From a7514a38a858a4dd00d9ba102e8f85ab468c3557 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Sat, 8 Jun 2019 12:17:30 -0500 Subject: [PATCH 01/45] Delete xActiveDirectory_TechNetDocumentation.html --- xActiveDirectory_TechNetDocumentation.html | 898 --------------------- 1 file changed, 898 deletions(-) delete mode 100644 xActiveDirectory_TechNetDocumentation.html diff --git a/xActiveDirectory_TechNetDocumentation.html b/xActiveDirectory_TechNetDocumentation.html deleted file mode 100644 index 77f26da1c..000000000 --- a/xActiveDirectory_TechNetDocumentation.html +++ /dev/null @@ -1,898 +0,0 @@ - -
-

 

-

Introduction

-
- -

- The xActiveDirectory module is a part of the Windows PowerShell Desired State Configuration (DSC) Resource Kit, which is a collection of DSC Resources produced by the PowerShell Team. This module contains the - xADDomain, xADDomainController, xADUser, xWaitForDomain, and xADDomainTrust resources. These DSC Resources allow you to configure and manage Active Directory.  Note: these resources do not presently install the RSAT tools. -

-

- All of the resources in the DSC Resource Kit are provided AS IS, and are not supported through any Microsoft standard support program or service. The "x" in xActiveDirectory stands for experimental, which means that these resources will - be fix forward and monitored by the module owner(s). -

-

Please leave comments, feature requests, and bug reports in the Q & A tab for this module.

-

- If you would like to modify xActiveDirectory module, feel free. When modifying, please update the module name, resource friendly name, and MOF class name (instructions below). As specified in the license, you may copy or modify this resource - as long as they are used on the Windows Platform. -

-

- For more information about Windows PowerShell Desired State Configuration, check out the blog posts on the - PowerShell Blog (this - is a good starting point). There are also great community resources, such as - PowerShell.org - , or - PowerShell Magazine - . For more information on the DSC Resource Kit, check out - this blog post. -

-

Installation

-

To install xActiveDirectory module

-
    -
  • Unzip the content under $env:ProgramFiles\WindowsPowerShell\Modules folder
  • -
-

To confirm installation:

-
    -
  • - Run Get-DSCResource to see that xADDomain, xADDomainController, xADUser, xWaitForDomain, and xADDomainTrust are among the DSC Resources listed -
  • -
-

Requirements

-

- This module requires the latest version of PowerShell (v4.0, which ships in Windows 8.1 or Windows Server 2012R2). To easily use PowerShell 4.0 on older operating systems, - install WMF 4.0. Please read the installation instructions that are present on both the download page and the release notes for WMF 4.0. -

-

Description

-

- The xActiveDirectory module contains the xADDomain, xADDomainController, xADUser, xWaitForDomain, and ADDomainTrust DSC Resources. These DSC Resources allow you to configure new domain, child domains,high availability domain - controllers and establish cross-domain trusts.  - The - xADDomain - resource is responsible to create new Active directory forest configuration or new Active directory domain configuration.  - The - - xADDomainController - resource is responsible to install a domain controller in Active directory.  - - The - xADUser - resource is responsible to modify or remove Active directory User.  - The - xWaitForDomain resource is responsible to wait for new domain to setup. It's worth noting that the RSAT tools will not be installed when these resources are used to configure AD. The - xADDomainTrust resource is used to establish a cross-domain trust.  -
-
-
-
-
-
-

-

Details

-

xADDomain resource has following properties:

-
    -
  • - DomainName: -                                        - Name of the domain.  If no parent name is specified, this is the fully qualified domain name for first domain in the forest. -
  • -
  • - ParentDomainName:                            Name of the parent domain. -
  • -
  • - DomainAdministratorCredential:       Credentials used to query for domain existence. Note: These are not used during domain creation. ( AD sets the localadmin credentials as new domain administrator credentials - during setup ) -
    -
    -
  • -
  • - SafemodeAdministratorPassword:     - - Password for the administrator account when the computer is started in Safe Mode. - -
  • -
  • - - DnsDelegationCredential:                     - Credential used for creating DNS delegation -
  • -
  • - - DatabasePath:                                         - Destination path for the AD database -
  • -
  • - - LogPath:                                                    - Destination path for the AD log files -
  • -
  • - - SysvolPath:                                               - Destination path for the sysvol store -
  • -
-

xADDomainController resource has following properties:

-
    -
  • - DomainName: -                                          - The fully qualified domain name for the domain where the domain controller will be present -
  • -
  • - DomainAdministratorCredential: -        - Specifies the credential for the account used to install the domain controller -
  • -
  • - SafemodeAdministratorPassword:      Password for the administrator account when the computer is started in Safe Mode. -
  • -
  • - - DatabasePath:                                         - Destination path for the AD database -
  • -
  • - - LogPath:                                                    - Destination path for the AD log files -
  • -
  • - - SysvolPath:                                               - Destination path for the sysvol store -
  • -
- -

xADUser resource has following properties:

-
    -
  • - Ensure: -                                                       - Specifies whether the given user is present or absent -
  • -
  • - DomainName: -                                          - Name of the domain to which the user will be added -
  • -
  • - UserName:                                                - Name of the user -
  • -
  • - Password: -                                                  - Password value for the account - -
  • -
  • - DomainAdministratorCredential:         User account credentials used to perform the task -
  • -
-

xWaitForADDomain resource has following properties:

-
    -
  • - DomainName: -                                           - Name of the domain to wait for -
  • -
  • - RetryIntervalSec: -                                      - Interval to check for the domain's existance -
  • -
  • - RetryCount:                                                - Maximum number of retries to check for the domain's existance -
  • -
-

xADDomainTrust resource has following properties:

-
    -
  • - Ensure: -                                                            - Specifies whether the domain trust is present or absent -
  • -
  • - TargetDomainAdministratorCredential: Credentials to authenticate to the target domain -
  • -
  • - TargetDomainName: -                                   - Name of the AD domain that is being trusted -
  • -
  • - TrustType:                                          -             Type of trust -
  • -
  • - TrustDirection:                                          -     Direction of trust, the values for which may be Bidirectional,Inbound, or Outbound -
  • -
  • - SourceDomainName:                                   Name of the AD domain that is requesting the trust -
  • -
-

Renaming Requirements

-

When making changes to these resources, we suggest the following practice:

-
    -
  1. - Update the following names by replacing MSFT with your company/community name and replacing the - "x" with "c" (short for "Community") or another prefix of your choice: -
      -
    • - Module name (ex: xADDomain becomes - cADDomain) -
    • -
    • - Resource folder (ex: MSFT_xADDomain becomes - Contoso_xADDomain) -
    • -
    • - Resource Name (ex: MSFT_xADDomain becomes - Contoso_cADDomain) -
    • -
    • - - Resource Friendly Name (ex: - xADDomain - - becomes cADDomain) -
    • -
    • - MOF class name (ex: MSFT_xADDomain becomes - Contoso_cADDomain) -
    • -
    • - Filename for the <resource>.schema.mof (ex: MSFT_xADDomain.schema.mof becomes - Contoso_cADDomain.schema.mof) -
    • -
    -
  2. -
  3. Update module and metadata information in the module manifest
  4. -
  5. Update any configuration that use these resources
  6. -
-

- - We reserve resource and module names without prefixes ("x" or "c") for future use (e.g. "MSFT_ADDomain" or "MSFT_ADUser"). If the next version of Windows Server ships with a "ADDomain" resource, we don't want to break any configurations that use any - community modifications. Please keep a prefix such as "c" on all community modifications. - -

-

Versions

-

1.0.0.0

-
    -
  • - Initial release with the following resources -
      -
    • - xADDomain, xADDomainController, xADUser, and xWaitForDomain -
    • -
    -
  • -
-

2.0.0.0

-
    -
  • - Updated release, which added the resource -
      -
    • xADDomainTrust
    • -
    -
  • -
-

2.1.0.0

-
    -
  • - Minor update: Get-TargetResource to use domain name instead of name -
  • -
-

2.2

-
    -
  • - Modified xAdDomain and xAdDomainController to support Ensure as Present / Absent, rather than True/False. Note: this may cause issues for existing scripts. Also corrected return value to be a hashtable in both resources. -
  • -
-

2.3

-
    -
  • - Added properties to xAdDomain and xAdDomainController: -
      -
    • - DatabasePath -
    • -
    • - LogPath -
    • -
    • - SysvolPath -
    • -
    -
  • -
-

- Example: Create a highly available Domain using multiple domain controllers -

-

- In the following example configuration, a highly available domain is created by adding a domain controller to an existing domain.  This example uses the xWaitForDomain resource to ensure that the domain is present before the second domain controller - is added. -

-
-
-
PowerShell
-
Edit|Remove
- - -
-
# A configuration to Create High Availability Domain Controller  
- 
-configuration AssertHADC 
-{ 
- 
-   param 
-    ( 
-        [Parameter(Mandatory)] 
-        [pscredential]$safemodeAdministratorCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$domainCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$DNSDelegationCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$NewADUserCred 
-    ) 
- 
-    Import-DscResource -ModuleName xActiveDirectory 
- 
-    Node $AllNodes.Where{$_.Role -eq "Primary DC"}.Nodename 
-    { 
-        WindowsFeature ADDSInstall 
-        { 
-            Ensure = "Present" 
-            Name = "AD-Domain-Services" 
-        } 
- 
-        xADDomain FirstDS 
-        { 
-            DomainName = $Node.DomainName 
-            DomainAdministratorCredential = $domainCred 
-            SafemodeAdministratorPassword = $safemodeAdministratorCred 
-            DnsDelegationCredential = $DNSDelegationCred 
-            DependsOn = "[WindowsFeature]ADDSInstall" 
-        } 
- 
-        xWaitForADDomain DscForestWait 
-        { 
-            DomainName = $Node.DomainName 
-            DomainUserCredential = $domainCred 
-            RetryCount = $Node.RetryCount 
-            RetryIntervalSec = $Node.RetryIntervalSec 
-            DependsOn = "[xADDomain]FirstDS" 
-        } 
- 
-        xADUser FirstUser 
-        { 
-            DomainName = $Node.DomainName 
-            DomainAdministratorCredential = $domainCred 
-            UserName = "dummy" 
-            Password = $NewADUserCred 
-            Ensure = "Present" 
-            DependsOn = "[xWaitForADDomain]DscForestWait" 
-        } 
- 
-    } 
- 
-    Node $AllNodes.Where{$_.Role -eq "Replica DC"}.Nodename 
-    { 
-        WindowsFeature ADDSInstall 
-        { 
-            Ensure = "Present" 
-            Name = "AD-Domain-Services" 
-        } 
- 
-        xWaitForADDomain DscForestWait 
-        { 
-            DomainName = $Node.DomainName 
-            DomainUserCredential = $domainCred 
-            RetryCount = $Node.RetryCount 
-            RetryIntervalSec = $Node.RetryIntervalSec 
-            DependsOn = "[WindowsFeature]ADDSInstall" 
-        } 
- 
-        xADDomainController SecondDC 
-        { 
-            DomainName = $Node.DomainName 
-            DomainAdministratorCredential = $domainCred 
-            SafemodeAdministratorPassword = $safemodeAdministratorCred 
-            DnsDelegationCredential = $DNSDelegationCred 
-            DependsOn = "[xWaitForADDomain]DscForestWait" 
-        } 
-    } 
-} 
- 
-# Configuration Data for AD  
- 
-$ConfigData = @{ 
-    AllNodes = @( 
-        @{ 
-            Nodename = "dsc-testNode1" 
-            Role = "Primary DC" 
-            DomainName = "dsc-test.contoso.com" 
-            CertificateFile = "C:\publicKeys\targetNode.cer"   
-            Thumbprint = "AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8"  
-            RetryCount = 20  
-            RetryIntervalSec = 30  
-        }, 
- 
-        @{ 
-            Nodename = "dsc-testNode2" 
-            Role = "Replica DC" 
-            DomainName = "dsc-test.contoso.com" 
-            CertificateFile = "C:\publicKeys\targetNode.cer"   
-            Thumbprint = "AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8"  
-            RetryCount = 20  
-            RetryIntervalSec = 30  
-        } 
-    ) 
-} 
- 
-AssertHADC -configurationData $ConfigData ` 
--safemodeAdministratorCred (Get-Credential -Message "New Domain Safe Mode Admin Credentials") ` 
--domainCred (Get-Credential -Message "New Domain Admin Credentials") ` 
--DNSDelegationCred (Get-Credential -Message "Credentials to Setup DNS Delegation") ` 
--NewADUserCred (Get-Credential -Message "New AD User Credentials") 
- 
-Start-DscConfiguration -Wait -Force -Verbose -ComputerName "dsc-testNode1" -Path $PSScriptRoot\AssertHADC ` 
--Credential (Get-Credential -Message "Local Admin Credentials on Remote Machine") 
- 
-Start-DscConfiguration -Wait -Force -Verbose -ComputerName "dsc-testNode2" -Path $PSScriptRoot\AssertHADC ` 
--Credential (Get-Credential -Message "Local Admin Credentials on Remote Machine") 
-
-
-
-
-
-   -

- Example: Create a child domain under a parent domain -

-

In this example, we create a domain, and then create a child domain on another node.

