Skip to content

Commit

Permalink
Merge pull request #1001 from dataplat/instancecheckscontinued
Browse files Browse the repository at this point in the history 
some database check fixes #884 and instance ~882
  • Loading branch information
@SQLDBAWithABeard
SQLDBAWithABeard authored Aug 19, 2023
2 parents f5b3d08 + e2072c7 commit 7637efe
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 8 deletions.
11 changes: 10 additions & 1 deletion developing/Oslo Demo.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,4 +97,13 @@ Start-DbcPowerBi -FromDatabase

# then use localhost,7401 tempdb and u:sqladmin p:dbatools.IO

# question turn off a container adn talk about hte fails?
# question turn off a container adn talk about hte fails?


## made some funky results for the Power Bi

$CheckResults = Invoke-DbcCheck -SqlInstance $Sqlinstances -SqlCredential $cred -Check Instance, Database -Show $show -legacy $false -PassThru

$CheckResults | Convert-DbcResult -Label 'DatabaseInstance' | Write-DbcTable -SqlInstance dbachecks1 -SqlCredential $cred -Database tempdb -Verbose

$CheckResults = Invoke-DbcCheck -SqlInstance $Sqlinstances -SqlCredential $cred -Check compatibilitylevel -Show $show -legacy $false -PassThru
12 changes: 6 additions & 6 deletions source/checks/Databasev5.Tests.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,7 +216,7 @@ Describe "Query Store Disabled" -Tag QueryStoreDisabled, Medium, Database -ForEa
Describe "Compatibility Level" -Tag CompatibilityLevel, High, Database -ForEach $InstancesToTest {
$Skip = ($__dbcconfig | Where-Object Name -EQ 'skip.database.compatibilitylevel').Value

Context "Compatibility level matches server compatibility level" {
Context "Compatibility level matches server compatibility level on <_.Name>" {
It "Database <_.Name> has the expected compatibility level on <_.SqlInstance>" -Skip:$skip -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database } else { $psitem.ConfigValues.compatexclude -notcontains $psitem.Name } } {
$psitem.CompatibilityLevel | Should -Be $psitem.ServerLevel -Because "it means you are on the appropriate compatibility level for your SQL Server version to use all available features."
}
Expand All @@ -226,7 +226,7 @@ Describe "Compatibility Level" -Tag CompatibilityLevel, High, Database -ForEach
Describe "Guest User" -Tag GuestUserConnect, Security, CIS, Medium, Database -ForEach $InstancesToTest {
$Skip = ($__dbcconfig | Where-Object Name -EQ 'skip.security.guestuserconnect').Value

Context "Testing Guest user has CONNECT permission" {
Context "Testing Guest user has CONNECT permission on <_.Name>" {
It "Database Guest user should return no CONNECT permissions in <_.Name> on <_.SqlInstance>" -Skip:$skip -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database } else { $psitem.ConfigValues.guestuserexclude -notcontains $psitem.Name } } {
$psitem.GuestUserConnect | Should -BeFalse -Because "we don't want the guest user to have connect access to our database."
}
Expand All @@ -236,7 +236,7 @@ Describe "Guest User" -Tag GuestUserConnect, Security, CIS, Medium, Database -Fo
Describe "Recovery Model" -Tag RecoveryModel, DISA, Medium, Database -ForEach $InstancesToTest {
$Skip = ($__dbcconfig | Where-Object Name -EQ 'skip.database.recoverymodel').Value

Context "Testing Recovery Model" {
Context "Testing Recovery Model on <_.Name>" {
It "Database <_.Name> should be set to <_.ConfigValues.recoverymodeltype> on <_.SqlInstance>" -Skip:$skip -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database } else { $psitem.ConfigValues.recoverymodelexclude -notcontains $psitem.Name } } {
$psitem.RecoveryModel | Should -Be $psitem.ConfigValues.recoverymodeltype -Because "You expect this recovery model."
}
Expand All @@ -246,7 +246,7 @@ Describe "Recovery Model" -Tag RecoveryModel, DISA, Medium, Database -ForEach $I
Describe "PseudoSimple Recovery Model" -Tag PseudoSimple, Medium, Database -ForEach $InstancesToTest {
$Skip = ($__dbcconfig | Where-Object Name -EQ 'skip.database.pseudosimple').Value

