diff --git a/.MetaTestOptIn.json b/.MetaTestOptIn.json index df73b260b..9f17a4bfb 100644 --- a/.MetaTestOptIn.json +++ b/.MetaTestOptIn.json @@ -7,5 +7,7 @@ "Common Tests - Validate Markdown Files", "Common Tests - Custom Script Analyzer Rules", "Common Tests - Required Script Analyzer Rules", - "Common Tests - Flagged Script Analyzer Rules" + "Common Tests - Flagged Script Analyzer Rules", + "Common Tests - Validate Markdown Files", + "Common Tests - Validate Localization" ] diff --git a/CHANGELOG.md b/CHANGELOG.md index 040c9cc20..818879dc7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ - Common Tests - Validate Script Files ([Issue #283](https://github.com/PowerShell/xActiveDirectory/issues/283)) - Common Tests - Relative Path Length ([Issue #284](https://github.com/PowerShell/xActiveDirectory/issues/284)) - Common Tests - Validate Markdown Links ([Issue #280](https://github.com/PowerShell/xActiveDirectory/issues/280)) + - Common Tests - Validate Localization ([Issue #281](https://github.com/PowerShell/xActiveDirectory/issues/281)) - Changes to xADComputer - Refactored the resource and the unit tests. - BREAKING CHANGE: The `Enabled` property is **DEPRECATED** and is no diff --git a/DSCResources/MSFT_xADCommon/MSFT_xADCommon.psm1 b/DSCResources/MSFT_xADCommon/MSFT_xADCommon.psm1 index f9dd4266e..fe891b0cc 100644 --- a/DSCResources/MSFT_xADCommon/MSFT_xADCommon.psm1 +++ b/DSCResources/MSFT_xADCommon/MSFT_xADCommon.psm1 @@ -4,45 +4,7 @@ $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPat $script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') -data localizedString -{ - # culture="en-US" - ConvertFrom-StringData @' - WasExpectingDomainController = The operating system product type code returned 2, which indicates that this is domain controller, but was unable to retrieve the domain controller object. (ADCOMMON0001) - FailedEvaluatingDomainController = Could not evaluate if the node is a domain controller. (ADCOMMON0002) - EvaluatePropertyState = Evaluating the state of the property '{0}'. (ADCOMMON0003) - PropertyInDesiredState = The parameter '{0}' is in desired state. (ADCOMMON0004) - PropertyNotInDesiredState = The parameter '{0}' is not in desired state. (ADCOMMON0005) - ArrayDoesNotMatch = One or more values in an array does not match the desired state. Details of the changes are below. (ADCOMMON0006) - ArrayValueThatDoesNotMatch = {0} - {1} (ADCOMMON0007) - PropertyValueOfTypeDoesNotMatch = {0} value does not match. Current value is '{1}', but expected the value '{2}'. (ADCOMMON0008) - UnableToCompareType = Unable to compare the type {0} as it is not handled by the Test-DscPropertyState cmdlet. (ADCOMMON0009) - RoleNotFoundError = Please ensure that the PowerShell module for role '{0}' is installed. (ADCOMMON0010) - MembersAndIncludeExcludeError = The '{0}' and '{1}' and/or '{2}' parameters conflict. The '{0}' parameter should not be used in any combination with the '{1}' and '{2}' parameters. (ADCOMMON0011) - MembersIsNullError = The Members parameter value is null. The '{0}' parameter must be provided if neither '{1}' nor '{2}' is provided. (ADCOMMON0012) - MembersIsEmptyError = The Members parameter is empty. At least one group member must be provided. (ADCOMMON0013) - IncludeAndExcludeConflictError = The member '{0}' is included in both '{1}' and '{2}' parameter values. The same member must not be included in both '{1}' and '{2}' parameter values. (ADCOMMON0014) - IncludeAndExcludeAreEmptyError = The '{0}' and '{1}' parameters are either both null or empty. At least one member must be specified in one of these parameters. (ADCOMMON0015) - ModeConversionError = Converted mode {0} is not a {1}. (ADCOMMON0016) - RecycleBinRestoreFailed = Restoring {0} ({1}) from the recycle bin failed. Error message: {2}. (ADCOMMON0017) - EmptyDomainError = No domain name retrieved for group member {0} in group {1}. (ADCOMMON0018) - CheckingMembers = Checking for '{0}' members. (ADCOMMON0019) - MembershipCountMismatch = Membership count is not correct. Expected '{0}' members, actual '{1}' members. (ADCOMMON0020) - MemberNotInDesiredState = Member '{0}' is not in the desired state. (ADCOMMON0021) - RemovingDuplicateMember = Removing duplicate member '{0}' definition. (ADCOMMON0022) - MembershipInDesiredState = Membership is in the desired state. (ADCOMMON0023) - MembershipNotDesiredState = Membership is NOT in the desired state. (ADCOMMON0024) - CheckingDomain = Checking for domain '{0}'. (ADCOMMON0025) - CheckingSite = Checking for site '{0}'. (ADCOMMON0026) - FindInRecycleBin = Finding objects in the recycle bin matching the filter {0}. (ADCOMMON0027) - FoundRestoreTargetInRecycleBin = Found object {0} ({1}) in the recycle bin as {2}. Attempting to restore the object. (ADCOMMON0028) - RecycleBinRestoreSuccessful = Successfully restored object {0} ({1}) from the recycle bin. (ADCOMMON0029) - AddingGroupMember = Adding member '{0}' from domain '{1}' to AD group '{2}'. (ADCOMMON0030) - PropertyMapArrayIsWrongType = An object in the property map array is not of the type [System.Collections.Hashtable]. (ADCOMMON0031) - CreatingNewADPSDrive = Creating new AD: PSDrive. (ADCOMMON0032) - CreatingNewADPSDriveError = Error creating AD: PS Drive. (ADCOMMON0033) -'@ -} +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADCommon' # Internal function to assert if the role specific module is installed or not function Assert-Module @@ -63,7 +25,7 @@ function Assert-Module if (-not (Get-Module -Name $ModuleName -ListAvailable)) { $errorId = '{0}_ModuleNotFound' -f $ModuleName; - $errorMessage = $localizedString.RoleNotFoundError -f $moduleName; + $errorMessage = $script:localizedData.RoleNotFoundError -f $moduleName; ThrowInvalidOperationError -ErrorId $errorId -ErrorMessage $errorMessage; } @@ -138,7 +100,7 @@ function Test-ADDomain $Credential ) - Write-Verbose -Message ($localizedString.CheckingDomain -f $DomainName); + Write-Verbose -Message ($script:localizedData.CheckingDomain -f $DomainName); $ldapDomain = 'LDAP://{0}' -f $DomainName; if ($PSBoundParameters.ContainsKey('Credential')) { @@ -227,14 +189,14 @@ function Assert-MemberParameters { # If Members are provided, Include and Exclude are not allowed. $errorId = '{0}_MembersPlusIncludeOrExcludeConflict' -f $ModuleName; - $errorMessage = $localizedString.MembersAndIncludeExcludeError -f 'Members', 'MembersToInclude', 'MembersToExclude'; + $errorMessage = $script:localizedData.MembersAndIncludeExcludeError -f 'Members', 'MembersToInclude', 'MembersToExclude'; ThrowInvalidArgumentError -ErrorId $errorId -ErrorMessage $errorMessage; } if ($Members.Length -eq 0) # ) { $errorId = '{0}_MembersIsNull' -f $ModuleName; - $errorMessage = $localizedString.MembersIsNullError -f 'Members', 'MembersToInclude', 'MembersToExclude'; + $errorMessage = $script:localizedData.MembersIsNullError -f 'Members', 'MembersToInclude', 'MembersToExclude'; ThrowInvalidArgumentError -ErrorId $errorId -ErrorMessage $errorMessage; } } @@ -254,7 +216,7 @@ function Assert-MemberParameters if (($MembersToInclude.Length -eq 0) -and ($MembersToExclude.Length -eq 0)) { $errorId = '{0}_EmptyIncludeAndExclude' -f $ModuleName; - $errorMessage = $localizedString.IncludeAndExcludeAreEmptyError -f 'MembersToInclude', 'MembersToExclude'; + $errorMessage = $script:localizedData.IncludeAndExcludeAreEmptyError -f 'MembersToInclude', 'MembersToExclude'; ThrowInvalidArgumentError -ErrorId $errorId -ErrorMessage $errorMessage; } @@ -264,7 +226,7 @@ function Assert-MemberParameters if ($member -in $MembersToExclude) { $errorId = '{0}_IncludeAndExcludeConflict' -f $ModuleName; - $errorMessage = $localizedString.IncludeAndExcludeConflictError -f $member, 'MembersToInclude', 'MembersToExclude'; + $errorMessage = $script:localizedData.IncludeAndExcludeConflictError -f $member, 'MembersToInclude', 'MembersToExclude'; ThrowInvalidArgumentError -ErrorId $errorId -ErrorMessage $errorMessage; } } @@ -295,7 +257,7 @@ function Remove-DuplicateMembers if ($Members[$sourceIndex] -eq $Members[$matchIndex]) { # A duplicate is found. Discard the duplicate. - Write-Verbose -Message ($localizedString.RemovingDuplicateMember -f $Members[$sourceIndex]); + Write-Verbose -Message ($script:localizedData.RemovingDuplicateMember -f $Members[$sourceIndex]); $matchFound = $true; continue; } @@ -356,11 +318,11 @@ function Test-Members { $Members = @(); } - Write-Verbose ($localizedString.CheckingMembers -f 'Explicit'); + Write-Verbose ($script:localizedData.CheckingMembers -f 'Explicit'); $Members = [System.String[]] @(Remove-DuplicateMembers -Members $Members); if ($ExistingMembers.Count -ne $Members.Count) { - Write-Verbose -Message ($localizedString.MembershipCountMismatch -f $Members.Count, $ExistingMembers.Count); + Write-Verbose -Message ($script:localizedData.MembershipCountMismatch -f $Members.Count, $ExistingMembers.Count); return $false; } @@ -368,7 +330,7 @@ function Test-Members { if ($member -notin $ExistingMembers) { - Write-Verbose -Message ($localizedString.MemberNotInDesiredState -f $member); + Write-Verbose -Message ($script:localizedData.MemberNotInDesiredState -f $member); return $false; } } @@ -380,13 +342,13 @@ function Test-Members { $MembersToInclude = @(); } - Write-Verbose -Message ($localizedString.CheckingMembers -f 'Included'); + Write-Verbose -Message ($script:localizedData.CheckingMembers -f 'Included'); $MembersToInclude = [System.String[]] @(Remove-DuplicateMembers -Members $MembersToInclude); foreach ($member in $MembersToInclude) { if ($member -notin $ExistingMembers) { - Write-Verbose -Message ($localizedString.MemberNotInDesiredState -f $member); + Write-Verbose -Message ($script:localizedData.MemberNotInDesiredState -f $member); return $false; } } @@ -398,19 +360,19 @@ function Test-Members { $MembersToExclude = @(); } - Write-Verbose -Message ($localizedString.CheckingMembers -f 'Excluded'); + Write-Verbose -Message ($script:localizedData.CheckingMembers -f 'Excluded'); $MembersToExclude = [System.String[]] @(Remove-DuplicateMembers -Members $MembersToExclude); foreach ($member in $MembersToExclude) { if ($member -in $ExistingMembers) { - Write-Verbose -Message ($localizedString.MemberNotInDesiredState -f $member); + Write-Verbose -Message ($script:localizedData.MemberNotInDesiredState -f $member); return $false; } } } #end if $MembersToExclude - Write-Verbose -Message $localizedString.MembershipInDesiredState; + Write-Verbose -Message $script:localizedData.MembershipInDesiredState return $true; } #end function Test-Membership @@ -672,7 +634,7 @@ function Test-ADReplicationSite $Credential ) - Write-Verbose -Message ($localizedString.CheckingSite -f $SiteName); + Write-Verbose -Message ($script:localizedData.CheckingSite -f $SiteName); $existingDC = "$((Get-ADDomainController -Discover -DomainName $DomainName -ForceDiscover).HostName)"; @@ -809,7 +771,7 @@ function Restore-ADCommonObject ) $restoreFilter = 'msDS-LastKnownRDN -eq "{0}" -and objectClass -eq "{1}" -and isDeleted -eq $true' -f $Identity, $ObjectClass - Write-Verbose -Message ($localizedString.FindInRecycleBin -f $restoreFilter) -Verbose + Write-Verbose -Message ($script:localizedData.FindInRecycleBin -f $restoreFilter) -Verbose <# Using IsDeleted and IncludeDeletedObjects will mean that the cmdlet does not throw @@ -831,7 +793,7 @@ function Restore-ADCommonObject if ($restorableObject) { - Write-Verbose -Message ($localizedString.FoundRestoreTargetInRecycleBin -f $Identity, $ObjectClass, $restorableObject.DistinguishedName) -Verbose + Write-Verbose -Message ($script:localizedData.FoundRestoreTargetInRecycleBin -f $Identity, $ObjectClass, $restorableObject.DistinguishedName) -Verbose try { @@ -840,12 +802,12 @@ function Restore-ADCommonObject $restoreParams['ErrorAction'] = 'Stop' $restoreParams['Identity'] = $restorableObject.DistinguishedName $restoredObject = Restore-ADObject @restoreParams - Write-Verbose -Message ($localizedString.RecycleBinRestoreSuccessful -f $Identity, $ObjectClass) -Verbose + Write-Verbose -Message ($script:localizedData.RecycleBinRestoreSuccessful -f $Identity, $ObjectClass) -Verbose } catch [Microsoft.ActiveDirectory.Management.ADException] { # After Get-TargetResource is through, only one error can occur here: Object parent does not exist - ThrowInvalidOperationError -ErrorId "$($Identity)_RecycleBinRestoreFailed" -ErrorMessage ($localizedString.RecycleBinRestoreFailed -f $Identity, $ObjectClass, $_.Exception.Message) + ThrowInvalidOperationError -ErrorId "$($Identity)_RecycleBinRestoreFailed" -ErrorMessage ($script:localizedData.RecycleBinRestoreFailed -f $Identity, $ObjectClass, $_.Exception.Message) } } @@ -927,10 +889,10 @@ function Add-ADCommonGroupMember if (-not $memberDomain) { - ThrowInvalidArgumentError -ErrorId "$($member)_EmptyDomainError" -ErrorMessage ($localizedString.EmptyDomainError -f $member, $Parameters.GroupName) + ThrowInvalidArgumentError -ErrorId "$($member)_EmptyDomainError" -ErrorMessage ($script:localizedData.EmptyDomainError -f $member, $Parameters.GroupName) } - Write-Verbose -Message ($localizedString.AddingGroupMember -f $member, $memberDomain, $Parameters.GroupName) + Write-Verbose -Message ($script:localizedData.AddingGroupMember -f $member, $memberDomain, $Parameters.GroupName) $memberObjectClass = (Get-ADObject -Identity $member -Server $memberDomain -Properties ObjectClass).ObjectClass if ($memberObjectClass -eq 'computer') { @@ -1017,7 +979,7 @@ function Get-DomainControllerObject } catch { - $errorMessage = $localizedString.FailedEvaluatingDomainController + $errorMessage = $script:localizedData.FailedEvaluatingDomainController New-InvalidOperationException -Message $errorMessage -ErrorRecord $_ } @@ -1082,7 +1044,7 @@ function Convert-PropertyMapToObjectProperties { if ($property -isnot [System.Collections.Hashtable]) { - $errorMessage = $localizedString.PropertyMapArrayIsWrongType + $errorMessage = $script:localizedData.PropertyMapArrayIsWrongType New-InvalidOperationException -Message $errorMessage } @@ -1184,7 +1146,7 @@ function Compare-ResourcePropertyState foreach ($parameterName in $DesiredValues.Keys) { - Write-Verbose -Message ($localizedString.EvaluatePropertyState -f $parameterName) -Verbose + Write-Verbose -Message ($script:localizedData.EvaluatePropertyState -f $parameterName) -Verbose $parameterState = @{ ParameterName = $parameterName @@ -1200,13 +1162,13 @@ function Compare-ResourcePropertyState if ($isPropertyInDesiredState) { - Write-Verbose -Message ($localizedString.PropertyInDesiredState -f $parameterName) -Verbose + Write-Verbose -Message ($script:localizedData.PropertyInDesiredState -f $parameterName) -Verbose $parameterState['InDesiredState'] = $true } else { - Write-Verbose -Message ($localizedString.PropertyNotInDesiredState -f $parameterName) -Verbose + Write-Verbose -Message ($script:localizedData.PropertyNotInDesiredState -f $parameterName) -Verbose $parameterState['InDesiredState'] = $false } @@ -1267,10 +1229,10 @@ function Test-DscPropertyState if ($null -ne $arrayCompare) { - Write-Verbose -Message $localizedString.ArrayDoesNotMatch -Verbose + Write-Verbose -Message $script:localizedData.ArrayDoesNotMatch -Verbose $arrayCompare | ForEach-Object -Process { - Write-Verbose -Message ($localizedString.ArrayValueThatDoesNotMatch -f $_.InputObject, $_.SideIndicator) -Verbose + Write-Verbose -Message ($script:localizedData.ArrayValueThatDoesNotMatch -f $_.InputObject, $_.SideIndicator) -Verbose } $returnValue = $false @@ -1296,13 +1258,13 @@ function Test-DscPropertyState if ($desiredType.Name -notin $supportedTypes) { - Write-Warning -Message ($localizedString.UnableToCompareType ` + Write-Warning -Message ($script:localizedData.UnableToCompareType ` -f $fieldName, $desiredType.Name) } else { Write-Verbose -Message ( - $localizedString.PropertyValueOfTypeDoesNotMatch ` + $script:localizedData.PropertyValueOfTypeDoesNotMatch ` -f $desiredType.Name, $Values.CurrentValue, $Values.DesiredValue ) -Verbose } @@ -1338,14 +1300,14 @@ function Assert-ADPSDrive if ($null -eq $activeDirectoryPSDrive) { - Write-Verbose -Message $script:localizedString.CreatingNewADPSDrive + Write-Verbose -Message $script:localizedData.CreatingNewADPSDrive try { New-PSDrive -Name AD -PSProvider 'ActiveDirectory' -Root $Root -Scope Script -ErrorAction Stop | Out-Null } catch { - $errorMessage = $script:localizedString.CreatingNewADPSDriveError + $errorMessage = $script:localizedData.CreatingNewADPSDriveError New-InvalidOperationException -Message $errorMessage -ErrorRecord $_ } } diff --git a/DSCResources/MSFT_xADCommon/en-US/MSFT_xADCommon.strings.psd1 b/DSCResources/MSFT_xADCommon/en-US/MSFT_xADCommon.strings.psd1 new file mode 100644 index 000000000..c69ead7e3 --- /dev/null +++ b/DSCResources/MSFT_xADCommon/en-US/MSFT_xADCommon.strings.psd1 @@ -0,0 +1,36 @@ +# culture="en-US" +ConvertFrom-StringData @' + WasExpectingDomainController = The operating system product type code returned 2, which indicates that this is domain controller, but was unable to retrieve the domain controller object. (ADCOMMON0001) + FailedEvaluatingDomainController = Could not evaluate if the node is a domain controller. (ADCOMMON0002) + EvaluatePropertyState = Evaluating the state of the property '{0}'. (ADCOMMON0003) + PropertyInDesiredState = The parameter '{0}' is in desired state. (ADCOMMON0004) + PropertyNotInDesiredState = The parameter '{0}' is not in desired state. (ADCOMMON0005) + ArrayDoesNotMatch = One or more values in an array does not match the desired state. Details of the changes are below. (ADCOMMON0006) + ArrayValueThatDoesNotMatch = {0} - {1} (ADCOMMON0007) + PropertyValueOfTypeDoesNotMatch = {0} value does not match. Current value is '{1}', but expected the value '{2}'. (ADCOMMON0008) + UnableToCompareType = Unable to compare the type {0} as it is not handled by the Test-DscPropertyState cmdlet. (ADCOMMON0009) + RoleNotFoundError = Please ensure that the PowerShell module for role '{0}' is installed. (ADCOMMON0010) + MembersAndIncludeExcludeError = The '{0}' and '{1}' and/or '{2}' parameters conflict. The '{0}' parameter should not be used in any combination with the '{1}' and '{2}' parameters. (ADCOMMON0011) + MembersIsNullError = The Members parameter value is null. The '{0}' parameter must be provided if neither '{1}' nor '{2}' is provided. (ADCOMMON0012) +# MembersIsEmptyError = The Members parameter is empty. At least one group member must be provided. (ADCOMMON0013) + IncludeAndExcludeConflictError = The member '{0}' is included in both '{1}' and '{2}' parameter values. The same member must not be included in both '{1}' and '{2}' parameter values. (ADCOMMON0014) + IncludeAndExcludeAreEmptyError = The '{0}' and '{1}' parameters are either both null or empty. At least one member must be specified in one of these parameters. (ADCOMMON0015) +# ModeConversionError = Converted mode {0} is not a {1}. (ADCOMMON0016) + RecycleBinRestoreFailed = Restoring {0} ({1}) from the recycle bin failed. Error message: {2}. (ADCOMMON0017) + EmptyDomainError = No domain name retrieved for group member {0} in group {1}. (ADCOMMON0018) + CheckingMembers = Checking for '{0}' members. (ADCOMMON0019) + MembershipCountMismatch = Membership count is not correct. Expected '{0}' members, actual '{1}' members. (ADCOMMON0020) + MemberNotInDesiredState = Member '{0}' is not in the desired state. (ADCOMMON0021) + RemovingDuplicateMember = Removing duplicate member '{0}' definition. (ADCOMMON0022) + MembershipInDesiredState = Membership is in the desired state. (ADCOMMON0023) +# MembershipNotDesiredState = Membership is NOT in the desired state. (ADCOMMON0024) + CheckingDomain = Checking for domain '{0}'. (ADCOMMON0025) + CheckingSite = Checking for site '{0}'. (ADCOMMON0026) + FindInRecycleBin = Finding objects in the recycle bin matching the filter {0}. (ADCOMMON0027) + FoundRestoreTargetInRecycleBin = Found object {0} ({1}) in the recycle bin as {2}. Attempting to restore the object. (ADCOMMON0028) + RecycleBinRestoreSuccessful = Successfully restored object {0} ({1}) from the recycle bin. (ADCOMMON0029) + AddingGroupMember = Adding member '{0}' from domain '{1}' to AD group '{2}'. (ADCOMMON0030) + PropertyMapArrayIsWrongType = An object in the property map array is not of the type [System.Collections.Hashtable]. (ADCOMMON0031) + CreatingNewADPSDrive = Creating new AD: PSDrive. (ADCOMMON0032) + CreatingNewADPSDriveError = Error creating AD: PS Drive. (ADCOMMON0033) +'@ diff --git a/DSCResources/MSFT_xADComputer/en-US/MSFT_xADComputer.strings.psd1 b/DSCResources/MSFT_xADComputer/en-US/MSFT_xADComputer.strings.psd1 index a307ab7c4..59e4c0d1f 100644 --- a/DSCResources/MSFT_xADComputer/en-US/MSFT_xADComputer.strings.psd1 +++ b/DSCResources/MSFT_xADComputer/en-US/MSFT_xADComputer.strings.psd1 @@ -1,28 +1,28 @@ # culture="en-US" ConvertFrom-StringData @' - EnabledDeprecatedMessage = DEPRECATED parameter Enabled is being used in this configuration. The parameter Enabled no longer sets or enforces the Enabled property. Please see more information at https://github.com/PowerShell/xActiveDirectory/blob/master/README.md#xadcomputer. (ADC0001) - RetrievingComputerAccount = Retrieving the information about the computer account '{0}' from Active Directory. (ADC0002) - ComputerAccountIsPresent = The computer account '{0}' is present in Active Directory. (ADC0003) - ComputerAccountIsAbsent = The computer account '{0}' is absent from Active Directory. (ADC0004) - FailedToRetrieveComputerAccount = Failed to retrieve the computer account '{0}' from Active Directory. (ADC0005) - TestConfiguration = Determining the current state of the computer account '{0}'. (ADC0006) - ComputerAccountShouldBeAbsent = The computer account '{0}' is present in Active Directory, but expected it to be absent. (ADC0007) - ComputerAccountShouldBePresent = The computer account '{0}' is absent in Active Directory, but expected it to be present. (ADC0008) - ServicePrincipalNamesInDesiredState = The service principal names was in desired state. (ADC0009) + EnabledDeprecatedMessage = DEPRECATED parameter Enabled is being used in this configuration. The parameter Enabled no longer sets or enforces the Enabled property. Please see more information at https://github.com/PowerShell/xActiveDirectory/blob/master/README.md#xadcomputer. (ADC0001) + RetrievingComputerAccount = Retrieving the information about the computer account '{0}' from Active Directory. (ADC0002) + ComputerAccountIsPresent = The computer account '{0}' is present in Active Directory. (ADC0003) + ComputerAccountIsAbsent = The computer account '{0}' is absent from Active Directory. (ADC0004) + FailedToRetrieveComputerAccount = Failed to retrieve the computer account '{0}' from Active Directory. (ADC0005) + TestConfiguration = Determining the current state of the