-

 

-
-
-
PowerShell
-
Edit|Remove
- -
-
# Configuration to Setup Parent Child Domains  
- 
-configuration AssertParentChildDomains 
-{ 
-    param 
-    ( 
-        [Parameter(Mandatory)] 
-        [pscredential]$safemodeAdministratorCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$domainCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$DNSDelegationCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$NewADUserCred 
-    ) 
- 
-    Import-DscResource -ModuleName xActiveDirectory 
- 
-    Node $AllNodes.Where{$_.Role -eq "Parent DC"}.Nodename 
-    { 
-        WindowsFeature ADDSInstall 
-        { 
-            Ensure = "Present" 
-            Name = "AD-Domain-Services" 
-        } 
- 
-        xADDomain FirstDS 
-        { 
-            DomainName = $Node.DomainName 
-            DomainAdministratorCredential = $domainCred 
-            SafemodeAdministratorPassword = $safemodeAdministratorCred 
-            DnsDelegationCredential = $DNSDelegationCred 
-            DependsOn = "[WindowsFeature]ADDSInstall" 
-        } 
- 
-        xWaitForADDomain DscForestWait 
-        { 
-            DomainName = $Node.DomainName 
-            DomainUserCredential = $domainCred 
-            RetryCount = $Node.RetryCount 
-            RetryIntervalSec = $Node.RetryIntervalSec 
-            DependsOn = "[xADDomain]FirstDS" 
-        } 
- 
-        xADUser FirstUser 
-        { 
-            DomainName = $Node.DomainName 
-            DomainAdministratorCredential = $domaincred 
-            UserName = "dummy" 
-            Password = $NewADUserCred 
-            Ensure = "Present" 
-            DependsOn = "[xWaitForADDomain]DscForestWait" 
-        } 
- 
-    } 
- 
-    Node $AllNodes.Where{$_.Role -eq "Child DC"}.Nodename 
-    { 
-        WindowsFeature ADDSInstall 
-        { 
-            Ensure = "Present" 
-            Name = "AD-Domain-Services" 
-        } 
- 
-        xWaitForADDomain DscForestWait 
-        { 
-            DomainName = $Node.ParentDomainName 
-            DomainUserCredential = $domainCred 
-            RetryCount = $Node.RetryCount 
-            RetryIntervalSec = $Node.RetryIntervalSec 
-            DependsOn = "[WindowsFeature]ADDSInstall" 
-        } 
- 
-        xADDomain ChildDS 
-        { 
-            DomainName = $Node.DomainName 
-            ParentDomainName = $Node.ParentDomainName 
-            DomainAdministratorCredential = $domainCred 
-            SafemodeAdministratorPassword = $safemodeAdministratorCred 
-            DependsOn = "[xWaitForADDomain]DscForestWait" 
-        } 
-    } 
-} 
- 
-$ConfigData = @{ 
- 
-    AllNodes = @( 
-        @{ 
-            Nodename = "dsc-testNode1" 
-            Role = "Parent DC" 
-            DomainName = "dsc-test.contoso.com"         
-            CertificateFile = "C:\publicKeys\targetNode.cer"   
-            Thumbprint = "AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8"  
-            RetryCount = 50  
-            RetryIntervalSec = 30  
-        }, 
- 
-        @{ 
-            Nodename = "dsc-testNode2" 
-            Role = "Child DC" 
-            DomainName = "dsc-child" 
-            ParentDomainName = "dsc-test.contoso.com"              
-            CertificateFile = "C:\publicKeys\targetNode.cer"   
-            Thumbprint = "AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8"  
-            RetryCount = 50  
-            RetryIntervalSec = 30         
-        } 
-    ) 
-} 
- 
-AssertParentChildDomains -configurationData $ConfigData ` 
--safemodeAdministratorCred (Get-Credential -Message "New Domain Safe Mode Admin Credentials") ` 
--domainCred (Get-Credential -Message "New Domain Admin Credentials") ` 
--DNSDelegationCred (Get-Credential -Message "Credentials to Setup DNS Delegation") ` 
--NewADUserCred (Get-Credential -Message "New AD User Credentials") 
- 
- 
-Start-DscConfiguration -Wait -Force -Verbose -ComputerName "dsc-testNode1" -Path $PSScriptRoot\AssertParentChildDomains ` 
--Credential (Get-Credential -Message "Local Admin Credentials on Remote Machine") 
-Start-DscConfiguration -Wait -Force -Verbose -ComputerName "dsc-testNode2" -Path $PSScriptRoot\AssertParentChildDomains ` 
--Credential (Get-Credential -Message "Local Admin Credentials on Remote Machine") 
- 
-
-
-
-
-
-
-
-   -

- Example: Create a cross-domain trust -

-

In this example, we setup one-way trust between two domains

-

 

