +++ b/Tests/Integration/MSFT_ADComputer.Integration.Tests.ps1 @@ -4,8 +4,8 @@ if ($env:APPVEYOR -eq $true) return } -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceFriendlyName = 'xADComputer' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceFriendlyName = 'ADComputer' $script:dscResourceName = "MSFT_$($script:dscResourceFriendlyName)" #region HEADER @@ -84,7 +84,7 @@ try $resourceCurrentState.Enabled | Should -BeTrue $resourceCurrentState.EnabledOnCreation | Should -BeFalse $resourceCurrentState.DomainController | Should -BeNullOrEmpty - $resourceCurrentState.DomainAdministratorCredential | Should -BeNullOrEmpty + $resourceCurrentState.Credential | Should -BeNullOrEmpty $resourceCurrentState.RequestFile | Should -BeNullOrEmpty $resourceCurrentState.RestoreFromRecycleBin | Should -BeFalse $resourceCurrentState.DistinguishedName | Should -Match ('^CN={0}' -f $ConfigurationData.AllNodes.ComputerName1) @@ -340,7 +340,7 @@ try $resourceCurrentState.Enabled | Should -BeTrue $resourceCurrentState.EnabledOnCreation | Should -BeFalse $resourceCurrentState.DomainController | Should -BeNullOrEmpty - $resourceCurrentState.DomainAdministratorCredential | Should -BeNullOrEmpty + $resourceCurrentState.Credential | Should -BeNullOrEmpty $resourceCurrentState.RequestFile | Should -BeNullOrEmpty $resourceCurrentState.RestoreFromRecycleBin | Should -BeFalse $resourceCurrentState.DistinguishedName | Should -Match ('^CN={0}' -f $ConfigurationData.AllNodes.ComputerName1) diff --git a/Tests/Integration/MSFT_xADComputer.config.ps1 b/Tests/Integration/MSFT_ADComputer.config.ps1 similarity index 78% rename from Tests/Integration/MSFT_xADComputer.config.ps1 rename to Tests/Integration/MSFT_ADComputer.config.ps1 index 1eaf504b9..ccfc8571b 100644 --- a/Tests/Integration/MSFT_xADComputer.config.ps1 +++ b/Tests/Integration/MSFT_ADComputer.config.ps1 @@ -53,13 +53,13 @@ else use the default value for the property Enable of the cmdlet New-ADComputer. #> -Configuration MSFT_xADComputer_CreateComputerAccount1_Config +Configuration MSFT_ADComputer_CreateComputerAccount1_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADComputer 'Integration_Test' + ADComputer 'Integration_Test' { ComputerName = $Node.ComputerName1 } @@ -74,13 +74,13 @@ Configuration MSFT_xADComputer_CreateComputerAccount1_Config This removed computer account will later be used to restore the computer account from the recycle bin. #> -Configuration MSFT_xADComputer_RemoveComputerAccount1_Config +Configuration MSFT_ADComputer_RemoveComputerAccount1_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADComputer 'Integration_Test' + ADComputer 'Integration_Test' { Ensure = 'Absent' ComputerName = $Node.ComputerName1 @@ -93,13 +93,13 @@ Configuration MSFT_xADComputer_RemoveComputerAccount1_Config Restores a computer account from recycle bin. #> -Configuration MSFT_xADComputer_RestoreComputerAccount1_Config +Configuration MSFT_ADComputer_RestoreComputerAccount1_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADComputer 'Integration_Test' + ADComputer 'Integration_Test' { Ensure = 'Present' ComputerName = $Node.ComputerName1 @@ -113,13 +113,13 @@ Configuration MSFT_xADComputer_RestoreComputerAccount1_Config Updates all available properties on a computer account. #> -Configuration MSFT_xADComputer_UpdateComputerAccount1_Config +Configuration MSFT_ADComputer_UpdateComputerAccount1_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADOrganizationalUnit 'Global' + ADOrganizationalUnit 'Global' { Ensure = 'Present' Name = $Node.OrganizationalUnitName @@ -127,7 +127,7 @@ Configuration MSFT_xADComputer_UpdateComputerAccount1_Config ProtectedFromAccidentalDeletion = $false } - xADComputer 'Integration_Test' + ADComputer 'Integration_Test' { Ensure = 'Present' ComputerName = $Node.ComputerName1 @@ -139,7 +139,7 @@ Configuration MSFT_xADComputer_UpdateComputerAccount1_Config Path = 'OU={0},{1}' -f $Node.OrganizationalUnitName, $Node.DomainDistinguishedName Description = $Node.Description - DependsOn = '[xADOrganizationalUnit]Global' + DependsOn = '[ADOrganizationalUnit]Global' } } } @@ -148,13 +148,13 @@ Configuration MSFT_xADComputer_UpdateComputerAccount1_Config .SYNOPSIS Creates a computer account disabled. #> -Configuration MSFT_xADComputer_CreateComputerAccount2Disabled_Config +Configuration MSFT_ADComputer_CreateComputerAccount2Disabled_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADComputer 'Integration_Test' + ADComputer 'Integration_Test' { ComputerName = $Node.ComputerName2 EnabledOnCreation = $false @@ -172,13 +172,13 @@ Configuration MSFT_xADComputer_CreateComputerAccount2Disabled_Config use the default value for the property Enable of the cmdlet New-ADComputer. #> -Configuration MSFT_xADComputer_CreateComputerAccount3WithOfflineDomainJoin_Config +Configuration MSFT_ADComputer_CreateComputerAccount3WithOfflineDomainJoin_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADComputer 'Integration_Test' + ADComputer 'Integration_Test' { ComputerName = $Node.ComputerName3 RequestFile = $Node.RequestFileName @@ -190,32 +190,32 @@ Configuration MSFT_xADComputer_CreateComputerAccount3WithOfflineDomainJoin_Confi .SYNOPSIS Clean up all the computer accounts. #> -Configuration MSFT_xADComputer_CleanUp_Config +Configuration MSFT_ADComputer_CleanUp_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' Import-DscResource -ModuleName 'PSDesiredStateConfiguration' node $AllNodes.NodeName { - xADComputer 'RemoveComputerAccount1' + ADComputer 'RemoveComputerAccount1' { Ensure = 'Absent' ComputerName = $Node.ComputerName1 } - xADComputer 'RemoveComputerAccount2' + ADComputer 'RemoveComputerAccount2' { Ensure = 'Absent' ComputerName = $Node.ComputerName2 } - xADComputer 'RemoveComputerAccount3' + ADComputer 'RemoveComputerAccount3' { Ensure = 'Absent' ComputerName = $Node.ComputerName3 } - xADOrganizationalUnit 'RemoveGlobal' + ADOrganizationalUnit 'RemoveGlobal' { Ensure = 'Absent' Name = $Node.OrganizationalUnitName diff --git a/Tests/Integration/MSFT_xADDomainTrust.Integration.Tests.ps1 b/Tests/Integration/MSFT_ADDomainTrust.Integration.Tests.ps1 similarity index 94% rename from Tests/Integration/MSFT_xADDomainTrust.Integration.Tests.ps1 rename to Tests/Integration/MSFT_ADDomainTrust.Integration.Tests.ps1 index 9652e98ce..ea56fc1a8 100644 --- a/Tests/Integration/MSFT_xADDomainTrust.Integration.Tests.ps1 +++ b/Tests/Integration/MSFT_ADDomainTrust.Integration.Tests.ps1 @@ -4,8 +4,8 @@ if ($env:APPVEYOR -eq $true) return } -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceFriendlyName = 'xADDomainTrust' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceFriendlyName = 'ADDomainTrust' $script:dscResourceName = "MSFT_$($script:dscResourceFriendlyName)" #region HEADER @@ -75,7 +75,7 @@ try $resourceCurrentState.Ensure | Should -Be 'Present' $resourceCurrentState.SourceDomainName | Should -Be $configurationData.AllNodes.SourceDomain $resourceCurrentState.TargetDomainName | Should -Be $configurationData.AllNodes.TargetDomain - $resourceCurrentState.TargetDomainAdministratorCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName + $resourceCurrentState.TargetCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName $resourceCurrentState.TrustType | Should -Be 'External' $resourceCurrentState.TrustDirection | Should -Be 'Outbound' } @@ -126,7 +126,7 @@ try $resourceCurrentState.Ensure | Should -Be 'Present' $resourceCurrentState.SourceDomainName | Should -Be $configurationData.AllNodes.SourceDomain $resourceCurrentState.TargetDomainName | Should -Be $configurationData.AllNodes.TargetDomain - $resourceCurrentState.TargetDomainAdministratorCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName + $resourceCurrentState.TargetCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName $resourceCurrentState.TrustType | Should -Be 'External' $resourceCurrentState.TrustDirection | Should -Be 'Inbound' } @@ -177,7 +177,7 @@ try $resourceCurrentState.Ensure | Should -Be 'Absent' $resourceCurrentState.SourceDomainName | Should -Be $configurationData.AllNodes.SourceDomain $resourceCurrentState.TargetDomainName | Should -Be $configurationData.AllNodes.TargetDomain - $resourceCurrentState.TargetDomainAdministratorCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName + $resourceCurrentState.TargetCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName $resourceCurrentState.TrustType | Should -BeNullOrEmpty $resourceCurrentState.TrustDirection | Should -BeNullOrEmpty } @@ -228,7 +228,7 @@ try $resourceCurrentState.Ensure | Should -Be 'Present' $resourceCurrentState.SourceDomainName | Should -Be $configurationData.AllNodes.SourceForest $resourceCurrentState.TargetDomainName | Should -Be $configurationData.AllNodes.TargetForest - $resourceCurrentState.TargetDomainAdministratorCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName + $resourceCurrentState.TargetCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName $resourceCurrentState.TrustType | Should -Be 'Forest' $resourceCurrentState.TrustDirection | Should -Be 'Outbound' } @@ -279,7 +279,7 @@ try $resourceCurrentState.Ensure | Should -Be 'Present' $resourceCurrentState.SourceDomainName | Should -Be $configurationData.AllNodes.SourceForest $resourceCurrentState.TargetDomainName | Should -Be $configurationData.AllNodes.TargetForest - $resourceCurrentState.TargetDomainAdministratorCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName + $resourceCurrentState.TargetCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName $resourceCurrentState.TrustType | Should -Be 'Forest' $resourceCurrentState.TrustDirection | Should -Be 'Inbound' } @@ -330,7 +330,7 @@ try $resourceCurrentState.Ensure | Should -Be 'Absent' $resourceCurrentState.SourceDomainName | Should -Be $configurationData.AllNodes.SourceForest $resourceCurrentState.TargetDomainName | Should -Be $configurationData.AllNodes.TargetForest - $resourceCurrentState.TargetDomainAdministratorCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName + $resourceCurrentState.TargetCredential.UserName | Should -Be $configurationData.AllNodes.TargetUserName $resourceCurrentState.TrustType | Should -BeNullOrEmpty $resourceCurrentState.TrustDirection | Should -BeNullOrEmpty } diff --git a/Tests/Integration/MSFT_xADDomainTrust.config.ps1 b/Tests/Integration/MSFT_ADDomainTrust.config.ps1 similarity index 53% rename from Tests/Integration/MSFT_xADDomainTrust.config.ps1 rename to Tests/Integration/MSFT_ADDomainTrust.config.ps1 index 305eb166e..b530e2fa8 100644 --- a/Tests/Integration/MSFT_xADDomainTrust.config.ps1 +++ b/Tests/Integration/MSFT_ADDomainTrust.config.ps1 @@ -51,19 +51,19 @@ else .SYNOPSIS Creates a domain trust. #> -Configuration MSFT_xADDomainTrust_CreateDomainTrust_Config +Configuration MSFT_ADDomainTrust_CreateDomainTrust_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADDomainTrust 'Integration_Test' + ADDomainTrust 'Integration_Test' { - SourceDomainName = $Node.SourceDomain - TargetDomainName = $Node.TargetDomain - TrustType = 'External' - TrustDirection = 'Outbound' - TargetDomainAdministratorCredential = New-Object ` + SourceDomainName = $Node.SourceDomain + TargetDomainName = $Node.TargetDomain + TrustType = 'External' + TrustDirection = 'Outbound' + TargetCredential = New-Object ` -TypeName System.Management.Automation.PSCredential ` -ArgumentList @($Node.TargetUserName, (ConvertTo-SecureString -String $Node.TargetPassword -AsPlainText -Force)) @@ -75,19 +75,19 @@ Configuration MSFT_xADDomainTrust_CreateDomainTrust_Config .SYNOPSIS Changes trust direction on an existing domain trust. #> -Configuration MSFT_xADDomainTrust_ChangeDomainTrustDirection_Config +Configuration MSFT_ADDomainTrust_ChangeDomainTrustDirection_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADDomainTrust 'Integration_Test' + ADDomainTrust 'Integration_Test' { - SourceDomainName = $Node.SourceDomain - TargetDomainName = $Node.TargetDomain - TrustType = 'External' - TrustDirection = 'Inbound' - TargetDomainAdministratorCredential = New-Object ` + SourceDomainName = $Node.SourceDomain + TargetDomainName = $Node.TargetDomain + TrustType = 'External' + TrustDirection = 'Inbound' + TargetCredential = New-Object ` -TypeName System.Management.Automation.PSCredential ` -ArgumentList @($Node.TargetUserName, (ConvertTo-SecureString -String $Node.TargetPassword -AsPlainText -Force)) @@ -99,20 +99,20 @@ Configuration MSFT_xADDomainTrust_ChangeDomainTrustDirection_Config .SYNOPSIS Removes the domain trust. #> -Configuration MSFT_xADDomainTrust_RemoveDomainTrust_Config +Configuration MSFT_ADDomainTrust_RemoveDomainTrust_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADDomainTrust 'Integration_Test' + ADDomainTrust 'Integration_Test' { - Ensure = 'Absent' - SourceDomainName = $Node.SourceDomain - TargetDomainName = $Node.TargetDomain - TrustType = 'External' - TrustDirection = 'Bidirectional' - TargetDomainAdministratorCredential = New-Object ` + Ensure = 'Absent' + SourceDomainName = $Node.SourceDomain + TargetDomainName = $Node.TargetDomain + TrustType = 'External' + TrustDirection = 'Bidirectional' + TargetCredential = New-Object ` -TypeName System.Management.Automation.PSCredential ` -ArgumentList @($Node.TargetUserName, (ConvertTo-SecureString -String $Node.TargetPassword -AsPlainText -Force)) @@ -124,19 +124,19 @@ Configuration MSFT_xADDomainTrust_RemoveDomainTrust_Config .SYNOPSIS Creates a forest trust. #> -Configuration MSFT_xADDomainTrust_CreateForestTrust_Config +Configuration MSFT_ADDomainTrust_CreateForestTrust_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADDomainTrust 'Integration_Test' + ADDomainTrust 'Integration_Test' { - SourceDomainName = $Node.SourceForest - TargetDomainName = $Node.TargetForest - TrustType = 'Forest' - TrustDirection = 'Outbound' - TargetDomainAdministratorCredential = New-Object ` + SourceDomainName = $Node.SourceForest + TargetDomainName = $Node.TargetForest + TrustType = 'Forest' + TrustDirection = 'Outbound' + TargetCredential = New-Object ` -TypeName System.Management.Automation.PSCredential ` -ArgumentList @($Node.TargetUserName, (ConvertTo-SecureString -String $Node.TargetPassword -AsPlainText -Force)) @@ -148,19 +148,19 @@ Configuration MSFT_xADDomainTrust_CreateForestTrust_Config .SYNOPSIS Changes trust direction on an existing forest trust. #> -Configuration MSFT_xADDomainTrust_ChangeForestTrustDirection_Config +Configuration MSFT_ADDomainTrust_ChangeForestTrustDirection_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADDomainTrust 'Integration_Test' + ADDomainTrust 'Integration_Test' { - SourceDomainName = $Node.SourceForest - TargetDomainName = $Node.TargetForest - TrustType = 'Forest' - TrustDirection = 'Inbound' - TargetDomainAdministratorCredential = New-Object ` + SourceDomainName = $Node.SourceForest + TargetDomainName = $Node.TargetForest + TrustType = 'Forest' + TrustDirection = 'Inbound' + TargetCredential = New-Object ` -TypeName System.Management.Automation.PSCredential ` -ArgumentList @($Node.TargetUserName, (ConvertTo-SecureString -String $Node.TargetPassword -AsPlainText -Force)) @@ -172,20 +172,20 @@ Configuration MSFT_xADDomainTrust_ChangeForestTrustDirection_Config .SYNOPSIS Removes the domain trust. #> -Configuration MSFT_xADDomainTrust_RemoveForestTrust_Config +Configuration MSFT_ADDomainTrust_RemoveForestTrust_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADDomainTrust 'Integration_Test' + ADDomainTrust 'Integration_Test' { - Ensure = 'Absent' - SourceDomainName = $Node.SourceForest - TargetDomainName = $Node.TargetForest - TrustType = 'Forest' - TrustDirection = 'Bidirectional' - TargetDomainAdministratorCredential = New-Object ` + Ensure = 'Absent' + SourceDomainName = $Node.SourceForest + TargetDomainName = $Node.TargetForest + TrustType = 'Forest' + TrustDirection = 'Bidirectional' + TargetCredential = New-Object ` -TypeName System.Management.Automation.PSCredential ` -ArgumentList @($Node.TargetUserName, (ConvertTo-SecureString -String $Node.TargetPassword -AsPlainText -Force)) diff --git a/Tests/Integration/MSFT_xADObjectEnableState.Integration.Tests.ps1 b/Tests/Integration/MSFT_ADObjectEnableState.Integration.Tests.ps1 similarity index 98% rename from Tests/Integration/MSFT_xADObjectEnableState.Integration.Tests.ps1 rename to Tests/Integration/MSFT_ADObjectEnableState.Integration.Tests.ps1 index 5560b8270..1a8c8347c 100644 --- a/Tests/Integration/MSFT_xADObjectEnableState.Integration.Tests.ps1 +++ b/Tests/Integration/MSFT_ADObjectEnableState.Integration.Tests.ps1 @@ -4,8 +4,8 @@ if ($env:APPVEYOR -eq $true) return } -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceFriendlyName = 'xADObjectEnabledState' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceFriendlyName = 'ADObjectEnabledState' $script:dscResourceName = "MSFT_$($script:dscResourceFriendlyName)" #region HEADER diff --git a/Tests/Integration/MSFT_xADObjectEnabledState.config.ps1 b/Tests/Integration/MSFT_ADObjectEnabledState.config.ps1 similarity index 70% rename from Tests/Integration/MSFT_xADObjectEnabledState.config.ps1 rename to Tests/Integration/MSFT_ADObjectEnabledState.config.ps1 index 963f1fa3f..776cef3b8 100644 --- a/Tests/Integration/MSFT_xADObjectEnabledState.config.ps1 +++ b/Tests/Integration/MSFT_ADObjectEnabledState.config.ps1 @@ -29,13 +29,13 @@ else .SYNOPSIS Creates a computer account using the default values. #> -Configuration MSFT_xADObjectEnabledState_Prerequisites_Config +Configuration MSFT_ADObjectEnabledState_Prerequisites_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADComputer 'CreateComputerAccount' + ADComputer 'CreateComputerAccount' { ComputerName = $Node.ComputerName } @@ -47,13 +47,13 @@ Configuration MSFT_xADObjectEnabledState_Prerequisites_Config Disables a computer account. #> -Configuration MSFT_xADObjectEnabledState_DisableComputerAccount_Config +Configuration MSFT_ADObjectEnabledState_DisableComputerAccount_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADObjectEnabledState 'Integration_Test' + ADObjectEnabledState 'Integration_Test' { Identity = $Node.ComputerName ObjectClass = 'Computer' @@ -67,13 +67,13 @@ Configuration MSFT_xADObjectEnabledState_DisableComputerAccount_Config Enables a computer account. #> -Configuration MSFT_xADObjectEnabledState_EnableComputerAccount_Config +Configuration MSFT_ADObjectEnabledState_EnableComputerAccount_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADObjectEnabledState 'Integration_Test' + ADObjectEnabledState 'Integration_Test' { Identity = $Node.ComputerName ObjectClass = 'Computer' @@ -86,13 +86,13 @@ Configuration MSFT_xADObjectEnabledState_EnableComputerAccount_Config .SYNOPSIS Clean up the computer account. #> -Configuration MSFT_xADObjectEnabledState_CleanUp_Config +Configuration MSFT_ADObjectEnabledState_CleanUp_Config { - Import-DscResource -ModuleName 'xActiveDirectory' + Import-DscResource -ModuleName 'ActiveDirectoryDsc' node $AllNodes.NodeName { - xADComputer 'RemoveComputerAccount' + ADComputer 'RemoveComputerAccount' { Ensure = 'Absent' ComputerName = $Node.ComputerName diff --git a/Tests/Integration/MSFT_ADUser.Integration.Tests.ps1 b/Tests/Integration/MSFT_ADUser.Integration.Tests.ps1 new file mode 100644 index 000000000..60201247e --- /dev/null +++ b/Tests/Integration/MSFT_ADUser.Integration.Tests.ps1 @@ -0,0 +1,143 @@ +if ($env:APPVEYOR -eq $true) +{ + Write-Warning -Message 'Integration test is not supported in AppVeyor.' + return +} + +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceFriendlyName = 'ADUser' +$script:dscResourceName = "MSFT_$($script:dscResourceFriendlyName)" + +#region HEADER +# Integration Test Template Version: 1.3.3 +[System.String] $script:moduleRoot = Split-Path -Parent (Split-Path -Parent $PSScriptRoot) +if ( (-not (Test-Path -Path (Join-Path -Path $script:moduleRoot -ChildPath 'DSCResource.Tests'))) -or ` + (-not (Test-Path -Path (Join-Path -Path $script:moduleRoot -ChildPath 'DSCResource.Tests\TestHelper.psm1'))) ) +{ + & git @('clone', 'https://github.com/PowerShell/DscResource.Tests.git', (Join-Path -Path $script:moduleRoot -ChildPath 'DscResource.Tests')) +} + +Import-Module -Name (Join-Path -Path $script:moduleRoot -ChildPath (Join-Path -Path 'DSCResource.Tests' -ChildPath 'TestHelper.psm1')) -Force +$TestEnvironment = Initialize-TestEnvironment ` + -DSCModuleName $script:dscModuleName ` + -DSCResourceName $script:dscResourceName ` + -TestType Integration +#endregion + +try +{ + $configFile = Join-Path -Path $PSScriptRoot -ChildPath "$($script:dscResourceName).config.ps1" + . $configFile + + Describe "$($script:dscResourceName)_Integration" { + BeforeAll { + $resourceId = "[$($script:dscResourceFriendlyName)]Integration_Test" + } + + $configurationName = "$($script:dscResourceName)_CreateUser1_Config" + + Context ('When using configuration {0}' -f $configurationName) { + It 'Should compile and apply the MOF without throwing' { + { + $configurationParameters = @{ + OutputPath = $TestDrive + # The variable $ConfigurationData was dot-sourced above. + ConfigurationData = $ConfigurationData + } + + & $configurationName @configurationParameters + + $startDscConfigurationParameters = @{ + Path = $TestDrive + ComputerName = 'localhost' + Wait = $true + Verbose = $true + Force = $true + ErrorAction = 'Stop' + } + + Start-DscConfiguration @startDscConfigurationParameters + } | Should -Not -Throw + } + + It 'Should be able to call Get-DscConfiguration without throwing' { + { + $script:currentConfiguration = Get-DscConfiguration -Verbose -ErrorAction Stop + } | Should -Not -Throw + } + + It 'Should have set the resource and all the parameters should match' { + $resourceCurrentState = $script:currentConfiguration | Where-Object -FilterScript { + $_.ConfigurationName -eq $configurationName ` + -and $_.ResourceId -eq $resourceId + } + + $resourceCurrentState.Ensure | Should -Be 'Present' + $resourceCurrentState.UserName | Should -Be $ConfigurationData.AllNodes.UserName1 + $resourceCurrentState.UserPrincipalName | Should -Be $ConfigurationData.AllNodes.UserName1 + $resourceCurrentState.DisplayName | Should -Be $ConfigurationData.AllNodes.DisplayName1 + $resourceCurrentState.Credential | Should -BeNullOrEmpty + } + + It 'Should return $true when Test-DscConfiguration is run' { + Test-DscConfiguration -Verbose | Should -BeTrue + } + } + + $configurationName = "$($script:dscResourceName)_RemoveUser1_Config" + + Context ('When using configuration {0}' -f $configurationName) { + It 'Should compile and apply the MOF without throwing' { + { + $configurationParameters = @{ + OutputPath = $TestDrive + # The variable $ConfigurationData was dot-sourced above. + ConfigurationData = $ConfigurationData + } + + & $configurationName @configurationParameters + + $startDscConfigurationParameters = @{ + Path = $TestDrive + ComputerName = 'localhost' + Wait = $true + Verbose = $true + Force = $true + ErrorAction = 'Stop' + } + + Start-DscConfiguration @startDscConfigurationParameters + } | Should -Not -Throw + } + + It 'Should be able to call Get-DscConfiguration without throwing' { + { + $script:currentConfiguration = Get-DscConfiguration -Verbose -ErrorAction Stop + } | Should -Not -Throw + } + + It 'Should have set the resource and all the parameters should match' { + $resourceCurrentState = $script:currentConfiguration | Where-Object -FilterScript { + $_.ConfigurationName -eq $configurationName ` + -and $_.ResourceId -eq $resourceId + } + + $resourceCurrentState.Ensure | Should -Be 'Absent' + $resourceCurrentState.UserName | Should -Be $ConfigurationData.AllNodes.UserName1 + $resourceCurrentState.UserPrincipalName | Should -BeNullOrEmpty + $resourceCurrentState.DisplayName | Should -BeNullOrEmpty + $resourceCurrentState.Credential | Should -BeNullOrEmpty + } + + It 'Should return $true when Test-DscConfiguration is run' { + Test-DscConfiguration -Verbose | Should -BeTrue + } + } + } +} +finally +{ + #region FOOTER + Restore-TestEnvironment -TestEnvironment $TestEnvironment + #endregion +} diff --git a/Tests/Integration/MSFT_ADUser.config.ps1 b/Tests/Integration/MSFT_ADUser.config.ps1 new file mode 100644 index 000000000..94f056442 --- /dev/null +++ b/Tests/Integration/MSFT_ADUser.config.ps1 @@ -0,0 +1,103 @@ +#region HEADER +# Integration Test Config Template Version: 1.2.0 +#endregion + +$configFile = [System.IO.Path]::ChangeExtension($MyInvocation.MyCommand.Path, 'json') +if (Test-Path -Path $configFile) +{ + <# + Allows reading the configuration data from a JSON file, for real testing + scenarios outside of the CI. + #> + $ConfigurationData = Get-Content -Path $configFile | ConvertFrom-Json +} +else +{ + $currentDomain = Get-ADDomain + $netBiosDomainName = $currentDomain.NetBIOSName + if ($currentDomain.ComputersContainer -match 'DC=.+') + { + $domainDistinguishedName = $matches[0] + } + + $ConfigurationData = @{ + AllNodes = @( + @{ + NodeName = 'localhost' + CertificateFile = $env:DscPublicCertificatePath + + DomainDistinguishedName = $domainDistinguishedName + NetBIOSName = $netBiosDomainName + + UserName1 = 'DscTestUser1' + DisplayName1 = 'Dsc Test User 1' + + Password = New-Object ` + -TypeName System.Management.Automation.PSCredential ` + -ArgumentList @( + 'AnyName', + (ConvertTo-SecureString -String 'P@ssW0rd1' -AsPlainText -Force) + ) + + AdministratorUserName = ('{0}\Administrator' -f $netBiosDomainName) + AdministratorPassword = 'P@ssw0rd1' + } + ) + } +} + +<# + .SYNOPSIS + Removes a user account. +#> +Configuration MSFT_ADUser_CreateUser1_Config +{ + Import-DscResource -ModuleName 'ActiveDirectoryDsc' + + node $AllNodes.NodeName + { + ADUser 'Integration_Test' + { + # Using distinguished name for DomainName - Regression test for issue #451. + DomainName = $Node.DomainDistinguishedName + UserName = $Node.UserName1 + UserPrincipalName = $Node.UserName1 + DisplayName = $Node.DisplayName1 + PasswordNeverExpires = $true + Password = $Node.Password + + Credential = New-Object ` + -TypeName System.Management.Automation.PSCredential ` + -ArgumentList @( + $Node.AdministratorUserName, + (ConvertTo-SecureString -String $Node.AdministratorPassword -AsPlainText -Force) + ) + } + } +} + +<# + .SYNOPSIS + Creates a user account with a password that never expires. +#> +Configuration MSFT_ADUser_RemoveUser1_Config +{ + Import-DscResource -ModuleName 'ActiveDirectoryDsc' + + node $AllNodes.NodeName + { + ADUser 'Integration_Test' + { + Ensure = 'Absent' + DomainName = $Node.DomainDistinguishedName + UserName = $Node.UserName1 + + Credential = New-Object ` + -TypeName System.Management.Automation.PSCredential ` + -ArgumentList @( + $Node.AdministratorUserName, + (ConvertTo-SecureString -String $Node.AdministratorPassword -AsPlainText -Force) + ) + } + } +} diff --git a/Tests/Unit/xActiveDirectory.Common.Tests.ps1 b/Tests/Unit/ActiveDirectory.Common.Tests.ps1 similarity index 97% rename from Tests/Unit/xActiveDirectory.Common.Tests.ps1 rename to Tests/Unit/ActiveDirectory.Common.Tests.ps1 index 6d82bb66e..8300cc423 100644 --- a/Tests/Unit/xActiveDirectory.Common.Tests.ps1 +++ b/Tests/Unit/ActiveDirectory.Common.Tests.ps1 @@ -1,8 +1,8 @@ -# Import the xActiveDirectory.Common module to test +# Import the ActiveDirectoryDsc.Common module to test $script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent -$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules\xActiveDirectory.Common' +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules\ActiveDirectoryDsc.Common' -Import-Module -Name (Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common.psm1') -Force +Import-Module -Name (Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common.psm1') -Force # If one type does not exist, it's assumed the other ones does not exist either. if (-not ('Microsoft.DirectoryServices.Deployment.Types.ForestMode' -as [Type])) @@ -16,8 +16,8 @@ if (-not ('Microsoft.ActiveDirectory.Management.ADForestMode' -as [Type])) Add-Type -Path (Join-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -ChildPath 'Unit\Stubs\Microsoft.ActiveDirectory.Management.cs') } -InModuleScope 'xActiveDirectory.Common' { - Describe 'xActiveDirectory.Common\Test-DscParameterState' -Tag TestDscParameterState { +InModuleScope 'ActiveDirectoryDsc.Common' { + Describe 'ActiveDirectoryDsc.Common\Test-DscParameterState' -Tag TestDscParameterState { Context 'When passing values' { It 'Should return true for two identical tables' { $mockDesiredValues = @{ Example = 'test' } @@ -369,7 +369,7 @@ InModuleScope 'xActiveDirectory.Common' { Assert-VerifiableMock } - Describe 'xActiveDirectory.Common\Get-LocalizedData' { + Describe 'ActiveDirectoryDsc.Common\Get-LocalizedData' { $mockTestPath = { return $mockTestPathReturnValue } @@ -463,7 +463,7 @@ InModuleScope 'xActiveDirectory.Common' { Assert-VerifiableMock } - Describe 'xActiveDirectory.Common\New-InvalidResultException' { + Describe 'ActiveDirectoryDsc.Common\New-InvalidResultException' { Context 'When calling with Message parameter only' { It 'Should throw the correct error' { $mockErrorMessage = 'Mocked error' @@ -487,7 +487,7 @@ InModuleScope 'xActiveDirectory.Common' { Assert-VerifiableMock } - Describe 'xActiveDirectory.Common\New-ObjectNotFoundException' { + Describe 'ActiveDirectoryDsc.Common\New-ObjectNotFoundException' { Context 'When calling with Message parameter only' { It 'Should throw the correct error' { $mockErrorMessage = 'Mocked error' @@ -511,7 +511,7 @@ InModuleScope 'xActiveDirectory.Common' { Assert-VerifiableMock } - Describe 'xActiveDirectory.Common\New-InvalidOperationException' { + Describe 'ActiveDirectoryDsc.Common\New-InvalidOperationException' { Context 'When calling with Message parameter only' { It 'Should throw the correct error' { $mockErrorMessage = 'Mocked error' @@ -535,7 +535,7 @@ InModuleScope 'xActiveDirectory.Common' { Assert-VerifiableMock } - Describe 'xActiveDirectory.Common\New-InvalidArgumentException' { + Describe 'ActiveDirectoryDsc.Common\New-InvalidArgumentException' { Context 'When calling with both the Message and ArgumentName parameter' { It 'Should throw the correct error' { $mockErrorMessage = 'Mocked error' @@ -575,7 +575,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Resolve-DomainFQDN' { + Describe 'ActiveDirectoryDsc.Common\Resolve-DomainFQDN' { It 'Returns "DomainName" when "ParentDomainName" not supplied' { $testDomainName = 'contoso.com' $testParentDomainName = $null @@ -595,7 +595,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Test-DomainMember' { + Describe 'ActiveDirectoryDsc.Common\Test-DomainMember' { It 'Returns "True" when domain member' { Mock -CommandName Get-CimInstance -MockWith { return @{ @@ -618,7 +618,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Get-DomainName' { + Describe 'ActiveDirectoryDsc.Common\Get-DomainName' { It 'Returns expected domain name' { Mock -CommandName Get-CimInstance -MockWith { return @{ @@ -631,7 +631,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Assert-Module' { + Describe 'ActiveDirectoryDsc.Common\Assert-Module' { BeforeAll { $testModuleName = 'TestModule' } @@ -674,7 +674,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Get-ADObjectParentDN' { + Describe 'ActiveDirectoryDsc.Common\Get-ADObjectParentDN' { It 'Returns CN object parent path' { Get-ADObjectParentDN -DN 'CN=Administrator,CN=Users,DC=contoso,DC=com' | Should -Be 'CN=Users,DC=contoso,DC=com' } @@ -684,7 +684,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Remove-DuplicateMembers' { + Describe 'ActiveDirectoryDsc.Common\Remove-DuplicateMembers' { It 'Removes one duplicate' { $members = Remove-DuplicateMembers -Members 'User1','User2','USER1' @@ -710,7 +710,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Test-Members' { + Describe 'ActiveDirectoryDsc.Common\Test-Members' { It 'Passes when nothing is passed' { Test-Members -ExistingMembers $null | Should -Be $true } @@ -862,7 +862,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Assert-MemberParameters' { + Describe 'ActiveDirectoryDsc.Common\Assert-MemberParameters' { It 'Should throw if parameter Members is specified but is empty' { { Assert-MemberParameters -Members @() @@ -894,7 +894,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\ConvertTo-Timespan' { + Describe 'ActiveDirectoryDsc.Common\ConvertTo-Timespan' { It "Returns 'System.TimeSpan' object type" { $testIntTimeSpan = 60 @@ -936,7 +936,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\ConvertFrom-Timespan' { + Describe 'ActiveDirectoryDsc.Common\ConvertFrom-Timespan' { It "Returns 'System.UInt32' object type" { $testIntTimeSpan = 60 $testTimeSpan = New-TimeSpan -Seconds $testIntTimeSpan @@ -983,7 +983,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Get-ADCommonParameters' { + Describe 'ActiveDirectoryDsc.Common\Get-ADCommonParameters' { It "Returns 'System.Collections.Hashtable' object type" { $testIdentity = 'contoso.com' @@ -1091,15 +1091,6 @@ InModuleScope 'xActiveDirectory.Common' { $result['Server'] | Should -Be $testServer } - It "Converts 'DomainAdministratorCredential' parameter