computer account '{0}'. (ADC0006) + ComputerAccountShouldBeAbsent = The computer account '{0}' is present in Active Directory, but expected it to be absent. (ADC0007) + ComputerAccountShouldBePresent = The computer account '{0}' is absent in Active Directory, but expected it to be present. (ADC0008) + ServicePrincipalNamesInDesiredState = The service principal names was in desired state. (ADC0009) ServicePrincipalNamesNotInDesiredState = The service principal names was '{0}', but expected them to be '{1}'. (ADC0010) - ComputerAccountInDesiredState = The computer account '{0}' is in the desired state. (ADC0011) - ComputerAccountNotInDesiredState = The computer account '{0}' is not in the desired state. (ADC0012) - RestoringComputerAccount = Attempting to restore the computer object {0} from recycle bin. (ADC0013) + ComputerAccountInDesiredState = The computer account '{0}' is in the desired state. (ADC0011) + ComputerAccountNotInDesiredState = The computer account '{0}' is not in the desired state. (ADC0012) + RestoringComputerAccount = Attempting to restore the computer object {0} from recycle bin. (ADC0013) FailedToCreateOfflineDomainJoinRequest = Failed to create the Offline Domain Join (ODJ) request file for the computer account '{0}' with the error code '{1}'. (ADC0014) - CreateOfflineDomainJoinRequest = Attempting to create the Offline Domain Join (ODJ) request file '{0}' for the computer account '{1}' in the domain '{2}'. (ADC0015) - CreatedOfflineDomainJoinRequestFile = The Offline Domain Join (ODJ) request file '{0}' was created successfully. (ADC0016) - CreateComputerAccount = The computer account '{0}' is created in Active Directory, at the default path. (ADC0017) - CreateComputerAccountInPath = The computer account '{0}' is created in Active Directory, at the path '{1}'. (ADC0018) - DisabledComputerAccount = The computer account '{0}' is created disabled. (ADC0019) - EnabledComputerAccount = The computer account '{0}' is created enabled. (ADC0020) - MovingComputerAccount = Moving the computer account '{0}' from the path '{1}' to the path '{2}'. (ADC0021) - UpdatingComputerAccountProperty = Updating the computer account property '{0}' with the value(s) '{1}'. (ADC0022) - RemovingComputerAccountProperty = Removing the value(s) '{1}' from the computer account property '{0}'. (ADC0023) - UpdatedComputerAccount = The computer account '{0}' was updated in Active Directory. (ADC0024) - RemovingComputerAccount = Removing the computer account '{0}' from Active Directory. (ADC0025) + CreateOfflineDomainJoinRequest = Attempting to create the Offline Domain Join (ODJ) request file '{0}' for the computer account '{1}' in the domain '{2}'. (ADC0015) + CreatedOfflineDomainJoinRequestFile = The Offline Domain Join (ODJ) request file '{0}' was created successfully. (ADC0016) + CreateComputerAccount = The computer account '{0}' is created in Active Directory, at the default path. (ADC0017) + CreateComputerAccountInPath = The computer account '{0}' is created in Active Directory, at the path '{1}'. (ADC0018) + DisabledComputerAccount = The computer account '{0}' is created disabled. (ADC0019) + EnabledComputerAccount = The computer account '{0}' is created enabled. (ADC0020) + MovingComputerAccount = Moving the computer account '{0}' from the path '{1}' to the path '{2}'. (ADC0021) + UpdatingComputerAccountProperty = Updating the computer account property '{0}' with the value(s) '{1}'. (ADC0022) + RemovingComputerAccountProperty = Removing the value(s) '{1}' from the computer account property '{0}'. (ADC0023) + UpdatedComputerAccount = The computer account '{0}' was updated in Active Directory. (ADC0024) + RemovingComputerAccount = Removing the computer account '{0}' from Active Directory. (ADC0025) '@ diff --git a/DSCResources/MSFT_xADDomain/MSFT_xADDomain.psm1 b/DSCResources/MSFT_xADDomain/MSFT_xADDomain.psm1 index d3c0e5292..941f1450f 100644 --- a/DSCResources/MSFT_xADDomain/MSFT_xADDomain.psm1 +++ b/DSCResources/MSFT_xADDomain/MSFT_xADDomain.psm1 @@ -1,35 +1,13 @@ -## Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions - -# Localized messages -data localizedData -{ - # culture="en-US" - ConvertFrom-StringData @' - RoleNotFoundError = Please ensure that the PowerShell module for role '{0}' is installed. - InvalidDomainError = Computer is a member of the wrong domain?! - ExistingDomainMemberError = Computer is already a domain member. Cannot create a new '{0}' domain? - InvalidCredentialError = Domain '{0}' is available, but invalid credentials were supplied. - - QueryDomainWithLocalCredential = Computer is a domain member; querying domain '{0}' using local credential ... - QueryDomainWithCredential = Computer is a workgroup member; querying for domain '{0}' using supplied credential ... - DomainFound = Active Directory domain '{0}' found. - DomainNotFound = Active Directory domain '{0}' cannot be found. - CreatingChildDomain = Creating domain '{0}' as a child of domain '{1}' ... - CreatedChildDomain = Child domain '{0}' created. - CreatingForest = Creating AD forest '{0}' ... - CreatedForest = AD forest '{0}' created. - ResourcePropertyValueIncorrect = Property '{0}' value is incorrect; expected '{1}', actual '{2}'. - ResourceInDesiredState = Resource '{0}' is in the desired state. - ResourceNotInDesiredState = Resource '{0}' is NOT in the desired state. - RetryingGetADDomain = Attempt {0} of {1} to call Get-ADDomain failed, retrying in {2} seconds. - UnhandledError = Unhandled error occured, detail here: {0} - FaultExceptionAndDomainShouldExist = ServiceModel FaultException detected and domain should exist, performing retry... -'@ -} +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' + +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') + +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') + +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomain' <# .SYNOPSIS @@ -124,12 +102,12 @@ function Get-TargetResource if ($isDomainMember) { ## We're already a domain member, so take the credentials out of the equation - Write-Verbose ($localizedData.QueryDomainADWithLocalCredentials -f $domainFQDN); + Write-Verbose ($script:localizedData.QueryDomainWithLocalCredential -f $domainFQDN); $domain = Get-ADDomain -Identity $domainFQDN -ErrorAction Stop; $forest = Get-ADForest -Identity $domain.Forest -ErrorAction Stop } else { - Write-Verbose ($localizedData.QueryDomainWithCredential -f $domainFQDN); + Write-Verbose ($script:localizedData.QueryDomainWithCredential -f $domainFQDN); $domain = Get-ADDomain -Identity $domainFQDN -Credential $DomainAdministratorCredential -ErrorAction Stop $forest = Get-ADForest -Identity $domain.Forest -Credential $DomainAdministratorCredential -ErrorAction Stop } @@ -137,7 +115,7 @@ function Get-TargetResource ## No need to check whether the node is actually a domain controller. If we don't throw an exception, ## the domain is already UP - and this resource shouldn't run. Domain controller functionality ## should be checked by the xADDomainController resource? - Write-Verbose ($localizedData.DomainFound -f $domain.DnsRoot); + Write-Verbose ($script:localizedData.DomainFound -f $domain.DnsRoot); $targetResource = @{ DomainName = $domain.DnsRoot; @@ -151,28 +129,28 @@ function Get-TargetResource } catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] { - $errorMessage = $localizedData.ExistingDomainMemberError -f $DomainName; + $errorMessage = $script:localizedData.ExistingDomainMemberError -f $DomainName; ThrowInvalidOperationError -ErrorId 'xADDomain_DomainMember' -ErrorMessage $errorMessage; } catch [Microsoft.ActiveDirectory.Management.ADServerDownException] { - Write-Verbose ($localizedData.DomainNotFound -f $domainFQDN) + Write-Verbose ($script:localizedData.DomainNotFound -f $domainFQDN) $domain = @{ }; # will fall into retry mechanism } catch [System.Security.Authentication.AuthenticationException] { - $errorMessage = $localizedData.InvalidCredentialError -f $DomainName; + $errorMessage = $script:localizedData.InvalidCredentialError -f $DomainName; ThrowInvalidOperationError -ErrorId 'xADDomain_InvalidCredential' -ErrorMessage $errorMessage; } catch { - $errorMessage = $localizedData.UnhandledError -f ($_.Exception | Format-List -Force | Out-String) + $errorMessage = $script:localizedData.UnhandledError -f ($_.Exception | Format-List -Force | Out-String) Write-Verbose $errorMessage if ($domainShouldExist -and ($_.Exception.InnerException -is [System.ServiceModel.FaultException])) { - Write-Verbose $localizedData.FaultExceptionAndDomainShouldExist + Write-Verbose $script:localizedData.FaultExceptionAndDomainShouldExist # will fall into retry mechanism } else { ## Not sure what's gone on here! @@ -183,7 +161,7 @@ function Get-TargetResource if($domainShouldExist) { $retries++ - Write-Verbose ($localizedData.RetryingGetADDomain -f $retries, $maxRetries, $retryIntervalInSeconds) + Write-Verbose ($script:localizedData.RetryingGetADDomain -f $retries, $maxRetries, $retryIntervalInSeconds) Start-Sleep -Seconds ($retries * $retryIntervalInSeconds) } @@ -238,7 +216,7 @@ function Test-TargetResource $domainFQDN = Resolve-DomainFQDN -DomainName $DomainName -ParentDomainName $ParentDomainName if ($domainFQDN -ne $targetResource.DomainName) { - $message = $localizedData.ResourcePropertyValueIncorrect -f 'DomainName', $domainFQDN, $targetResource.DomainName; + $message = $script:localizedData.ResourcePropertyValueIncorrect -f 'DomainName', $domainFQDN, $targetResource.DomainName; Write-Verbose -Message $message; $isCompliant = $false; } @@ -251,7 +229,7 @@ function Test-TargetResource $propertyValue = (Get-Variable -Name $propertyName).Value; if ($targetResource.$propertyName -ne $propertyValue) { - $message = $localizedData.ResourcePropertyValueIncorrect -f $propertyName, $propertyValue, $targetResource.$propertyName; + $message = $script:localizedData.ResourcePropertyValueIncorrect -f $propertyName, $propertyValue, $targetResource.$propertyName; Write-Verbose -Message $message; $isCompliant = $false; } @@ -260,12 +238,12 @@ function Test-TargetResource if ($isCompliant) { - Write-Verbose -Message ($localizedData.ResourceInDesiredState -f $domainFQDN); + Write-Verbose -Message ($script:localizedData.ResourceInDesiredState -f $domainFQDN); return $true; } else { - Write-Verbose -Message ($localizedData.ResourceNotInDesiredState -f $domainFQDN); + Write-Verbose -Message ($script:localizedData.ResourceNotInDesiredState -f $domainFQDN); return $false; } @@ -356,7 +334,7 @@ function Set-TargetResource if ($PSBoundParameters.ContainsKey('ParentDomainName')) { - Write-Verbose -Message ($localizedData.CreatingChildDomain -f $DomainName, $ParentDomainName); + Write-Verbose -Message ($script:localizedData.CreatingChildDomain -f $DomainName, $ParentDomainName); $installADDSParams['Credential'] = $DomainAdministratorCredential $installADDSParams['NewDomainName'] = $DomainName $installADDSParams['ParentDomainName'] = $ParentDomainName @@ -366,11 +344,11 @@ function Set-TargetResource $installADDSParams['NewDomainNetbiosName'] = $DomainNetBIOSName; } Install-ADDSDomain @installADDSParams; - Write-Verbose -Message ($localizedData.CreatedChildDomain); + Write-Verbose -Message ($script:localizedData.CreatedChildDomain); } else { - Write-Verbose -Message ($localizedData.CreatingForest -f $DomainName); + Write-Verbose -Message ($script:localizedData.CreatingForest -f $DomainName); $installADDSParams['DomainName'] = $DomainName; if ($PSBoundParameters.ContainsKey('DomainNetbiosName')) { @@ -381,7 +359,7 @@ function Set-TargetResource $installADDSParams['ForestMode'] = $ForestMode } Install-ADDSForest @installADDSParams; - Write-Verbose -Message ($localizedData.CreatedForest -f $DomainName); + Write-Verbose -Message ($script:localizedData.CreatedForest -f $DomainName); } 'Finished' | Out-File -FilePath (Get-TrackingFilename -DomainName $DomainName) -Force diff --git a/DSCResources/MSFT_xADDomain/en-US/MSFT_xADDomain.strings.psd1 b/DSCResources/MSFT_xADDomain/en-US/MSFT_xADDomain.strings.psd1 new file mode 100644 index 000000000..80889e9db --- /dev/null +++ b/DSCResources/MSFT_xADDomain/en-US/MSFT_xADDomain.strings.psd1 @@ -0,0 +1,19 @@ +# culture="en-US" +ConvertFrom-StringData @' + ExistingDomainMemberError = Computer is already a domain member. Cannot create a new '{0}' domain? + InvalidCredentialError = Domain '{0}' is available, but invalid credentials were supplied. + QueryDomainWithLocalCredential = Computer is a domain member; querying domain '{0}' using local credential ... + QueryDomainWithCredential = Computer is a workgroup member; querying for domain '{0}' using supplied credential ... + DomainFound = Active Directory domain '{0}' found. + DomainNotFound = Active Directory domain '{0}' cannot be found. + CreatingChildDomain = Creating domain '{0}' as a child of domain '{1}' ... + CreatedChildDomain = Child domain '{0}' created. + CreatingForest = Creating AD forest '{0}' ... + CreatedForest = AD forest '{0}' created. + ResourcePropertyValueIncorrect = Property '{0}' value is incorrect; expected '{1}', actual '{2}'. + ResourceInDesiredState = Resource '{0}' is in the desired state. + ResourceNotInDesiredState = Resource '{0}' is NOT in the desired state. + RetryingGetADDomain = Attempt {0} of {1} to call Get-ADDomain failed, retrying in {2} seconds. + UnhandledError = Unhandled error occured, detail here: {0} + FaultExceptionAndDomainShouldExist = ServiceModel FaultException detected and domain should exist, performing retry... +'@ diff --git a/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.psm1 b/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.psm1 index eb71e9309..e67178264 100644 --- a/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.psm1 +++ b/DSCResources/MSFT_xADDomainController/MSFT_xADDomainController.psm1 @@ -327,6 +327,7 @@ function Set-TargetResource ) # DC is not in correct site. Move it. + Write-Verbose -Message ($script:localizedData.MovingDomainController -f $targetResource.SiteName, $SiteName) Move-ADDirectoryServer -Identity $env:COMPUTERNAME -Site $SiteName -Credential $DomainAdministratorCredential } } diff --git a/DSCResources/MSFT_xADDomainController/en-US/MSFT_xADDomainController.strings.psd1 b/DSCResources/MSFT_xADDomainController/en-US/MSFT_xADDomainController.strings.psd1 index 15e54df91..0232e0507 100644 --- a/DSCResources/MSFT_xADDomainController/en-US/MSFT_xADDomainController.strings.psd1 +++ b/DSCResources/MSFT_xADDomainController/en-US/MSFT_xADDomainController.strings.psd1 @@ -1,20 +1,20 @@ ConvertFrom-StringData @' - ResolveDomainName = Resolving the domain name '{0}'. (ADDC0001) - DomainPresent = The domain '{0}' is present. Looking for domain controllers. (ADDC0002) - FoundDomainController = Found the domain controller '{0}' in the domain '{1}'. (ADDC0003) - AlreadyDomainController = The current node '{0}' is already a domain controller for the domain '{1}'. (ADDC0004) - NotDomainController = The current node '{0}' is not a domain controller. (ADDC0006) - IsDomainController = The current node '{0}' is a domain controller for the domain '{1}'. (ADDC0007) - MissingDomain = Current node could not find the domain '{0}'. (ADDC0008) - Promoting = Promoting the current node to be a domain controller for the domain '{1}'. (ADDC0009) - Promoted = The current node '{0}' has been promoted to a domain controller for the domain '{1}'. (ADDC0010) - AddGlobalCatalog = Adding Global Catalog to the domain controller. (ADDC0011) - RemoveGlobalCatalog = Removing Global Catalog from the domain controller. (ADDC0012) - MovingDomainController = Moving Domain Controller from site '{0}' to site '{1}'. (ADDC0013) - FailedToFindSite = The site '{0}' could not be found in the domain '{1}'. (ADDC0014) - TestingConfiguration = Determine the state of the domain controller on the current node '{0}' in the domain '{1}'. (ADDC0015) - WrongSite = The domain controller is in the site '{0}', but expected it to be in the site '{1}'. (ADDC0016) - ExpectedGlobalCatalogEnabled = The domain controller does not contain a Global Catalog, but it was expected to have a Global Catalog. + ResolveDomainName = Resolving the domain name '{0}'. (ADDC0001) + DomainPresent = The domain '{0}' is present. Looking for domain controllers. (ADDC0002) + FoundDomainController = Found the domain controller '{0}' in the domain '{1}'. (ADDC0003) + AlreadyDomainController = The current node '{0}' is already a domain controller for the domain '{1}'. (ADDC0004) + NotDomainController = The current node '{0}' is not a domain controller. (ADDC0006) + IsDomainController = The current node '{0}' is a domain controller for the domain '{1}'. (ADDC0007) + MissingDomain = Current node could not find the domain '{0}'. (ADDC0008) + Promoting = Promoting the current node to be a domain controller for the domain '{1}'. (ADDC0009) + Promoted = The current node '{0}' has been promoted to a domain controller for the domain '{1}'. (ADDC0010) + AddGlobalCatalog = Adding Global Catalog to the domain controller. (ADDC0011) + RemoveGlobalCatalog = Removing Global Catalog from the domain controller. (ADDC0012) + MovingDomainController = Moving Domain Controller from site '{0}' to site '{1}'. (ADDC0013) + FailedToFindSite = The site '{0}' could not be found in the domain '{1}'. (ADDC0014) + TestingConfiguration = Determine the state of the domain controller on the current node '{0}' in the domain '{1}'. (ADDC0015) + WrongSite = The domain controller is in the site '{0}', but expected it to be in the site '{1}'. (ADDC0016) + ExpectedGlobalCatalogEnabled = The domain controller does not contain a Global Catalog, but it was expected to have a Global Catalog. ExpectedGlobalCatalogDisabled = The domain controller have a Global Catalog, but it was expected to not have a Global Catalog. - ExpectedDomainController = Expected the node to be a domain controller, but did not get a domain controller object. (ADDC0017) + ExpectedDomainController = Expected the node to be a domain controller, but did not get a domain controller object. (ADDC0017) '@ diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.psm1 b/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.psm1 index 5efdcb7fd..d33848871 100644 --- a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.psm1 +++ b/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/MSFT_xADDomainDefaultPasswordPolicy.psm1 @@ -1,23 +1,13 @@ -## Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions - -# Localized messages -data localizedData -{ - # culture="en-US" - ConvertFrom-StringData @' - RoleNotFoundError = Please ensure that the PowerShell module for role '{0}' is installed. - QueryingDomainPasswordPolicy = Querying Active Directory domain '{0}' default password policy. - UpdatingDomainPasswordPolicy = Updating Active Directory domain '{0}' default password policy. - SettingPasswordPolicyValue = Setting password policy '{0}' property to '{1}'. - ResourcePropertyValueIncorrect = Property '{0}' value is incorrect; expected '{1}', actual '{2}'. - ResourceInDesiredState = Resource '{0}' is in the desired state. - ResourceNotInDesiredState = Resource '{0}' is NOT in the desired state. -'@ -} +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' + +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') + +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') + +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADDomainDefaultPasswordPolicy' ## List of changeable policy properties $mutablePropertyMap = @( @@ -54,7 +44,7 @@ function Get-TargetResource $PSBoundParameters['Identity'] = $DomainName; $getADDefaultDomainPasswordPolicyParams = Get-ADCommonParameters @PSBoundParameters; - Write-Verbose -Message ($localizedData.QueryingDomainPasswordPolicy -f $DomainName); + Write-Verbose -Message ($script:localizedData.QueryingDomainPasswordPolicy -f $DomainName); $policy = Get-ADDefaultDomainPasswordPolicy @getADDefaultDomainPasswordPolicyParams; $targetResource = @{ DomainName = $DomainName; @@ -139,7 +129,7 @@ function Test-TargetResource $actualValue = $targetResource[$propertyName]; if ($expectedValue -ne $actualValue) { - $valueIncorrectMessage = $localizedData.ResourcePropertyValueIncorrect -f $propertyName, $expectedValue, $actualValue; + $valueIncorrectMessage = $script:localizedData.ResourcePropertyValueIncorrect -f $propertyName, $expectedValue, $actualValue; Write-Verbose -Message $valueIncorrectMessage; $inDesiredState = $false; } @@ -148,12 +138,12 @@ function Test-TargetResource if ($inDesiredState) { - Write-Verbose -Message ($localizedData.ResourceInDesiredState -f $DomainName); + Write-Verbose -Message ($script:localizedData.ResourceInDesiredState -f $DomainName); return $true; } else { - Write-Verbose -Message ($localizedData.ResourceNotInDesiredState -f $DomainName); + Write-Verbose -Message ($script:localizedData.ResourceNotInDesiredState -f $DomainName); return $false; } } #end Test-TargetResource @@ -217,11 +207,11 @@ function Set-TargetResource $propertyValue = ConvertTo-TimeSpan -TimeSpan $propertyValue -TimeSpanType Minutes; } $setADDefaultDomainPasswordPolicyParams[$propertyName] = $propertyValue; - Write-Verbose -Message ($localizedData.SettingPasswordPolicyValue -f $propertyName, $propertyValue); + Write-Verbose -Message ($script:localizedData.SettingPasswordPolicyValue -f $propertyName, $propertyValue); } } - Write-Verbose -Message ($localizedData.UpdatingDomainPasswordPolicy -f $DomainName); + Write-Verbose -Message ($script:localizedData.UpdatingDomainPasswordPolicy -f $DomainName); [ref] $null = Set-ADDefaultDomainPasswordPolicy @setADDefaultDomainPasswordPolicyParams; } #end Set-TargetResource diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/MSFT_xADDomainDefaultPasswordPolicy.strings.psd1 b/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/MSFT_xADDomainDefaultPasswordPolicy.strings.psd1 new file mode 100644 index 000000000..4747f916a --- /dev/null +++ b/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/en-US/MSFT_xADDomainDefaultPasswordPolicy.strings.psd1 @@ -0,0 +1,9 @@ +# culture="en-US" +ConvertFrom-StringData @' + QueryingDomainPasswordPolicy = Querying Active Directory domain '{0}' default password policy. + UpdatingDomainPasswordPolicy = Updating Active Directory domain '{0}' default password policy. + SettingPasswordPolicyValue = Setting password policy '{0}' property to '{1}'. + ResourcePropertyValueIncorrect = Property '{0}' value is incorrect; expected '{1}', actual '{2}'. + ResourceInDesiredState = Resource '{0}' is in the desired state. + ResourceNotInDesiredState = Resource '{0}' is NOT in the desired state. +'@ diff --git a/DSCResources/MSFT_xADDomainTrust/en-US/MSFT_xADDomainTrust.strings.psd1 b/DSCResources/MSFT_xADDomainTrust/en-US/MSFT_xADDomainTrust.strings.psd1 index 0abd847b0..92be13b4d 100644 --- a/DSCResources/MSFT_xADDomainTrust/en-US/MSFT_xADDomainTrust.strings.psd1 +++ b/DSCResources/MSFT_xADDomainTrust/en-US/MSFT_xADDomainTrust.strings.psd1 @@ -1,3 +1,4 @@ +# culture="en-US" ConvertFrom-StringData @' MissingRoleMessage = Please ensure that the {0} role is installed CheckingTrustMessage = Checking if Trust between {0} and {1} exists ... diff --git a/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.psm1 b/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.psm1 index 1ca700833..19a84c52c 100644 --- a/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.psm1 +++ b/DSCResources/MSFT_xADForestProperties/MSFT_xADForestProperties.psm1 @@ -1,24 +1,13 @@ -$moduleRoot = Split-Path -Path $MyInvocation.MyCommand.Path -Parent -#region LocalizedData -$culture = 'en-us' -if (Test-Path -Path (Join-Path -Path $moduleRoot -ChildPath $PSUICulture)) -{ - $culture = $PSUICulture -} -$importLocalizedDataParams = @{ - BindingVariable = 'LocalizedData' - Filename = 'MSFT_xADForestProperties.strings.psd1' - BaseDirectory = $moduleRoot - UICulture = $culture -} -Import-LocalizedData @importLocalizedDataParams -#endregion +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' + +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') + +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') -# Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath (Join-Path -Path 'MSFT_xADCommon' -ChildPath 'MSFT_xADCommon.psm1') -Import-Module -Name $adCommonFunctions +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADForestProperties' <# .SYNOPSIS @@ -101,7 +90,7 @@ function Get-TargetResource $getADForestParameters['Credential'] = $Credential } - Write-Verbose -Message ($localizedData.GetForest -f $ForestName) + Write-Verbose -Message ($script:localizedData.GetForest -f $ForestName) $forest = Get-ADForest -Identity $ForestName $targetResource = @{ @@ -213,7 +202,7 @@ function Test-TargetResource if (-not ( Test-Members @assertMemberParameters -ExistingMembers ($forest.SpnSuffixes -split ',') )) { - Write-Verbose -Message $LocalizedData.ForestSpnSuffixNotInDesiredState + Write-Verbose -Message $script:localizedData.ForestSpnSuffixNotInDesiredState $inDesiredState = $false } @@ -235,7 +224,7 @@ function Test-TargetResource if (-not ( Test-Members @assertMemberParameters -ExistingMembers ($forest.UpnSuffixes -split ',') )) { - Write-Verbose -Message $LocalizedData.ForestUpnSuffixNotInDesiredState + Write-Verbose -Message $script:localizedData.ForestUpnSuffixNotInDesiredState $inDesiredState = $false } @@ -330,7 +319,7 @@ function Set-TargetResource replace = $($ServicePrincipalNameSuffix) } - Write-Verbose -Message ($localizedData.ReplaceSpnSuffix -f $replaceServicePrincipalNameSuffix) + Write-Verbose -Message ($script:localizedData.ReplaceSpnSuffix -f $replaceServicePrincipalNameSuffix) } if ($PSBoundParameters.ContainsKey('ServicePrincipalNameSuffixToAdd') -and -not [system.string]::IsNullOrEmpty($ServicePrincipalNameSuffixToAdd)) { @@ -339,7 +328,7 @@ function Set-TargetResource add = $($ServicePrincipalNameSuffixToAdd) } - Write-Verbose -Message ($localizedData.AddSpnSuffix -f $addServicePrincipalNameSuffix) + Write-Verbose -Message ($script:localizedData.AddSpnSuffix -f $addServicePrincipalNameSuffix) } if ($PSBoundParameters.ContainsKey('ServicePrincipalNameSuffixToRemove') -and -not [system.string]::IsNullOrEmpty($ServicePrincipalNameSuffixToRemove)) { @@ -355,7 +344,7 @@ function Set-TargetResource } } - Write-Verbose -Message ($localizedData.RemoveSpnSuffix -f $removeServicePrincipalNameSuffix) + Write-Verbose -Message ($script:localizedData.RemoveSpnSuffix -f $removeServicePrincipalNameSuffix) } # add UserPrincipalName parameter @@ -366,7 +355,7 @@ function Set-TargetResource replace = $($UserPrincipalNameSuffix) } - Write-Verbose -Message ($localizedData.ReplaceUpnSuffix -f $replaceUserPrincipalNameSuffix) + Write-Verbose -Message ($script:localizedData.ReplaceUpnSuffix -f $replaceUserPrincipalNameSuffix) } if ($PSBoundParameters.ContainsKey('UserPrincipalNameSuffixToAdd') -and -not [system.string]::IsNullOrEmpty($UserPrincipalNameSuffixToAdd)) { @@ -375,7 +364,7 @@ function Set-TargetResource add = $($UserPrincipalNameSuffixToAdd) } - Write-Verbose -Message ($localizedData.AddUpnSuffix -f $addUserPrincipalNameSuffix) + Write-Verbose -Message ($script:localizedData.AddUpnSuffix -f $addUserPrincipalNameSuffix) } if ($PSBoundParameters.ContainsKey('UserPrincipalNameSuffixToRemove') -and -not [system.string]::IsNullOrEmpty($UserPrincipalNameSuffixToRemove)) { @@ -391,7 +380,7 @@ function Set-TargetResource } } - Write-Verbose -Message ($localizedData.RemoveUpnSuffix -f $removeUserPrincipalNameSuffix) + Write-Verbose -Message ($script:localizedData.RemoveUpnSuffix -f $removeUserPrincipalNameSuffix) } Set-ADForest @setADForestParameters diff --git a/DSCResources/MSFT_xADForestProperties/en-US/MSFT_xADForestProperties.strings.psd1 b/DSCResources/MSFT_xADForestProperties/en-US/MSFT_xADForestProperties.strings.psd1 new file mode 100644 index 000000000..81dd397b7 --- /dev/null +++ b/DSCResources/MSFT_xADForestProperties/en-US/MSFT_xADForestProperties.strings.psd1 @@ -0,0 +1,12 @@ +# culture="en-US" +ConvertFrom-StringData @' + GetForest = Getting forest suffix information from {0}. + ForestUpnSuffixNotInDesiredState = User Principal Name Suffix for forest '{0}' not in the desired state. + ForestSpnSuffixNotInDesiredState = Service Principal Name Suffix for forest '{0}' not in the desired state. + AddSpnSuffix = Adding Service Principal Name Suffix: {0}. + RemoveSpnSuffix = Removing Service Principal Name Suffix: {0}. + ReplaceSpnSuffix = Replacing Service Principal Name Suffix with: {0}. + AddUpnSuffix = Adding User Principal Name Suffix: {0}. + RemoveUpnSuffix = Removing User Principal Name Suffix: {0}. + ReplaceUpnSuffix = Replacing User Principal Name Suffix with: {0}. +'@ diff --git a/DSCResources/MSFT_xADForestProperties/en-us/MSFT_xADForestProperties.strings.psd1 b/DSCResources/MSFT_xADForestProperties/en-us/MSFT_xADForestProperties.strings.psd1 deleted file mode 100644 index 4cdeb6697..000000000 --- a/DSCResources/MSFT_xADForestProperties/en-us/MSFT_xADForestProperties.strings.psd1 +++ /dev/null @@ -1,12 +0,0 @@ -# culture="en-US" -ConvertFrom-StringData @' - GetForest = Getting forest suffix information from {0}. - ForestUpnSuffixNotInDesiredState = User Principal Name Suffix for forest '{0}' not in the desired state. - ForestSpnSuffixNotInDesiredState = Service Principal Name Suffix for forest '{0}' not in the desired state. - AddSpnSuffix = Adding Service Principal Name Suffix: {0}. - RemoveSpnSuffix = Removing Service Principal Name Suffix: {0}. - ReplaceSpnSuffix = Replacing Service Principal Name Suffix with: {0}. - AddUpnSuffix = Adding User Principal Name Suffix: {0}. - RemoveUpnSuffix = Removing User Principal Name Suffix: {0}. - ReplaceUpnSuffix = Replacing User Principal Name Suffix with: {0}. -'@ diff --git a/DSCResources/MSFT_xADGroup/MSFT_xADGroup.psm1 b/DSCResources/MSFT_xADGroup/MSFT_xADGroup.psm1 index 4e00a693d..00ee7c506 100644 --- a/DSCResources/MSFT_xADGroup/MSFT_xADGroup.psm1 +++ b/DSCResources/MSFT_xADGroup/MSFT_xADGroup.psm1 @@ -1,31 +1,13 @@ -## Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions - -# Localized messages -data LocalizedData -{ - # culture='en-US' - ConvertFrom-StringData @' - RetrievingGroupMembers = Retrieving group membership based on '{0}' property. - GroupMembershipInDesiredState = Group membership is in the desired state. - GroupMembershipNotDesiredState = Group membership is NOT in the desired state. - - AddingGroupMembers = Adding '{0}' member(s) to AD group '{1}'. - RemovingGroupMembers = Removing '{0}' member(s) from AD group '{1}'. - AddingGroup = Adding AD Group '{0}' - UpdatingGroup = Updating AD Group '{0}' - RemovingGroup = Removing AD Group '{0}' - MovingGroup = Moving AD Group '{0}' to '{1}' - RestoringGroup = Attempting to restore the group {0} from recycle bin. - GroupNotFound = AD Group '{0}' was not found - NotDesiredPropertyState = AD Group '{0}' is not correct. Expected '{1}', actual '{2}' - UpdatingGroupProperty = Updating AD Group property '{0}' to '{1}' - GroupMembershipMultipleDomains = Group membership objects are in '{0}' different AD Domains. -'@ -} +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' + +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') + +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') + +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADGroup' function Get-TargetResource { @@ -117,7 +99,7 @@ function Get-TargetResource try { $adGroup = Get-ADGroup @adGroupParams -Property Name,GroupScope,GroupCategory,DistinguishedName,Description,DisplayName,ManagedBy,Info - Write-Verbose -Message ($LocalizedData.RetrievingGroupMembers -f $MembershipAttribute) + Write-Verbose -Message ($script:localizedData.RetrievingGroupMembers -f $MembershipAttribute) # Retrieve the current list of members, returning the specified membership attribute [System.Array]$adGroupMembers = (Get-ADGroupMember @adGroupParams).$MembershipAttribute $targetResource = @{ @@ -142,7 +124,7 @@ function Get-TargetResource } catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] { - Write-Verbose -Message ($LocalizedData.GroupNotFound -f $GroupName) + Write-Verbose -Message ($script:localizedData.GroupNotFound -f $GroupName) $targetResource = @{ GroupName = $GroupName GroupScope = $GroupScope @@ -266,48 +248,48 @@ function Test-TargetResource $targetResourceInCompliance = $true if ($PSBoundParameters.ContainsKey('GroupScope') -and $targetResource.GroupScope -ne $GroupScope) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'GroupScope', $GroupScope, $targetResource.GroupScope) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'GroupScope', $GroupScope, $targetResource.GroupScope) $targetResourceInCompliance = $false } if ($PSBoundParameters.ContainsKey('Category') -and $targetResource.Category -ne $Category) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'Category', $Category, $targetResource.Category) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'Category', $Category, $targetResource.Category) $targetResourceInCompliance = $false } if ($Path -and ($targetResource.Path -ne $Path)) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'Path', $Path, $targetResource.Path) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'Path', $Path, $targetResource.Path) $targetResourceInCompliance = $false } if ($Description -and ($targetResource.Description -ne $Description)) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'Description', $Description, $targetResource.Description) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'Description', $Description, $targetResource.Description) $targetResourceInCompliance = $false } if ($DisplayName -and ($targetResource.DisplayName -ne $DisplayName)) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'DisplayName', $DisplayName, $targetResource.DisplayName) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'DisplayName', $DisplayName, $targetResource.DisplayName) $targetResourceInCompliance = $false } if ($ManagedBy -and ($targetResource.ManagedBy -ne $ManagedBy)) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'ManagedBy', $ManagedBy, $targetResource.ManagedBy) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'ManagedBy', $ManagedBy, $targetResource.ManagedBy) $targetResourceInCompliance = $false } if ($Notes -and ($targetResource.Notes -ne $Notes)) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'Notes', $Notes, $targetResource.Notes) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'Notes', $Notes, $targetResource.Notes) $targetResourceInCompliance = $false } # Test group members match passed membership parameters if (-not (Test-Members @assertMemberParameters -ExistingMembers $targetResource.Members)) { - Write-Verbose -Message $LocalizedData.GroupMembershipNotDesiredState + Write-Verbose -Message $script:localizedData.GroupMembershipNotDesiredState $targetResourceInCompliance = $false } if ($targetResource.Ensure -ne $Ensure) { - Write-Verbose -Message ($LocalizedData.NotDesiredPropertyState -f 'Ensure', $Ensure, $targetResource.Ensure) + Write-Verbose -Message ($script:localizedData.NotDesiredPropertyState -f 'Ensure', $Ensure, $targetResource.Ensure) $targetResourceInCompliance = $false } return $targetResourceInCompliance @@ -414,7 +396,7 @@ function Set-TargetResource $GroupMemberDomainCount = ($GroupMemberDomains | Select-Object -Unique).count if( $GroupMemberDomainCount -gt 1 -or ($GroupMemberDomains -ine (Get-DomainName)).Count -gt 0 ) { - Write-Verbose -Message ($LocalizedData.GroupMembershipMultipleDomains -f $GroupMemberDomainCount); + Write-Verbose -Message ($script:localizedData.GroupMembershipMultipleDomains -f $GroupMemberDomainCount); $MembersInMultipleDomains = $true } } @@ -429,49 +411,49 @@ function Set-TargetResource # Update existing group properties if ($PSBoundParameters.ContainsKey('Category') -and $Category -ne $adGroup.GroupCategory) { - Write-Verbose -Message ($LocalizedData.UpdatingGroupProperty -f 'Category', $Category) + Write-Verbose -Message ($script:localizedData.UpdatingGroupProperty -f 'Category', $Category) $setADGroupParams['GroupCategory'] = $Category } if ($PSBoundParameters.ContainsKey('GroupScope') -and $GroupScope -ne $adGroup.GroupScope) { # Cannot change DomainLocal to Global or vice versa directly. Need to change them to a Universal group first! Set-ADGroup -Identity $adGroup.DistinguishedName -GroupScope Universal - Write-Verbose -Message ($LocalizedData.UpdatingGroupProperty -f 'GroupScope', $GroupScope) + Write-Verbose -Message ($script:localizedData.UpdatingGroupProperty -f 'GroupScope', $GroupScope) $setADGroupParams['GroupScope'] = $GroupScope } if ($Description -and ($Description -ne $adGroup.Description)) { - Write-Verbose -Message ($LocalizedData.UpdatingGroupProperty -f 'Description', $Description) + Write-Verbose -Message ($script:localizedData.UpdatingGroupProperty -f 'Description', $Description) $setADGroupParams['Description'] = $Description } if ($DisplayName -and ($DisplayName -ne $adGroup.DisplayName)) { - Write-Verbose -Message ($LocalizedData.UpdatingGroupProperty -f 'DisplayName', $DisplayName) + Write-Verbose -Message ($script:localizedData.UpdatingGroupProperty -f 'DisplayName', $DisplayName) $setADGroupParams['DisplayName'] = $DisplayName } if ($ManagedBy -and ($ManagedBy -ne $adGroup.ManagedBy)) { - Write-Verbose -Message ($LocalizedData.UpdatingGroupProperty -f 'ManagedBy', $ManagedBy) + Write-Verbose -Message ($script:localizedData.UpdatingGroupProperty -f 'ManagedBy', $ManagedBy) $setADGroupParams['ManagedBy'] = $ManagedBy } if ($Notes -and ($Notes -ne $adGroup.Info)) { - Write-Verbose -Message ($LocalizedData.UpdatingGroupProperty -f 'Notes', $Notes) + Write-Verbose -Message ($script:localizedData.UpdatingGroupProperty -f 'Notes', $Notes) $setADGroupParams['Replace'] = @{ Info = $Notes } } - Write-Verbose -Message ($LocalizedData.UpdatingGroup -f $GroupName) + Write-Verbose -Message ($script:localizedData.UpdatingGroup -f $GroupName) Set-ADGroup @setADGroupParams # Move group if the path is not correct if ($Path -and ($Path -ne (Get-ADObjectParentDN -DN $adGroup.DistinguishedName))) { - Write-Verbose -Message ($LocalizedData.MovingGroup -f $GroupName, $Path) + Write-Verbose -Message ($script:localizedData.MovingGroup -f $GroupName, $Path) $moveADObjectParams = $adGroupParams.Clone() $moveADObjectParams['Identity'] = $adGroup.DistinguishedName Move-ADObject @moveADObjectParams -TargetPath $Path } - Write-Verbose -Message ($LocalizedData.RetrievingGroupMembers -f $MembershipAttribute) + Write-Verbose -Message ($script:localizedData.RetrievingGroupMembers -f $MembershipAttribute) $adGroupMembers = (Get-ADGroupMember @adGroupParams).$MembershipAttribute if (-not (Test-Members -ExistingMembers $adGroupMembers -Members $Members -MembersToInclude $MembersToInclude -MembersToExclude $MembersToExclude)) { @@ -484,22 +466,22 @@ function Set-TargetResource # We can only remove members if there are members already in the group! if ($adGroupMembers.Count -gt 0) { - Write-Verbose -Message ($LocalizedData.RemovingGroupMembers -f $adGroupMembers.Count, $GroupName) + Write-Verbose -Message ($script:localizedData.RemovingGroupMembers -f $adGroupMembers.Count, $GroupName) Remove-ADGroupMember @adGroupParams -Members $adGroupMembers -Confirm:$false } - Write-Verbose -Message ($LocalizedData.AddingGroupMembers -f $Members.Count, $GroupName) + Write-Verbose -Message ($script:localizedData.AddingGroupMembers -f $Members.Count, $GroupName) Add-ADCommonGroupMember -Parameter $adGroupParams -Members $Members -MembersInMultipleDomains:$MembersInMultipleDomains } if ($PSBoundParameters.ContainsKey('MembersToInclude') -and -not [system.string]::IsNullOrEmpty($MembersToInclude)) { $MembersToInclude = Remove-DuplicateMembers -Members $MembersToInclude - Write-Verbose -Message ($LocalizedData.AddingGroupMembers -f $MembersToInclude.Count, $GroupName) + Write-Verbose -Message ($script:localizedData.AddingGroupMembers -f $MembersToInclude.Count, $GroupName) Add-ADCommonGroupMember -Parameter $adGroupParams -Members $MembersToInclude -MembersInMultipleDomains:$MembersInMultipleDomains } if ($PSBoundParameters.ContainsKey('MembersToExclude') -and -not [system.string]::IsNullOrEmpty($MembersToExclude)) { $MembersToExclude = Remove-DuplicateMembers -Members $MembersToExclude - Write-Verbose -Message ($LocalizedData.RemovingGroupMembers -f $MembersToExclude.Count, $GroupName) + Write-Verbose -Message ($script:localizedData.RemovingGroupMembers -f $MembersToExclude.Count, $GroupName) Remove-ADGroupMember @adGroupParams -Members $MembersToExclude -Confirm:$false } } @@ -507,7 +489,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Absent') { # Remove existing group - Write-Verbose -Message ($LocalizedData.RemovingGroup -f $GroupName) + Write-Verbose -Message ($script:localizedData.RemovingGroup -f $GroupName) Remove-ADGroup @adGroupParams -Confirm:$false } } @@ -516,7 +498,7 @@ function Set-TargetResource # The AD group doesn't exist if ($Ensure -eq 'Present') { - Write-Verbose -Message ($LocalizedData.GroupNotFound -f $GroupName) + Write-Verbose -Message ($script:localizedData.GroupNotFound -f $GroupName) $adGroupParams = Get-ADCommonParameters @PSBoundParameters -UseNameParameter if ($Description) @@ -542,14 +524,14 @@ function Set-TargetResource #> if($RestoreFromRecycleBin) { - Write-Verbose -Message ($LocalizedData.RestoringGroup -f $GroupName) + Write-Verbose -Message ($script:localizedData.RestoringGroup -f $GroupName) $restoreParams = Get-ADCommonParameters @PSBoundParameters $adGroup = Restore-ADCommonObject @restoreParams -ObjectClass Group -ErrorAction Stop } if (-not $adGroup) { - Write-Verbose -Message ($LocalizedData.AddingGroup -f $GroupName) + Write-Verbose -Message ($script:localizedData.AddingGroup -f $GroupName) $adGroup = New-ADGroup @adGroupParams -GroupCategory $Category -GroupScope $GroupScope -PassThru } @@ -560,7 +542,7 @@ function Set-TargetResource if ($Notes) { # Can't set the Notes field when creating the group - Write-Verbose -Message ($LocalizedData.UpdatingGroupProperty -f 'Notes', $Notes) + Write-Verbose -Message ($script:localizedData.UpdatingGroupProperty -f 'Notes', $Notes) $setADGroupParams = $adGroupParams.Clone() $setADGroupParams['Identity'] = $adGroup.DistinguishedName Set-ADGroup @setADGroupParams -Add @{ Info = $Notes } @@ -570,13 +552,13 @@ function Set-TargetResource if ($PSBoundParameters.ContainsKey('Members') -and -not [system.string]::IsNullOrEmpty($Members)) { $Members = Remove-DuplicateMembers -Members $Members - Write-Verbose -Message ($LocalizedData.AddingGroupMembers -f $Members.Count, $GroupName) + Write-Verbose -Message ($script:localizedData.AddingGroupMembers -f $Members.Count, $GroupName) Add-ADCommonGroupMember -Parameter $adGroupParams -Members $Members -MembersInMultipleDomains:$MembersInMultipleDomains } elseif ($PSBoundParameters.ContainsKey('MembersToInclude') -and -not [system.string]::IsNullOrEmpty($MembersToInclude)) { $MembersToInclude = Remove-DuplicateMembers -Members $MembersToInclude - Write-Verbose -Message ($LocalizedData.AddingGroupMembers -f $MembersToInclude.Count, $GroupName) + Write-Verbose -Message ($script:localizedData.AddingGroupMembers -f $MembersToInclude.Count, $GroupName) Add-ADCommonGroupMember -Parameter $adGroupParams -Members $MembersToInclude -MembersInMultipleDomains:$MembersInMultipleDomains } diff --git a/DSCResources/MSFT_xADGroup/en-US/MSFT_xADGroup.strings.psd1 b/DSCResources/MSFT_xADGroup/en-US/MSFT_xADGroup.strings.psd1 new file mode 100644 index 000000000..a13653a3e --- /dev/null +++ b/DSCResources/MSFT_xADGroup/en-US/MSFT_xADGroup.strings.psd1 @@ -0,0 +1,16 @@ +# culture="en-US" +ConvertFrom-StringData @' + RetrievingGroupMembers = Retrieving group membership based on '{0}' property. + GroupMembershipNotDesiredState = Group membership is NOT in the desired state. + AddingGroupMembers = Adding '{0}' member(s) to AD group '{1}'. + RemovingGroupMembers = Removing '{0}' member(s) from AD group '{1}'. + AddingGroup = Adding AD Group '{0}' + UpdatingGroup = Updating AD Group '{0}' + RemovingGroup = Removing AD Group '{0}' + MovingGroup = Moving AD Group '{0}' to '{1}' + RestoringGroup = Attempting to restore the group {0} from recycle bin. + GroupNotFound = AD Group '{0}' was not found + NotDesiredPropertyState = AD Group '{0}' is not correct. Expected '{1}', actual '{2}' + UpdatingGroupProperty = Updating AD Group property '{0}' to '{1}' + GroupMembershipMultipleDomains = Group membership objects are in '{0}' different AD Domains. +'@ diff --git a/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.psm1 b/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.psm1 index 0fea187a8..7be03e993 100644 --- a/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.psm1 +++ b/DSCResources/MSFT_xADKDSKey/MSFT_xADKDSKey.psm1 @@ -1,26 +1,14 @@ +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:resourceModulePath = Split-Path ` --Path (Split-Path -Path $PSScriptRoot -Parent) ` --Parent +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') -$script:localizationModulePath = Join-Path ` --Path $script:resourceModulePath ` --ChildPath 'Modules\xActiveDirectory.Common' - -Import-Module -Name ( -Join-Path ` - -Path $script:localizationModulePath ` - -ChildPath 'xActiveDirectory.Common.psm1' -) +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') $script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADKDSKey' -## Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions - <# .SYNOPSIS Gets the specified KDS root key diff --git a/DSCResources/MSFT_xADKDSKey/en-US/MSFT_xADKDSKey.strings.psd1 b/DSCResources/MSFT_xADKDSKey/en-US/MSFT_xADKDSKey.strings.psd1 index c9a23c475..98ddadc1c 100644 --- a/DSCResources/MSFT_xADKDSKey/en-US/MSFT_xADKDSKey.strings.psd1 +++ b/DSCResources/MSFT_xADKDSKey/en-US/MSFT_xADKDSKey.strings.psd1 @@ -21,5 +21,5 @@ ConvertFrom-StringData @' EffectiveTimeInvalid = The EffectiveTime of '{0}' is invalid. Please ensure that the date and time is parsable using DateTime. (KDSK0018) CheckingDomainAdminUserRights = Checking if the user '{0}' has valid Domain Admin permissions. (KDSK0019) CheckingDomainAdminComputerRights = Checking if the node '{0}' is a Domain Controller. The node has a product type of '{1}'. If the product type is 2, then it is a domain controller. (KDSK0020) - RetrievedRootDomainDN = Retrieved the root domain distinguished name of '{0}'. (KDSK0021) + RetrievedRootDomainDN = Retrieved the root domain distinguished name of '{0}'. (KDSK0021) '@ diff --git a/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.psm1 b/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.psm1 index f44342510..5841c8059 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.psm1 +++ b/DSCResources/MSFT_xADManagedServiceAccount/MSFT_xADManagedServiceAccount.psm1 @@ -1,26 +1,14 @@ -$script:resourceModulePath = Split-Path ` --Path (Split-Path -Path $PSScriptRoot -Parent) ` --Parent +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' -$script:localizationModulePath = Join-Path ` --Path $script:resourceModulePath ` --ChildPath 'Modules\xActiveDirectory.Common' +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') -Import-Module -Name ( -Join-Path ` - -Path $script:localizationModulePath ` - -ChildPath 'xActiveDirectory.Common.psm1' -) +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') $script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADManagedServiceAccount' -## Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions - - <# .SYNOPSIS Gets the specified managed service account. diff --git a/DSCResources/MSFT_xADManagedServiceAccount/en-US/MSFT_xADManagedServiceAccount.strings.psd1 b/DSCResources/MSFT_xADManagedServiceAccount/en-US/MSFT_xADManagedServiceAccount.strings.psd1 index f9d96c669..aebc17187 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/en-US/MSFT_xADManagedServiceAccount.strings.psd1 +++ b/DSCResources/MSFT_xADManagedServiceAccount/en-US/MSFT_xADManagedServiceAccount.strings.psd1 @@ -1,7 +1,6 @@ # culture='en-US' ConvertFrom-StringData @' AddingManagedServiceAccount = Adding AD Managed Service Account '{0}'. (MSA0001) - UpdatingManagedServiceAccount = Updating AD Managed Service Account '{0}'. (MSA0002) RemovingManagedServiceAccount = Removing AD Managed Service Account '{0}'. (MSA0003) MovingManagedServiceAccount = Moving AD Managed Service Account '{0}' to '{1}'. (MSA0004) ManagedServiceAccountNotFound = AD Managed Service Account '{0}' was not found. (MSA0005) diff --git a/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.psm1 b/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.psm1 index 37d2ec8f3..d2f8576d3 100644 --- a/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.psm1 +++ b/DSCResources/MSFT_xADObjectPermissionEntry/MSFT_xADObjectPermissionEntry.psm1 @@ -1,8 +1,11 @@ -# Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' + +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') + +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') $script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADObjectPermissionEntry' diff --git a/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.psm1 b/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.psm1 index 769df5659..bdafa2f49 100644 --- a/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.psm1 +++ b/DSCResources/MSFT_xADOrganizationalUnit/MSFT_xADOrganizationalUnit.psm1 @@ -1,26 +1,13 @@ -## Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions - -# Localized messages -data LocalizedData -{ - # culture="en-US" - ConvertFrom-StringData @' - RoleNotFoundError = Please ensure that the PowerShell module for role '{0}' is installed. - RetrievingOU = Retrieving OU '{0}'. - UpdatingOU = Updating OU '{0}'. - DeletingOU = Deleting OU '{0}'. - CreatingOU = Creating OU '{0}'. - RestoringOU = Attempting to restore the organizational unit object {0} from the recycle bin. - OUInDesiredState = OU '{0}' exists and is in the desired state. - OUNotInDesiredState = OU '{0}' exists but is not in the desired state. - OUExistsButShouldNot = OU '{0}' exists when it should not exist. - OUDoesNotExistButShould = OU '{0}' does not exist when it should exist. -'@ -} +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' + +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') + +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') + +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADOrganizationalUnit' function Get-TargetResource { @@ -36,7 +23,7 @@ function Get-TargetResource ) Assert-Module -ModuleName 'ActiveDirectory'; - Write-Verbose ($LocalizedData.RetrievingOU -f $Name) + Write-Verbose ($script:localizedData.RetrievingOU -f $Name) $ou = Get-ADOrganizationalUnit -Filter { Name -eq $Name } -SearchBase $Path -SearchScope OneLevel -Properties ProtectedFromAccidentalDeletion, Description $targetResource = @{ @@ -110,17 +97,17 @@ function Test-TargetResource if ($isCompliant) { - Write-Verbose ($LocalizedData.OUInDesiredState -f $targetResource.Name) + Write-Verbose ($script:localizedData.OUInDesiredState -f $targetResource.Name) } else { - Write-Verbose ($LocalizedData.OUNotInDesiredState -f $targetResource.Name) + Write-Verbose ($script:localizedData.OUNotInDesiredState -f $targetResource.Name) } } else { $isCompliant = $false - Write-Verbose ($LocalizedData.OUExistsButShouldNot -f $targetResource.Name) + Write-Verbose ($script:localizedData.OUExistsButShouldNot -f $targetResource.Name) } } else @@ -129,12 +116,12 @@ function Test-TargetResource if ($Ensure -eq 'Present') { $isCompliant = $false - Write-Verbose ($LocalizedData.OUDoesNotExistButShould -f $targetResource.Name) + Write-Verbose ($script:localizedData.OUDoesNotExistButShould -f $targetResource.Name) } else { $isCompliant = $true - Write-Verbose ($LocalizedData.OUInDesiredState -f $targetResource.Name) + Write-Verbose ($script:localizedData.OUInDesiredState -f $targetResource.Name) } } @@ -186,7 +173,7 @@ function Set-TargetResource $ou = Get-ADOrganizationalUnit -Filter { Name -eq $Name } -SearchBase $Path -SearchScope OneLevel if ($Ensure -eq 'Present') { - Write-Verbose ($LocalizedData.UpdatingOU -f $targetResource.Name) + Write-Verbose ($script:localizedData.UpdatingOU -f $targetResource.Name) $setADOrganizationalUnitParams = @{ Identity = $ou Description = $Description @@ -200,7 +187,7 @@ function Set-TargetResource } else { - Write-Verbose ($LocalizedData.DeletingOU -f $targetResource.Name) + Write-Verbose ($script:localizedData.DeletingOU -f $targetResource.Name) if ($targetResource.ProtectedFromAccidentalDeletion) { $setADOrganizationalUnitParams = @{ @@ -230,7 +217,7 @@ function Set-TargetResource { if ($RestoreFromRecycleBin) { - Write-Verbose -Message ($LocalizedData.RestoringOu -f $Name) + Write-Verbose -Message ($script:localizedData.RestoringOu -f $Name) $restoreParams = @{ Identity = $Name ObjectClass = 'OrganizationalUnit' @@ -247,7 +234,7 @@ function Set-TargetResource if (-not $RestoreFromRecycleBin -or ($RestoreFromRecycleBin -and -not $restoreSuccessful)) { - Write-Verbose ($LocalizedData.CreatingOU -f $targetResource.Name) + Write-Verbose ($script:localizedData.CreatingOU -f $targetResource.Name) $newADOrganizationalUnitParams = @{ Name = $Name Path = $Path diff --git a/DSCResources/MSFT_xADOrganizationalUnit/en-US/MSFT_xADOrganizationalUnit.strings.psd1 b/DSCResources/MSFT_xADOrganizationalUnit/en-US/MSFT_xADOrganizationalUnit.strings.psd1 new file mode 100644 index 000000000..0c8e23c24 --- /dev/null +++ b/DSCResources/MSFT_xADOrganizationalUnit/en-US/MSFT_xADOrganizationalUnit.strings.psd1 @@ -0,0 +1,12 @@ +# culture="en-US" +ConvertFrom-StringData @' + RetrievingOU = Retrieving OU '{0}'. + UpdatingOU = Updating OU '{0}'. + DeletingOU = Deleting OU '{0}'. + CreatingOU = Creating OU '{0}'. + RestoringOU = Attempting to restore the organizational unit object {0} from the recycle bin. + OUInDesiredState = OU '{0}' exists and is in the desired state. + OUNotInDesiredState = OU '{0}' exists but is not in the desired state. + OUExistsButShouldNot = OU '{0}' exists when it should not exist. + OUDoesNotExistButShould = OU '{0}' does not exist when it should exist. +'@ diff --git a/DSCResources/MSFT_xADReplicationSiteLink/en-US/MSFT_xADReplicationSiteLink.strings.psd1 b/DSCResources/MSFT_xADReplicationSiteLink/en-US/MSFT_xADReplicationSiteLink.strings.psd1 index cfbabcd85..808a136c2 100644 --- a/DSCResources/MSFT_xADReplicationSiteLink/en-US/MSFT_xADReplicationSiteLink.strings.psd1 +++ b/DSCResources/MSFT_xADReplicationSiteLink/en-US/MSFT_xADReplicationSiteLink.strings.psd1 @@ -1,11 +1,11 @@ ConvertFrom-StringData @' - SiteNotFound = Site: {0} not found in SitesIncluded. Current SitesIncluded: {1}. - SiteFoundInExcluded = Excluded {0} site found in SitesIncluded. Current SitesIncluded: {1}. - PropertyNotInDesiredState = {0} is not in desired state Current: {1} Desired: {2}. - RemovingSites = Removing sites {0} from site link {1}. - AddingSites = Adding sites {0} to site link {1}. - NewSiteLink = Creating AD Site Link {0}. - RemoveSiteLink = Removing AD Site Link {0}. - SiteLinkNotFound = Could not find {0} site link. + SiteNotFound = Site: {0} not found in SitesIncluded. Current SitesIncluded: {1}. + SiteFoundInExcluded = Excluded {0} site found in SitesIncluded. Current SitesIncluded: {1}. + PropertyNotInDesiredState = {0} is not in desired state Current: {1} Desired: {2}. + RemovingSites = Removing sites {0} from site link {1}. + AddingSites = Adding sites {0} to site link {1}. + NewSiteLink = Creating AD Site Link {0}. + RemoveSiteLink = Removing AD Site Link {0}. + SiteLinkNotFound = Could not find {0} site link. GetSiteLinkUnexpectedError = Unexpected error getting site link {0}. '@ diff --git a/DSCResources/MSFT_xADUser/MSFT_xADUser.psm1 b/DSCResources/MSFT_xADUser/MSFT_xADUser.psm1 index f094ad1e3..5a8314a7e 100644 --- a/DSCResources/MSFT_xADUser/MSFT_xADUser.psm1 +++ b/DSCResources/MSFT_xADUser/MSFT_xADUser.psm1 @@ -2,39 +2,16 @@ [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword", "PasswordAuthentication")] param() -# Import the common AD functions -$adCommonFunctions = Join-Path ` - -Path (Split-Path -Path $PSScriptRoot -Parent) ` - -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1' -Import-Module -Name $adCommonFunctions - -# Localized messages -data LocalizedData -{ - # culture="en-US" - ConvertFrom-StringData @' - RoleNotFoundError = Please ensure that the PowerShell module for role '{0}' is installed. - RetrievingADUserError = Error looking up Active Directory user '{0}' ({0}@{1}). - PasswordParameterConflictError = Parameter '{0}' cannot be set to '{1}' when the '{2}' parameter is specified. - - RetrievingADUser = Retrieving Active Directory user '{0}' ({0}@{1}) ... - CreatingADDomainConnection = Creating connection to Active Directory domain '{0}' ... - CheckingADUserPassword = Checking Active Directory user '{0}' password ... - ADUserIsPresent = Active Directory user '{0}' ({0}@{1}) is present. - ADUserNotPresent = Active Directory user '{0}' ({0}@{1}) was NOT present. - ADUserNotDesiredPropertyState = User '{0}' property is NOT in the desired state. Expected '{1}', actual '{2}'. - - AddingADUser = Adding Active Directory user '{0}'. - RemovingADUser = Removing Active Directory user '{0}'. - UpdatingADUser = Updating Active Directory user '{0}'. - SettingADUserPassword = Setting Active Directory user password. - UpdatingADUserProperty = Updating user property '{0}' with/to '{1}'. - RemovingADUserProperty = Removing user property '{0}' with '{1}'. - MovingADUser = Moving user from '{0}' to '{1}'. - RenamingADUser = Renaming user from '{0}' to '{1}'. - RestoringUser = Attempting to restore the user object {0} from the recycle bin. -'@ -} +$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent +$script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' + +$script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'xActiveDirectory.Common' +Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'xActiveDirectory.Common.psm1') + +$script:dscResourcePath = Split-Path -Path $PSScriptRoot -Parent +Import-Module -Name (Join-Path -Path $script:dscResourcePath -ChildPath '\MSFT_xADCommon\MSFT_xADCommon.psm1') + +$script:localizedData = Get-LocalizedData -ResourceName 'MSFT_xADUser' # Create a property map that maps the DSC resource parameters to the # Active Directory user attributes. @@ -402,19 +379,19 @@ function Get-TargetResource } } - Write-Verbose -Message ($LocalizedData.RetrievingADUser -f $UserName, $DomainName); + Write-Verbose -Message ($script:localizedData.RetrievingADUser -f $UserName, $DomainName); $adUser = Get-ADUser @adCommonParameters -Properties $adProperties; - Write-Verbose -Message ($LocalizedData.ADUserIsPresent -f $UserName, $DomainName); + Write-Verbose -Message ($script:localizedData.ADUserIsPresent -f $UserName, $DomainName); $Ensure = 'Present'; } catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] { - Write-Verbose -Message ($LocalizedData.ADUserNotPresent -f $UserName, $DomainName); + Write-Verbose -Message ($script:localizedData.ADUserNotPresent -f $UserName, $DomainName); $Ensure = 'Absent'; } catch { - Write-Error -Message ($LocalizedData.RetrievingADUserError -f $UserName, $DomainName); + Write-Error -Message ($script:localizedData.RetrievingADUserError -f $UserName, $DomainName); throw $_; } @@ -765,7 +742,7 @@ function Test-TargetResource { if ($targetResource.Ensure -eq 'Present') { - Write-Verbose -Message ($LocalizedData.ADUserNotDesiredPropertyState -f 'Ensure', $PSBoundParameters.Ensure, $targetResource.Ensure); + Write-Verbose -Message ($script:localizedData.ADUserNotDesiredPropertyState -f 'Ensure', $PSBoundParameters.Ensure, $targetResource.Ensure); $isCompliant = $false; } } @@ -791,7 +768,7 @@ function Test-TargetResource } if (-not (Test-Password @testPasswordParams)) { - Write-Verbose -Message ($LocalizedData.ADUserNotDesiredPropertyState -f 'Password', '', ''); + Write-Verbose -Message ($script:localizedData.ADUserNotDesiredPropertyState -f 'Password', '', ''); $isCompliant = $false; } } @@ -813,14 +790,14 @@ function Test-TargetResource { $existingSPNs = $testMembersParams['ExistingMembers'] -join ','; $desiredSPNs = $ServicePrincipalNames -join ','; - Write-Verbose -Message ($LocalizedData.ADUserNotDesiredPropertyState -f ` + Write-Verbose -Message ($script:localizedData.ADUserNotDesiredPropertyState -f ` 'ServicePrincipalNames', $desiredSPNs, $existingSPNs); $isCompliant = $false; } } elseif ($PSBoundParameters.$parameter -ne $targetResource.$parameter) { - Write-Verbose -Message ($LocalizedData.ADUserNotDesiredPropertyState -f $parameter, $PSBoundParameters.$parameter, $targetResource.$parameter); + Write-Verbose -Message ($script:localizedData.ADUserNotDesiredPropertyState -f $parameter, $PSBoundParameters.$parameter, $targetResource.$parameter); $isCompliant = $false; } } @@ -1145,7 +1122,7 @@ function Set-TargetResource # Try to restore account if it exists if ($RestoreFromRecycleBin) { - Write-Verbose -Message ($LocalizedData.RestoringUser -f $UserName) + Write-Verbose -Message ($script:localizedData.RestoringUser -f $UserName) $restoreParams = Get-ADCommonParameters @PSBoundParameters $restorationSuccessful = Restore-ADCommonObject @restoreParams -ObjectClass User -ErrorAction Stop } @@ -1163,7 +1140,7 @@ function Set-TargetResource { $newADUserParams['AccountPassword'] = $Password.Password; } - Write-Verbose -Message ($LocalizedData.AddingADUser -f $UserName); + Write-Verbose -Message ($script:localizedData.AddingADUser -f $UserName); New-ADUser @newADUserParams -SamAccountName $UserName; # Now retrieve the newly created user $targetResource = Get-TargetResource @PSBoundParameters; @@ -1185,7 +1162,7 @@ function Set-TargetResource $adCommonParameters = Get-ADCommonParameters @PSBoundParameters; # Using the SamAccountName for identity with Move-ADObject does not work, use the DN instead $adCommonParameters['Identity'] = $targetResource.DistinguishedName; - Write-Verbose -Message ($LocalizedData.MovingADUser -f $targetResource.Path, $PSBoundParameters.Path); + Write-Verbose -Message ($script:localizedData.MovingADUser -f $targetResource.Path, $PSBoundParameters.Path); Move-ADObject @adCommonParameters -TargetPath $PSBoundParameters.Path; } elseif ($parameter -eq 'CommonName' -and ($PSBoundParameters.CommonName -ne $targetResource.CommonName)) @@ -1194,24 +1171,24 @@ function Set-TargetResource $adCommonParameters = Get-ADCommonParameters @PSBoundParameters; # Using the SamAccountName for identity with Rename-ADObject does not work, use the DN instead $adCommonParameters['Identity'] = $targetResource.DistinguishedName; - Write-Verbose -Message ($LocalizedData.RenamingADUser -f $targetResource.CommonName, $PSBoundParameters.CommonName); + Write-Verbose -Message ($script:localizedData.RenamingADUser -f $targetResource.CommonName, $PSBoundParameters.CommonName); Rename-ADObject @adCommonParameters -NewName $PSBoundParameters.CommonName; } elseif ($parameter -eq 'Password' -and $PasswordNeverResets -eq $false) { $adCommonParameters = Get-ADCommonParameters @PSBoundParameters; - Write-Verbose -Message ($LocalizedData.SettingADUserPassword -f $UserName); + Write-Verbose -Message ($script:localizedData.SettingADUserPassword -f $UserName); Set-ADAccountPassword @adCommonParameters -Reset -NewPassword $Password.Password; } elseif ($parameter -eq 'Enabled' -and ($PSBoundParameters.$parameter -ne $targetResource.$parameter)) { # We cannot enable/disable an account with -Add or -Replace parameters, but inform that # we will change this as it is out of compliance (it always gets set anyway) - Write-Verbose -Message ($LocalizedData.UpdatingADUserProperty -f $parameter, $PSBoundParameters.$parameter); + Write-Verbose -Message ($script:localizedData.UpdatingADUserProperty -f $parameter, $PSBoundParameters.$parameter); } elseif ($parameter -eq 'ServicePrincipalNames') { - Write-Verbose -Message ($LocalizedData.UpdatingADUserProperty -f ` + Write-Verbose -Message ($script:localizedData.UpdatingADUserProperty -f ` 'ServicePrincipalNames', ($ServicePrincipalNames -join ',')); $replaceUserProperties['ServicePrincipalName'] = $ServicePrincipalNames; } @@ -1230,7 +1207,7 @@ function Set-TargetResource # Only remove if the existing value in not null or empty if (-not ([System.String]::IsNullOrEmpty($targetResource.$parameter))) { - Write-Verbose -Message ($LocalizedData.RemovingADUserProperty -f $parameter, $PSBoundParameters.$parameter); + Write-Verbose -Message ($script:localizedData.RemovingADUserProperty -f $parameter, $PSBoundParameters.$parameter); if ($adProperty.UseCmdletParameter -eq $true) { # We need to pass the parameter explicitly to Set-ADUser, not via -Remove @@ -1249,7 +1226,7 @@ function Set-TargetResource else { # We are replacing the existing value - Write-Verbose -Message ($LocalizedData.UpdatingADUserProperty -f $parameter, $PSBoundParameters.$parameter); + Write-Verbose -Message ($script:localizedData.UpdatingADUserProperty -f $parameter, $PSBoundParameters.$parameter); if ($adProperty.UseCmdletParameter -eq $true) { # We need to pass the parameter explicitly to Set-ADUser, not via -Replace @@ -1279,13 +1256,13 @@ function Set-TargetResource $setADUserParams['Remove'] = $removeUserProperties; } - Write-Verbose -Message ($LocalizedData.UpdatingADUser -f $UserName); + Write-Verbose -Message ($script:localizedData.UpdatingADUser -f $UserName); [ref] $null = Set-ADUser @setADUserParams -Enabled $Enabled; } elseif (($Ensure -eq 'Absent') -and ($targetResource.Ensure -eq 'Present')) { # User exists and needs removing - Write-Verbose ($LocalizedData.RemovingADUser -f $UserName); + Write-Verbose ($script:localizedData.RemovingADUser -f $UserName); $adCommonParameters = Get-ADCommonParameters @PSBoundParameters; [ref] $null = Remove-ADUser @adCommonParameters -Confirm:$false; } @@ -1317,7 +1294,7 @@ function Assert-Parameters { $throwInvalidArgumentErrorParams = @{ ErrorId = 'xADUser_DisabledAccountPasswordConflict'; - ErrorMessage = $LocalizedData.PasswordParameterConflictError -f 'Enabled', $false, 'Password'; + ErrorMessage = $script:localizedData.PasswordParameterConflictError -f 'Enabled', $false, 'Password'; } ThrowInvalidArgumentError @throwInvalidArgumentErrorParams; } @@ -1356,7 +1333,7 @@ function Test-Password $PasswordAuthentication ) - Write-Verbose -Message ($LocalizedData.CreatingADDomainConnection -f $DomainName); + Write-Verbose -Message ($script:localizedData.CreatingADDomainConnection -f $DomainName); Add-Type -AssemblyName 'System.DirectoryServices.AccountManagement'; if ($DomainAdministratorCredential) @@ -1377,7 +1354,7 @@ function Test-Password $null ); } - Write-Verbose -Message ($LocalizedData.CheckingADUserPassword -f $UserName); + Write-Verbose -Message ($script:localizedData.CheckingADUserPassword -f $UserName); if ($PasswordAuthentication -eq 'Negotiate') { diff --git a/DSCResources/MSFT_xADUser/en-US/MSFT_xADUser.strings.psd1 b/DSCResources/MSFT_xADUser/en-US/MSFT_xADUser.strings.psd1 new file mode 100644 index 000000000..6ff12c8cd --- /dev/null +++ b/DSCResources/MSFT_xADUser/en-US/MSFT_xADUser.strings.psd1 @@ -0,0 +1,20 @@ +# culture="en-US" +ConvertFrom-StringData @' + RetrievingADUserError = Error looking up Active Directory user '{0}' ({0}@{1}). + PasswordParameterConflictError = Parameter '{0}' cannot be set to '{1}' when the '{2}' parameter is specified. + RetrievingADUser = Retrieving Active Directory user '{0}' ({0}@{1}) ... + CreatingADDomainConnection = Creating connection to Active Directory domain '{0}' ... + CheckingADUserPassword = Checking Active Directory user '{0}' password ... + ADUserIsPresent = Active Directory user '{0}' ({0}@{1}) is present. + ADUserNotPresent = Active Directory user '{0}' ({0}@{1}) was NOT present. + ADUserNotDesiredPropertyState = User '{0}' property is NOT in the desired state. Expected '{1}', actual '{2}'. + AddingADUser = Adding Active Directory user '{0}'. + RemovingADUser = Removing Active Directory user '{0}'. + UpdatingADUser = Updating Active Directory user '{0}'. + SettingADUserPassword = Setting Active Directory user password. + UpdatingADUserProperty = Updating user property '{0}' with/to '{1}'. + RemovingADUserProperty = Removing user property '{0}' with '{1}'. + MovingADUser = Moving user from '{0}' to '{1}'. + RenamingADUser = Renaming user from '{0}' to '{1}'. + RestoringUser = Attempting to restore the user object {0} from the recycle bin. +'@