-
-
-
PowerShell
-
Edit|Remove
- - -
-
# Configuration to Setup Parent Child Domains  
- 
-configuration AssertParentChildDomains 
-{ 
-    param 
-    ( 
-        [Parameter(Mandatory)] 
-        [pscredential]$safemodeAdministratorCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$domainCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$DNSDelegationCred, 
- 
-        [Parameter(Mandatory)] 
-        [pscredential]$NewADUserCred 
-    ) 
- 
-    Import-DscResource -ModuleName xActiveDirectory 
- 
-    Node $AllNodes.Where{$_.Role -eq "Parent DC"}.Nodename 
-    { 
-        WindowsFeature ADDSInstall 
-        { 
-            Ensure = "Present" 
-            Name = "AD-Domain-Services" 
-        } 
- 
-        xADDomain FirstDS 
-        { 
-            DomainName = $Node.DomainName 
-            DomainAdministratorCredential = $domainCred 
-            SafemodeAdministratorPassword = $safemodeAdministratorCred 
-            DnsDelegationCredential = $DNSDelegationCred 
-            DependsOn = "[WindowsFeature]ADDSInstall" 
-        } 
- 
-        xWaitForADDomain DscForestWait 
-        { 
-            DomainName = $Node.DomainName 
-            DomainUserCredential = $domainCred 
-            RetryCount = $Node.RetryCount 
-            RetryIntervalSec = $Node.RetryIntervalSec 
-            DependsOn = "[xADDomain]FirstDS" 
-        } 
- 
-        xADUser FirstUser 
-        { 
-            DomainName = $Node.DomainName 
-            DomainAdministratorCredential = $domaincred 
-            UserName = "dummy" 
-            Password = $NewADUserCred 
-            Ensure = "Present" 
-            DependsOn = "[xWaitForADDomain]DscForestWait" 
-        } 
- 
-    } 
- 
-    Node $AllNodes.Where{$_.Role -eq "Child DC"}.Nodename 
-    { 
-        WindowsFeature ADDSInstall 
-        { 
-            Ensure = "Present" 
-            Name = "AD-Domain-Services" 
-        } 
- 
-        xWaitForADDomain DscForestWait 
-        { 
-            DomainName = $Node.ParentDomainName 
-            DomainUserCredential = $domainCred 
-            RetryCount = $Node.RetryCount 
-            RetryIntervalSec = $Node.RetryIntervalSec 
-            DependsOn = "[WindowsFeature]ADDSInstall" 
-        } 
- 
-        xADDomain ChildDS 
-        { 
-            DomainName = $Node.DomainName 
-            ParentDomainName = $Node.ParentDomainName 
-            DomainAdministratorCredential = $domainCred 
-            SafemodeAdministratorPassword = $safemodeAdministratorCred 
-            DependsOn = "[xWaitForADDomain]DscForestWait" 
-        } 
-    } 
-} 
- 
-$ConfigData = @{ 
- 
-    AllNodes = @( 
-        @{ 
-            Nodename = "dsc-testNode1" 
-            Role = "Parent DC" 
-            DomainName = "dsc-test.contoso.com"         
-            CertificateFile = "C:\publicKeys\targetNode.cer"   
-            Thumbprint = "AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8"  
-            RetryCount = 50  
-            RetryIntervalSec = 30  
-        }, 
- 
-        @{ 
-            Nodename = "dsc-testNode2" 
-            Role = "Child DC" 
-            DomainName = "dsc-child" 
-            ParentDomainName = "dsc-test.contoso.com"              
-            CertificateFile = "C:\publicKeys\targetNode.cer"   
-            Thumbprint = "AC23EA3A9E291A75757A556D0B71CBBF8C4F6FD8"  
-            RetryCount = 50  
-            RetryIntervalSec = 30         
-        } 
-    ) 
-} 
- 
-AssertParentChildDomains -configurationData $ConfigData ` 
--safemodeAdministratorCred (Get-Credential -Message "New Domain Safe Mode Admin Credentials") ` 
--domainCred (Get-Credential -Message "New Domain Admin Credentials") ` 
--DNSDelegationCred (Get-Credential -Message "Credentials to Setup DNS Delegation") ` 
--NewADUserCred (Get-Credential -Message "New AD User Credentials") 
- 
- 
-Start-DscConfiguration -Wait -Force -Verbose -ComputerName "dsc-testNode1" -Path $PSScriptRoot\AssertParentChildDomains ` 
--Credential (Get-Credential -Message "Local Admin Credentials on Remote Machine") 
-Start-DscConfiguration -Wait -Force -Verbose -ComputerName "dsc-testNode2" -Path $PSScriptRoot\AssertParentChildDomains ` 
--Credential (Get-Credential -Message "Local Admin Credentials on Remote Machine") 
- 
-
-
-
-
-
-
-
-
-
- - - \ No newline at end of file From 942251d3b2ce95c01dca83037b29a9200f71a1f9 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Sat, 8 Jun 2019 12:24:32 -0500 Subject: [PATCH 02/45] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c16e5c0d6..cb0a5bd29 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -28,6 +28,7 @@ - Now the helper function `Test-Members` outputs all the members that are not in desired state when verbose output is enabled. - Update all unit tests to latest unit test template. + - Deleted the obsolete xActiveDirectory_TechNetDocumentation.html file - Changes to xADComputer - Refactored the resource and the unit tests. - BREAKING CHANGE: The `Enabled` property is **DEPRECATED** and is no From 42564be163925266318d5d5baedd764574589af3 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 10:57:25 -0500 Subject: [PATCH 03/45] Update README.md --- DSCResources/MSFT_xADDomain/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADDomain/README.md b/DSCResources/MSFT_xADDomain/README.md index b6fd6fc02..1f32426fd 100644 --- a/DSCResources/MSFT_xADDomain/README.md +++ b/DSCResources/MSFT_xADDomain/README.md @@ -1,3 +1,7 @@ # Description The xADDomain resource creates a new domain in a new forest or a child domain in an existing forest. While it is possible to set the forest functional level and the domain functional level during deployment with this resource the common restrictions apply. For more information see [TechNet](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels). + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From ceb172a515c23dd5db48095858a51f6456ed22af Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 10:57:45 -0500 Subject: [PATCH 04/45] Update README.md --- DSCResources/MSFT_xADDomainController/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADDomainController/README.md b/DSCResources/MSFT_xADDomainController/README.md index b65a6e878..ed865bf05 100644 --- a/DSCResources/MSFT_xADDomainController/README.md +++ b/DSCResources/MSFT_xADDomainController/README.md @@ -10,3 +10,7 @@ controllers in Active Directory. >information from another domain controller. >Make sure to use a correct domain account with the correct permission as >the account for the parameter `DomainAdministratorCredential`. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From b2566ad3c4fba5b5209a4feab533cddde9729a8b Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 10:57:57 -0500 Subject: [PATCH 05/45] Update README.md From 51d55598f6b67dd7537b21f1ff4207e277930b9d Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 10:58:16 -0500 Subject: [PATCH 06/45] Update README.md --- DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md b/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md index 134090555..b00b9fe8e 100644 --- a/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md +++ b/DSCResources/MSFT_xADDomainDefaultPasswordPolicy/README.md @@ -1,3 +1,7 @@ # Description The xADDomainDefaultPasswordPolicy DSC resource will manage an Active Directory domain's default password policy. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 5044a120ade7da9c6ddb1107bd9cb44b83efc32e Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 10:58:53 -0500 Subject: [PATCH 07/45] Update README.md From 43a7287441a4fc6f32a55c3af8c100122352cde3 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 10:59:42 -0500 Subject: [PATCH 08/45] Update README.md --- DSCResources/MSFT_xADDomainTrust/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADDomainTrust/README.md b/DSCResources/MSFT_xADDomainTrust/README.md index f719117cf..f3114cedc 100644 --- a/DSCResources/MSFT_xADDomainTrust/README.md +++ b/DSCResources/MSFT_xADDomainTrust/README.md @@ -1 +1,5 @@ # Description + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 6af6655adb46331d62279c3e0a2381db7ef0ffec Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 10:59:57 -0500 Subject: [PATCH 09/45] Update README.md --- DSCResources/MSFT_xADForestProperties/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADForestProperties/README.md b/DSCResources/MSFT_xADForestProperties/README.md index 4b6148f25..546c1e6b8 100644 --- a/DSCResources/MSFT_xADForestProperties/README.md +++ b/DSCResources/MSFT_xADForestProperties/README.md @@ -1,3 +1,7 @@ # Description The xADForestProperties DSC resource will manage User Principal Name (UPN) suffixes and Service Principal Name (SPN) suffixes in a forest. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 21e5d5339dc8d2417856f9de59a5dfaf2e5adfbe Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:00:11 -0500 Subject: [PATCH 10/45] Update README.md --- DSCResources/MSFT_xADGroup/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADGroup/README.md b/DSCResources/MSFT_xADGroup/README.md index 61594dc1c..20ddd1779 100644 --- a/DSCResources/MSFT_xADGroup/README.md +++ b/DSCResources/MSFT_xADGroup/README.md @@ -1,3 +1,7 @@ # Description The xADGroup DSC resource will manage groups within Active Directory. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 7508fc99767bb1597a99748569accbfe48901e66 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:00:21 -0500 Subject: [PATCH 11/45] Update README.md --- DSCResources/MSFT_xADKDSKey/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADKDSKey/README.md b/DSCResources/MSFT_xADKDSKey/README.md index 12a728f64..674c5344b 100644 --- a/DSCResources/MSFT_xADKDSKey/README.md +++ b/DSCResources/MSFT_xADKDSKey/README.md @@ -1,3 +1,7 @@ # Description The xADKDSKey DSC resource will manage KDS Root Keys within Active Directory. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From da66a7420c8c90da9ff6df211449411981a59b23 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:00:33 -0500 Subject: [PATCH 12/45] Update README.md --- DSCResources/MSFT_xADManagedServiceAccount/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADManagedServiceAccount/README.md b/DSCResources/MSFT_xADManagedServiceAccount/README.md index d7b4a2ed7..6012d5a12 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/README.md +++ b/DSCResources/MSFT_xADManagedServiceAccount/README.md @@ -1,3 +1,7 @@ # Description The xADManagedServiceAccount DSC resource will manage Managed Service Accounts (MSAs) within Active Directory. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 52992d590cf6a0820d1b9b03ff5d7da22cabe61f Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:00:51 -0500 Subject: [PATCH 13/45] Update README.md --- DSCResources/MSFT_xADObjectPermissionEntry/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADObjectPermissionEntry/README.md b/DSCResources/MSFT_xADObjectPermissionEntry/README.md index 78bc12e32..6d45c3916 100644 --- a/DSCResources/MSFT_xADObjectPermissionEntry/README.md +++ b/DSCResources/MSFT_xADObjectPermissionEntry/README.md @@ -4,3 +4,7 @@ The xADObjectPermissionEntry DSC resource will manage access control lists on Ac designed to to manage just one entry in the list of permissios (ACL) for one AD object. It will only interact with the one permission and leave all others as they were. The resource can be used multiple times to add multiple entries into one ACL. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From a89f72ad825b076ac16be788fc02028479a34e23 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:01:02 -0500 Subject: [PATCH 14/45] Update README.md --- DSCResources/MSFT_xADOrganizationalUnit/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADOrganizationalUnit/README.md b/DSCResources/MSFT_xADOrganizationalUnit/README.md index 6cbc01037..331a0f55f 100644 --- a/DSCResources/MSFT_xADOrganizationalUnit/README.md +++ b/DSCResources/MSFT_xADOrganizationalUnit/README.md @@ -1,3 +1,7 @@ # Description The xADOrganizational Unit DSC resource will manage OUs within Active Directory. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 22dab79ce77ed15f087f1754053a80c0d5c9a2e5 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:01:58 -0500 Subject: [PATCH 15/45] Update README.md --- DSCResources/MSFT_xADRecycleBin/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADRecycleBin/README.md b/DSCResources/MSFT_xADRecycleBin/README.md index 784abb8ab..fc9c487c5 100644 --- a/DSCResources/MSFT_xADRecycleBin/README.md +++ b/DSCResources/MSFT_xADRecycleBin/README.md @@ -5,3 +5,7 @@ This resource first verifies that the forest mode is Windows Server 2008 R2 or g is insufficient, then the resource will exit with an error message. The change is executed against the Domain Naming Master FSMO of the forest. (Note: This resource is compatible with a Windows 2008 R2 or above target node.) + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 22cbc793956bb7170cd8c101468398ba27817d55 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:02:11 -0500 Subject: [PATCH 16/45] Update README.md --- DSCResources/MSFT_xADReplicationSite/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADReplicationSite/README.md b/DSCResources/MSFT_xADReplicationSite/README.md index f719117cf..f3114cedc 100644 --- a/DSCResources/MSFT_xADReplicationSite/README.md +++ b/DSCResources/MSFT_xADReplicationSite/README.md @@ -1 +1,5 @@ # Description + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 79bcf56b6b665b7c13e91c54d322768de9c2a931 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:02:24 -0500 Subject: [PATCH 17/45] Update README.md --- DSCResources/MSFT_xADReplicationSiteLink/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADReplicationSiteLink/README.md b/DSCResources/MSFT_xADReplicationSiteLink/README.md index f719117cf..f3114cedc 100644 --- a/DSCResources/MSFT_xADReplicationSiteLink/README.md +++ b/DSCResources/MSFT_xADReplicationSiteLink/README.md @@ -1 +1,5 @@ # Description + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From eae4a75af28fb7ea2e45709288edf73e128427d5 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:02:37 -0500 Subject: [PATCH 18/45] Update README.md --- DSCResources/MSFT_xADReplicationSubnet/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADReplicationSubnet/README.md b/DSCResources/MSFT_xADReplicationSubnet/README.md index 2ea26f5d7..47002ef54 100644 --- a/DSCResources/MSFT_xADReplicationSubnet/README.md +++ b/DSCResources/MSFT_xADReplicationSubnet/README.md @@ -1,3 +1,7 @@ # Description The xADReplicationSubnet DSC resource will manage replication subnets. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 37ceaa1e5ddb8c2e74351a543e07f66e678e6fd2 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:02:49 -0500 Subject: [PATCH 19/45] Update README.md --- DSCResources/MSFT_xADServicePrincipalName/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADServicePrincipalName/README.md b/DSCResources/MSFT_xADServicePrincipalName/README.md index 69021d66d..cd3e02a4d 100644 --- a/DSCResources/MSFT_xADServicePrincipalName/README.md +++ b/DSCResources/MSFT_xADServicePrincipalName/README.md @@ -1,3 +1,7 @@ # Description The xADServicePrincipalName DSC resource will manage service principal names. + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 40c99ad28efd310c8b41db3ae83a7ba630b27856 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:03:00 -0500 Subject: [PATCH 20/45] Update README.md --- DSCResources/MSFT_xADUser/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xADUser/README.md b/DSCResources/MSFT_xADUser/README.md index f719117cf..f3114cedc 100644 --- a/DSCResources/MSFT_xADUser/README.md +++ b/DSCResources/MSFT_xADUser/README.md @@ -1 +1,5 @@ # Description + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From ee495f706d85e0b036981e949205ef77d4aff703 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:03:09 -0500 Subject: [PATCH 21/45] Update README.md --- DSCResources/MSFT_xWaitForADDomain/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/DSCResources/MSFT_xWaitForADDomain/README.md b/DSCResources/MSFT_xWaitForADDomain/README.md index f719117cf..f3114cedc 100644 --- a/DSCResources/MSFT_xWaitForADDomain/README.md +++ b/DSCResources/MSFT_xWaitForADDomain/README.md @@ -1 +1,5 @@ # Description + +## Requirements + +* Target machine must be running Windows Server 2008 R2 or later. From 87fc624686c74809e4b501fe13fcb6cefba2a5d3 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:04:54 -0500 Subject: [PATCH 22/45] Update README.md --- DSCResources/MSFT_xADRecycleBin/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/DSCResources/MSFT_xADRecycleBin/README.md b/DSCResources/MSFT_xADRecycleBin/README.md index fc9c487c5..ccfab56b5 100644 --- a/DSCResources/MSFT_xADRecycleBin/README.md +++ b/DSCResources/MSFT_xADRecycleBin/README.md @@ -4,7 +4,6 @@ The xADRecycleBin DSC resource will enable the Active Directory Recycle Bin feat This resource first verifies that the forest mode is Windows Server 2008 R2 or greater. If the forest mode is insufficient, then the resource will exit with an error message. The change is executed against the Domain Naming Master FSMO of the forest. -(Note: This resource is compatible with a Windows 2008 R2 or above target node.) ## Requirements From 9bf312c915b72a75bc38d0a26f74a08ede8b8b82 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:14:59 -0500 Subject: [PATCH 23/45] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb0a5bd29..f814dbc03 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## Unreleased - Changes to xActiveDirectory + - Added a Requirements section to every DSCResource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later". - Added new helper functions in xADCommon, see each functions comment-based help for more information. - Convert-PropertyMapToObjectProperties From a1dda81e2af7837286ce118511ded9575fd3a99d Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:15:10 -0500 Subject: [PATCH 24/45] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f814dbc03..846a18af8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,7 @@ ## Unreleased - Changes to xActiveDirectory - - Added a Requirements section to every DSCResource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later". + - Added a Requirements section to every DSCResource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" - Added new helper functions in xADCommon, see each functions comment-based help for more information. - Convert-PropertyMapToObjectProperties From ddd1dc2b77868a8f4615478f87b1800bc26a7172 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 11:16:04 -0500 Subject: [PATCH 25/45] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 846a18af8..8f3c8586c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,6 @@ ## Unreleased - Changes to xActiveDirectory - - Added a Requirements section to every DSCResource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" - Added new helper functions in xADCommon, see each functions comment-based help for more information. - Convert-PropertyMapToObjectProperties @@ -30,6 +29,7 @@ are not in desired state when verbose output is enabled. - Update all unit tests to latest unit test template. - Deleted the obsolete xActiveDirectory_TechNetDocumentation.html file + - Added a Requirements section to every DSCResource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" - Changes to xADComputer - Refactored the resource and the unit tests. - BREAKING CHANGE: The `Enabled` property is **DEPRECATED** and is no From 318666f28086cb70c7f060c8bfd8d962f725f58a Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 12:58:25 -0500 Subject: [PATCH 26/45] Update README.md --- DSCResources/MSFT_xADManagedServiceAccount/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DSCResources/MSFT_xADManagedServiceAccount/README.md b/DSCResources/MSFT_xADManagedServiceAccount/README.md index c95af6959..6d36a260d 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/README.md +++ b/DSCResources/MSFT_xADManagedServiceAccount/README.md @@ -3,4 +3,4 @@ The xADManagedServiceAccount DSC resource will manage Single and Group Managed S A Single Managed Service Account can only be used on a single computer, whereas a Group Managed Service Account can be shared across multiple computers. ## Requirements -* Target machine must be running Windows Server 2008 R2 or later. \ No newline at end of file +* Target machine must be running Windows Server 2008 R2 or later. From 332793bc280cd1b7128dff0a105ff6dbed73d87f Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 12:59:04 -0500 Subject: [PATCH 27/45] Update README.md --- DSCResources/MSFT_xADReplicationSite/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DSCResources/MSFT_xADReplicationSite/README.md b/DSCResources/MSFT_xADReplicationSite/README.md index 0bd9fc8fd..a6d943914 100644 --- a/DSCResources/MSFT_xADReplicationSite/README.md +++ b/DSCResources/MSFT_xADReplicationSite/README.md @@ -2,4 +2,4 @@ The xADReplicationSite DSC resource will manage Replication Sites within Active Directory. Sites are used in Active Directory to either enable clients to discover network resources (published shares, domain controllers) close to the physical location of a client computer or to reduce network traffic over wide area network (WAN) links. Sites can also be used to optimize replication between domain controllers. ## Requirements -* Target machine must be running Windows Server 2008 R2 or later. \ No newline at end of file +* Target machine must be running Windows Server 2008 R2 or later. From 0dc1b454f4a0740160b4b3c9eb7df08f88edc8d0 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 12:59:25 -0500 Subject: [PATCH 28/45] Update README.md --- DSCResources/MSFT_xADServicePrincipalName/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DSCResources/MSFT_xADServicePrincipalName/README.md b/DSCResources/MSFT_xADServicePrincipalName/README.md index c9eaa0880..a03d2fd19 100644 --- a/DSCResources/MSFT_xADServicePrincipalName/README.md +++ b/DSCResources/MSFT_xADServicePrincipalName/README.md @@ -2,4 +2,4 @@ The xADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. ## Requirements -* Target machine must be running Windows Server 2008 R2 or later. \ No newline at end of file +* Target machine must be running Windows Server 2008 R2 or later. From 424e51fb5c11e836b3d9a35e4470944b028301b2 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:01:01 -0500 Subject: [PATCH 29/45] Update README.md --- DSCResources/MSFT_xADServicePrincipalName/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADServicePrincipalName/README.md b/DSCResources/MSFT_xADServicePrincipalName/README.md index a03d2fd19..e6b0c7099 100644 --- a/DSCResources/MSFT_xADServicePrincipalName/README.md +++ b/DSCResources/MSFT_xADServicePrincipalName/README.md @@ -1,5 +1,7 @@ # Description + The xADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From ddcc76da5c1e6a5a3d0788b0d45a3cb755423be7 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:02:52 -0500 Subject: [PATCH 30/45] Update README.md --- DSCResources/MSFT_xADDomainTrust/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADDomainTrust/README.md b/DSCResources/MSFT_xADDomainTrust/README.md index 90ca3579f..4505d111a 100644 --- a/DSCResources/MSFT_xADDomainTrust/README.md +++ b/DSCResources/MSFT_xADDomainTrust/README.md @@ -1,5 +1,7 @@ # Description + The xADDomainTrust DSC resource will manage Domain Trusts within Active Directory. A trust is a relationship, which you establish between domains, that makes it possible for users in one domain to be authenticated by a domain controller in the other domain. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From 29832f753ac6704050a41ab9f1179bb68f36a3ef Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:03:58 -0500 Subject: [PATCH 31/45] Update README.md --- DSCResources/MSFT_xADKDSKey/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADKDSKey/README.md b/DSCResources/MSFT_xADKDSKey/README.md index 0f05f5f2e..25873edf4 100644 --- a/DSCResources/MSFT_xADKDSKey/README.md +++ b/DSCResources/MSFT_xADKDSKey/README.md @@ -1,5 +1,7 @@ # Description + The xADKDSKey DSC resource will manage KDS Root Keys within Active Directory. The KDS root keys are used to begin generating Group Managed Service Account (gMSA) passwords. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From b8943f03dc35c8fb3f0247c5274c72f1a0ff2aeb Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:04:18 -0500 Subject: [PATCH 32/45] Update README.md --- DSCResources/MSFT_xADManagedServiceAccount/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADManagedServiceAccount/README.md b/DSCResources/MSFT_xADManagedServiceAccount/README.md index 6d36a260d..b502742d6 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/README.md +++ b/DSCResources/MSFT_xADManagedServiceAccount/README.md @@ -1,6 +1,8 @@ # Description + The xADManagedServiceAccount DSC resource will manage Single and Group Managed Service Accounts (MSAs) within Active Directory. A Managed Service Account is a managed domain account that provides automatic password management, simplified service principal name (SPN) management and the ability to delegate management to other administrators. A Single Managed Service Account can only be used on a single computer, whereas a Group Managed Service Account can be shared across multiple computers. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From 53a1ac2eb5360a1a3c652277a81521dcda88fb74 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:05:21 -0500 Subject: [PATCH 33/45] Update README.md --- DSCResources/MSFT_xADOrganizationalUnit/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADOrganizationalUnit/README.md b/DSCResources/MSFT_xADOrganizationalUnit/README.md index 6204cf11c..5e9a3d9b0 100644 --- a/DSCResources/MSFT_xADOrganizationalUnit/README.md +++ b/DSCResources/MSFT_xADOrganizationalUnit/README.md @@ -1,5 +1,7 @@ # Description + The xADOrganizational Unit DSC resource will manage Organizational Units (OUs) within Active Directory. An OU is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From 3a3b91e580f642e7507b087776254e90cd398424 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:05:47 -0500 Subject: [PATCH 34/45] Update README.md --- DSCResources/MSFT_xADReplicationSite/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADReplicationSite/README.md b/DSCResources/MSFT_xADReplicationSite/README.md index a6d943914..456ae9f92 100644 --- a/DSCResources/MSFT_xADReplicationSite/README.md +++ b/DSCResources/MSFT_xADReplicationSite/README.md @@ -1,5 +1,7 @@ # Description + The xADReplicationSite DSC resource will manage Replication Sites within Active Directory. Sites are used in Active Directory to either enable clients to discover network resources (published shares, domain controllers) close to the physical location of a client computer or to reduce network traffic over wide area network (WAN) links. Sites can also be used to optimize replication between domain controllers. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From 8035863fbad369ba3dc27964e981da5fec0ec8e4 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:06:14 -0500 Subject: [PATCH 35/45] Update README.md --- DSCResources/MSFT_xADReplicationSiteLink/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADReplicationSiteLink/README.md b/DSCResources/MSFT_xADReplicationSiteLink/README.md index 776cfd14f..143305982 100644 --- a/DSCResources/MSFT_xADReplicationSiteLink/README.md +++ b/DSCResources/MSFT_xADReplicationSiteLink/README.md @@ -1,5 +1,7 @@ # Description + The xADReplicationSiteLink DSC resource will manage Replication Site Links within Active Directory. A site link connects two or more sites. Site links reflect the administrative policy for how sites are to be interconnected and the methods used to transfer replication traffic. You must connect sites with site links so that domain controllers at each site can replicate Active Directory changes. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From 255218ecc3c186a5f52784d360a270251691c1f4 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:06:51 -0500 Subject: [PATCH 36/45] Update README.md --- DSCResources/MSFT_xADUser/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xADUser/README.md b/DSCResources/MSFT_xADUser/README.md index eb3adce37..dfdb065eb 100644 --- a/DSCResources/MSFT_xADUser/README.md +++ b/DSCResources/MSFT_xADUser/README.md @@ -1,5 +1,7 @@ # Description + The xADUser DSC resource will manage Users within Active Directory. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From e41d6de627aeac2f8e5a5b7de98f9bce5530570f Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:07:10 -0500 Subject: [PATCH 37/45] Update README.md --- DSCResources/MSFT_xWaitForADDomain/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DSCResources/MSFT_xWaitForADDomain/README.md b/DSCResources/MSFT_xWaitForADDomain/README.md index 1a8dd8d37..c5d61873b 100644 --- a/DSCResources/MSFT_xWaitForADDomain/README.md +++ b/DSCResources/MSFT_xWaitForADDomain/README.md @@ -1,5 +1,7 @@ # Description + The xWaitForADDomain resource is used to wait for Active Directory to become available. ## Requirements + * Target machine must be running Windows Server 2008 R2 or later. From b89076584dd7ce3d71771d4ac1c246fe5febab00 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 13:17:20 -0500 Subject: [PATCH 38/45] Update CHANGELOG.md --- CHANGELOG.