to 'Credential' key" { - $testIdentity = 'contoso.com' - $testCredential = [System.Management.Automation.PSCredential]::Empty - - $result = Get-ADCommonParameters -Identity $testIdentity -DomainAdministratorCredential $testCredential - - $result['Credential'] | Should -Be $testCredential - } - It "Converts 'DomainController' parameter to 'Server' key" { $testIdentity = 'contoso.com' $testServer = 'testserver.contoso.com' @@ -1118,7 +1109,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\ConvertTo-DeploymentForestMode' { + Describe 'ActiveDirectoryDsc.Common\ConvertTo-DeploymentForestMode' { It 'Converts an Microsoft.ActiveDirectory.Management.ForestMode to Microsoft.DirectoryServices.Deployment.Types.ForestMode' { ConvertTo-DeploymentForestMode -Mode Windows2012Forest | Should -BeOfType [Microsoft.DirectoryServices.Deployment.Types.ForestMode] } @@ -1156,7 +1147,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\ConvertTo-DeploymentDomainMode' { + Describe 'ActiveDirectoryDsc.Common\ConvertTo-DeploymentDomainMode' { It 'Converts an Microsoft.ActiveDirectory.Management.DomainMode to Microsoft.DirectoryServices.Deployment.Types.DomainMode' { ConvertTo-DeploymentDomainMode -Mode Windows2012Domain | Should -BeOfType [Microsoft.DirectoryServices.Deployment.Types.DomainMode] } @@ -1194,7 +1185,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Restore-ADCommonObject' { + Describe 'ActiveDirectoryDsc.Common\Restore-ADCommonObject' { $getAdObjectReturnValue = @( [PSCustomObject] @{ Deleted = $true @@ -1280,7 +1271,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Get-ADDomainNameFromDistinguishedName' { + Describe 'ActiveDirectoryDsc.Common\Get-ADDomainNameFromDistinguishedName' { $validDistinguishedNames = @( @{ DN = 'CN=group1,OU=Group,OU=Wacken,DC=contoso,DC=com' @@ -1321,7 +1312,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Add-ADCommonGroupMember' { + Describe 'ActiveDirectoryDsc.Common\Add-ADCommonGroupMember' { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ActiveDirectory' } $memberData = @( @@ -1446,7 +1437,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Get-DomainControllerObject' { + Describe 'ActiveDirectoryDsc.Common\Get-DomainControllerObject' { Context 'When domain name cannot be reached' { BeforeAll { Mock -CommandName Get-ADDomainController -MockWith { @@ -1543,7 +1534,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Test-IsDomainController' { + Describe 'ActiveDirectoryDsc.Common\Test-IsDomainController' { Context 'When operating system information says the node is a domain controller' { BeforeAll { Mock -CommandName Get-CimInstance -MockWith { @@ -1579,7 +1570,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Convert-PropertyMapToObjectProperties' { + Describe 'ActiveDirectoryDsc.Common\Convert-PropertyMapToObjectProperties' { Context 'When a property map should be converted to object properties' { BeforeAll { $propertyMapValue = @( @@ -1773,7 +1764,7 @@ InModuleScope 'xActiveDirectory.Common' { Assert-VerifiableMock } - Describe 'xActiveDirectory.Common\Compare-ResourcePropertyState' { + Describe 'ActiveDirectoryDsc.Common\Compare-ResourcePropertyState' { Context 'When one property is in desired state' { BeforeAll { $mockCurrentValues = @{ @@ -2018,7 +2009,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Assert-ADPSDrive' { + Describe 'ActiveDirectoryDsc.Common\Assert-ADPSDrive' { Mock -CommandName Assert-Module Context 'When the AD PS Drive does not exist and the New-PSDrive function is successful' { @@ -2086,7 +2077,7 @@ InModuleScope 'xActiveDirectory.Common' { } - Describe 'xActiveDirectory.Common\Test-ADReplicationSite' { + Describe 'ActiveDirectoryDsc.Common\Test-ADReplicationSite' { BeforeAll { function Get-ADDomainController { @@ -2134,7 +2125,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\New-CimCredentialInstance' { + Describe 'ActiveDirectoryDsc.Common\New-CimCredentialInstance' { Context 'When creating a new MSFT_Credential CIM instance credential object' { BeforeAll { $mockAdministratorUser = 'admin@contoso.com' @@ -2155,7 +2146,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\Add-TypeAssembly' { + Describe 'ActiveDirectoryDsc.Common\Add-TypeAssembly' { Context 'When assembly fails to load' { BeforeAll { Mock -CommandName Add-Type -MockWith { @@ -2205,7 +2196,7 @@ InModuleScope 'xActiveDirectory.Common' { } } - Describe 'xActiveDirectory.Common\New-ADDirectoryContext' { + Describe 'ActiveDirectoryDsc.Common\New-ADDirectoryContext' { Context 'When creating a new Active Directory context' { BeforeAll { # This credential object must be created before we mock New-Object. diff --git a/Tests/Unit/MSFT_xADComputer.Tests.ps1 b/Tests/Unit/MSFT_ADComputer.Tests.ps1 similarity index 82% rename from Tests/Unit/MSFT_xADComputer.Tests.ps1 rename to Tests/Unit/MSFT_ADComputer.Tests.ps1 index 4a07e3672..3aebc6b2c 100644 --- a/Tests/Unit/MSFT_xADComputer.Tests.ps1 +++ b/Tests/Unit/MSFT_ADComputer.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADComputer' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADComputer' #region HEADER @@ -73,7 +73,7 @@ try $mockCredentialUserName, $mockCredentialPassword ) - Describe 'MSFT_xADComputer\Get-TargetResource' -Tag 'Get' { + Describe 'MSFT_ADComputer\Get-TargetResource' -Tag 'Get' { BeforeAll { Mock -CommandName Assert-Module @@ -115,26 +115,6 @@ try } } - Context 'When the the parameter Enabled is used' { - BeforeAll { - Mock -CommandName Get-ADComputer -MockWith $mockGetADComputer - Mock -CommandName Write-Warning - - $getTargetResourceParameters = @{ - ComputerName = $mockComputerNamePresent - Enabled = $true - Verbose = $true - } - } - - It 'Should return the state as present, but write a warning message' { - $getTargetResourceResult = Get-TargetResource @getTargetResourceParameters - $getTargetResourceResult.Ensure | Should -Be 'Present' - - Assert-MockCalled -CommandName Write-Warning -Exactly -Times 1 -Scope It - } - } - Context 'When the system is in the desired state' { Context 'When the computer account is absent in Active Directory' { BeforeAll { @@ -143,13 +123,13 @@ try } $getTargetResourceParameters = @{ - ComputerName = $mockComputerNamePresent - DomainController = 'DC01' - DomainAdministratorCredential = $mockCredential - RequestFile = 'TestDrive:\ODJ.txt' - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - Verbose = $true + ComputerName = $mockComputerNamePresent + DomainController = 'DC01' + Credential = $mockCredential + RequestFile = 'TestDrive:\ODJ.txt' + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + Verbose = $true } } @@ -163,7 +143,7 @@ try It 'Should return the same values as passed as parameters' { $result = Get-TargetResource @getTargetResourceParameters $result.DomainController | Should -Be $getTargetResourceParameters.DomainController - $result.DomainAdministratorCredential.UserName | Should -Be $getTargetResourceParameters.DomainAdministratorCredential.UserName + $result.Credential.UserName | Should -Be $getTargetResourceParameters.Credential.UserName $result.RequestFile | Should -Be $getTargetResourceParameters.RequestFile $result.RestoreFromRecycleBin | Should -Be $getTargetResourceParameters.RestoreFromRecycleBin $result.EnabledOnCreation | Should -Be $getTargetResourceParameters.EnabledOnCreation @@ -192,13 +172,13 @@ try Mock -CommandName Get-ADComputer -MockWith $mockGetADComputer $getTargetResourceParameters = @{ - ComputerName = $mockComputerNamePresent - DomainController = 'DC01' - DomainAdministratorCredential = $mockCredential - RequestFile = 'TestDrive:\ODJ.txt' - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - Verbose = $true + ComputerName = $mockComputerNamePresent + DomainController = 'DC01' + Credential = $mockCredential + RequestFile = 'TestDrive:\ODJ.txt' + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + Verbose = $true } } @@ -212,7 +192,7 @@ try It 'Should return the same values as passed as parameters' { $result = Get-TargetResource @getTargetResourceParameters $result.DomainController | Should -Be $getTargetResourceParameters.DomainController - $result.DomainAdministratorCredential.UserName | Should -Be $getTargetResourceParameters.DomainAdministratorCredential.UserName + $result.Credential.UserName | Should -Be $getTargetResourceParameters.Credential.UserName $result.RequestFile | Should -Be $getTargetResourceParameters.RequestFile $result.RestoreFromRecycleBin | Should -Be $getTargetResourceParameters.RestoreFromRecycleBin $result.EnabledOnCreation | Should -Be $getTargetResourceParameters.EnabledOnCreation @@ -281,14 +261,14 @@ try } } - Context 'When Get-TargetResource is called with DomainAdministratorCredential parameter' { + Context 'When Get-TargetResource is called with Credential parameter' { BeforeAll { Mock -CommandName Get-ADComputer -MockWith $mockGetADComputer $getTargetResourceParameters = @{ - ComputerName = $mockComputerNamePresent - DomainAdministratorCredential = $mockCredential - Verbose = $true + ComputerName = $mockComputerNamePresent + Credential = $mockCredential + Verbose = $true } } @@ -306,55 +286,55 @@ try } } - Describe 'MSFT_xADComputer\Test-TargetResource' -Tag 'Test' { + Describe 'MSFT_ADComputer\Test-TargetResource' -Tag 'Test' { BeforeAll { Mock -CommandName Assert-Module $mockGetTargetResource_Absent = { return @{ - Ensure = 'Absent' - ComputerName = $null - Location = $null - DnsHostName = $null - ServicePrincipalNames = $null - UserPrincipalName = $null - DisplayName = $null - Path = $null - Description = $null - Enabled = $false - Manager = $null - DomainController = $null - DomainAdministratorCredential = $null - RequestFile = $null - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - DistinguishedName = $null - SID = $null - SamAccountName = $null + Ensure = 'Absent' + ComputerName = $null + Location = $null + DnsHostName = $null + ServicePrincipalNames = $null + UserPrincipalName = $null + DisplayName = $null + Path = $null + Description = $null + Enabled = $false + Manager = $null + DomainController = $null + Credential = $null + RequestFile = $null + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + DistinguishedName = $null + SID = $null + SamAccountName = $null } } $mockGetTargetResource_Present = { return @{ - Ensure = 'Present' - ComputerName = $mockComputerNamePresent - Location = $mockLocation - DnsHostName = $mockDnsHostName - ServicePrincipalNames = $mockServicePrincipalNames - UserPrincipalName = $mockUserPrincipalName - DisplayName = $mockDisplayName - Path = $mockParentContainer - Description = $mockDescription - Enabled = $true - Manager = $mockManagedBy - DomainController = 'DC01' - DomainAdministratorCredential = $mockCredential - RequestFile = 'TestDrive:\ODJ.txt' - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - DistinguishedName = $mockDistinguishedName - SID = $mockSID - SamAccountName = $mockSamAccountName + Ensure = 'Present' + ComputerName = $mockComputerNamePresent + Location = $mockLocation + DnsHostName = $mockDnsHostName + ServicePrincipalNames = $mockServicePrincipalNames + UserPrincipalName = $mockUserPrincipalName + DisplayName = $mockDisplayName + Path = $mockParentContainer + Description = $mockDescription + Enabled = $true + Manager = $mockManagedBy + DomainController = 'DC01' + Credential = $mockCredential + RequestFile = 'TestDrive:\ODJ.txt' + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + DistinguishedName = $mockDistinguishedName + SID = $mockSID + SamAccountName = $mockSamAccountName } } } @@ -384,13 +364,13 @@ try Mock -CommandName Get-TargetResource -MockWith $mockGetTargetResource_Present $testTargetResourceParameters = @{ - ComputerName = $mockComputerNamePresent - DomainController = 'DC01' - DomainAdministratorCredential = $mockCredential - RequestFile = 'TestDrive:\ODJ.txt' - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - Verbose = $true + ComputerName = $mockComputerNamePresent + DomainController = 'DC01' + Credential = $mockCredential + RequestFile = 'TestDrive:\ODJ.txt' + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + Verbose = $true } } @@ -420,30 +400,6 @@ try Assert-MockCalled -CommandName Get-TargetResource -Exactly -Times 1 -Scope It } } - - Context 'When the the parameter Enabled is used' { - BeforeAll { - Mock -CommandName Get-TargetResource -MockWith { - return @{ - Ensure = 'Absent' - } - } - - Mock -CommandName Write-Warning - - $testTargetResourceParameters = @{ - ComputerName = $mockComputerNamePresent - Enabled = $true - Verbose = $true - } - } - - It 'Should return the state as present, but write a warning message' { - { Test-TargetResource @testTargetResourceParameters } | Should -Not -Throw - - Assert-MockCalled -CommandName Write-Warning -Exactly -Times 1 -Scope It - } - } } Context 'When the system is not in the desired state' { @@ -487,8 +443,8 @@ try Context 'When a property is not in desired state' { BeforeAll { - # Mock a specific desired state. - Mock -CommandName Get-TargetResource -MockWith $mockGetTargetResource_Present + # Mock a specific desired state. + Mock -CommandName Get-TargetResource -MockWith $mockGetTargetResource_Present } Context 'When a property should be set to a new non-empty value' { @@ -621,82 +577,57 @@ try } } - Describe 'MSFT_xADComputer\Set-TargetResource' -Tag 'Set' { + Describe 'MSFT_ADComputer\Set-TargetResource' -Tag 'Set' { BeforeAll { Mock -CommandName Assert-Module $mockGetTargetResource_Absent = { return @{ - Ensure = 'Absent' - ComputerName = $null - Location = $null - DnsHostName = $null - ServicePrincipalNames = $null - UserPrincipalName = $null - DisplayName = $null - Path = $null - Description = $null - Enabled = $false - Manager = $null - DomainController = $null - DomainAdministratorCredential = $null - RequestFile = $null - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - DistinguishedName = $null - SID = $null - SamAccountName = $null + Ensure = 'Absent' + ComputerName = $null + Location = $null + DnsHostName = $null + ServicePrincipalNames = $null + UserPrincipalName = $null + DisplayName = $null + Path = $null + Description = $null + Enabled = $false + Manager = $null + DomainController = $null + Credential = $null + RequestFile = $null + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + DistinguishedName = $null + SID = $null + SamAccountName = $null } } $mockGetTargetResource_Present = { return @{ - Ensure = 'Present' - ComputerName = $mockComputerNamePresent - Location = $mockLocation - DnsHostName = $mockDnsHostName - ServicePrincipalNames = $mockServicePrincipalNames_DefaultValues - UserPrincipalName = $mockUserPrincipalName - DisplayName = $mockDisplayName - Path = $mockParentContainer - Description = $mockDescription - Enabled = $true - Manager = $mockManagedBy - DomainController = 'DC01' - DomainAdministratorCredential = $mockCredential - RequestFile = 'TestDrive:\ODJ.txt' - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - DistinguishedName = $mockDistinguishedName - SID = $mockSID - SamAccountName = $mockSamAccountName - } - } - } - - Context 'When the the parameter Enabled is used' { - BeforeAll { - Mock -CommandName Get-TargetResource -MockWith { - return @{ - Ensure = 'Absent' - } - } - - Mock -CommandName Write-Warning - - $setTargetResourceParameters = @{ - Ensure = 'Absent' - ComputerName = $mockComputerNamePresent - Enabled = $true - Verbose = $true + Ensure = 'Present' + ComputerName = $mockComputerNamePresent + Location = $mockLocation + DnsHostName = $mockDnsHostName + ServicePrincipalNames = $mockServicePrincipalNames_DefaultValues + UserPrincipalName = $mockUserPrincipalName + DisplayName = $mockDisplayName + Path = $mockParentContainer + Description = $mockDescription + Enabled = $true + Manager = $mockManagedBy + DomainController = 'DC01' + Credential = $mockCredential + RequestFile = 'TestDrive:\ODJ.txt' + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + DistinguishedName = $mockDistinguishedName + SID = $mockSID + SamAccountName = $mockSamAccountName } } - - It 'Should return the state as present, but write a warning message' { - { Set-TargetResource @setTargetResourceParameters } | Should -Not -Throw - - Assert-MockCalled -CommandName Write-Warning -Exactly -Times 1 -Scope It - } } Context 'When the system is in the desired state' { @@ -733,13 +664,13 @@ try Mock -CommandName Get-TargetResource -MockWith $mockGetTargetResource_Present $setTargetResourceParameters = @{ - ComputerName = $mockComputerNamePresent - DomainController = 'DC01' - DomainAdministratorCredential = $mockCredential - RequestFile = 'TestDrive:\ODJ.txt' - RestoreFromRecycleBin = $false - EnabledOnCreation = $false - Verbose = $true + ComputerName = $mockComputerNamePresent + DomainController = 'DC01' + Credential = $mockCredential + RequestFile = 'TestDrive:\ODJ.txt' + RestoreFromRecycleBin = $false + EnabledOnCreation = $false + Verbose = $true } } diff --git a/Tests/Unit/MSFT_xADDomain.Tests.ps1 b/Tests/Unit/MSFT_ADDomain.Tests.ps1 similarity index 95% rename from Tests/Unit/MSFT_xADDomain.Tests.ps1 rename to Tests/Unit/MSFT_ADDomain.Tests.ps1 index dcee15087..deeb7483e 100644 --- a/Tests/Unit/MSFT_xADDomain.Tests.ps1 +++ b/Tests/Unit/MSFT_ADDomain.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADDomain' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADDomain' #region HEADER @@ -66,12 +66,12 @@ try ) $testDefaultParams = @{ - DomainAdministratorCredential = $testAdminCredential - SafemodeAdministratorPassword = $testAdminCredential + Credential = $testAdminCredential + SafeModeAdministratorPassword = $testAdminCredential } #region Function Get-TargetResource - Describe 'xADDomain\Get-TargetResource' { + Describe 'ADDomain\Get-TargetResource' { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ADDSDeployment' } It 'Calls "Assert-Module" to check "ADDSDeployment" module is installed' { @@ -208,7 +208,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADDomain\Test-TargetResource' { + Describe 'ADDomain\Test-TargetResource' { $correctDomainName = 'present.com' $correctChildDomainName = 'present' $correctDomainNetBIOSName = 'PRESENT' @@ -220,8 +220,8 @@ try ) $testDefaultParams = @{ - DomainAdministratorCredential = $testAdminCredential - SafemodeAdministratorPassword = $testAdminCredential + Credential = $testAdminCredential + SafeModeAdministratorPassword = $testAdminCredential } $stubDomain = @{ @@ -288,7 +288,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADDomain\Set-TargetResource' { + Describe 'ADDomain\Set-TargetResource' { function Install-ADDSForest { param @@ -352,15 +352,15 @@ try $newForestParams = @{ DomainName = $testDomainName - DomainAdministratorCredential = $testAdminCredential - SafemodeAdministratorPassword = $testSafemodeCredential + Credential = $testAdminCredential + SafeModeAdministratorPassword = $testSafemodeCredential } $newDomainParams = @{ DomainName = $testDomainName ParentDomainName = $testParentDomainName - DomainAdministratorCredential = $testAdminCredential - SafemodeAdministratorPassword = $testSafemodeCredential + Credential = $testAdminCredential + SafeModeAdministratorPassword = $testSafemodeCredential } $stubTargetResource = @{ @@ -381,12 +381,12 @@ try Assert-MockCalled -CommandName Install-ADDSForest -ParameterFilter { $DomainName -eq $testDomainName } -Scope It } - It 'Calls "Install-ADDSForest" with "SafemodeAdministratorPassword" when creating forest' { - Mock -CommandName Install-ADDSForest -ParameterFilter { $SafemodeAdministratorPassword -eq $testSafemodePassword } + It 'Calls "Install-ADDSForest" with "SafeModeAdministratorPassword" when creating forest' { + Mock -CommandName Install-ADDSForest -ParameterFilter { $SafeModeAdministratorPassword -eq $testSafemodePassword } Set-TargetResource @newForestParams - Assert-MockCalled -CommandName Install-ADDSForest -ParameterFilter { $SafemodeAdministratorPassword -eq $testSafemodePassword } -Scope It + Assert-MockCalled -CommandName Install-ADDSForest -ParameterFilter { $SafeModeAdministratorPassword -eq $testSafemodePassword } -Scope It } It 'Calls "Install-ADDSForest" with "DnsDelegationCredential" when creating forest, if specified' { @@ -482,12 +482,12 @@ try Assert-MockCalled -CommandName Install-ADDSDomain -ParameterFilter { $DomainType -eq 'ChildDomain' } -Scope It } - It 'Calls "Install-ADDSDomain" with "SafemodeAdministratorPassword" when creating child domain' { - Mock -CommandName Install-ADDSDomain -ParameterFilter { $SafemodeAdministratorPassword -eq $testSafemodePassword } + It 'Calls "Install-ADDSDomain" with "SafeModeAdministratorPassword" when creating child domain' { + Mock -CommandName Install-ADDSDomain -ParameterFilter { $SafeModeAdministratorPassword -eq $testSafemodePassword } Set-TargetResource @newDomainParams - Assert-MockCalled -CommandName Install-ADDSDomain -ParameterFilter { $SafemodeAdministratorPassword -eq $testSafemodePassword } -Scope It + Assert-MockCalled -CommandName Install-ADDSDomain -ParameterFilter { $SafeModeAdministratorPassword -eq $testSafemodePassword } -Scope It } It 'Calls "Install-ADDSDomain" with "Credential" when creating child domain' { diff --git a/Tests/Unit/MSFT_xADDomainController.Tests.ps1 b/Tests/Unit/MSFT_ADDomainController.Tests.ps1 similarity index 98% rename from Tests/Unit/MSFT_xADDomainController.Tests.ps1 rename to Tests/Unit/MSFT_ADDomainController.Tests.ps1 index 7096a65a8..cd93c6120 100644 --- a/Tests/Unit/MSFT_xADDomainController.Tests.ps1 +++ b/Tests/Unit/MSFT_ADDomainController.Tests.ps1 @@ -2,8 +2,8 @@ param () #region HEADER -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADDomainController' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADDomainController' # Unit Test Template Version: 1.2.4 $script:moduleRoot = Split-Path -Parent (Split-Path -Parent $PSScriptRoot) @@ -62,14 +62,14 @@ try $deniedAccount = 'deniedAccount' $testDefaultParams = @{ - DomainAdministratorCredential = $testAdminCredential - SafemodeAdministratorPassword = $testAdminCredential + Credential = $testAdminCredential + SafeModeAdministratorPassword = $testAdminCredential Verbose = $true } $testDefaultParamsRODC = @{ - DomainAdministratorCredential = $testAdminCredential - SafemodeAdministratorPassword = $testAdminCredential + Credential = $testAdminCredential + SafeModeAdministratorPassword = $testAdminCredential Verbose = $true ReadOnlyReplica = $true SiteName = $correctSiteName @@ -134,7 +134,7 @@ try #endregion Pester Test Initialization #region Function Get-TargetResource - Describe 'xADDomainController\Get-TargetResource' -Tag 'Get' { + Describe 'ADDomainController\Get-TargetResource' -Tag 'Get' { Context 'When the domain name is not available' { BeforeAll { Mock -CommandName Get-ADDomain -MockWith { @@ -286,7 +286,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADDomainController\Test-TargetResource' -Tag 'Test' { + Describe 'ADDomainController\Test-TargetResource' -Tag 'Test' { BeforeAll { Mock -CommandName Get-ADDomainControllerPasswordReplicationPolicy -ParameterFilter { $Allowed.IsPresent } -MockWith { return [PSCustomObject]@{ @@ -614,7 +614,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADDomainController\Set-TargetResource' -Tag 'Set' { + Describe 'ADDomainController\Set-TargetResource' -Tag 'Set' { Context 'When the system is not in the desired state' { BeforeAll { Mock -CommandName Install-ADDSDomainController @@ -1015,7 +1015,7 @@ try } #endregion - Describe 'xADDomainController\Get-MembersToAddAndRemove' -Tag 'Helper' { + Describe 'ADDomainController\Get-MembersToAddAndRemove' -Tag 'Helper' { Context 'When there is one desired member' { Context 'When there are no current members' { Context 'When proving a $null value for CurrentMembers' { diff --git a/Tests/Unit/MSFT_xADDomainDefaultPasswordPolicy.Tests.ps1 b/Tests/Unit/MSFT_ADDomainDefaultPasswordPolicy.Tests.ps1 similarity index 97% rename from Tests/Unit/MSFT_xADDomainDefaultPasswordPolicy.Tests.ps1 rename to Tests/Unit/MSFT_ADDomainDefaultPasswordPolicy.Tests.ps1 index 62d8e716e..beec67f10 100644 --- a/Tests/Unit/MSFT_xADDomainDefaultPasswordPolicy.Tests.ps1 +++ b/Tests/Unit/MSFT_ADDomainDefaultPasswordPolicy.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADDomainDefaultPasswordPolicy' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADDomainDefaultPasswordPolicy' #region HEADER @@ -61,7 +61,7 @@ try } #region Function Get-TargetResource - Describe 'xADDomainDefaultPasswordPolicy\Get-TargetResource' { + Describe 'ADDomainDefaultPasswordPolicy\Get-TargetResource' { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ActiveDirectory' } It 'Calls "Assert-Module" to check "ActiveDirectory" module is installed' { @@ -116,7 +116,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADDomainDefaultPasswordPolicy\Test-TargetResource' { + Describe 'ADDomainDefaultPasswordPolicy\Test-TargetResource' { $testDomainName = 'contoso.com' $testDefaultParams = @{ DomainName = $testDomainName @@ -204,7 +204,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADDomainDefaultPasswordPolicy\Set-TargetResource' { + Describe 'ADDomainDefaultPasswordPolicy\Set-TargetResource' { $testDomainName = 'contoso.com' $testDefaultParams = @{ DomainName = $testDomainName diff --git a/Tests/Unit/MSFT_xADDomainTrust.Tests.ps1 b/Tests/Unit/MSFT_ADDomainTrust.Tests.ps1 similarity index 96% rename from Tests/Unit/MSFT_xADDomainTrust.Tests.ps1 rename to Tests/Unit/MSFT_ADDomainTrust.Tests.ps1 index 3b544a6b2..42c5f585e 100644 --- a/Tests/Unit/MSFT_xADDomainTrust.Tests.ps1 +++ b/Tests/Unit/MSFT_ADDomainTrust.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADDomainTrust' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADDomainTrust' #region HEADER @@ -45,12 +45,12 @@ try $mockCredentialUserName, $mockCredentialPassword ) - Describe 'MSFT_xADDomainTrust\Get-TargetResource' -Tag 'Get' { + Describe 'MSFT_ADDomainTrust\Get-TargetResource' -Tag 'Get' { BeforeAll { $mockDefaultParameters = @{ SourceDomainName = $mockSourceDomainName TargetDomainName = $mockTargetDomainName - TargetDomainAdministratorCredential = $mockCredential + TargetCredential = $mockCredential TrustDirection = 'Outbound' Verbose = $true } @@ -99,7 +99,7 @@ try $getTargetResourceResult = Get-TargetResource @mockGetTargetResourceParameters $getTargetResourceResult.SourceDomainName | Should -Be $mockGetTargetResourceParameters.SourceDomainName $getTargetResourceResult.TargetDomainName | Should -Be $mockGetTargetResourceParameters.TargetDomainName - $getTargetResourceResult.TargetDomainAdministratorCredential.UserName | Should -Be $mockCredential.UserName + $getTargetResourceResult.TargetCredential.UserName | Should -Be $mockCredential.UserName } It 'Should return the correct values for the other properties' { @@ -150,7 +150,7 @@ try $getTargetResourceResult = Get-TargetResource @mockGetTargetResourceParameters $getTargetResourceResult.SourceDomainName | Should -Be $mockGetTargetResourceParameters.SourceDomainName $getTargetResourceResult.TargetDomainName | Should -Be $mockGetTargetResourceParameters.TargetDomainName - $getTargetResourceResult.TargetDomainAdministratorCredential.UserName | Should -Be $mockCredential.UserName + $getTargetResourceResult.TargetCredential.UserName | Should -Be $mockCredential.UserName } It 'Should return the correct values for the other properties' { @@ -199,7 +199,7 @@ try $getTargetResourceResult = Get-TargetResource @mockGetTargetResourceParameters $getTargetResourceResult.SourceDomainName | Should -Be $mockGetTargetResourceParameters.SourceDomainName $getTargetResourceResult.TargetDomainName | Should -Be $mockGetTargetResourceParameters.TargetDomainName - $getTargetResourceResult.TargetDomainAdministratorCredential.UserName | Should -Be $mockCredential.UserName + $getTargetResourceResult.TargetCredential.UserName | Should -Be $mockCredential.UserName } It 'Should return the correct values for the other properties' { @@ -212,12 +212,12 @@ try } - Describe 'MSFT_xADDomainTrust\Test-TargetResource' -Tag 'Test' { + Describe 'MSFT_ADDomainTrust\Test-TargetResource' -Tag 'Test' { BeforeAll { $mockDefaultParameters = @{ SourceDomainName = $mockSourceDomainName TargetDomainName = $mockTargetDomainName - TargetDomainAdministratorCredential = $mockCredential + TargetCredential = $mockCredential Verbose = $true } } @@ -357,12 +357,12 @@ try } } - Describe 'MSFT_xADDomainTrust\Compare-TargetResourceState' -Tag 'Compare' { + Describe 'MSFT_ADDomainTrust\Compare-TargetResourceState' -Tag 'Compare' { BeforeAll { $mockDefaultParameters = @{ SourceDomainName = $mockSourceDomainName TargetDomainName = $mockTargetDomainName - TargetDomainAdministratorCredential = $mockCredential + TargetCredential = $mockCredential Verbose = $true } @@ -371,7 +371,7 @@ try Ensure = 'Absent' SourceDomainName = $mockSourceDomainName TargetDomainName = $mockTargetDomainName - TargetDomainAdministratorCredential = $mockCredential + TargetCredential = $mockCredential TrustDirection = $null TrustType = $null } @@ -382,7 +382,7 @@ try Ensure = 'Present' SourceDomainName = $mockSourceDomainName TargetDomainName = $mockTargetDomainName - TargetDomainAdministratorCredential = $mockCredential + TargetCredential = $mockCredential TrustDirection = 'Outbound' TrustType = 'External' } @@ -561,7 +561,7 @@ try } } - Describe 'MSFT_xADDomainTrust\Set-TargetResource' -Tag 'Set' { + Describe 'MSFT_ADDomainTrust\Set-TargetResource' -Tag 'Set' { BeforeAll { Mock -CommandName Get-TrustSourceAndTargetObject -MockWith { $mockTrustSource = New-Object -TypeName Object | @@ -583,7 +583,7 @@ try $mockDefaultParameters = @{ SourceDomainName = $mockSourceDomainName TargetDomainName = $mockTargetDomainName - TargetDomainAdministratorCredential = $mockCredential + TargetCredential = $mockCredential TrustDirection = 'Outbound' Verbose = $true } @@ -888,7 +888,7 @@ try } } - Describe 'MSFT_xADDomainTrust\ConvertTo-DirectoryContextType' -Tag 'Helper' { + Describe 'MSFT_ADDomainTrust\ConvertTo-DirectoryContextType' -Tag 'Helper' { BeforeAll { $testCases = @( @{ @@ -931,7 +931,7 @@ try } } - Describe 'MSFT_xADDomainTrust\Get-TrustSourceAndTargetObject' -Tag 'Helper' { + Describe 'MSFT_ADDomainTrust\Get-TrustSourceAndTargetObject' -Tag 'Helper' { BeforeAll { Mock -CommandName Get-ADDirectoryContext -MockWith { # This should work on any client, domain joined or not. @@ -961,7 +961,7 @@ try $testParameters = @{ SourceDomainName = $mockSourceDomainName TargetDomainName = $mockTargetDomainName - TargetDomainAdministratorCredential = $mockCredential + TargetCredential = $mockCredential TrustType = $TrustType Verbose = $true } diff --git a/Tests/Unit/MSFT_xADForestProperties.Tests.ps1 b/Tests/Unit/MSFT_ADForestProperties.Tests.ps1 similarity index 96% rename from Tests/Unit/MSFT_xADForestProperties.Tests.ps1 rename to Tests/Unit/MSFT_ADForestProperties.Tests.ps1 index 0aa2abedf..fdddbc818 100644 --- a/Tests/Unit/MSFT_xADForestProperties.Tests.ps1 +++ b/Tests/Unit/MSFT_ADForestProperties.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADForestProperties' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADForestProperties' #region HEADER @@ -77,7 +77,7 @@ try Mock -CommandName Assert-Module Mock -CommandName Import-Module - Describe 'MSFT_xADForestProperties\Get-TargetResource' { + Describe 'MSFT_ADForestProperties\Get-TargetResource' { Mock -CommandName Get-ADForest -MockWith { $mockADForestDesiredState } Context 'When used with add/remove parameters' { @@ -113,7 +113,7 @@ try } } - Describe 'MSFT_xADForestProperties\Test-TargetResource' { + Describe 'MSFT_ADForestProperties\Test-TargetResource' { Context 'When target resource in desired state' { Mock -CommandName Get-ADForest -MockWith { $mockADForestDesiredState } @@ -147,7 +147,7 @@ try } } - Describe 'MSFT_xADForestProperties\Set-TargetResource' { + Describe 'MSFT_ADForestProperties\Set-TargetResource' { Context 'When using replace parameters' { Mock -CommandName Set-ADForest -ParameterFilter { ($SpnSuffixes.Replace -join ',') -eq ($replaceParameters.ServicePrincipalNameSuffix -join ',') -and diff --git a/Tests/Unit/MSFT_xADGroup.Tests.ps1 b/Tests/Unit/MSFT_ADGroup.Tests.ps1 similarity index 99% rename from Tests/Unit/MSFT_xADGroup.Tests.ps1 rename to Tests/Unit/MSFT_ADGroup.Tests.ps1 index b70235af2..aaa88c2d1 100644 --- a/Tests/Unit/MSFT_xADGroup.Tests.ps1 +++ b/Tests/Unit/MSFT_ADGroup.