Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

xActiveDirectory: Restoring an object no longer fails #272

Merged
merged 3 commits into from
May 14, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,26 @@
- Updated unit tests to latest unit test template and refactored the
tests for the function 'Set-TargetResource'.
- Improved test code coverage.
- Changes to xADComputer
- Restoring a computer account from the recycle bin no longer fails if
there is more than one object with the same name in the recycle bin.
Now it uses the object that was changed last using the property
`whenChanged` ([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)).
- Changes to xADGroup
- Restoring a group from the recycle bin no longer fails if there is
more than one object with the same name in the recycle bin. Now it
uses the object that was changed last using the property `whenChanged`
([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)).
- Changes to xADOrganizationalUnit
- Restoring an organizational unit from the recycle bin no longer fails
if there is more than one object with the same name in the recycle bin.
Now it uses the object that was changed last using the property `whenChanged`
([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)).
- Changes to xADUser
- Restoring a user from the recycle bin no longer fails if there is
more than one object with the same name in the recycle bin. Now it
uses the object that was changed last using the property `whenChanged`
([issue #271](https://github.com/PowerShell/xActiveDirectory/issues/271)).

## 2.25.0.0

Expand Down
13 changes: 9 additions & 4 deletions DSCResources/MSFT_xADCommon/MSFT_xADCommon.psm1
Original file line number Diff line number Diff line change
Expand Up @@ -761,7 +761,7 @@ function Restore-ADCommonObject
)

$restoreFilter = 'msDS-LastKnownRDN -eq "{0}" -and objectClass -eq "{1}" -and isDeleted -eq $true' -f $Identity, $ObjectClass
Write-Verbose -Message ($localizedString.FindInRecycleBin -f $restoreFilter)
Write-Verbose -Message ($localizedString.FindInRecycleBin -f $restoreFilter) -Verbose

<#
Using IsDeleted and IncludeDeletedObjects will mean that the cmdlet does not throw
Expand All @@ -772,13 +772,18 @@ function Restore-ADCommonObject
$getAdObjectParams.Remove('Identity')
$getAdObjectParams['Filter'] = $restoreFilter
$getAdObjectParams['IncludeDeletedObjects'] = $true
$getAdObjectParams['Properties'] = @('whenChanged')

# If more than one object is returned, we pick the one that was changed last.
$restorableObject = Get-ADObject @getAdObjectParams |
Sort-Object -Descending -Property 'whenChanged' |
Select-Object -First 1

$restorableObject = Get-ADObject @getAdObjectParams
$restoredObject = $null

if ($restorableObject)
{
Write-Verbose -Message ($localizedString.FoundRestoreTargetInRecycleBin -f $Identity, $ObjectClass, $restorableObject.DistinguishedName)
Write-Verbose -Message ($localizedString.FoundRestoreTargetInRecycleBin -f $Identity, $ObjectClass, $restorableObject.DistinguishedName) -Verbose

try
{
Expand All @@ -787,7 +792,7 @@ function Restore-ADCommonObject
$restoreParams['ErrorAction'] = 'Stop'
$restoreParams['Identity'] = $restorableObject.DistinguishedName
$restoredObject = Restore-ADObject @restoreParams
Write-Verbose -Message ($localizedString.RecycleBinRestoreSuccessful -f $Identity, $ObjectClass)
Write-Verbose -Message ($localizedString.RecycleBinRestoreSuccessful -f $Identity, $ObjectClass) -Verbose
}
catch [Microsoft.ActiveDirectory.Management.ADException]
{
Expand Down
35 changes: 25 additions & 10 deletions Tests/Unit/MSFT_xADCommon.Tests.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -628,30 +628,45 @@ try

#region Function Restore-ADCommonObject
Describe "$($Global:DSCResourceName)\Restore-ADCommonObject" {
$getAdObjectReturnValue = [PSCustomObject]@{
Deleted = $True
DistinguishedName = 'CN=a375347\0ADEL:d3c8b8c1-c42b-4533-af7d-3aa73ecd2216,CN=Deleted Objects,DC=contoso,DC=com'
Name = 'a375347'
ObjectClass = 'user'
ObjectGUID = 'd3c8b8c1-c42b-4533-af7d-3aa73ecd2216'
}
$getAdObjectReturnValue = @(
[PSCustomObject] @{
Deleted = $true
DistinguishedName = 'CN=a375347\0ADEL:f0e3f4fe-212b-43e7-83dd-c8f3b47ebb9c,CN=Deleted Objects,DC=contoso,DC=com'
Name = 'a375347'
ObjectClass = 'user'
ObjectGUID = 'f0e3f4fe-212b-43e7-83dd-c8f3b47ebb9c'
# Make this one day older.
whenChanged = (Get-Date).AddDays(-1)
},
[PSCustomObject] @{
Deleted = $true
DistinguishedName = 'CN=a375347\0ADEL:d3c8b8c1-c42b-4533-af7d-3aa73ecd2216,CN=Deleted Objects,DC=contoso,DC=com'
Name = 'a375347'
ObjectClass = 'user'
ObjectGUID = 'd3c8b8c1-c42b-4533-af7d-3aa73ecd2216'
whenChanged = Get-Date
}
)

$restoreAdObjectReturnValue = [PSCustomObject]@{
DistinguishedName = 'CN=a375347,CN=Accounts,DC=contoso,DC=com'
Name = 'a375347'
ObjectClass = 'user'
ObjectGUID = 'd3c8b8c1-c42b-4533-af7d-3aa73ecd2216'
}

function Restore-ADObject { }
function Restore-ADObject
{
}

$getAdCommonParameterReturnValue = @{Identity = 'something'}
$restoreIdentity = 'SomeObjectName'
$restoreObjectClass = 'user'
$restoreObjectWrongClass = 'wrong'

Context 'When there are objects in the recycle bin' {
Mock -CommandName Get-ADObject -MockWith { return $getAdObjectReturnValue} -Verifiable
Mock -CommandName Get-ADCommonParameters -MockWith { return $getAdCommonParameterReturnValue}
Mock -CommandName Get-ADObject -MockWith { return $getAdObjectReturnValue } -Verifiable
Mock -CommandName Get-ADCommonParameters -MockWith { return $getAdCommonParameterReturnValue }
Mock -CommandName Restore-ADObject -Verifiable

It 'Should not throw when called with the correct parameters' {
Expand Down