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 319b575f3..43f3acae7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,8 +29,7 @@ - Now the helper function `Test-Members` outputs all the members that are not in desired state when verbose output is enabled. - Update all unit tests to latest unit test template. - - Deleted the obsolete xActiveDirectory_TechNetDocumentation.html file - - Added a Requirements section to every DSCResource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" + - Added a Requirements section to every DSC resource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). - Deleted the obsolete xActiveDirectory_TechNetDocumentation.html file. - Added new resource xADObjectEnabledState. This resource should be used to enforce the `Enabled` property of computer accounts. This From fee595f6c0e83ef128f94e08696c56d857ca1506 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Wed, 26 Jun 2019 14:41:19 -0500 Subject: [PATCH 39/45] Update CHANGELOG.md --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9dca44191..1d27e0f59 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ ## Unreleased +- Changes to xActiveDirectory + - Added a Requirements section to every DSC resource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). + ## 3.0.0.0 - Changes to xActiveDirectory @@ -31,7 +34,6 @@ - Now the helper function `Test-Members` outputs all the members that are not in desired state when verbose output is enabled. - Update all unit tests to latest unit test template. - - Added a Requirements section to every DSC resource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). - Deleted the obsolete xActiveDirectory_TechNetDocumentation.html file. - Added new resource xADObjectEnabledState. This resource should be used to enforce the `Enabled` property of computer accounts. This From fa6f35c92e7feb75880717f51b29dcf5cd415069 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Thu, 27 Jun 2019 08:30:37 -0500 Subject: [PATCH 40/45] Update README.md --- DSCResources/MSFT_xADReplicationSiteLink/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DSCResources/MSFT_xADReplicationSiteLink/README.md b/DSCResources/MSFT_xADReplicationSiteLink/README.md index 143305982..2b24326f3 100644 --- a/DSCResources/MSFT_xADReplicationSiteLink/README.md +++ b/DSCResources/MSFT_xADReplicationSiteLink/README.md @@ -1,6 +1,6 @@ # Description -The xADReplicationSiteLink DSC resource will manage Replication Site Links within Active Directory. A site link connects two or more sites. Site links reflect the administrative policy for how sites are to be interconnected and the methods used to transfer replication traffic. You must connect sites with site links so that domain controllers at each site can replicate Active Directory changes. +The xADReplicationSiteLink DSC resource will manage Replication Site Links within Active Directory. A site link connects two or more sites. Site links reflect the administrative policy for how sites are to be interconnected and the methods used to transfer replication traffic. You must connect sites with site links so that domain controllers at each site can replicate Active Directory changes. ## Requirements From a073778e9c715cd7f1e287ec986fdb3de19e7172 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Thu, 27 Jun 2019 08:30:53 -0500 Subject: [PATCH 41/45] Update README.md --- DSCResources/MSFT_xADServicePrincipalName/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DSCResources/MSFT_xADServicePrincipalName/README.md b/DSCResources/MSFT_xADServicePrincipalName/README.md index e6b0c7099..df5b1bedd 100644 --- a/DSCResources/MSFT_xADServicePrincipalName/README.md +++ b/DSCResources/MSFT_xADServicePrincipalName/README.md @@ -1,6 +1,6 @@ # Description -The xADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. +The xADServicePrincipalName DSC resource will manage service principal names. A service principal name (SPN) is a unique identifier of a service instance. SPNs are used by Kerberos authentication to associate a service instance with a service logon account. This allows a client application to request that the service authenticate an account even if the client does not have the account name. ## Requirements From 18206b8660bdddab164a34dcd91c682b8deb6412 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Thu, 27 Jun 2019 08:32:02 -0500 Subject: [PATCH 42/45] Update README.md --- DSCResources/MSFT_xADManagedServiceAccount/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/DSCResources/MSFT_xADManagedServiceAccount/README.md b/DSCResources/MSFT_xADManagedServiceAccount/README.md index b502742d6..0194eeb6b 100644 --- a/DSCResources/MSFT_xADManagedServiceAccount/README.md +++ b/DSCResources/MSFT_xADManagedServiceAccount/README.md @@ -6,3 +6,4 @@ A Single Managed Service Account can only be used on a single computer, whereas ## Requirements * Target machine must be running Windows Server 2008 R2 or later. +* Group Managed Service Accounts need at least one Windows Server 2012 Domain Controller. From ff047e0aa6b69451f9ad388ddbf32dedadf50b0e Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Thu, 27 Jun 2019 08:38:51 -0500 Subject: [PATCH 43/45] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1d27e0f59..29251b581 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ - Changes to xActiveDirectory - Added a Requirements section to every DSC resource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). + - Added a line to the "Group Managed Service Accounts need at least one Windows Server 2012 Domain Controller" to the xADManagedServiceAccount DSC resource README. ## 3.0.0.0 From 2ee54d0292e8829b0e56407ae8396a974d066ac5 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Thu, 27 Jun 2019 08:39:50 -0500 Subject: [PATCH 44/45] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 29251b581..fd9b91b37 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ - Changes to xActiveDirectory - Added a Requirements section to every DSC resource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). - - Added a line to the "Group Managed Service Accounts need at least one Windows Server 2012 Domain Controller" to the xADManagedServiceAccount DSC resource README. + - Added a line to the xADManagedServiceAccount DSC resource README reading "Group Managed Service Accounts need at least one Windows Server 2012 Domain Controller" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). ## 3.0.0.0 From 1b4d0ba97998710c769f522ae651cac399d64646 Mon Sep 17 00:00:00 2001 From: James Frierson <50841359+JamesFrierson1@users.noreply.github.com> Date: Thu, 27 Jun 2019 10:11:49 -0500 Subject: [PATCH 45/45] Update CHANGELOG.md --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd9b91b37..0e8727314 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,9 @@ - Changes to xActiveDirectory - Added a Requirements section to every DSC resource README with the bullet point stating "Target machine must be running Windows Server 2008 R2 or later" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). - - Added a line to the xADManagedServiceAccount DSC resource README reading "Group Managed Service Accounts need at least one Windows Server 2012 Domain Controller" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). + +- Changes to xADManagedServiceAccount + - Added a requirement to README stating "Group Managed Service Accounts need at least one Windows Server 2012 Domain Controller" ([issue #399](https://github.com/PowerShell/xActiveDirectory/pull/399)). ## 3.0.0.0