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADGroup' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADGroup' #region HEADER @@ -98,7 +98,7 @@ try ) #region Function Get-TargetResource - Describe 'xADGroup\Get-TargetResource' { + Describe 'ADGroup\Get-TargetResource' { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ActiveDirectory' } It 'Calls "Assert-Module" to check AD module is installed' { @@ -164,7 +164,7 @@ try #end region #region Function Test-TargetResource - Describe 'xADGroup\Test-TargetResource' { + Describe 'ADGroup\Test-TargetResource' { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ActiveDirectory' } foreach ($attribute in @('SamAccountName','DistinguishedName','ObjectGUID','SID')) @@ -332,7 +332,7 @@ try #end region #region Function Set-TargetResource - Describe 'xADGroup\Set-TargetResource' { + Describe 'ADGroup\Set-TargetResource' { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ActiveDirectory' } It "Calls 'New-ADGroup' when 'Ensure' is 'Present' and the group does not exist" { diff --git a/Tests/Unit/MSFT_xADKDSKey.Tests.ps1 b/Tests/Unit/MSFT_ADKDSKey.Tests.ps1 similarity index 98% rename from Tests/Unit/MSFT_xADKDSKey.Tests.ps1 rename to Tests/Unit/MSFT_ADKDSKey.Tests.ps1 index 3d4438768..b3b8dbd64 100644 --- a/Tests/Unit/MSFT_xADKDSKey.Tests.ps1 +++ b/Tests/Unit/MSFT_ADKDSKey.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADKDSKey' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADKDSKey' #region HEADER @@ -153,7 +153,7 @@ try ) #region Function Assert-HasDomainAdminRights - Describe -Name 'MSFT_xADKDSKey\Assert-HasDomainAdminRights' { + Describe -Name 'MSFT_ADKDSKey\Assert-HasDomainAdminRights' { Context 'When Assert-HasDomainAdminRights returns true' { Context 'When the user has proper permissions' { BeforeAll { @@ -243,7 +243,7 @@ try #endregion Function Assert-HasDomainAdminRights #region Function Get-ADRootDomainDN - Describe -Name 'MSFT_xADKDSKey\Get-ADRootDomainDN' { + Describe -Name 'MSFT_ADKDSKey\Get-ADRootDomainDN' { BeforeAll { Mock -CommandName New-Object -MockWith { $object = [PSCustomObject] @{} @@ -260,7 +260,7 @@ try #endregion Function Get-ADRootDomainDN #region Function Get-TargetResource - Describe -Name 'MSFT_xADKDSKey\Get-TargetResource' -Tag 'Get' { + Describe -Name 'MSFT_ADKDSKey\Get-TargetResource' -Tag 'Get' { BeforeAll { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ActiveDirectory' @@ -434,7 +434,7 @@ try #endregion Function Get-TargetResource #region Function Compare-TargetResourceState - Describe -Name 'MSFT_xADKDSKey\Compare-TargetResourceState' -Tag 'Compare' { + Describe -Name 'MSFT_ADKDSKey\Compare-TargetResourceState' -Tag 'Compare' { BeforeAll { Mock -CommandName Get-TargetResource -ParameterFilter { $mockKDSRootKeyFuture.EffectiveTime -eq $EffectiveTime @@ -528,7 +528,7 @@ try #endregion Function Compare-TargetResourceState #region Function Test-TargetResource - Describe -Name 'MSFT_xADKDSKey\Test-TargetResource' -Tag 'Test' { + Describe -Name 'MSFT_ADKDSKey\Test-TargetResource' -Tag 'Test' { Context -Name "When the system is in the desired state and 'Ensure' is 'Present'" { It "Should pass when the Parameters are properly set" { Mock -CommandName Compare-TargetResourceState -MockWith { @@ -620,7 +620,7 @@ try #endregion Function Test-TargetResource #region Function Set-TargetResource - Describe -Name 'MSFT_xADKDSKey\Set-TargetResource' -Tag 'Set' { + Describe -Name 'MSFT_ADKDSKey\Set-TargetResource' -Tag 'Set' { BeforeAll { Mock -CommandName Add-KDSRootKey Mock -CommandName Remove-ADObject diff --git a/Tests/Unit/MSFT_xADManagedServiceAccount.Tests.ps1 b/Tests/Unit/MSFT_ADManagedServiceAccount.Tests.ps1 similarity index 99% rename from Tests/Unit/MSFT_xADManagedServiceAccount.Tests.ps1 rename to Tests/Unit/MSFT_ADManagedServiceAccount.Tests.ps1 index e8c5ba2bc..acf6d74b8 100644 --- a/Tests/Unit/MSFT_xADManagedServiceAccount.Tests.ps1 +++ b/Tests/Unit/MSFT_ADManagedServiceAccount.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADManagedServiceAccount' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADManagedServiceAccount' #region HEADER @@ -295,7 +295,7 @@ try ) #region Function Get-TargetResource - Describe -Name 'MSFT_xADManagedServiceAccount\Get-TargetResource' -Tag 'Get' { + Describe -Name 'MSFT_ADManagedServiceAccount\Get-TargetResource' -Tag 'Get' { BeforeAll { Mock -CommandName Assert-Module -ParameterFilter { $ModuleName -eq 'ActiveDirectory' @@ -456,7 +456,7 @@ try #endregion Function Get-TargetResource #region Function Compare-TargetResourceState - Describe -Name 'MSFT_xADManagedServiceAccount\Compare-TargetResourceState' -Tag 'Compare' { + Describe -Name 'MSFT_ADManagedServiceAccount\Compare-TargetResourceState' -Tag 'Compare' { Context -Name 'When the system is in the desired state (sMSA)' { Mock -CommandName Get-TargetResource -ParameterFilter { $mockSingleServiceAccount.Name -eq $ServiceAccountName @@ -849,7 +849,7 @@ try #endregion Function Compare-TargetResourceState #region Function Test-TargetResource - Describe -Name 'MSFT_xADManagedServiceAccount\Test-TargetResource' -Tag 'Test' { + Describe -Name 'MSFT_ADManagedServiceAccount\Test-TargetResource' -Tag 'Test' { Context -Name "When the system is in the desired state and 'Ensure' is 'Present' (sMSA)" { It "Should pass when the Parameters are properly set" { Mock -CommandName Compare-TargetResourceState -ParameterFilter { @@ -1028,7 +1028,7 @@ try } #endregion Function Test-TargetResource - Describe -Name 'MSFT_xADManagedServiceAccount\New-ADServiceAccountHelper' { + Describe -Name 'MSFT_ADManagedServiceAccount\New-ADServiceAccountHelper' { BeforeAll { Mock -CommandName New-ADServiceAccount } @@ -1069,7 +1069,7 @@ try } #region Function Set-TargetResource - Describe -Name 'MSFT_xADManagedServiceAccount\Set-TargetResource' -Tag 'Set' { + Describe -Name 'MSFT_ADManagedServiceAccount\Set-TargetResource' -Tag 'Set' { BeforeAll { Mock -CommandName New-ADServiceAccountHelper Mock -CommandName Remove-ADServiceAccount diff --git a/Tests/Unit/MSFT_xADObjectEnabledState.Tests.ps1 b/Tests/Unit/MSFT_ADObjectEnabledState.Tests.ps1 similarity index 98% rename from Tests/Unit/MSFT_xADObjectEnabledState.Tests.ps1 rename to Tests/Unit/MSFT_ADObjectEnabledState.Tests.ps1 index dca2fc433..68e8e850b 100644 --- a/Tests/Unit/MSFT_xADObjectEnabledState.Tests.ps1 +++ b/Tests/Unit/MSFT_ADObjectEnabledState.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADObjectEnabledState' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADObjectEnabledState' #region HEADER @@ -50,7 +50,7 @@ try $mockCredentialUserName, $mockCredentialPassword ) - Describe 'MSFT_xADComputer\Get-TargetResource' -Tag 'Get' { + Describe 'MSFT_ADComputer\Get-TargetResource' -Tag 'Get' { BeforeAll { Mock -CommandName Assert-Module } @@ -246,7 +246,7 @@ try } } - Describe 'MSFT_xADComputer\Test-TargetResource' -Tag 'Test' { + Describe 'MSFT_ADComputer\Test-TargetResource' -Tag 'Test' { BeforeAll { Mock -CommandName Assert-Module @@ -356,7 +356,7 @@ try } } - Describe 'MSFT_xADComputer\Set-TargetResource' -Tag 'Set' { + Describe 'MSFT_ADComputer\Set-TargetResource' -Tag 'Set' { BeforeAll { Mock -CommandName Assert-Module Mock -CommandName Set-DscADComputer diff --git a/Tests/Unit/MSFT_xADObjectPermissionEntry.Tests.ps1 b/Tests/Unit/MSFT_ADObjectPermissionEntry.Tests.ps1 similarity index 97% rename from Tests/Unit/MSFT_xADObjectPermissionEntry.Tests.ps1 rename to Tests/Unit/MSFT_ADObjectPermissionEntry.Tests.ps1 index 49579e260..55b6d0f71 100644 --- a/Tests/Unit/MSFT_xADObjectPermissionEntry.Tests.ps1 +++ b/Tests/Unit/MSFT_ADObjectPermissionEntry.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADObjectPermissionEntry' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADObjectPermissionEntry' #region HEADER @@ -93,7 +93,7 @@ try #endregion #region Function Get-TargetResource - Describe 'xADObjectPermissionEntry\Get-TargetResource' { + Describe 'ADObjectPermissionEntry\Get-TargetResource' { Mock -CommandName 'Assert-ADPSDrive' Context 'When the desired ace is present' { @@ -157,7 +157,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADObjectPermissionEntry\Test-TargetResource' { + Describe 'ADObjectPermissionEntry\Test-TargetResource' { Mock -CommandName 'Assert-ADPSDrive' { } Context 'When the desired ace is present' { @@ -213,7 +213,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADObjectPermissionEntry\Set-TargetResource' { + Describe 'ADObjectPermissionEntry\Set-TargetResource' { Mock -CommandName 'Assert-ADPSDrive' Context 'When the desired ace is present' { diff --git a/Tests/Unit/MSFT_xADOrganizationalUnit.Tests.ps1 b/Tests/Unit/MSFT_ADOrganizationalUnit.Tests.ps1 similarity index 98% rename from Tests/Unit/MSFT_xADOrganizationalUnit.Tests.ps1 rename to Tests/Unit/MSFT_ADOrganizationalUnit.Tests.ps1 index fb2ff823e..64590a7ca 100644 --- a/Tests/Unit/MSFT_xADOrganizationalUnit.Tests.ps1 +++ b/Tests/Unit/MSFT_ADOrganizationalUnit.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADOrganizationalUnit' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADOrganizationalUnit' #region HEADER @@ -100,7 +100,7 @@ try } #region Function Get-TargetResource - Describe 'xADOrganizationalUnit\Get-TargetResource' { + Describe 'ADOrganizationalUnit\Get-TargetResource' { It 'Returns a "System.Collections.Hashtable" object type' { Mock -CommandName Assert-Module Mock -CommandName Get-ADOrganizationalUnit -MockWith { return [PSCustomObject] $protectedFakeAdOu } @@ -177,7 +177,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADOrganizationalUnit\Test-TargetResource' { + Describe 'ADOrganizationalUnit\Test-TargetResource' { It 'Returns a "System.Boolean" object type' { Mock -CommandName Assert-Module Mock -CommandName Get-ADOrganizationalUnit -MockWith { return [PSCustomObject] $protectedFakeAdOu } @@ -245,7 +245,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADOrganizationalUnit\Set-TargetResource' { + Describe 'ADOrganizationalUnit\Set-TargetResource' { It 'Calls "New-ADOrganizationalUnit" when "Ensure" = "Present" and OU does not exist' { Mock -CommandName Assert-Module Mock -CommandName Get-ADOrganizationalUnit diff --git a/Tests/Unit/MSFT_xADRecycleBin.Tests.ps1 b/Tests/Unit/MSFT_ADRecycleBin.Tests.ps1 similarity index 97% rename from Tests/Unit/MSFT_xADRecycleBin.Tests.ps1 rename to Tests/Unit/MSFT_ADRecycleBin.Tests.ps1 index adcaf59f0..5896e6e52 100644 --- a/Tests/Unit/MSFT_xADRecycleBin.Tests.ps1 +++ b/Tests/Unit/MSFT_ADRecycleBin.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADRecycleBin' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADRecycleBin' #region HEADER @@ -83,7 +83,7 @@ try DomainNamingMaster = "dc01.$forestFQDN" } - Describe 'MSFT_xADRecycleBin\Get-TargetResource' { + Describe 'MSFT_ADRecycleBin\Get-TargetResource' { Mock -CommandName Get-ADRootDSE -MockWith { $mockRootDSE } Context 'When Recycle Bin feature is installed' { @@ -145,7 +145,7 @@ try } } - Describe 'MSFT_xADRecycleBin\Test-TargetResource' { + Describe 'MSFT_ADRecycleBin\Test-TargetResource' { Mock -CommandName Get-ADRootDSE -MockWith { $mockRootDSE } Context 'When Recycle Bin feature is installed' { @@ -199,7 +199,7 @@ try } } - Describe 'MSFT_xADRecycleBin\Set-TargetResource' { + Describe 'MSFT_ADRecycleBin\Set-TargetResource' { Mock -CommandName Enable-ADOptionalFeature Context 'When minimum forest level is too low' { diff --git a/Tests/Unit/MSFT_xADReplicationSite.Tests.ps1 b/Tests/Unit/MSFT_ADReplicationSite.Tests.ps1 similarity index 96% rename from Tests/Unit/MSFT_xADReplicationSite.Tests.ps1 rename to Tests/Unit/MSFT_ADReplicationSite.Tests.ps1 index 367a8120c..29dd2c654 100644 --- a/Tests/Unit/MSFT_xADReplicationSite.Tests.ps1 +++ b/Tests/Unit/MSFT_ADReplicationSite.