Context "Testing database is not in PseudoSimple recovery model" {
Context "Testing database is not in PseudoSimple recovery model on <_.Name>" {
It "Database <_.Name> has PseudoSimple recovery model equal false on <_.SqlInstance>" -Skip:$skip -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database -and $_.RecoveryModel -eq 'Full' } else { $psitem.ConfigValues.pseudosimpleexclude -notcontains $psitem.Name -and $_.RecoveryModel -eq 'Full' } } {
$psitem.PseudoSimple | Should -BeFalse -Because "PseudoSimple means that a FULL backup has not been taken and the database is still effectively in SIMPLE mode"
}
Expand All @@ -256,7 +256,7 @@ Describe "PseudoSimple Recovery Model" -Tag PseudoSimple, Medium, Database -ForE
Describe "Contained Database Auto Close" -Tag ContainedDBAutoClose, CIS, Database -ForEach $InstancesToTest {
$Skip = ($__dbcconfig | Where-Object Name -EQ 'skip.security.containedbautoclose').Value

Context "Testing contained database auto close option" {
Context "Testing contained database auto close option on <_.Name>" {
It "Database <_.Name> should have auto close set to false on <_.SqlInstance>" -Skip:$skip -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database -and $_.ContainmentType -ne "NONE" } else { $psitem.ConfigValues.contdbautocloseexclude -notcontains $psitem.Name -and $_.ContainmentType -ne "NONE" } } {
$psitem.ContainedDbAutoClose | Should -BeFalse -Because "Contained Databases should have auto close set to false for CIS compliance."
}
Expand All @@ -268,7 +268,7 @@ Describe "Contained Database SQL Authenticated Users" -Tag ContainedDBSQLAuth, C

#if ($version -lt 13 ) { $skip = $true }

Context "Testing contained database to see if sql authenticated users exist" {
Context "Testing contained database to see if sql authenticated users exist on <_.Name>" {
It "Database <_.Name> should have no sql authenticated users on <_.SqlInstance>" -Skip:$skip -ForEach $psitem.Databases.Where{ if ($Database) { $_.Name -in $Database -and $_.ContainmentType -ne "NONE" } else { $psitem.ConfigValues.contdbsqlauthexclude -notcontains $psitem.Name -and $_.ContainmentType -ne "NONE" } } {
$psitem.ContainedDbSqlAuthUsers | Should -Be 0 -Because "We expect there to be no sql authenticated users in contained database."
}
Expand Down
35 changes: 34 additions & 1 deletion source/internal/functions/NewGet-AllInstanceInfo.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -507,9 +507,42 @@ function NewGet-AllInstanceInfo {
}

'SqlEngineServiceAccount' {
$EngineAccounts = Get-DbaService -ComputerName $psitem -Type Engine -ErrorAction SilentlyContinue
$starttype = ($__dbcconfig | Where-Object { $_.Name -eq 'policy.instance.sqlenginestart' }).Value
$state = ($__dbcconfig | Where-Object { $_.Name -eq 'policy.instance.sqlenginestate' }).Value
try {
$EngineAccounts = Get-DbaService -ComputerName $psitem -Type Engine -ErrorAction Stop

} catch [System.Exception] {
if ($_.Exception.Message -like '*No services found in relevant namespaces*') {
$EngineAccounts = [PSCustomObject]@{
InstanceName = $Instance.Name
State = 'unknown'
ExpectedState = $state
StartType = 'unknown'
ExpectedStartType = $starttype
because = 'Some sort of failure - No services found in relevant namespaces'
}
} else {
$EngineAccounts = [PSCustomObject]@{
InstanceName = $Instance.Name
State = 'unknown'
ExpectedState = $state
StartType = 'unknown'
ExpectedStartType = $starttype
because = 'Some sort of failure'
}
}
} catch {
$EngineAccounts = [PSCustomObject]@{
InstanceName = $Instance.Name
State = 'unknown'
ExpectedState = $state
StartType = 'unknown'
ExpectedStartType = $starttype
because = 'We Could not Connect to $Instance $ComputerName , $InstanceName from catch'
}
}

if ($Instance.IsClustered) {
$starttype = 'Manual'
$because = 'This is a clustered instance and Clustered Instances required that the SQL engine service is set to manual'
Expand Down

0 comments on commit 7637efe

Please sign in to comment.