From 99bcac596ee543e1a8c6c027bcad4619b79d1437 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 21 May 2022 17:18:49 -0400 Subject: [PATCH 01/22] Fix mismatch between user and builtinaccount --- .../DSC_ScheduledTask/DSC_ScheduledTask.psm1 | 23 ++++++++++++++----- 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 index 51abe5ab..29700951 100644 --- a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 +++ b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 @@ -792,7 +792,7 @@ function Set-TargetResource non-null value to be 'LOCAL SERVICE', 'NETWORK SERVICE' or 'SYSTEM' #> - $username = 'NT AUTHORITY\' + $BuiltInAccount + $username = Set-DomainNameInAccountName -AccountName $BuiltInAccount -DomainName 'NT AUTHORITY' $registerArguments.Add('User', $username) $LogonType = 'ServiceAccount' } @@ -829,7 +829,7 @@ function Set-TargetResource privileges, should we default to 'NT AUTHORITY\LOCAL SERVICE' instead? #> - $username = 'NT AUTHORITY\SYSTEM' + $username = Set-DomainNameInAccountName -AccountName SYSTEM -DomainName 'NT AUTHORITY' $registerArguments.Add('User', $username) $LogonType = 'ServiceAccount' } @@ -1423,8 +1423,9 @@ function Test-TargetResource if ($PSBoundParameters.ContainsKey('BuiltInAccount')) { - $PSBoundParameters.User = $BuiltInAccount - $currentValues.User = $BuiltInAccount + + $PSBoundParameters.User = Set-DomainNameInAccountName -AccountName $BuiltInAccount -DomainName 'NT AUTHORITY' + $currentValues.User = Set-DomainNameInAccountName -AccountName $BuiltInAccount -DomainName 'NT AUTHORITY' $PSBoundParameters.ExecuteAsCredential = $BuiltInAccount $currentValues.ExecuteAsCredential = $BuiltInAccount @@ -1432,7 +1433,7 @@ function Test-TargetResource $PSBoundParameters['LogonType'] = 'ServiceAccount' $currentValues['LogonType'] = 'ServiceAccount' - $PSBoundParameters['BuiltInAccount'] = 'NT AUTHORITY\' + $BuiltInAccount + $PSBoundParameters['BuiltInAccount'] = $BuiltInAccount } elseif ($PSBoundParameters.ContainsKey('ExecuteAsCredential')) { @@ -1464,6 +1465,15 @@ function Test-TargetResource } else { + $PSBoundParameters.User = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' + $currentValues.User = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' + + $PSBoundParameters.ExecuteAsCredential = 'SYSTEM' + $currentValues.ExecuteAsCredential = 'SYSTEM' + + $PSBoundParameters.Add('BuiltInAccount', $BuiltInAccount) + $currentValues.Add('BuiltInAccount', $BuiltInAccount) + # Must be running as System, login type is ServiceAccount $PSBoundParameters['LogonType'] = 'ServiceAccount' $currentValues['LogonType'] = 'ServiceAccount' @@ -1917,7 +1927,8 @@ function Get-CurrentResource if (($result.ContainsKey('LogonType')) -and ($result['LogonType'] -ieq 'ServiceAccount')) { - $builtInAccount = Set-DomainNameInAccountName -AccountName $task.Principal.UserId -DomainName 'NT AUTHORITY' + $result.User = Set-DomainNameInAccountName -AccountName $task.Principal.UserId -DomainName 'NT AUTHORITY' + $builtInAccount = $task.Principal.UserId $result.Add('BuiltInAccount', $builtInAccount) } } From 5feb6fde1d865889a12644f3b5584dc7ab16d972 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 21 May 2022 17:23:22 -0400 Subject: [PATCH 02/22] Updating changelog --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8295ad34..d00a8b82 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,9 @@ The format is based on and uses the types of changes according to [Keep a Change and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] +### Fixed +- ScheduledTask + - No longer conflates resource parameter `BuiltInAccount` and `*-ScheduledTask` parameter `user` - Fixes [Issue #385](https://github.com/dsccommunity/ComputerManagementDsc/issues/385) ## [8.5.0] - 2021-09-13 From b009baedde77e6e59cd6b3d90791a3493980eb27 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 21 May 2022 17:24:22 -0400 Subject: [PATCH 03/22] Dont exceed 100char --- .../DSC_ScheduledTask/DSC_ScheduledTask.psm1 | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 index 29700951..c13ea269 100644 --- a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 +++ b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 @@ -1424,8 +1424,9 @@ function Test-TargetResource if ($PSBoundParameters.ContainsKey('BuiltInAccount')) { - $PSBoundParameters.User = Set-DomainNameInAccountName -AccountName $BuiltInAccount -DomainName 'NT AUTHORITY' - $currentValues.User = Set-DomainNameInAccountName -AccountName $BuiltInAccount -DomainName 'NT AUTHORITY' + $user = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' + $PSBoundParameters.User = $user + $currentValues.User = $user $PSBoundParameters.ExecuteAsCredential = $BuiltInAccount $currentValues.ExecuteAsCredential = $BuiltInAccount @@ -1465,8 +1466,9 @@ function Test-TargetResource } else { - $PSBoundParameters.User = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' - $currentValues.User = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' + $user = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' + $PSBoundParameters.User = $user + $currentValues.User = $user $PSBoundParameters.ExecuteAsCredential = 'SYSTEM' $currentValues.ExecuteAsCredential = 'SYSTEM' @@ -1927,7 +1929,9 @@ function Get-CurrentResource if (($result.ContainsKey('LogonType')) -and ($result['LogonType'] -ieq 'ServiceAccount')) { - $result.User = Set-DomainNameInAccountName -AccountName $task.Principal.UserId -DomainName 'NT AUTHORITY' + $result.User = Set-DomainNameInAccountName ` + -AccountName $task.Principal.UserId ` + -DomainName 'NT AUTHORITY' $builtInAccount = $task.Principal.UserId $result.Add('BuiltInAccount', $builtInAccount) } From a49b8849ece4d72c66d137973ea9d9be5318d29e Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sun, 22 May 2022 06:32:37 -0400 Subject: [PATCH 04/22] remove test --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 894c9203..95cc0eee 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1781,12 +1781,12 @@ try Verbose = $true } - It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { - Set-TargetResource @testParameters - Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { - $User -ieq ('NT AUTHORITY\' + $testParameters['BuiltInAccount']) - } - } + # It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { + # Set-TargetResource @testParameters + # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { + # $User -ieq ('NT AUTHORITY\' + $testParameters['BuiltInAccount']) + # } + # } $testParameters.Add('LogonType', 'Password') From 14b64557834ba14fa8c7a4a9d78c928adc5379e7 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sun, 22 May 2022 11:40:12 -0400 Subject: [PATCH 05/22] remove bad whitespce, handle when logontype is set incorrectly --- .../DSC_ScheduledTask/DSC_ScheduledTask.psm1 | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 index c13ea269..860e9dfe 100644 --- a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 +++ b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 @@ -1423,7 +1423,6 @@ function Test-TargetResource if ($PSBoundParameters.ContainsKey('BuiltInAccount')) { - $user = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' $PSBoundParameters.User = $user $currentValues.User = $user @@ -1935,6 +1934,14 @@ function Get-CurrentResource $builtInAccount = $task.Principal.UserId $result.Add('BuiltInAccount', $builtInAccount) } + + if ($result.Principal.UserID -in @('SYSTEM', 'LOCAL SERVICE', 'NETWORK SERVICE')){ + $result.User = Set-DomainNameInAccountName ` + -AccountName $task.Principal.UserId ` + -DomainName 'NT AUTHORITY' + $builtInAccount = $task.Principal.UserId + $result.Add('BuiltInAccount', $builtInAccount) + } } Write-Verbose -Message ($script:localizedData.CurrentTaskValuesRetrievedMessage -f $TaskName, $TaskPath) From 874ca5eeaee3ceccf88cfc4cf27122b6c298af97 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sun, 22 May 2022 11:48:33 -0400 Subject: [PATCH 06/22] combine ifs --- .../DSC_ScheduledTask/DSC_ScheduledTask.psm1 | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 index 860e9dfe..bef0e7d3 100644 --- a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 +++ b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 @@ -1926,7 +1926,10 @@ function Get-CurrentResource Delay = ConvertTo-TimeSpanStringFromScheduledTaskString -TimeSpan $trigger.Delay } - if (($result.ContainsKey('LogonType')) -and ($result['LogonType'] -ieq 'ServiceAccount')) + if ( + (($result.ContainsKey('LogonType')) -and ($result['LogonType'] -ieq 'ServiceAccount')) -or + $result.Principal.UserID -in @('SYSTEM', 'LOCAL SERVICE', 'NETWORK SERVICE') + ) { $result.User = Set-DomainNameInAccountName ` -AccountName $task.Principal.UserId ` @@ -1934,14 +1937,6 @@ function Get-CurrentResource $builtInAccount = $task.Principal.UserId $result.Add('BuiltInAccount', $builtInAccount) } - - if ($result.Principal.UserID -in @('SYSTEM', 'LOCAL SERVICE', 'NETWORK SERVICE')){ - $result.User = Set-DomainNameInAccountName ` - -AccountName $task.Principal.UserId ` - -DomainName 'NT AUTHORITY' - $builtInAccount = $task.Principal.UserId - $result.Add('BuiltInAccount', $builtInAccount) - } } Write-Verbose -Message ($script:localizedData.CurrentTaskValuesRetrievedMessage -f $TaskName, $TaskPath) From 49a64014fe386983115f83fa5aafc6c65d7c3156 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Fri, 3 Jun 2022 10:09:05 -0400 Subject: [PATCH 07/22] Fixing builtinuser assignment --- source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 index bef0e7d3..04112a99 100644 --- a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 +++ b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 @@ -1473,7 +1473,7 @@ function Test-TargetResource $currentValues.ExecuteAsCredential = 'SYSTEM' $PSBoundParameters.Add('BuiltInAccount', $BuiltInAccount) - $currentValues.Add('BuiltInAccount', $BuiltInAccount) + $currentValues.BuiltInAccount = $BuiltInAccount # Must be running as System, login type is ServiceAccount $PSBoundParameters['LogonType'] = 'ServiceAccount' From ee9648b1cc8e93dea3a854414961b0aad76769fe Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Fri, 3 Jun 2022 10:22:28 -0400 Subject: [PATCH 08/22] updating test --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 95cc0eee..9a1a6217 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1822,7 +1822,7 @@ try MultipleInstances = 'IgnoreNew' } Principal = [pscustomobject] @{ - UserId = 'NT AUTHORITY\' + $testParameters.BuiltInAccount + UserId = $testParameters.BuiltInAccount LogonType = 'ServiceAccount' } } From fdc53812c8ae518dca0d6925568c65a59578bf75 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 23 Jul 2022 15:18:06 -0400 Subject: [PATCH 09/22] updating code --- CHANGELOG.md | 4 +++- source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4bff2019..fa2b8cc5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,9 @@ The format is based on and uses the types of changes according to [Keep a Change and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [Unreleased] -### Fixed + +f### Fixed + - ScheduledTask - No longer conflates resource parameter `BuiltInAccount` and `*-ScheduledTask` parameter `user` - Fixes [Issue #385](https://github.com/dsccommunity/ComputerManagementDsc/issues/385) diff --git a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 index 04112a99..4874eb34 100644 --- a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 +++ b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 @@ -829,7 +829,7 @@ function Set-TargetResource privileges, should we default to 'NT AUTHORITY\LOCAL SERVICE' instead? #> - $username = Set-DomainNameInAccountName -AccountName SYSTEM -DomainName 'NT AUTHORITY' + $username = Set-DomainNameInAccountName -AccountName 'SYSTEM' -DomainName 'NT AUTHORITY' $registerArguments.Add('User', $username) $LogonType = 'ServiceAccount' } From 93b7a152b124c0066460f760e972dfbd8270cf86 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 23 Jul 2022 15:43:48 -0400 Subject: [PATCH 10/22] Uncommenting out test --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 9a1a6217..6bef2fd9 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1781,12 +1781,12 @@ try Verbose = $true } - # It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { - # Set-TargetResource @testParameters - # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { - # $User -ieq ('NT AUTHORITY\' + $testParameters['BuiltInAccount']) - # } - # } + It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { + Set-TargetResource @testParameters + Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { + $User -ieq ($testParameters['BuiltInAccount']) + } + } $testParameters.Add('LogonType', 'Password') From dfb416365c3d075b6df7a4041fdceaef239240b2 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Mon, 3 Oct 2022 20:31:35 -0400 Subject: [PATCH 11/22] Trigger CI --- source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 | 1 - 1 file changed, 1 deletion(-) diff --git a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 index 4874eb34..57c6930e 100644 --- a/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 +++ b/source/DSCResources/DSC_ScheduledTask/DSC_ScheduledTask.psm1 @@ -804,7 +804,6 @@ function Set-TargetResource elseif ($PSBoundParameters.ContainsKey('ExecuteAsCredential')) { $username = $ExecuteAsCredential.UserName - # If the LogonType is not specified then set it to password if ([System.String]::IsNullOrEmpty($LogonType)) { From a6edb9c4bee2792a982d451b2d51532df9d062e3 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Mon, 3 Oct 2022 20:45:55 -0400 Subject: [PATCH 12/22] Pass User too --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 6bef2fd9..844b3b4d 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1782,10 +1782,8 @@ try } It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { - Set-TargetResource @testParameters - Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { - $User -ieq ($testParameters['BuiltInAccount']) - } + Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} + Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It } $testParameters.Add('LogonType', 'Password') From dece56901c6a5cd9c78cc3d847a2eb4f9b4b982c Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Mon, 3 Oct 2022 21:07:47 -0400 Subject: [PATCH 13/22] bolster test --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 844b3b4d..b4c90f91 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1783,6 +1783,8 @@ try It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} + $task = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath + (($task.UserID -eq 'NETWORK SERVICE') -and ($task.BuiltInAccount -eq 'NT AUTHORITY\NETWORK SERVICE')) | Should -BeTrue Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It } From 674b7c505411a0fdbf9b2f672f14ec2aa633f3fe Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Mon, 3 Oct 2022 21:16:05 -0400 Subject: [PATCH 14/22] Add tests --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index b4c90f91..e7478ce1 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1781,10 +1781,17 @@ try Verbose = $true } - It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { + It 'Should Disregard User Parameter and Set User to the BuiltInAccount' { Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} $task = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath - (($task.UserID -eq 'NETWORK SERVICE') -and ($task.BuiltInAccount -eq 'NT AUTHORITY\NETWORK SERVICE')) | Should -BeTrue + $task.User -eq 'NETWORK SERVICE' | Should -BeTrue + Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It + } + + It 'Should Disregard User Parameter and Set BuiltInAccount Correctly' { + Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} + $task = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath + $task.BuiltInAccount -eq 'NT AUTHORITY\NETWORK SERVICE' | Should -BeTrue Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It } From a05afba920bf7b717eb7d90a77531087d0b11e04 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Tue, 4 Oct 2022 22:52:46 -0400 Subject: [PATCH 15/22] Update test to use test-target resource --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index e7478ce1..73d66309 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1781,20 +1781,19 @@ try Verbose = $true } - It 'Should Disregard User Parameter and Set User to the BuiltInAccount' { - Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} - $task = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath - $task.User -eq 'NETWORK SERVICE' | Should -BeTrue - Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It - } + It 'Should Disregard User Parameter and Set User and BuiltInAccount Correctly' { - It 'Should Disregard User Parameter and Set BuiltInAccount Correctly' { - Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} - $task = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath - $task.BuiltInAccount -eq 'NT AUTHORITY\NETWORK SERVICE' | Should -BeTrue - Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It + Test-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} | Should -BeTrue + Assert-MockCalled -CommandName Get-ScheduledTask -Times 1 -Scope It } + # It 'Should Disregard User Parameter and Set BuiltInAccount Correctly' { + # Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} + # $result = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath + # $result.BuiltInAccount -eq 'NETWORK SERVICE' | Should -BeTrue + # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It + # } + $testParameters.Add('LogonType', 'Password') It 'Should overwrite LogonType to "ServiceAccount"' { From 666b53000f37cf7f440650dad5985d67d7dcd4f2 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Tue, 4 Oct 2022 23:13:39 -0400 Subject: [PATCH 16/22] moving get-scheduledtask up --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 61 +++++++++++++------------- 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 73d66309..888283e9 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1771,6 +1771,37 @@ try } Context 'When a scheduled task is created using a Built In Service Account' { + Mock -CommandName Get-ScheduledTask -MockWith { + @{ + TaskName = $testParameters.TaskName + TaskPath = $testParameters.TaskPath + Actions = @( + [pscustomobject] @{ + Execute = $testParameters.ActionExecutable + } + ) + Triggers = @( + [pscustomobject] @{ + Repetition = @{ + Duration = "PT$([System.TimeSpan]::Parse($testParameters.RepetitionDuration).TotalHours)H" + Interval = "PT$([System.TimeSpan]::Parse($testParameters.RepeatInterval).TotalMinutes)M" + } + CimClass = @{ + CimClassName = 'MSFT_TaskTimeTrigger' + } + } + ) + Settings = [pscustomobject] @{ + Enabled = $true + MultipleInstances = 'IgnoreNew' + } + Principal = [pscustomobject] @{ + UserId = $testParameters.BuiltInAccount + LogonType = 'ServiceAccount' + } + } + } + $testParameters = $getTargetResourceParameters + @{ ActionExecutable = 'C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe' ScheduleType = 'Once' @@ -1803,36 +1834,6 @@ try } } - Mock -CommandName Get-ScheduledTask -MockWith { - @{ - TaskName = $testParameters.TaskName - TaskPath = $testParameters.TaskPath - Actions = @( - [pscustomobject] @{ - Execute = $testParameters.ActionExecutable - } - ) - Triggers = @( - [pscustomobject] @{ - Repetition = @{ - Duration = "PT$([System.TimeSpan]::Parse($testParameters.RepetitionDuration).TotalHours)H" - Interval = "PT$([System.TimeSpan]::Parse($testParameters.RepeatInterval).TotalMinutes)M" - } - CimClass = @{ - CimClassName = 'MSFT_TaskTimeTrigger' - } - } - ) - Settings = [pscustomobject] @{ - Enabled = $true - MultipleInstances = 'IgnoreNew' - } - Principal = [pscustomobject] @{ - UserId = $testParameters.BuiltInAccount - LogonType = 'ServiceAccount' - } - } - } $testParameters.LogonType = 'Password' From ede5740e90720797462f9cc78250ff359c2f19ef Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Tue, 4 Oct 2022 23:32:32 -0400 Subject: [PATCH 17/22] trying to mock schdtask --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 888283e9..22f9d3b2 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1773,14 +1773,16 @@ try Context 'When a scheduled task is created using a Built In Service Account' { Mock -CommandName Get-ScheduledTask -MockWith { @{ - TaskName = $testParameters.TaskName - TaskPath = $testParameters.TaskPath - Actions = @( + Description = '+' + TaskName = $testParameters.TaskName + TaskPath = $testParameters.TaskPath + Actions = @( [pscustomobject] @{ Execute = $testParameters.ActionExecutable } ) - Triggers = @( + ActionArguments = '-File "C:\something\right.ps1"' + Triggers = @( [pscustomobject] @{ Repetition = @{ Duration = "PT$([System.TimeSpan]::Parse($testParameters.RepetitionDuration).TotalHours)H" @@ -1791,11 +1793,11 @@ try } } ) - Settings = [pscustomobject] @{ + Settings = [pscustomobject] @{ Enabled = $true MultipleInstances = 'IgnoreNew' } - Principal = [pscustomobject] @{ + Principal = [pscustomobject] @{ UserId = $testParameters.BuiltInAccount LogonType = 'ServiceAccount' } From 083474af2b66f3760d93f8aa599729da7460a9fb Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Mon, 10 Oct 2022 15:13:28 -0400 Subject: [PATCH 18/22] remove erroneous f --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fa2b8cc5..5470c83d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] -f### Fixed +### Fixed - ScheduledTask - No longer conflates resource parameter `BuiltInAccount` and `*-ScheduledTask` parameter `user` - Fixes [Issue #385](https://github.com/dsccommunity/ComputerManagementDsc/issues/385) From 7c451cf7bb8353f6f31bdf185914e25c583ed63f Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 29 Oct 2022 00:18:36 -0400 Subject: [PATCH 19/22] adding removed tests --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 27 ++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 22f9d3b2..3422ba23 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1771,6 +1771,33 @@ try } Context 'When a scheduled task is created using a Built In Service Account' { + # + $testParameters = $getTargetResourceParameters + @{ + ActionExecutable = 'C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe' + ScheduleType = 'Once' + RepeatInterval = (New-TimeSpan -Minutes 15).ToString() + RepetitionDuration = (New-TimeSpan -Hours 8).ToString() + BuiltInAccount = 'NETWORK SERVICE' + ExecuteAsCredential = [pscredential]::new('DEMO\WrongUser', (ConvertTo-SecureString 'ExamplePassword' -AsPlainText -Force)) + Verbose = $true + } + + It 'Should Disregard ExecuteAsCredential and Set User to the BuiltInAccount' { + Set-TargetResource @testParameters + Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { + $User -ieq ('NT AUTHORITY\' + $testParameters['BuiltInAccount']) + } + } + + $testParameters.Add('LogonType', 'Password') + + It 'Should overwrite LogonType to "ServiceAccount"' { + Set-TargetResource @testParameters + Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { + $Inputobject.Principal.LogonType -ieq 'ServiceAccount' + } + } + # Mock -CommandName Get-ScheduledTask -MockWith { @{ Description = '+' From d1ba4eeed2e32aadb660713cc39369becdedfbd4 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 29 Oct 2022 00:36:55 -0400 Subject: [PATCH 20/22] add new test --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 61 +++++++++++++++----------- 1 file changed, 35 insertions(+), 26 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 3422ba23..87c2d58d 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1789,6 +1789,15 @@ try } } + $testParameters.Add('User', 'WrongUser') + + It 'Should Disregard User and Set User to the BuiltInAccount' { + Set-TargetResource @testParameters + Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { + $User -ieq ('NT AUTHORITY\' + $testParameters['BuiltInAccount']) + } + } + $testParameters.Add('LogonType', 'Password') It 'Should overwrite LogonType to "ServiceAccount"' { @@ -1831,37 +1840,37 @@ try } } - $testParameters = $getTargetResourceParameters + @{ - ActionExecutable = 'C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe' - ScheduleType = 'Once' - RepeatInterval = (New-TimeSpan -Minutes 15).ToString() - RepetitionDuration = (New-TimeSpan -Hours 8).ToString() - BuiltInAccount = 'NETWORK SERVICE' - ExecuteAsCredential = [pscredential]::new('DEMO\WrongUser', (ConvertTo-SecureString 'ExamplePassword' -AsPlainText -Force)) - Verbose = $true - } - - It 'Should Disregard User Parameter and Set User and BuiltInAccount Correctly' { + # $testParameters = $getTargetResourceParameters + @{ + # ActionExecutable = 'C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe' + # ScheduleType = 'Once' + # RepeatInterval = (New-TimeSpan -Minutes 15).ToString() + # RepetitionDuration = (New-TimeSpan -Hours 8).ToString() + # BuiltInAccount = 'NETWORK SERVICE' + # ExecuteAsCredential = [pscredential]::new('DEMO\WrongUser', (ConvertTo-SecureString 'ExamplePassword' -AsPlainText -Force)) + # Verbose = $true + # } - Test-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} | Should -BeTrue - Assert-MockCalled -CommandName Get-ScheduledTask -Times 1 -Scope It - } + # It 'Should Disregard User Parameter and Set User and BuiltInAccount Correctly' { - # It 'Should Disregard User Parameter and Set BuiltInAccount Correctly' { - # Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} - # $result = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath - # $result.BuiltInAccount -eq 'NETWORK SERVICE' | Should -BeTrue - # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It + # Test-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} | Should -BeTrue + # Assert-MockCalled -CommandName Get-ScheduledTask -Times 1 -Scope It # } - $testParameters.Add('LogonType', 'Password') + # # It 'Should Disregard User Parameter and Set BuiltInAccount Correctly' { + # # Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} + # # $result = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath + # # $result.BuiltInAccount -eq 'NETWORK SERVICE' | Should -BeTrue + # # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It + # # } - It 'Should overwrite LogonType to "ServiceAccount"' { - Set-TargetResource @testParameters - Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { - $Inputobject.Principal.LogonType -ieq 'ServiceAccount' - } - } + # $testParameters.Add('LogonType', 'Password') + + # It 'Should overwrite LogonType to "ServiceAccount"' { + # Set-TargetResource @testParameters + # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { + # $Inputobject.Principal.LogonType -ieq 'ServiceAccount' + # } + # } $testParameters.LogonType = 'Password' From ed04ba8f682c7de19aa4541e7942fc2ea05a2875 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Sat, 29 Oct 2022 00:54:02 -0400 Subject: [PATCH 21/22] remove bad tests --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 33 -------------------------- 1 file changed, 33 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index 87c2d58d..a2403c1a 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1840,39 +1840,6 @@ try } } - # $testParameters = $getTargetResourceParameters + @{ - # ActionExecutable = 'C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe' - # ScheduleType = 'Once' - # RepeatInterval = (New-TimeSpan -Minutes 15).ToString() - # RepetitionDuration = (New-TimeSpan -Hours 8).ToString() - # BuiltInAccount = 'NETWORK SERVICE' - # ExecuteAsCredential = [pscredential]::new('DEMO\WrongUser', (ConvertTo-SecureString 'ExamplePassword' -AsPlainText -Force)) - # Verbose = $true - # } - - # It 'Should Disregard User Parameter and Set User and BuiltInAccount Correctly' { - - # Test-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} | Should -BeTrue - # Assert-MockCalled -CommandName Get-ScheduledTask -Times 1 -Scope It - # } - - # # It 'Should Disregard User Parameter and Set BuiltInAccount Correctly' { - # # Set-TargetResource @testParameters + @{User = 'DEMO\WrongUser'} - # # $result = Get-TargetResource -TaskName $testParameters.TaskName -TaskPath $testParameters.TaskPath - # # $result.BuiltInAccount -eq 'NETWORK SERVICE' | Should -BeTrue - # # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It - # # } - - # $testParameters.Add('LogonType', 'Password') - - # It 'Should overwrite LogonType to "ServiceAccount"' { - # Set-TargetResource @testParameters - # Assert-MockCalled -CommandName Register-ScheduledTask -Times 1 -Scope It -ParameterFilter { - # $Inputobject.Principal.LogonType -ieq 'ServiceAccount' - # } - # } - - $testParameters.LogonType = 'Password' It 'Should return true when BuiltInAccount set even if LogonType parameter different' { From 73dce2df57cba6456227304f0e8cb40d83547aa5 Mon Sep 17 00:00:00 2001 From: Nick Germany Date: Tue, 22 Nov 2022 10:20:01 -0500 Subject: [PATCH 22/22] Updating based on review --- tests/Unit/DSC_ScheduledTask.Tests.ps1 | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/Unit/DSC_ScheduledTask.Tests.ps1 b/tests/Unit/DSC_ScheduledTask.Tests.ps1 index a2403c1a..52ed784d 100644 --- a/tests/Unit/DSC_ScheduledTask.Tests.ps1 +++ b/tests/Unit/DSC_ScheduledTask.Tests.ps1 @@ -1771,7 +1771,6 @@ try } Context 'When a scheduled task is created using a Built In Service Account' { - # $testParameters = $getTargetResourceParameters + @{ ActionExecutable = 'C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe' ScheduleType = 'Once' @@ -1806,7 +1805,7 @@ try $Inputobject.Principal.LogonType -ieq 'ServiceAccount' } } - # + Mock -CommandName Get-ScheduledTask -MockWith { @{ Description = '+'