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADReplicationSite' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADReplicationSite' #region HEADER @@ -76,7 +76,7 @@ try # #endregion #region Function Get-TargetResource - Describe 'xADReplicationSite\Get-TargetResource' { + Describe 'ADReplicationSite\Get-TargetResource' { It 'Should return a "System.Collections.Hashtable" object type' { # Arrange @@ -118,7 +118,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADReplicationSite\Test-TargetResource' { + Describe 'ADReplicationSite\Test-TargetResource' { It 'Should return a "System.Boolean" object type' { # Arrange @@ -183,7 +183,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADReplicationSite\Set-TargetResource' { + Describe 'ADReplicationSite\Set-TargetResource' { It 'Should add a new site' { # Arrange diff --git a/Tests/Unit/MSFT_xADReplicationSiteLink.tests.ps1 b/Tests/Unit/MSFT_ADReplicationSiteLink.tests.ps1 similarity index 97% rename from Tests/Unit/MSFT_xADReplicationSiteLink.tests.ps1 rename to Tests/Unit/MSFT_ADReplicationSiteLink.tests.ps1 index eb1181377..5984b05d6 100644 --- a/Tests/Unit/MSFT_xADReplicationSiteLink.tests.ps1 +++ b/Tests/Unit/MSFT_ADReplicationSiteLink.tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADReplicationSiteLink' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADReplicationSiteLink' #region HEADER @@ -61,7 +61,7 @@ try $mockADReplicationSiteLinkSitesExcluded = $mockGetADReplicationSiteLinkReturn.Clone() $mockADReplicationSiteLinkSitesExcluded['SitesIncluded'] = $null - Describe 'xADReplicationSiteLink\Get-TargetResource' { + Describe 'ADReplicationSiteLink\Get-TargetResource' { Context 'When sites are included' { Mock -CommandName Get-ADReplicationSiteLink -MockWith { $mockGetADReplicationSiteLinkReturn } @@ -123,7 +123,7 @@ try } } - Describe 'xADReplicationSiteLink\Test-TargetResource' { + Describe 'ADReplicationSiteLink\Test-TargetResource' { Context 'When target resource in desired state' { Mock -CommandName Get-TargetResource -MockWith { $targetResourceParameters } @@ -192,7 +192,7 @@ try } } - Describe 'xADReplicationSiteLink\Set-TargetResource' { + Describe 'ADReplicationSiteLink\Set-TargetResource' { Context 'Site Link is Absent but is desired Present' { Mock -CommandName Get-TargetResource -MockWith { @{ Ensure = 'Absent' } } Mock -CommandName New-ADReplicationSiteLink diff --git a/Tests/Unit/MSFT_xADReplicationSubnet.Tests.ps1 b/Tests/Unit/MSFT_ADReplicationSubnet.Tests.ps1 similarity index 97% rename from Tests/Unit/MSFT_xADReplicationSubnet.Tests.ps1 rename to Tests/Unit/MSFT_ADReplicationSubnet.Tests.ps1 index b6632900a..88aa90ece 100644 --- a/Tests/Unit/MSFT_xADReplicationSubnet.Tests.ps1 +++ b/Tests/Unit/MSFT_ADReplicationSubnet.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADReplicationSubnet' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADReplicationSubnet' #region HEADER @@ -37,7 +37,7 @@ try InModuleScope $script:dscResourceName { #region Function Get-TargetResource - Describe 'xADReplicationSubnet\Get-TargetResource' { + Describe 'ADReplicationSubnet\Get-TargetResource' { $testDefaultParameters = @{ Name = '10.0.0.0/8' Site = 'Default-First-Site-Name' @@ -108,7 +108,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADReplicationSubnet\Test-TargetResource' { + Describe 'ADReplicationSubnet\Test-TargetResource' { $testDefaultParameters = @{ Name = '10.0.0.0/8' @@ -175,7 +175,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADReplicationSubnet\Set-TargetResource' { + Describe 'ADReplicationSubnet\Set-TargetResource' { $testPresentParameters = @{ Ensure = 'Present' Name = '10.0.0.0/8' diff --git a/Tests/Unit/MSFT_xADServicePrincipalName.Tests.ps1 b/Tests/Unit/MSFT_ADServicePrincipalName.Tests.ps1 similarity index 96% rename from Tests/Unit/MSFT_xADServicePrincipalName.Tests.ps1 rename to Tests/Unit/MSFT_ADServicePrincipalName.Tests.ps1 index e8714581d..e4256c79f 100644 --- a/Tests/Unit/MSFT_xADServicePrincipalName.Tests.ps1 +++ b/Tests/Unit/MSFT_ADServicePrincipalName.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADServicePrincipalName' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADServicePrincipalName' #region HEADER @@ -37,7 +37,7 @@ try InModuleScope $script:dscResourceName { #region Function Get-TargetResource - Describe 'xADServicePrincipalName\Get-TargetResource' { + Describe 'ADServicePrincipalName\Get-TargetResource' { $testDefaultParameters = @{ ServicePrincipalName = 'HOST/demo' } @@ -92,7 +92,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADServicePrincipalName\Test-TargetResource' { + Describe 'ADServicePrincipalName\Test-TargetResource' { $testDefaultParameters = @{ ServicePrincipalName = 'HOST/demo' Account = 'User' @@ -177,7 +177,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADServicePrincipalName\Set-TargetResource' { + Describe 'ADServicePrincipalName\Set-TargetResource' { $testPresentParams = @{ Ensure = 'Present' ServicePrincipalName = 'HOST/demo' diff --git a/Tests/Unit/MSFT_xADUser.Tests.ps1 b/Tests/Unit/MSFT_ADUser.Tests.ps1 similarity index 98% rename from Tests/Unit/MSFT_xADUser.Tests.ps1 rename to Tests/Unit/MSFT_ADUser.Tests.ps1 index 16e0352a9..3032ba6c2 100644 --- a/Tests/Unit/MSFT_xADUser.Tests.ps1 +++ b/Tests/Unit/MSFT_ADUser.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xADUser' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_ADUser' #region HEADER @@ -73,7 +73,7 @@ try $testArrayProperties = @('ServicePrincipalNames', 'ProxyAddresses') #region Function Get-TargetResource - Describe 'xADUser\Get-TargetResource' { + Describe 'ADUser\Get-TargetResource' { It "Returns a 'System.Collections.Hashtable' object type" { Mock -CommandName Get-ADUser -MockWith { return [PSCustomObject] $fakeADUser } @@ -113,10 +113,10 @@ try Assert-MockCalled -CommandName Get-ADUser -ParameterFilter { $Server -eq $testDomainController } -Scope It } - It "Calls 'Get-ADUser' with 'Credential' parameter when 'DomainAdministratorCredential' specified" { + It "Calls 'Get-ADUser' with 'Credential' parameter when 'Credential' specified" { Mock -CommandName Get-ADUser -ParameterFilter { $Credential -eq $testCredential } -MockWith { return [PSCustomObject] $fakeADUser } - Get-TargetResource @testPresentParams -DomainAdministratorCredential $testCredential + Get-TargetResource @testPresentParams -Credential $testCredential Assert-MockCalled -CommandName Get-ADUser -ParameterFilter { $Credential -eq $testCredential } -Scope It } @@ -152,7 +152,7 @@ try #endregion #region Function Test-TargetResource - Describe 'xADUser\Test-TargetResource' { + Describe 'ADUser\Test-TargetResource' { It "Passes when user account does not exist and 'Ensure' is 'Absent'" { Mock -CommandName Get-TargetResource -MockWith { return $testAbsentParams } @@ -525,7 +525,7 @@ try #endregion #region Function Set-TargetResource - Describe 'xADUser\Set-TargetResource' { + Describe 'ADUser\Set-TargetResource' { It "Calls 'New-ADUser' when 'Ensure' is 'Present' and the account does not exist" { $newUserName = 'NewUser' $newAbsentParams = $testAbsentParams.Clone() @@ -599,15 +599,15 @@ try Assert-MockCalled -CommandName Set-ADAccountPassword -Scope It -Times 0 } - It "Calls 'Test-Password' with the correct parameters when 'DomainAdministratorCredential' is specified" { + It "Calls 'Test-Password' with the correct parameters when 'Credential' is specified" { Mock -CommandName Get-ADUser -MockWith { return $fakeADUser } Mock -CommandName Set-ADUser Mock -CommandName Set-ADAccountPassword -ParameterFilter { $NewPassword -eq $testCredential.Password } - Mock -CommandName Test-Password -ParameterFilter { $DomainAdministratorCredential -eq $testCredential } -MockWith { $true } + Mock -CommandName Test-Password -ParameterFilter { $Credential -eq $testCredential } -MockWith { $true } - Set-TargetResource @testPresentParams -Password $testCredential -DomainAdministratorCredential $testCredential + Set-TargetResource @testPresentParams -Password $testCredential -Credential $testCredential - Assert-MockCalled -CommandName Test-Password -ParameterFilter { $DomainAdministratorCredential -eq $testCredential } -Scope It -Exactly 1 + Assert-MockCalled -CommandName Test-Password -ParameterFilter { $Credential -eq $testCredential } -Scope It -Exactly 1 } It "Should call 'Set-ADUser' with 'Replace' when existing mismatched AD property is null" { @@ -890,7 +890,7 @@ try #endregion #region Function Assert-TargetResource - Describe 'xADUser\Assert-Parameters' { + Describe 'ADUser\Assert-Parameters' { It 'Should not throw when both parameters PasswordNeverExpires and CannotChangePassword are specified' { { Assert-Parameters -PasswordNeverExpires $true -CannotChangePassword $true } | Should -Not -Throw } diff --git a/Tests/Unit/MSFT_xWaitForADDomain.Tests.ps1 b/Tests/Unit/MSFT_WaitForADDomain.Tests.ps1 similarity index 96% rename from Tests/Unit/MSFT_xWaitForADDomain.Tests.ps1 rename to Tests/Unit/MSFT_WaitForADDomain.Tests.ps1 index 6dc3223fb..acd031149 100644 --- a/Tests/Unit/MSFT_xWaitForADDomain.Tests.ps1 +++ b/Tests/Unit/MSFT_WaitForADDomain.Tests.ps1 @@ -1,5 +1,5 @@ -$script:dscModuleName = 'xActiveDirectory' -$script:dscResourceName = 'MSFT_xWaitForADDomain' +$script:dscModuleName = 'ActiveDirectoryDsc' +$script:dscResourceName = 'MSFT_WaitForADDomain' #region HEADER @@ -60,7 +60,7 @@ try $fakeDomainObject = @{Name = $domainName} #region Function Get-TargetResource - Describe 'xWaitForADDomain\Get-TargetResource' { + Describe 'WaitForADDomain\Get-TargetResource' { It 'Returns a "System.Collections.Hashtable" object type' { Mock -CommandName Get-Domain -MockWith {return $fakeDomainObject} $targetResource = Get-TargetResource @testParams @@ -83,7 +83,7 @@ try #region Function Test-TargetResource - Describe 'xWaitForADDomain\Test-TargetResource' { + Describe 'WaitForADDomain\Test-TargetResource' { It 'Returns a "System.Boolean" object type' { Mock -CommandName Get-Domain -MockWith {return $fakeDomainObject} $targetResource = Test-TargetResource @testParams @@ -104,7 +104,7 @@ try #region Function Set-TargetResource - Describe 'xWaitForADDomain\Set-TargetResource' { + Describe 'WaitForADDomain\Set-TargetResource' { BeforeEach{ $global:DSCMachineStatus = $null } diff --git a/Tests/Unit/Stubs/Microsoft.ActiveDirectory.Management.cs b/Tests/Unit/Stubs/Microsoft.ActiveDirectory.Management.cs index 909be309e..9a100357b 100644 --- a/Tests/Unit/Stubs/Microsoft.ActiveDirectory.Management.cs +++ b/Tests/Unit/Stubs/Microsoft.ActiveDirectory.Management.cs @@ -115,7 +115,7 @@ public class ADReplicationSite string site; public ADReplicationSite(System.String s){ site = s; } - // Added so that MSFT_xADDomainController unit test works + // Added so that MSFT_ADDomainController unit test works // 'When a domain controller is in the wrong site' // 'Should call the correct mocks to move the domain controller to the correct site'