Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WindowsEventLog: Add parameter to set RestrictGuestAccess registry key #338

Closed
aydeisen opened this issue Jun 16, 2020 · 3 comments · Fixed by #359
Closed

WindowsEventLog: Add parameter to set RestrictGuestAccess registry key #338

aydeisen opened this issue Jun 16, 2020 · 3 comments · Fixed by #359
Labels
enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community.

Comments

@aydeisen
Copy link

aydeisen commented Jun 16, 2020

Details of the scenario you tried and the problem that is occurring

Add a parameter to set the "RestrictGuestAccess" registry value for Windows Event Logs

Verbose logs showing the problem

N/A

Suggested solution to the issue

Add RestrictGuestAccess to WindowsEventLog so it can be set within the resource and not separately using the Registry resource

The DSC configuration that is used to reproduce the issue (as detailed as possible)

        Registry AppRestrictGuestAccess
        {
            Force     = $True
            Ensure    = "Present"
            Key       = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application"
            ValueName = "RestrictGuestAccess"
            ValueData = "1"
            ValueType = "dword"
        }

The operating system the target node is running

Server versions 2008/R2, 2012/R2, 2016, and 2019

Version and build of PowerShell the target node is running

WMF 5.1

Version of the DSC module that was used ('dev' if using current dev branch)

8.2.0.0

@PlagueHO PlagueHO added enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. labels Jun 26, 2020
@PlagueHO
Copy link
Member

To confirm, the proposal would result in the MOF changing like this:

[ClassVersion("1.0.0.1"), FriendlyName("WindowsEventLog")]
class DSC_WindowsEventLog : OMI_BaseResource
{
    [Key, Description("Specifies the given name of a Windows Event Log")] String LogName;
    [Write, Description("Specifies the given state of a Windows Event Log")] Boolean IsEnabled;
    [Write, Description("Specifies the given maximum size in bytes for a specified Windows Event Log")] Sint64 MaximumSizeInBytes;
    [Write, Description("Specifies the given LogMode for a specified Windows Event Log"), ValueMap{"AutoBackup","Circular","Retain"}, Values{"AutoBackup","Circular","Retain"}] String LogMode;
    [Write, Description("Specifies the given SecurityDescriptor for a specified Windows Event Log")] String SecurityDescriptor;
    [Write, Description("Specifies the given LogFile path of a Windows Event Log")] String LogFilePath;
    [Write, Description("Specifies the given LogRetentionDays for the Logmode 'AutoBackup'")] Sint32 LogRetentionDays;
    [Write, Description("Restricts guest access to the specified Windows Event Log")] Boolean RestrictGuestAccess;
};

Setting a value of True to RestrictGuestAccess would set the key value to "1" and setting to False would set the key value to "0", as per https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-gpsb/0b9673a7-ce0a-49b4-912b-591efdb37cdf

This should be easy enough, although would need to ensure the appropriate registry path exists (which is what the Registry resource takes care of).

@aydeisen
Copy link
Author

Confirmed: that's exactly what I'm looking for

@cohdjn
Copy link
Contributor

cohdjn commented Feb 5, 2021

Working on other updates to this resource. Will update as part of the PR with the other issues.

PlagueHO added a commit that referenced this issue Apr 9, 2021
WindowsEventLog: Multiple Updates - Fixes #355, #349, #338, #229
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants