diff --git a/CHANGELOG.md b/CHANGELOG.md index f4009ace5..f17d56bff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,42 @@ # Change log for SharePointDsc +## 2.2 + +* SPAlternateURL + * If resource specifies Central Admin webapp and Default Zone, the existing + AAM will be updated instead of adding a new one +* SPContentDatabase + * Fixed issue where mounting a content database which had to be upgraded + resulted in a reboot. +* SPDistributedCacheClientSettings + * Added the new resource +* SPFarmAdministrators + * Fixed issue where member comparisons was case sensitive. This had + to be case insensitive. +* SPManagedMetadataServiceApp + * Fixed issue with creating the Content Type Hub on an existing MMS + service app without Content Type Hub. +* SPManagedMetadataServiceAppDefault + * Fixed issue where .GetType().FullName and TypeName were not used + properly. +* SPTimerJobState + * Updated description of WebAppUrl parameter to make it clear that + "N/A" has to be used to specify a global timer job. +* SPUserProfileServiceApp + * Fixed issue introduced in v2.0, where the Farm Account had to have + local Administrator permissions for the resource to function properly. + * Updated resource to retrieve the Farm account from the Managed Accounts + instead of requiring it as a parameter. +* SPUserProfileSyncService + * Fixed issue introduced in v2.0, where the Farm Account had to have + local Administrator permissions for the resource to function properly. + * Updated resource to retrieve the Farm account from the Managed Accounts + instead of requiring it as a parameter. + * The FarmAccount parameter is deprecated and no longer required. Is ignored + in the code and will be removed in v3.0. +* SPVisioServiceApp + * Fixed an issue where the proxy is not properly getting created + ## 2.1 * General diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/MSFT_SPAlternateUrl.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/MSFT_SPAlternateUrl.psm1 index 9318a3ab0..ecfa3a2ef 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/MSFT_SPAlternateUrl.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/MSFT_SPAlternateUrl.psm1 @@ -164,17 +164,30 @@ function Set-TargetResource # URL not configured on WebApp if ($null -eq $urlAam) { - # urlAAM not found, so it is safe to create AAM on specified zone - $cmdParams = @{ - WebApplication = $webapp - Url = $params.Url - Zone = $params.Zone + # urlAAM not found, so it is safe to create AAM on specified zone (or modify existing if CA) + # If this is Central Admin and Default zone, we want to update the existing AAM instead of adding a new one + if ($webapp.IsAdministrationWebApplication -and $params.Zone -eq "Default") + { + # web app is Central Administration and Default zone + + # If CA has more than 1 AAM in Default zone, Set-SPAlternateUrl should consolidate into 1 + # For additional CA servers, use other zones instead of Default + + Set-SPAlternateURL -Identity $webApp.Url -Url $params.Url -Zone $params.Zone | Out-Null } - if (($params.ContainsKey("Internal") -eq $true)) + else { - $cmdParams.Add("Internal", $params.Internal) + $cmdParams = @{ + WebApplication = $webapp + Url = $params.Url + Zone = $params.Zone + } + if (($params.ContainsKey("Internal") -eq $true)) + { + $cmdParams.Add("Internal", $params.Internal) + } + New-SPAlternateURL @cmdParams | Out-Null } - New-SPAlternateURL @cmdParams | Out-Null } else { diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/readme.md b/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/readme.md index 3eed3e88b..8cf6c182a 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/readme.md +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPAlternateUrl/readme.md @@ -5,11 +5,25 @@ web application. These can be assigned to specific zones for each web application. Alternatively a URL can be removed from a zone to ensure that it will remain empty and have no alternate URL. +The default value for the Ensure parameter is Present. When not specifying this +parameter, the setting is configured. + +## Central Administration + To select the Central Administration site, use the following command to retrieve the correct web application name: (Get-SPWebApplication -IncludeCentralAdministration | Where-Object { $_.IsAdministrationWebApplication }).DisplayName -The default value for the Ensure parameter is Present. When not specifying this -parameter, the setting is configured. +To update the existing Default Zone AAM for Central Administration (e.g. to +implement HTTPS), use the above command to retrieve the web application name +(by default, it will be "SharePoint Central Administration v4") and specify +"Default" as the Zone. If you wish to add AAM's instead, you may use the other +zones to do so. + +Using SPAlternateUrl to update the Default Zone AAM for Central Administration +will update the AAM in SharePoint as well as the CentralAdministrationUrl value +in the registry. It will not, however, update bindings in IIS. It is recommended +to use the xWebsite resource from the xWebAdministration module to configure the +appropriate bindings in IIS. diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPContentDatabase/MSFT_SPContentDatabase.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPContentDatabase/MSFT_SPContentDatabase.psm1 index 29b4e8a3d..f51170b01 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPContentDatabase/MSFT_SPContentDatabase.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPContentDatabase/MSFT_SPContentDatabase.psm1 @@ -7,32 +7,32 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.String] $Name, - + [Parameter()] [System.String] $DatabaseServer, - + [Parameter(Mandatory = $true)] [System.String] $WebAppUrl, - + [Parameter()] [System.Boolean] $Enabled, - + [Parameter()] [System.UInt16] $WarningSiteCount, - + [Parameter()] [System.UInt16] $MaximumSiteCount, - + [Parameter()] [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", - + [Parameter()] [System.Management.Automation.PSCredential] $InstallAccount @@ -44,7 +44,7 @@ function Get-TargetResource -Arguments $PSBoundParameters ` -ScriptBlock { $params = $args[0] - + $cdb = Get-SPDatabase | Where-Object -FilterScript { $_.GetType().FullName -eq "Microsoft.SharePoint.Administration.SPContentDatabase" -and ` $_.Name -eq $params.Name @@ -102,32 +102,32 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.String] $Name, - + [Parameter()] [System.String] $DatabaseServer, - + [Parameter(Mandatory = $true)] [System.String] $WebAppUrl, - + [Parameter()] [System.Boolean] $Enabled, - + [Parameter()] [System.UInt16] $WarningSiteCount, - + [Parameter()] [System.UInt16] $MaximumSiteCount, - + [Parameter()] [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", - + [Parameter()] [System.Management.Automation.PSCredential] $InstallAccount @@ -184,7 +184,7 @@ function Set-TargetResource { $newParams.$($param.Key) = $param.Value } - + if ($param.Key -eq "MaximumSiteCount") { $newParams.MaxSiteCount = $param.Value @@ -215,7 +215,7 @@ function Set-TargetResource { $cdbenabled = $false } - + if ($params.Enabled -ne $cdbenabled) { switch ($params.Enabled) @@ -241,7 +241,7 @@ function Set-TargetResource { $cdbenabled = $false } - + if ($params.ContainsKey("Enabled") -and $params.Enabled -ne $cdbenabled) { switch ($params.Enabled) @@ -256,13 +256,13 @@ function Set-TargetResource } } } - + # Check and change site count settings if ($null -ne $params.WarningSiteCount -and $params.WarningSiteCount -ne $cdb.WarningSiteCount) { $cdb.WarningSiteCount = $params.WarningSiteCount } - + if ($params.MaximumSiteCount -and $params.MaximumSiteCount -ne $cdb.MaximumSiteCount) { $cdb.MaximumSiteCount = $params.MaximumSiteCount @@ -280,12 +280,12 @@ function Set-TargetResource { $newParams.$($param.Key) = $param.Value } - + if ($param.Key -eq "MaximumSiteCount") { $newParams.MaxSiteCount = $param.Value } - + if ($param.Key -eq "WebAppUrl") { $newParams.WebApplication = $param.Value @@ -311,8 +311,9 @@ function Set-TargetResource { $cdbenabled = $false } - - if ($params.Enabled -ne $cdbenabled) + + if ($params.ContainsKey("Enabled") -eq $true -and ` + $params.Enabled -ne $cdbenabled) { switch ($params.Enabled) { @@ -350,32 +351,32 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.String] $Name, - + [Parameter()] [System.String] $DatabaseServer, - + [Parameter(Mandatory = $true)] [System.String] $WebAppUrl, - + [Parameter()] [System.Boolean] $Enabled, - + [Parameter()] [System.UInt16] $WarningSiteCount, - + [Parameter()] [System.UInt16] $MaximumSiteCount, - + [Parameter()] [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", - + [Parameter()] [System.Management.Automation.PSCredential] $InstallAccount diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/MSFT_SPDistributedCacheClientSettings.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/MSFT_SPDistributedCacheClientSettings.psm1 new file mode 100644 index 000000000..800d7dd7f --- /dev/null +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/MSFT_SPDistributedCacheClientSettings.psm1 @@ -0,0 +1,717 @@ +function Get-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Collections.Hashtable])] + param + ( + [Parameter(Mandatory = $true)] + [ValidateSet("Yes")] + [System.String] + $IsSingleInstance, + + [Parameter()] + [System.UInt32] + $DLTCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DLTCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DLTCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DVSCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DVSCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DVSCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DACMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DACRequestTimeout, + + [Parameter()] + [System.UInt32] + $DACChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DAFMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DAFRequestTimeout, + + [Parameter()] + [System.UInt32] + $DAFChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DAFCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DAFCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DAFCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DBCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DBCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DBCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DDCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DDCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DDCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DSCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DSCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DSCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DTCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DTCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DTCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DSTACMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DSTACRequestTimeout, + + [Parameter()] + [System.UInt32] + $DSTACChannelOpenTimeOut, + + [Parameter()] + [System.Management.Automation.PSCredential] + $InstallAccount + ) + + Write-Verbose -Message "Getting the Distributed Cache Client Settings" + + $result = Invoke-SPDSCCommand -Credential $InstallAccount ` + -Arguments $PSBoundParameters ` + -ScriptBlock { + $params = $args[0] + + $nullReturnValue = @{ + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = $null + DLTCRequestTimeout = $null + DLTCChannelOpenTimeOut = $null + DVSCMaxConnectionsToServer = $null + DVSCRequestTimeout = $null + DVSCChannelOpenTimeOut = $null + DACMaxConnectionsToServer = $null + DACRequestTimeout = $null + DACChannelOpenTimeOut = $null + DAFMaxConnectionsToServer = $null + DAFRequestTimeout = $null + DAFChannelOpenTimeOut = $null + DAFCMaxConnectionsToServer = $null + DAFCRequestTimeout = $null + DAFCChannelOpenTimeOut = $null + DBCMaxConnectionsToServer = $null + DBCRequestTimeout = $null + DBCChannelOpenTimeOut = $null + DDCMaxConnectionsToServer = $null + DDCRequestTimeout = $null + DDCChannelOpenTimeOut = $null + DSCMaxConnectionsToServer = $null + DSCRequestTimeout = $null + DSCChannelOpenTimeOut = $null + DTCMaxConnectionsToServer = $null + DTCRequestTimeout = $null + DTCChannelOpenTimeOut = $null + DSTACMaxConnectionsToServer = $null + DSTACRequestTimeout = $null + DSTACChannelOpenTimeOut = $null + InstallAccount = $params.InstallAccount + } + + try + { + $DLTC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedLogonTokenCache" + $DVSC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedViewStateCache" + $DAC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedAccessCache" + $DAF = Get-SPDistributedCacheClientSetting -ContainerType "DistributedActivityFeedCache" + $DAFC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedActivityFeedLMTCache" + $DBC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedBouncerCache" + $DDC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedDefaultCache" + $DSC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedSearchCache" + $DTC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedSecurityTrimmingCache" + $DSTAC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedServerToAppServerAccessTokenCache" + + $returnValue = @{ + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = $DLTC.MaxConnectionsToServer + DLTCRequestTimeout = $DLTC.RequestTimeout + DLTCChannelOpenTimeOut = $DLTC.ChannelOpenTimeOut + DVSCMaxConnectionsToServer = $DVSC.MaxConnectionsToServer + DVSCRequestTimeout = $DVSC.RequestTimeout + DVSCChannelOpenTimeOut = $DVSC.ChannelOpenTimeOut + DACMaxConnectionsToServer = $DAC.MaxConnectionsToServer + DACRequestTimeout = $DAC.RequestTimeout + DACChannelOpenTimeOut = $DAC.ChannelOpenTimeOut + DAFMaxConnectionsToServer = $DAF.MaxConnectionsToServer + DAFRequestTimeout = $DAF.RequestTimeout + DAFChannelOpenTimeOut = $DAF.ChannelOpenTimeOut + DAFCMaxConnectionsToServer = $DAFC.MaxConnectionsToServer + DAFCRequestTimeout = $DAFC.RequestTimeout + DAFCChannelOpenTimeOut = $DAFC.ChannelOpenTimeOut + DBCMaxConnectionsToServer = $DBC.MaxConnectionsToServer + DBCRequestTimeout = $DBC.RequestTimeout + DBCChannelOpenTimeOut = $DBC.ChannelOpenTimeOut + DDCMaxConnectionsToServer = $DDC.MaxConnectionsToServer + DDCRequestTimeout = $DDC.RequestTimeout + DDCChannelOpenTimeOut = $DDC.ChannelOpenTimeOut + DSCMaxConnectionsToServer = $DSC.MaxConnectionsToServer + DSCRequestTimeout = $DSC.RequestTimeout + DSCChannelOpenTimeOut = $DSC.ChannelOpenTimeOut + DTCMaxConnectionsToServer = $DTC.MaxConnectionsToServer + DTCRequestTimeout = $DTC.RequestTimeout + DTCChannelOpenTimeOut = $DTC.ChannelOpenTimeOut + DSTACMaxConnectionsToServer = $DSTAC.MaxConnectionsToServer + DSTACRequestTimeout = $DSTAC.RequestTimeout + DSTACChannelOpenTimeOut = $DSTAC.ChannelOpenTimeOut + InstallAccount = $params.InstallAccount + } + return $returnValue + } + catch + { + return $nullReturnValue + } + } + return $result +} + + +function Set-TargetResource +{ + [CmdletBinding()] + param + ( + [Parameter(Mandatory = $true)] + [ValidateSet("Yes")] + [System.String] + $IsSingleInstance, + + [Parameter()] + [System.UInt32] + $DLTCMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DLTCRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DLTCChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DVSCMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DVSCRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DVSCChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DACMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DACRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DACChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DAFMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DAFRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DAFChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DAFCMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DAFCRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DAFCChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DBCMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DBCRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DBCChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DDCMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DDCRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DDCChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DSCMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DSCRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DSCChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DTCMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DTCRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DTCChannelOpenTimeOut = 3000, + + [Parameter()] + [System.UInt32] + $DSTACMaxConnectionsToServer = 1, + + [Parameter()] + [System.UInt32] + $DSTACRequestTimeout = 3000, + + [Parameter()] + [System.UInt32] + $DSTACChannelOpenTimeOut = 3000, + + [Parameter()] + [System.Management.Automation.PSCredential] + $InstallAccount + ) + + Write-Verbose -Message "Setting the Distributed Cache Client Settings" + + Invoke-SPDSCCommand -Credential $InstallAccount ` + -Arguments $PSBoundParameters ` + -ScriptBlock { + $params = $args[0] + + #DistributedLogonTokenCache + $DLTC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedLogonTokenCache" + + if($params.DLTCMaxConnectionsToServer) + { + $DLTC.MaxConnectionsToServer = $params.DLTCMaxConnectionsToServer + } + if($params.DLTCRequestTimeout) + { + $DLTC.RequestTimeout = $params.DLTCRequestTimeout + } + if($params.DLTCChannelOpenTimeOut) + { + $DLTC.ChannelOpenTimeOut = $params.DLTCChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedLogonTokenCache" $DLTC + + #DistributedViewStateCache + $DVSC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedViewStateCache" + if($params.DVSCMaxConnectionsToServer) + { + $DVSC.MaxConnectionsToServer = $params.DVSCMaxConnectionsToServer + } + if($params.DVSCRequestTimeout) + { + $DVSC.RequestTimeout = $params.DVSCRequestTimeout + } + if($params.DVSCChannelOpenTimeOut) + { + $DVSC.ChannelOpenTimeOut = $params.DVSCChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedViewStateCache" $DVSC + + #DistributedAccessCache + $DAC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedAccessCache" + if($params.DACMaxConnectionsToServer) + { + $DAC.MaxConnectionsToServer = $params.DACMaxConnectionsToServer + } + if($params.DACRequestTimeout) + { + $DAC.RequestTimeout = $params.DACRequestTimeout + } + if($params.DACChannelOpenTimeOut) + { + $DAC.ChannelOpenTimeOut = $params.DACChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedAccessCache" $DAC + + #DistributedActivityFeedCache + $DAF = Get-SPDistributedCacheClientSetting -ContainerType "DistributedActivityFeedCache" + if($params.DAFMaxConnectionsToServer) + { + $DAF.MaxConnectionsToServer = $params.DAFMaxConnectionsToServer + } + if($params.DAFRequestTimeout) + { + $DAF.RequestTimeout = $params.DAFRequestTimeout + } + if($params.DAFChannelOpenTimeOut) + { + $DAF.ChannelOpenTimeOut = $params.DAFChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedActivityFeedCache" $DAF + + #DistributedActivityFeedLMTCache + $DAFC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedActivityFeedLMTCache" + if($params.DAFCMaxConnectionsToServer) + { + $DAFC.MaxConnectionsToServer = $params.DAFCMaxConnectionsToServer + } + if($params.DAFCRequestTimeout) + { + $DAFC.RequestTimeout = $params.DAFCRequestTimeout + } + if($params.DAFCChannelOpenTimeOut) + { + $DAFC.ChannelOpenTimeOut = $params.DAFCChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedActivityFeedLMTCache" $DAFC + + #DistributedBouncerCache + $DBC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedBouncerCache" + if($params.DBCMaxConnectionsToServer) + { + $DBC.MaxConnectionsToServer = $params.DBCMaxConnectionsToServer + } + if($params.DBCRequestTimeout) + { + $DBC.RequestTimeout = $params.DBCRequestTimeout + } + if($params.DBCChannelOpenTimeOut) + { + $DBC.ChannelOpenTimeOut = $params.DBCChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedBouncerCache" $DBC + + #DistributedDefaultCache + $DDC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedDefaultCache" + if($params.DDCMaxConnectionsToServer) + { + $DDC.MaxConnectionsToServer = $params.DDCMaxConnectionsToServer + } + if($params.DDCRequestTimeout) + { + $DDC.RequestTimeout = $params.DDCRequestTimeout + } + if($params.DDCChannelOpenTimeOut) + { + $DDC.ChannelOpenTimeOut = $params.DDCChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedDefaultCache" $DDC + + #DistributedSearchCache + $DSC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedSearchCache" + if($params.DSCMaxConnectionsToServer) + { + $DSC.MaxConnectionsToServer = $params.DSCMaxConnectionsToServer + } + if($params.DSCRequestTimeout) + { + $DSC.RequestTimeout = $params.DSCRequestTimeout + } + if($params.DSCChannelOpenTimeOut) + { + $DSC.ChannelOpenTimeOut = $params.DSCChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedSearchCache" $DSC + + #DistributedSecurityTrimmingCache + $DTC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedSecurityTrimmingCache" + if($params.DTCMaxConnectionsToServer) + { + $DTC.MaxConnectionsToServer = $params.DTCMaxConnectionsToServer + } + if($params.DTCRequestTimeout) + { + $DTC.RequestTimeout = $params.DTCRequestTimeout + } + if($params.DTCChannelOpenTimeOut) + { + $DTC.ChannelOpenTimeOut = $params.DTCChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedSecurityTrimmingCache" $DTC + + #DistributedServerToAppServerAccessTokenCache + $DSTAC = Get-SPDistributedCacheClientSetting -ContainerType "DistributedServerToAppServerAccessTokenCache" + if($params.DSTACMaxConnectionsToServer) + { + $DSTAC.MaxConnectionsToServer = $params.DSTACMaxConnectionsToServer + } + if($params.DSTACRequestTimeout) + { + $DSTAC.RequestTimeout = $params.DSTACRequestTimeout + } + if($params.DSTACChannelOpenTimeOut) + { + $DSTAC.ChannelOpenTimeOut = $params.DSTACChannelOpenTimeOut + } + Set-SPDistributedCacheClientSetting -ContainerType "DistributedServerToAppServerAccessTokenCache" $DSTAC + } +} + +function Test-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Boolean])] + param + ( + [Parameter(Mandatory = $true)] + [ValidateSet("Yes")] + [System.String] + $IsSingleInstance, + + [Parameter()] + [System.UInt32] + $DLTCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DLTCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DLTCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DVSCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DVSCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DVSCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DACMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DACRequestTimeout, + + [Parameter()] + [System.UInt32] + $DACChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DAFMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DAFRequestTimeout, + + [Parameter()] + [System.UInt32] + $DAFChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DAFCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DAFCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DAFCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DBCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DBCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DBCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DDCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DDCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DDCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DSCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DSCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DSCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DTCMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DTCRequestTimeout, + + [Parameter()] + [System.UInt32] + $DTCChannelOpenTimeOut, + + [Parameter()] + [System.UInt32] + $DSTACMaxConnectionsToServer, + + [Parameter()] + [System.UInt32] + $DSTACRequestTimeout, + + [Parameter()] + [System.UInt32] + $DSTACChannelOpenTimeOut, + + [Parameter()] + [System.Management.Automation.PSCredential] + $InstallAccount + ) + + Write-Verbose -Message "Testing the Distributed Cache Client Settings" + + $CurrentValues = Get-TargetResource @PSBoundParameters + + return Test-SPDscParameterState -CurrentValues $CurrentValues ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck @("DLTCMaxConnectionsToServer", + "DLTCRequestTimeout", + "DLTCChannelOpenTimeOut", + "DVSCMaxConnectionsToServer", + "DVSCRequestTimeout", + "DVSCChannelOpenTimeOut", + "DACMaxConnectionsToServer", + "DACRequestTimeout", + "DACChannelOpenTimeOut", + "DAFMaxConnectionsToServer", + "DAFRequestTimeout", + "DAFChannelOpenTimeOut", + "DAFCMaxConnectionsToServer", + "DAFCRequestTimeout", + "DAFCChannelOpenTimeOut", + "DBCMaxConnectionsToServer", + "DBCRequestTimeout", + "DBCChannelOpenTimeOut", + "DDCMaxConnectionsToServer", + "DDCRequestTimeout", + "DDCChannelOpenTimeOut", + "DSCMaxConnectionsToServer", + "DSCRequestTimeout", + "DSCChannelOpenTimeOut", + "DTCMaxConnectionsToServer", + "DTCRequestTimeout", + "DTCChannelOpenTimeOut", + "DSTACMaxConnectionsToServer", + "DSTACRequestTimeout", + "DSTACChannelOpenTimeOut" + ) +} + +Export-ModuleMember -Function *-TargetResource diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/MSFT_SPDistributedCacheClientSettings.schema.mof b/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/MSFT_SPDistributedCacheClientSettings.schema.mof new file mode 100644 index 000000000..e899e0ebb --- /dev/null +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/MSFT_SPDistributedCacheClientSettings.schema.mof @@ -0,0 +1,36 @@ +[ClassVersion("1.0.0.0"), FriendlyName("SPDistributedCacheClientSettings")] +class MSFT_SPDistributedCacheClientSettings : OMI_BaseResource +{ + [Key, Description("Unique key for the resource. Set to 'Yes' to apply configuration."), ValueMap{"Yes"}, Values{"Yes"}] String IsSingleInstance; + [Write, Description("Maximum number of connections to the Distributed Logon Token Cache")] UInt32 DLTCMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Logon Token Cache")] UInt32 DLTCRequestTimeout; + [Write, Description("Channel timeout for the Distributed Logon Token Cache")] UInt32 DLTCChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed View State Cache")] UInt32 DVSCMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed View State Cache")] UInt32 DVSCRequestTimeout; + [Write, Description("Channel timeout for the Distributed View State Cache")] UInt32 DVSCChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Access Cache")] UInt32 DACMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Access Cache")] UInt32 DACRequestTimeout; + [Write, Description("Channel timeout for the Distributed Access Cache")] UInt32 DACChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Activity Feed Cache")] UInt32 DAFMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Activity Feed Cache")] UInt32 DAFRequestTimeout; + [Write, Description("Channel timeout for the Distributed Activity Feed Cache")] UInt32 DAFChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Activity Feed LMT Cache")] UInt32 DAFCMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Activity Feed LMT Cache")] UInt32 DAFCRequestTimeout; + [Write, Description("Channel timeout for the Distributed Activity Feed LMT Cache")] UInt32 DAFCChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Bouncer Cache")] UInt32 DBCMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Bouncer Cache")] UInt32 DBCRequestTimeout; + [Write, Description("Channel timeout for the Distributed Bouncer Cache")] UInt32 DBCChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Default Cache")] UInt32 DDCMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Default Cache")] UInt32 DDCRequestTimeout; + [Write, Description("Channel timeout for the Distributed Default Cache")] UInt32 DDCChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Search Cache")] UInt32 DSCMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Search Cache")] UInt32 DSCRequestTimeout; + [Write, Description("Channel timeout for the Distributed Search Cache")] UInt32 DSCChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Security Trimming Cache")] UInt32 DTCMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Security Trimming Cache")] UInt32 DTCRequestTimeout; + [Write, Description("Channel timeout for the Distributed Security Trimming Cache")] UInt32 DTCChannelOpenTimeOut; + [Write, Description("Maximum number of connections to the Distributed Server to Application Server Cache")] UInt32 DSTACMaxConnectionsToServer; + [Write, Description("Request timeout for the Distributed Server to Application Server Cache")] UInt32 DSTACRequestTimeout; + [Write, Description("Channel timeout for the Distributed Server to Application Server Cache")] UInt32 DSTACChannelOpenTimeOut; + [Write, Description("POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5"), EmbeddedInstance("MSFT_Credential")] String InstallAccount; +}; diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/Readme.md b/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/Readme.md new file mode 100644 index 000000000..b74dc6aa3 --- /dev/null +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPDistributedCacheClientSettings/Readme.md @@ -0,0 +1,9 @@ +# Description + +This resource is responsible for configuring the distributed cache client +settings. It only accepts Ensure='Present' as a key. The resource can +configure the following cache components: DistributedLogonTokenCache, +DistributedViewStateCache, DistributedAccessCache, +DistributedActivityFeedCache, DistributedActivityFeedLMTCache, +DistributedBouncerCache, DistributedDefaultCache, DistributedSearchCache, +DistributedSecurityTrimmingCache, and DistributedServerToAppServerAccessTokenCache. diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPFarmAdministrators/MSFT_SPFarmAdministrators.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPFarmAdministrators/MSFT_SPFarmAdministrators.psm1 index 0dfa103e0..bb0a22201 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPFarmAdministrators/MSFT_SPFarmAdministrators.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPFarmAdministrators/MSFT_SPFarmAdministrators.psm1 @@ -4,36 +4,36 @@ function Get-TargetResource [OutputType([System.Collections.Hashtable])] param ( - [Parameter(Mandatory = $true)] - [System.String] + [Parameter(Mandatory = $true)] + [System.String] $Name, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $Members, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $MembersToInclude, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $MembersToExclude, - [Parameter()] - [System.Management.Automation.PSCredential] + [Parameter()] + [System.Management.Automation.PSCredential] $InstallAccount ) Write-Verbose -Message "Getting Farm Administrators configuration" - if ($Members -and (($MembersToInclude) -or ($MembersToExclude))) + if ($Members -and (($MembersToInclude) -or ($MembersToExclude))) { throw ("Cannot use the Members parameter together with the " + ` "MembersToInclude or MembersToExclude parameters") } - if (!$Members -and !$MembersToInclude -and !$MembersToExclude) + if (!$Members -and !$MembersToInclude -and !$MembersToExclude) { throw ("At least one of the following parameters must be specified: " + ` "Members, MembersToInclude, MembersToExclude") @@ -46,10 +46,10 @@ function Get-TargetResource $webApps = Get-SPwebapplication -IncludeCentralAdministration $caWebapp = $webApps | Where-Object -FilterScript { - $_.IsAdministrationWebApplication + $_.IsAdministrationWebApplication } - - if ($null -eq $caWebapp) + + if ($null -eq $caWebapp) { Write-Verbose "Unable to locate central administration website" return $null @@ -74,36 +74,36 @@ function Set-TargetResource [CmdletBinding()] param ( - [Parameter(Mandatory = $true)] - [System.String] + [Parameter(Mandatory = $true)] + [System.String] $Name, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $Members, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $MembersToInclude, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $MembersToExclude, - [Parameter()] - [System.Management.Automation.PSCredential] + [Parameter()] + [System.Management.Automation.PSCredential] $InstallAccount ) Write-Verbose -Message "Setting Farm Administrators configuration" - - if ($Members -and (($MembersToInclude) -or ($MembersToExclude))) + + if ($Members -and (($MembersToInclude) -or ($MembersToExclude))) { throw ("Cannot use the Members parameter together with the " + ` "MembersToInclude or MembersToExclude parameters") } - if (!$Members -and !$MembersToInclude -and !$MembersToExclude) + if (!$Members -and !$MembersToInclude -and !$MembersToExclude) { throw ("At least one of the following parameters must be specified: " + ` "Members, MembersToInclude, MembersToExclude") @@ -117,7 +117,7 @@ function Set-TargetResource $changeUsers = @{} $runChange = $false - + if ($Members) { Write-Verbose "Processing Members parameter" @@ -125,25 +125,25 @@ function Set-TargetResource $differences = Compare-Object -ReferenceObject $CurrentValues.Members ` -DifferenceObject $Members - if ($null -eq $differences) + if ($null -eq $differences) { Write-Verbose "Farm Administrators group matches. No further processing required" - } - else + } + else { Write-Verbose "Farm Administrators group does not match. Perform corrective action" $addUsers = @() $removeUsers = @() - foreach ($difference in $differences) + foreach ($difference in $differences) { - if ($difference.SideIndicator -eq "=>") + if ($difference.SideIndicator -eq "=>") { # Add account $user = $difference.InputObject Write-Verbose "Add $user to Add list" $addUsers += $user - } - elseif ($difference.SideIndicator -eq "<=") + } + elseif ($difference.SideIndicator -eq "<=") { # Remove account $user = $difference.InputObject @@ -152,14 +152,14 @@ function Set-TargetResource } } - if($addUsers.count -gt 0) + if($addUsers.count -gt 0) { Write-Verbose "Adding $($addUsers.Count) users to the Farm Administrators group" $changeUsers.Add = $addUsers $runChange = $true } - if($removeUsers.count -gt 0) + if($removeUsers.count -gt 0) { Write-Verbose "Removing $($removeUsers.Count) users from the Farm Administrators group" $changeUsers.Remove = $removeUsers @@ -168,25 +168,25 @@ function Set-TargetResource } } - if ($MembersToInclude) + if ($MembersToInclude) { Write-Verbose "Processing MembersToInclude parameter" - + $addUsers = @() - foreach ($member in $MembersToInclude) + foreach ($member in $MembersToInclude) { - if (-not($CurrentValues.Members.Contains($member))) + if (-not($CurrentValues.Members -contains $member)) { Write-Verbose "$member is not a Farm Administrator. Add user to Add list" $addUsers += $member - } - else + } + else { Write-Verbose "$member is already a Farm Administrator. Skipping" } } - if($addUsers.count -gt 0) + if($addUsers.count -gt 0) { Write-Verbose "Adding $($addUsers.Count) users to the Farm Administrators group" $changeUsers.Add = $addUsers @@ -194,25 +194,25 @@ function Set-TargetResource } } - if ($MembersToExclude) + if ($MembersToExclude) { Write-Verbose "Processing MembersToExclude parameter" - + $removeUsers = @() - foreach ($member in $MembersToExclude) + foreach ($member in $MembersToExclude) { - if ($CurrentValues.Members.Contains($member)) + if ($CurrentValues.Members -contains $member) { Write-Verbose "$member is a Farm Administrator. Add user to Remove list" $removeUsers += $member - } - else + } + else { Write-Verbose "$member is not a Farm Administrator. Skipping" } } - if($removeUsers.count -gt 0) + if($removeUsers.count -gt 0) { Write-Verbose "Removing $($removeUsers.Count) users from the Farm Administrators group" $changeUsers.Remove = $removeUsers @@ -220,7 +220,7 @@ function Set-TargetResource } } - if ($runChange) + if ($runChange) { Write-Verbose "Apply changes" Merge-SPDscFarmAdminList $changeUsers @@ -234,36 +234,36 @@ function Test-TargetResource [OutputType([System.Boolean])] param ( - [Parameter(Mandatory = $true)] - [System.String] + [Parameter(Mandatory = $true)] + [System.String] $Name, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $Members, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $MembersToInclude, - [Parameter()] - [System.String[]] + [Parameter()] + [System.String[]] $MembersToExclude, - [Parameter()] - [System.Management.Automation.PSCredential] + [Parameter()] + [System.Management.Automation.PSCredential] $InstallAccount ) Write-Verbose -Message "Testing Farm Administrators configuration" - - if ($Members -and (($MembersToInclude) -or ($MembersToExclude))) + + if ($Members -and (($MembersToInclude) -or ($MembersToExclude))) { throw ("Cannot use the Members parameter together with the " + ` "MembersToInclude or MembersToExclude parameters") } - if (!$Members -and !$MembersToInclude -and !$MembersToExclude) + if (!$Members -and !$MembersToInclude -and !$MembersToExclude) { throw ("At least one of the following parameters must be specified: " + ` "Members, MembersToInclude, MembersToExclude") @@ -271,23 +271,23 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters - if ($null -eq $CurrentValues) + if ($null -eq $CurrentValues) { - return $false + return $false } - - if ($Members) + + if ($Members) { Write-Verbose "Processing Members parameter" $differences = Compare-Object -ReferenceObject $CurrentValues.Members ` -DifferenceObject $Members - if ($null -eq $differences) + if ($null -eq $differences) { Write-Verbose "Farm Administrators group matches" return $true - } - else + } + else { Write-Verbose "Farm Administrators group does not match" return $false @@ -295,34 +295,34 @@ function Test-TargetResource } $result = $true - if ($MembersToInclude) + if ($MembersToInclude) { Write-Verbose "Processing MembersToInclude parameter" - foreach ($member in $MembersToInclude) + foreach ($member in $MembersToInclude) { - if (-not($CurrentValues.Members -contains $member)) + if (-not($CurrentValues.Members -contains $member)) { Write-Verbose "$member is not a Farm Administrator. Set result to false" $result = $false - } - else + } + else { Write-Verbose "$member is already a Farm Administrator. Skipping" } } } - if ($MembersToExclude) + if ($MembersToExclude) { Write-Verbose "Processing MembersToExclude parameter" - foreach ($member in $MembersToExclude) + foreach ($member in $MembersToExclude) { - if ($CurrentValues.Members -contains $member) + if ($CurrentValues.Members -contains $member) { Write-Verbose "$member is a Farm Administrator. Set result to false" $result = $false - } - else + } + else { Write-Verbose "$member is not a Farm Administrator. Skipping" } @@ -332,11 +332,11 @@ function Test-TargetResource return $result } -function Merge-SPDscFarmAdminList +function Merge-SPDscFarmAdminList { param ( - [Parameter()] - [Hashtable] + [Parameter()] + [Hashtable] $changeUsers ) @@ -345,7 +345,7 @@ function Merge-SPDscFarmAdminList $webApps = Get-SPwebapplication -IncludeCentralAdministration $caWebapp = $webApps | Where-Object -FilterScript { - $_.IsAdministrationWebApplication + $_.IsAdministrationWebApplication } if ($null -eq $caWebapp) { @@ -354,17 +354,17 @@ function Merge-SPDscFarmAdminList $caWeb = Get-SPweb($caWebapp.Url) $farmAdminGroup = $caWeb.AssociatedOwnerGroup - if ($changeUsers.ContainsKey("Add")) + if ($changeUsers.ContainsKey("Add")) { - foreach ($loginName in $changeUsers.Add) + foreach ($loginName in $changeUsers.Add) { $caWeb.SiteGroups.GetByName($farmAdminGroup).AddUser($loginName,"","","") } } - - if ($changeUsers.ContainsKey("Remove")) + + if ($changeUsers.ContainsKey("Remove")) { - foreach ($loginName in $changeUsers.Remove) + foreach ($loginName in $changeUsers.Remove) { $removeUser = get-spuser $loginName -web $caWebapp.Url $caWeb.SiteGroups.GetByName($farmAdminGroup).RemoveUser($removeUser) diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceApp/MSFT_SPManagedMetaDataServiceApp.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceApp/MSFT_SPManagedMetaDataServiceApp.psm1 index 81c21c1f1..b27a7f92e 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceApp/MSFT_SPManagedMetaDataServiceApp.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceApp/MSFT_SPManagedMetaDataServiceApp.psm1 @@ -140,6 +140,10 @@ function Get-TargetResource { $hubUrl = $hubUrl.TrimEnd('/') } + else + { + $hubUrl = "" + } } catch [System.Exception] { diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceAppDefault/MSFT_SPManagedMetadataServiceAppDefault.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceAppDefault/MSFT_SPManagedMetadataServiceAppDefault.psm1 index a9f755102..b09795678 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceAppDefault/MSFT_SPManagedMetadataServiceAppDefault.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPManagedMetadataServiceAppDefault/MSFT_SPManagedMetadataServiceAppDefault.psm1 @@ -38,7 +38,7 @@ function Get-TargetResource } $serviceAppProxies = $serviceAppProxies | Where-Object -FilterScript { - $_.GetType().FullName -eq "Managed Metadata Service Connection" + $_.GetType().FullName -eq "Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy" } if ($null -eq $serviceAppProxies) @@ -126,7 +126,7 @@ function Set-TargetResource $serviceAppProxies = Get-SPServiceApplicationProxy -ErrorAction SilentlyContinue $serviceAppProxies = $serviceAppProxies | Where-Object -FilterScript { - $_.GetType().FullName -eq "Managed Metadata Service Connection" + $_.GetType().FullName -eq "Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy" } foreach ($serviceAppProxy in $serviceAppProxies) diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPTimerJobState/MSFT_SPTimerJobState.schema.mof b/Modules/SharePointDsc/DSCResources/MSFT_SPTimerJobState/MSFT_SPTimerJobState.schema.mof index 3406f700c..210e8234e 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPTimerJobState/MSFT_SPTimerJobState.schema.mof +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPTimerJobState/MSFT_SPTimerJobState.schema.mof @@ -2,7 +2,7 @@ class MSFT_SPTimerJobState : OMI_BaseResource { [Key, Description("The type name of the timer job (not the display name)")] String TypeName; - [Key, Description("The URL of the web application that the timer job belongs to, N/A if no web application is applicable")] String WebAppUrl; + [Key, Description("The URL of the web application that the timer job belongs to. Use the value 'N/A' if no web application is applicable")] String WebAppUrl; [Write, Description("Should the timer job be enabled or not")] Boolean Enabled; [Write, Description("The schedule for the timer job to execute on")] String Schedule; [Write, Description("POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5"), EmbeddedInstance("MSFT_Credential")] String InstallAccount; diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/MSFT_SPUserProfileServiceApp.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/MSFT_SPUserProfileServiceApp.psm1 index aa6bfb873..fd435b029 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/MSFT_SPUserProfileServiceApp.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/MSFT_SPUserProfileServiceApp.psm1 @@ -67,7 +67,7 @@ function Get-TargetResource $farmAccount = Invoke-SPDSCCommand -Credential $InstallAccount ` -Arguments $PSBoundParameters ` -ScriptBlock { - return Get-SPDSCFarmAccountName + return Get-SPDscFarmAccount } if ($null -ne $farmAccount) @@ -75,24 +75,25 @@ function Get-TargetResource if ($PSBoundParameters.ContainsKey("InstallAccount") -eq $true) { # InstallAccount used - if ($InstallAccount.UserName -ne $farmAccount) + if ($InstallAccount.UserName -eq $farmAccount.UserName) { - throw ("Specified InstallAccount ($($InstallAccount.UserName)) isn't the Farm " + ` - "Account. Make sure the specified InstallAccount is the Farm Account " + ` + throw ("Specified InstallAccount ($($InstallAccount.UserName)) is the Farm " + ` + "Account. Make sure the specified InstallAccount isn't the Farm Account " + ` "and try again") } } - else { + else + { # PSDSCRunAsCredential or System if (-not $Env:USERNAME.Contains("$")) { # PSDSCRunAsCredential used $localaccount = "$($Env:USERDOMAIN)\$($Env:USERNAME)" - if ($localaccount -ne $farmAccount) + if ($localaccount -eq $farmAccount.UserName) { - throw ("Specified PSDSCRunAsCredential ($localaccount) isn't the Farm " + ` - "Account. Make sure the specified PSDSCRunAsCredential is the Farm " + ` - "Account and try again") + throw ("Specified PSDSCRunAsCredential ($localaccount) is the Farm " + ` + "Account. Make sure the specified PSDSCRunAsCredential isn't the " + ` + "Farm Account and try again") } } } @@ -111,6 +112,7 @@ function Get-TargetResource $nullReturn = @{ Name = $params.Name Ensure = "Absent" + ApplicationPool = $params.ApplicationPool } if ($null -eq $serviceApps) { @@ -127,8 +129,8 @@ function Get-TargetResource else { $databases = @{} - $propertyFlags = [System.Reflection.BindingFlags]::Instance ` - -bor [System.Reflection.BindingFlags]::NonPublic + $propertyFlags = [System.Reflection.BindingFlags]::Instance -bor ` + [System.Reflection.BindingFlags]::NonPublic $propData = $serviceApp.GetType().GetProperties($propertyFlags) @@ -247,9 +249,9 @@ function Set-TargetResource if ($Ensure -eq "Present") { $farmAccount = Invoke-SPDSCCommand -Credential $InstallAccount ` - -Arguments $PSBoundParameters ` - -ScriptBlock { - return Get-SPDSCFarmAccountName + -Arguments $PSBoundParameters ` + -ScriptBlock { + return Get-SPDscFarmAccount } if ($null -ne $farmAccount) @@ -257,22 +259,25 @@ function Set-TargetResource if ($PSBoundParameters.ContainsKey("InstallAccount") -eq $true) { # InstallAccount used - if ($InstallAccount.UserName -ne $farmAccount) + if ($InstallAccount.UserName -eq $farmAccount.UserName) { - throw ("Specified InstallAccount ($($InstallAccount.UserName)) isn't the Farm Account. Make sure " + ` - "the specified InstallAccount is the Farm Account and try again") + throw ("Specified InstallAccount ($($InstallAccount.UserName)) is the Farm " + ` + "Account. Make sure the specified InstallAccount isn't the Farm Account " + ` + "and try again") } } - else { + else + { # PSDSCRunAsCredential or System if (-not $Env:USERNAME.Contains("$")) { # PSDSCRunAsCredential used $localaccount = "$($Env:USERDOMAIN)\$($Env:USERNAME)" - if ($localaccount -ne $farmAccount) + if ($localaccount -eq $farmAccount.UserName) { - throw ("Specified PSDSCRunAsCredential ($localaccount) isn't the Farm Account. Make sure " + ` - "the specified PSDSCRunAsCredential is the Farm Account and try again") + throw ("Specified PSDSCRunAsCredential ($localaccount) is the Farm " + ` + "Account. Make sure the specified PSDSCRunAsCredential isn't the " + ` + "Farm Account and try again") } } } @@ -284,20 +289,24 @@ function Set-TargetResource Write-Verbose -Message "Creating user profile service application $Name" - # Add the InstallAccount to the local Administrators group, if it's not already there - $isLocalAdmin = Test-SPDSCUserIsLocalAdmin -UserName $farmAccount + # Add the FarmAccount to the local Administrators group, if it's not already there + $isLocalAdmin = Test-SPDSCUserIsLocalAdmin -UserName $farmAccount.UserName if (!$isLocalAdmin) { - Add-SPDSCUserToLocalAdmin -UserName $farmAccount + Write-Verbose -Message "Adding farm account to Local Administrators group" + Add-SPDSCUserToLocalAdmin -UserName $farmAccount.UserName - # Cycle the Timer Service so that it picks up the local Admin token + # Cycle the Timer Service and flush Kerberos tickets + # so that it picks up the local Admin token Restart-Service -Name "SPTimerV4" + + Clear-SPDscKerberosToken -Account $farmAccount.UserName } - $result = Invoke-SPDSCCommand -Credential $InstallAccount ` - -Arguments $PSBoundParameters ` - -ScriptBlock { + $null = Invoke-SPDSCCommand -Credential $FarmAccount ` + -Arguments $PSBoundParameters ` + -ScriptBlock { $params = $args[0] $updateEnableNetBIOS = $false @@ -377,7 +386,14 @@ function Set-TargetResource # Remove the InstallAccount from the local Administrators group, if it was added above if (!$isLocalAdmin) { - Remove-SPDSCUserToLocalAdmin -UserName $farmAccount + Write-Verbose -Message "Removing farm account from Local Administrators group" + Remove-SPDSCUserToLocalAdmin -UserName $farmAccount.UserName + + # Cycle the Timer Service and flush Kerberos tickets + # so that it picks up the local Admin token + Restart-Service -Name "SPTimerV4" + + Clear-SPDscKerberosToken -Account $farmAccount.UserName } } diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/readme.md b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/readme.md index 12e93f996..1e977f93f 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/readme.md +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileServiceApp/readme.md @@ -4,9 +4,22 @@ This resource will provision an instance of the user profile service to the farm. It creates the required databases using the parameters that are passed in to it (although these are only used during the initial provisioning). -The specified InstallAccount or PSDSCRunAsCredential has to be the Farm Account. -This is done to ensure that the databases are created with the correct schema -owners and allow the user profile sync service to operate correctly. +The specified InstallAccount or PSDSCRunAsCredential cannot be the Farm Account. +The resource will throw an error when it is. + +To allow successful provisioning, the farm account must be in the local +administrators group, however it is not best practice to leave this account in +the Administrators group. Therefore this resource will add the Farm Account +credential to the local administrators group at the beginning of the set method +and remove it again later on. The default value for the Ensure parameter is Present. When not specifying this parameter, the service application is provisioned. + +NOTE: +Due to the fact that SharePoint requires certain User Profile components to be +provisioned as the Farm account, this resource and SPUserProfileSyncService +retrieve the Farm account from the Managed Accounts. +This does however mean that CredSSP is required, which has some security +implications. More information about these risks can be found at: +http://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp/ diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.psm1 index 110f6d86d..1fe948f42 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.psm1 @@ -12,7 +12,7 @@ function Get-TargetResource [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", - [Parameter(Mandatory = $true)] + [Parameter()] [System.Management.Automation.PSCredential] $FarmAccount, @@ -33,21 +33,22 @@ function Get-TargetResource "service via DSC, as 2016 does not use the FIM based sync service.") } - $farmAccountName = Invoke-SPDSCCommand -Credential $InstallAccount ` + $farmAccount = Invoke-SPDSCCommand -Credential $InstallAccount ` -Arguments $PSBoundParameters ` -ScriptBlock { - return Get-SPDSCFarmAccountName + return Get-SPDscFarmAccount } - if ($null -ne $farmAccountName) + if ($null -ne $farmAccount) { if ($PSBoundParameters.ContainsKey("InstallAccount") -eq $true) { # InstallAccount used - if ($InstallAccount.UserName -ne $farmAccountName) + if ($InstallAccount.UserName -eq $farmAccount.UserName) { - throw ("Specified InstallAccount isn't the Farm Account. Make sure " + ` - "the specified InstallAccount is the Farm Account and try again") + throw ("Specified InstallAccount ($($InstallAccount.UserName)) is the Farm " + ` + "Account. Make sure the specified InstallAccount isn't the Farm Account " + ` + "and try again") } } else { @@ -56,10 +57,11 @@ function Get-TargetResource { # PSDSCRunAsCredential used $localaccount = "$($Env:USERDOMAIN)\$($Env:USERNAME)" - if ($localaccount -ne $farmAccountName) + if ($localaccount -eq $farmAccount.UserName) { - throw ("Specified PSDSCRunAsCredential isn't the Farm Account. Make sure " + ` - "the specified Install Account is the Farm Account and try again") + throw ("Specified PSDSCRunAsCredential ($localaccount) is the Farm " + ` + "Account. Make sure the specified PSDSCRunAsCredential isn't the " + ` + "Farm Account and try again") } } } @@ -151,7 +153,7 @@ function Set-TargetResource [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", - [Parameter(Mandatory = $true)] + [Parameter()] [System.Management.Automation.PSCredential] $FarmAccount, @@ -174,21 +176,22 @@ function Set-TargetResource "service via DSC, as 2016 does not use the FIM based sync service.") } - $farmAccountName = Invoke-SPDSCCommand -Credential $InstallAccount ` - -Arguments $PSBoundParameters ` - -ScriptBlock { - return Get-SPDSCFarmAccountName + $farmAccount = Invoke-SPDSCCommand -Credential $InstallAccount ` + -Arguments $PSBoundParameters ` + -ScriptBlock { + return Get-SPDscFarmAccount } - if ($null -ne $farmAccountName) + if ($null -ne $farmAccount) { if ($PSBoundParameters.ContainsKey("InstallAccount") -eq $true) { # InstallAccount used - if ($InstallAccount.UserName -ne $farmAccountName) + if ($InstallAccount.UserName -eq $farmAccount.UserName) { - throw ("Specified InstallAccount isn't the Farm Account. Make sure " + ` - "the specified InstallAccount is the Farm Account and try again") + throw ("Specified InstallAccount ($($InstallAccount.UserName)) is the Farm " + ` + "Account. Make sure the specified InstallAccount isn't the Farm Account " + ` + "and try again") } } else { @@ -197,10 +200,11 @@ function Set-TargetResource { # PSDSCRunAsCredential used $localaccount = "$($Env:USERDOMAIN)\$($Env:USERNAME)" - if ($localaccount -ne $farmAccountName) + if ($localaccount -eq $farmAccount.UserName) { - throw ("Specified PSDSCRunAsCredential isn't the Farm Account. Make sure " + ` - "the specified Install Account is the Farm Account and try again") + throw ("Specified PSDSCRunAsCredential ($localaccount) is the Farm " + ` + "Account. Make sure the specified PSDSCRunAsCredential isn't the " + ` + "Farm Account and try again") } } } @@ -229,27 +233,33 @@ function Set-TargetResource } # Add the Farm Account to the local Admins group, if it's not already there - $isLocalAdmin = Test-SPDSCUserIsLocalAdmin -UserName $farmAccountName + $isLocalAdmin = Test-SPDSCUserIsLocalAdmin -UserName $farmAccount.UserName if (!$isLocalAdmin) { - Add-SPDSCUserToLocalAdmin -UserName $farmAccountName + Write-Verbose -Message "Adding farm account to Local Administrators group" + Add-SPDSCUserToLocalAdmin -UserName $farmAccount.UserName - # Cycle the Timer Service so that it picks up the local Admin token + # Cycle the Timer Service and flush Kerberos tickets + # so that it picks up the local Admin token Restart-Service -Name "SPTimerV4" + + Clear-SPDscKerberosToken -Account $farmAccount.UserName } $isInDesiredState = $false try { - Invoke-SPDSCCommand -Credential $InstallAccount -Arguments ($PSBoundParameters,$farmAccountName) -ScriptBlock { + Invoke-SPDSCCommand -Credential $FarmAccount ` + -Arguments ($PSBoundParameters,$farmAccount) ` + -ScriptBlock { $params = $args[0] - $farmAccountName = $args[1] + $farmAccount = $args[1] $currentServer = $env:COMPUTERNAME $services = Get-SPServiceInstance -Server $currentServer ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue $syncService = $services | Where-Object -FilterScript { $_.GetType().Name -eq "ProfileSynchronizationServiceInstance" } @@ -277,8 +287,8 @@ function Set-TargetResource "named $($params.UserProfileServiceAppName)") } - $userName = $farmAccountName - $password = $params.FarmAccount.GetNetworkCredential().Password + $userName = $farmAccount.UserName + $password = $farmAccount.GetNetworkCredential().Password $ups.SetSynchronizationMachine($currentServer, $syncService.ID, $userName, $password) Start-SPServiceInstance -Identity $syncService.ID @@ -293,7 +303,7 @@ function Set-TargetResource } $count = 0 - $maxCount = 10 + $maxCount = 20 while (($count -lt $maxCount) -and ($syncService.Status -ne $desiredState)) { @@ -303,9 +313,9 @@ function Set-TargetResource } # Get the current status of the Sync service - Write-Verbose ("$([DateTime]::Now.ToShortTimeString()) - Waiting for user profile " + ` - "sync service to become '$desiredState' (waited $count of " + ` - "$maxCount minutes)") + Write-Verbose -Message ("$([DateTime]::Now.ToShortTimeString()) - Waiting for user " + ` + "profile sync service to become '$desiredState' (waited " + ` + "$count of $maxCount minutes)") $services = Get-SPServiceInstance -Server $currentServer ` -ErrorAction SilentlyContinue @@ -321,7 +331,14 @@ function Set-TargetResource # Remove the Farm Account from the local Admins group, if it was added above if (!$isLocalAdmin) { - Remove-SPDSCUserToLocalAdmin -UserName $farmAccountName + Write-Verbose -Message "Removing farm account from Local Administrators group" + Remove-SPDSCUserToLocalAdmin -UserName $farmAccount.UserName + + # Cycle the Timer Service and flush Kerberos tickets + # so that it picks up the local Admin token + Restart-Service -Name "SPTimerV4" + + Clear-SPDscKerberosToken -Account $farmAccount.UserName } } if($syncService.Status -ne $desiredState) @@ -344,7 +361,7 @@ function Test-TargetResource [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", - [Parameter(Mandatory = $true)] + [Parameter()] [System.Management.Automation.PSCredential] $FarmAccount, diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.schema.mof b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.schema.mof index 68327b13d..b65b4fc6b 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.schema.mof +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/MSFT_SPUserProfileSyncService.schema.mof @@ -3,7 +3,7 @@ class MSFT_SPUserProfileSyncService : OMI_BaseResource { [Key, Description("The name of the user profile service for this sync instance")] string UserProfileServiceAppName; [Write, Description("Present to ensure the service is running, absent to ensure it is not"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; - [Required, Description("The farm account, which is needed to provision the service app"), EmbeddedInstance("MSFT_Credential")] String FarmAccount; + [Write, Description("PARAMETER IS NOT USED ANYMORE, WILL BE REMOVED IN V3.0"), EmbeddedInstance("MSFT_Credential")] String FarmAccount; [Write, Description("Should the sync service only run when the user profile database is in a writeable state?")] Boolean RunOnlyWhenWriteable; [Write, Description("POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5"), EmbeddedInstance("MSFT_Credential")] String InstallAccount; }; diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/readme.md b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/readme.md index dad43beb9..ad89863c8 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/readme.md +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPUserProfileSyncService/readme.md @@ -4,15 +4,22 @@ This resource is responsible for ensuring that the user profile sync service has been provisioned (Ensure = "Present") or is not running (Ensure = "Absent") on the current server. -This resource requires that the FarmAccount is specified as the InstallAccount -or PsDscRunAsCredential parameter. It will throw an exception if this is not -the case. +The specified InstallAccount or PSDSCRunAsCredential cannot be the Farm Account. +The resource will throw an error when it is. -To allow successful provisioning the farm account must be in the local +To allow successful provisioning, the farm account must be in the local administrators group, however it is not best practice to leave this account in -the Administrators group. Therefore this resource will add the FarmAccount +the Administrators group. Therefore this resource will add the Farm Account credential to the local administrators group at the beginning of the set method and remove it again later on. The default value for the Ensure parameter is Present. When not specifying this parameter, the user profile sync service is provisioned. + +NOTE: +Due to the fact that SharePoint requires certain User Profile components to be +provisioned as the Farm account, this resource and SPUserProfileServiceApp +retrieve the Farm account from the Managed Accounts. +This does however mean that CredSSP is required, which has some security +implications. More information about these risks can be found at: +http://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp/ diff --git a/Modules/SharePointDsc/DSCResources/MSFT_SPVisioServiceApp/MSFT_SPVisioServiceApp.psm1 b/Modules/SharePointDsc/DSCResources/MSFT_SPVisioServiceApp/MSFT_SPVisioServiceApp.psm1 index 8e96a2ea2..17b264293 100644 --- a/Modules/SharePointDsc/DSCResources/MSFT_SPVisioServiceApp/MSFT_SPVisioServiceApp.psm1 +++ b/Modules/SharePointDsc/DSCResources/MSFT_SPVisioServiceApp/MSFT_SPVisioServiceApp.psm1 @@ -133,7 +133,7 @@ function Set-TargetResource if ($null -ne $visioApp) { New-SPVisioServiceApplicationProxy -Name $pName ` - -ServiceApplication $visioApp | Out-Null + -ServiceApplication $visioApp.Name | Out-Null } } } diff --git a/Modules/SharePointDsc/Examples/Resources/SPDistributedCacheClientSettings/1-ConfigureClientSettings.ps1 b/Modules/SharePointDsc/Examples/Resources/SPDistributedCacheClientSettings/1-ConfigureClientSettings.ps1 new file mode 100644 index 000000000..489266a5d --- /dev/null +++ b/Modules/SharePointDsc/Examples/Resources/SPDistributedCacheClientSettings/1-ConfigureClientSettings.ps1 @@ -0,0 +1,52 @@ +<# +.EXAMPLE + This example configures the distributed cache client settings. +#> + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDistributedCacheClientSettings Settings + { + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = 3 + DLTCRequestTimeout = 1000 + DLTCChannelOpenTimeOut = 1000 + DVSCMaxConnectionsToServer = 3 + DVSCRequestTimeout = 1000 + DVSCChannelOpenTimeOut = 1000 + DACMaxConnectionsToServer = 3 + DACRequestTimeout = 1000 + DACChannelOpenTimeOut = 1000 + DAFMaxConnectionsToServer = 3 + DAFRequestTimeout = 1000 + DAFChannelOpenTimeOut = 1000 + DAFCMaxConnectionsToServer = 3 + DAFCRequestTimeout = 1000 + DAFCChannelOpenTimeOut = 1000 + DBCMaxConnectionsToServer = 3 + DBCRequestTimeout = 1000 + DBCChannelOpenTimeOut = 1000 + DDCMaxConnectionsToServer = 3 + DDCRequestTimeout = 1000 + DDCChannelOpenTimeOut = 1000 + DSCMaxConnectionsToServer = 3 + DSCRequestTimeout = 1000 + DSCChannelOpenTimeOut = 1000 + DTCMaxConnectionsToServer = 3 + DTCRequestTimeout = 1000 + DTCChannelOpenTimeOut = 1000 + DSTACMaxConnectionsToServer = 3 + DSTACRequestTimeout = 1000 + DSTACChannelOpenTimeOut = 1000 + PsDscRunAscredential = $SetupAccount + } + } + } diff --git a/Modules/SharePointDsc/Modules/SharePointDsc.Util/SharePointDsc.Util.psm1 b/Modules/SharePointDsc/Modules/SharePointDsc.Util/SharePointDsc.Util.psm1 index fcb3bb1fd..8073a8fa7 100644 --- a/Modules/SharePointDsc/Modules/SharePointDsc.Util/SharePointDsc.Util.psm1 +++ b/Modules/SharePointDsc/Modules/SharePointDsc.Util/SharePointDsc.Util.psm1 @@ -20,6 +20,28 @@ function Add-SPDSCUserToLocalAdmin ([ADSI]"WinNT://$($env:computername)/Administrators,group").Add("WinNT://$domainName/$accountName") | Out-Null } +function Clear-SPDscKerberosToken +{ + param ( + [Parameter(Mandatory=$true)] + [System.String] + $Account + ) + + $sessions = klist sessions + foreach ($session in $sessions) + { + if ($session -like "*$($Account)*") + { + Write-Verbose -Message "Purging Kerberos ticket for $LogonId" + $LogonId = $session.split(' ')[3] + $LogonId = $LogonId.Replace('0:','') + klist -li $LogonId purge | Out-Null + } + + } +} + function Convert-SPDscADGroupIDToName { param( @@ -93,7 +115,29 @@ function Get-SPDSCAssemblyVersion } -function Get-SPDSCFarmAccountName +function Get-SPDscFarmAccount +{ + [CmdletBinding()] + param + () + + $farmaccount = (Get-SPFarm).DefaultServiceAccount.Name + + $account = Get-SPManagedAccount | Where-Object -FilterScript { $_.UserName -eq $farmaccount } + + $bindings = [System.Reflection.BindingFlags]::CreateInstance -bor ` + [System.Reflection.BindingFlags]::GetField -bor ` + [System.Reflection.BindingFlags]::Instance -bor ` + [System.Reflection.BindingFlags]::NonPublic + + $pw = $account.GetType().GetField("m_Password", $bindings).GetValue($account); + + return New-Object -TypeName System.Management.Automation.PSCredential ` + -ArgumentList $farmaccount, $pw.SecureStringValue +} + + +function Get-SPDscFarmAccountName { [CmdletBinding()] param diff --git a/Modules/SharePointDsc/SharePointDsc.psd1 b/Modules/SharePointDsc/SharePointDsc.psd1 index 572a6319f..703274b61 100644 --- a/Modules/SharePointDsc/SharePointDsc.psd1 +++ b/Modules/SharePointDsc/SharePointDsc.psd1 @@ -12,7 +12,7 @@ # RootModule = '' # Version number of this module. -ModuleVersion = '2.1.0.0' +ModuleVersion = '2.2.0.0' # ID used to uniquely identify this module GUID = '6c1176a0-4fac-4134-8ca2-3fa8a21a7b90' @@ -128,53 +128,41 @@ PrivateData = @{ # ReleaseNotes of this module ReleaseNotes = " - * General - * Updated the integration tests for building the Azure environment - * Works in any Azure environment. - * Updated the SqlServer configuration to use SqlServerDsc version 10.0.0.0. * SPAlternateURL - * Added the ability to manage the Central Administration AAMs - * SPDiagnosticsProvider - * Added the resource - * SPFarm - * Corrected issue where ServerRole parameter is returned in SP2013 - * SPInfoPathFormsServiceConfig - * Added the resource - * SPInstallPrereqs - * Fixed two typos in to be installed Windows features for SharePoint 2016 - * SPSearchAutoritativePage - * Added missing readme.md - * SPSearchCrawlerImpactRule - * Fixed issue where an error was thrown when retrieving Crawl Impact rules - * Added missing readme.md - * SPSearchCrawlMapping - * Added missing readme.md - * SPSecureStoreServiceApp - * Fixed issue in Get-TargetResource to return AuditingEnabled property - * SPSecurityTokenServiceConfig - * Added the resource - * SPServiceIdentity - * Fixed issue with correctly retrieving the process identity for the - Search instance - * Added support for LocalSystem, LocalService and NetworkService - * SPUserProfileProperty - * Fixed issues with the User Profile properties for 2016 - * SPUserProfileServiceAppPermissions - * Removed the mandatory requirement from secondary parameters - * SPUserProfileSyncConnection - * Fixed issues with the User Profile Sync connection for SharePoint - 2016 + * If resource specifies Central Admin webapp and Default Zone, the existing + AAM will be updated instead of adding a new one + * SPContentDatabase + * Fixed issue where mounting a content database which had to be upgraded + resulted in a reboot. + * SPDistributedCacheClientSettings + * Added the new resource + * SPFarmAdministrators + * Fixed issue where member comparisons was case sensitive. This had + to be case insensitive. + * SPManagedMetadataServiceApp + * Fixed issue with creating the Content Type Hub on an existing MMS + service app without Content Type Hub. + * SPManagedMetadataServiceAppDefault + * Fixed issue where .GetType().FullName and TypeName were not used + properly. + * SPTimerJobState + * Updated description of WebAppUrl parameter to make it clear that + N/A has to be used to specify a global timer job. + * SPUserProfileServiceApp + * Fixed issue introduced in v2.0, where the Farm Account had to have + local Administrator permissions for the resource to function properly. + * Updated resource to retrieve the Farm account from the Managed Accounts + instead of requiring it as a parameter. * SPUserProfileSyncService - * Added returning the FarmAccount to the Get method - * SPWebAppAuthentication - * Corrected issue where parameter validation wasn't performed correctly - * SPWebApplicationExtension - * Fixed issue with test always failing when Ensure was set to Absent - * SPWorkManagementServiceApp - * Added check for SharePoint 2016, since this functionality has been - removed in SharePoint 2016 -" - + * Fixed issue introduced in v2.0, where the Farm Account had to have + local Administrator permissions for the resource to function properly. + * Updated resource to retrieve the Farm account from the Managed Accounts + instead of requiring it as a parameter. + * The FarmAccount parameter is deprecated and no longer required. Is ignored + in the code and will be removed in v3.0. + * SPVisioServiceApp + * Fixed an issue where the proxy is not properly getting created + " } # End of PSData hashtable } # End of PrivateData hashtable diff --git a/Modules/SharePointDsc/en-US/about_SPAlternateUrl.help.txt b/Modules/SharePointDsc/en-US/about_SPAlternateUrl.help.txt index 03d24fd59..028f892bf 100644 --- a/Modules/SharePointDsc/en-US/about_SPAlternateUrl.help.txt +++ b/Modules/SharePointDsc/en-US/about_SPAlternateUrl.help.txt @@ -8,14 +8,28 @@ application. Alternatively a URL can be removed from a zone to ensure that it will remain empty and have no alternate URL. + The default value for the Ensure parameter is Present. When not specifying this + parameter, the setting is configured. + + ## Central Administration + To select the Central Administration site, use the following command to retrieve the correct web application name: (Get-SPWebApplication -IncludeCentralAdministration | Where-Object { $_.IsAdministrationWebApplication }).DisplayName - The default value for the Ensure parameter is Present. When not specifying this - parameter, the setting is configured. + To update the existing Default Zone AAM for Central Administration (e.g. to + implement HTTPS), use the above command to retrieve the web application name + (by default, it will be "SharePoint Central Administration v4") and specify + "Default" as the Zone. If you wish to add AAM's instead, you may use the other + zones to do so. + + Using SPAlternateUrl to update the Default Zone AAM for Central Administration + will update the AAM in SharePoint as well as the CentralAdministrationUrl value + in the registry. It will not, however, update bindings in IIS. It is recommended + to use the xWebsite resource from the xWebAdministration module to configure the + appropriate bindings in IIS. .PARAMETER WebAppName Key - String diff --git a/Modules/SharePointDsc/en-US/about_SPDistributedCacheClientSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPDistributedCacheClientSettings.help.txt new file mode 100644 index 000000000..0acd30fb3 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPDistributedCacheClientSettings.help.txt @@ -0,0 +1,196 @@ +.NAME + SPDistributedCacheClientSettings + +# Description + + This resource is responsible for configuring the distributed cache client + settings. It only accepts Ensure='Present' as a key. The resource can + configure the following cache components: DistributedLogonTokenCache, + DistributedViewStateCache, DistributedAccessCache, + DistributedActivityFeedCache, DistributedActivityFeedLMTCache, + DistributedBouncerCache, DistributedDefaultCache, DistributedSearchCache, + DistributedSecurityTrimmingCache, and DistributedServerToAppServerAccessTokenCache. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Unique key for the resource. Set to 'Yes' to apply configuration. + +.PARAMETER DLTCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Logon Token Cache + +.PARAMETER DLTCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Logon Token Cache + +.PARAMETER DLTCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Logon Token Cache + +.PARAMETER DVSCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed View State Cache + +.PARAMETER DVSCRequestTimeout + Write - UInt32 + Request timeout for the Distributed View State Cache + +.PARAMETER DVSCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed View State Cache + +.PARAMETER DACMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Access Cache + +.PARAMETER DACRequestTimeout + Write - UInt32 + Request timeout for the Distributed Access Cache + +.PARAMETER DACChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Access Cache + +.PARAMETER DAFMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Activity Feed Cache + +.PARAMETER DAFRequestTimeout + Write - UInt32 + Request timeout for the Distributed Activity Feed Cache + +.PARAMETER DAFChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Activity Feed Cache + +.PARAMETER DAFCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Activity Feed LMT Cache + +.PARAMETER DAFCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Activity Feed LMT Cache + +.PARAMETER DAFCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Activity Feed LMT Cache + +.PARAMETER DBCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Bouncer Cache + +.PARAMETER DBCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Bouncer Cache + +.PARAMETER DBCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Bouncer Cache + +.PARAMETER DDCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Default Cache + +.PARAMETER DDCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Default Cache + +.PARAMETER DDCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Default Cache + +.PARAMETER DSCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Search Cache + +.PARAMETER DSCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Search Cache + +.PARAMETER DSCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Search Cache + +.PARAMETER DTCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Security Trimming Cache + +.PARAMETER DTCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Security Trimming Cache + +.PARAMETER DTCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Security Trimming Cache + +.PARAMETER DSTACMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Server to Application Server Cache + +.PARAMETER DSTACRequestTimeout + Write - UInt32 + Request timeout for the Distributed Server to Application Server Cache + +.PARAMETER DSTACChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Server to Application Server Cache + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example configures the distributed cache client settings. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDistributedCacheClientSettings Settings + { + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = 3 + DLTCRequestTimeout = 1000 + DLTCChannelOpenTimeOut = 1000 + DVSCMaxConnectionsToServer = 3 + DVSCRequestTimeout = 1000 + DVSCChannelOpenTimeOut = 1000 + DACMaxConnectionsToServer = 3 + DACRequestTimeout = 1000 + DACChannelOpenTimeOut = 1000 + DAFMaxConnectionsToServer = 3 + DAFRequestTimeout = 1000 + DAFChannelOpenTimeOut = 1000 + DAFCMaxConnectionsToServer = 3 + DAFCRequestTimeout = 1000 + DAFCChannelOpenTimeOut = 1000 + DBCMaxConnectionsToServer = 3 + DBCRequestTimeout = 1000 + DBCChannelOpenTimeOut = 1000 + DDCMaxConnectionsToServer = 3 + DDCRequestTimeout = 1000 + DDCChannelOpenTimeOut = 1000 + DSCMaxConnectionsToServer = 3 + DSCRequestTimeout = 1000 + DSCChannelOpenTimeOut = 1000 + DTCMaxConnectionsToServer = 3 + DTCRequestTimeout = 1000 + DTCChannelOpenTimeOut = 1000 + DSTACMaxConnectionsToServer = 3 + DSTACRequestTimeout = 1000 + DSTACChannelOpenTimeOut = 1000 + PsDscRunAscredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPTimerJobState.help.txt b/Modules/SharePointDsc/en-US/about_SPTimerJobState.help.txt index 9e3360bf0..3c1cc7b3a 100644 --- a/Modules/SharePointDsc/en-US/about_SPTimerJobState.help.txt +++ b/Modules/SharePointDsc/en-US/about_SPTimerJobState.help.txt @@ -33,7 +33,7 @@ .PARAMETER WebAppUrl Key - String - The URL of the web application that the timer job belongs to, N/A if no web application is applicable + The URL of the web application that the timer job belongs to. Use the value 'N/A' if no web application is applicable .PARAMETER Enabled Write - Boolean diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileServiceApp.help.txt index d998fc2e2..9a6d3bab7 100644 --- a/Modules/SharePointDsc/en-US/about_SPUserProfileServiceApp.help.txt +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileServiceApp.help.txt @@ -7,13 +7,26 @@ farm. It creates the required databases using the parameters that are passed in to it (although these are only used during the initial provisioning). - The specified InstallAccount or PSDSCRunAsCredential has to be the Farm Account. - This is done to ensure that the databases are created with the correct schema - owners and allow the user profile sync service to operate correctly. + The specified InstallAccount or PSDSCRunAsCredential cannot be the Farm Account. + The resource will throw an error when it is. + + To allow successful provisioning, the farm account must be in the local + administrators group, however it is not best practice to leave this account in + the Administrators group. Therefore this resource will add the Farm Account + credential to the local administrators group at the beginning of the set method + and remove it again later on. The default value for the Ensure parameter is Present. When not specifying this parameter, the service application is provisioned. + NOTE: + Due to the fact that SharePoint requires certain User Profile components to be + provisioned as the Farm account, this resource and SPUserProfileSyncService + retrieve the Farm account from the Managed Accounts. + This does however mean that CredSSP is required, which has some security + implications. More information about these risks can be found at: + http://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp/ + .PARAMETER Name Key - string The name of the user profile service diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileSyncService.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileSyncService.help.txt index 6138b4966..045fa89ce 100644 --- a/Modules/SharePointDsc/en-US/about_SPUserProfileSyncService.help.txt +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileSyncService.help.txt @@ -7,19 +7,26 @@ has been provisioned (Ensure = "Present") or is not running (Ensure = "Absent") on the current server. - This resource requires that the FarmAccount is specified as the InstallAccount - or PsDscRunAsCredential parameter. It will throw an exception if this is not - the case. + The specified InstallAccount or PSDSCRunAsCredential cannot be the Farm Account. + The resource will throw an error when it is. - To allow successful provisioning the farm account must be in the local + To allow successful provisioning, the farm account must be in the local administrators group, however it is not best practice to leave this account in - the Administrators group. Therefore this resource will add the FarmAccount + the Administrators group. Therefore this resource will add the Farm Account credential to the local administrators group at the beginning of the set method and remove it again later on. The default value for the Ensure parameter is Present. When not specifying this parameter, the user profile sync service is provisioned. + NOTE: + Due to the fact that SharePoint requires certain User Profile components to be + provisioned as the Farm account, this resource and SPUserProfileServiceApp + retrieve the Farm account from the Managed Accounts. + This does however mean that CredSSP is required, which has some security + implications. More information about these risks can be found at: + http://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp/ + .PARAMETER UserProfileServiceAppName Key - string The name of the user profile service for this sync instance @@ -30,8 +37,8 @@ Present to ensure the service is running, absent to ensure it is not .PARAMETER FarmAccount - Required - String - The farm account, which is needed to provision the service app + Write - String + PARAMETER IS NOT USED ANYMORE, WILL BE REMOVED IN V3.0 .PARAMETER RunOnlyWhenWriteable Write - Boolean diff --git a/Tests/Unit/SharePointDsc/SharePointDsc.SPDistributedCacheClientSettings.Tests.ps1 b/Tests/Unit/SharePointDsc/SharePointDsc.SPDistributedCacheClientSettings.Tests.ps1 new file mode 100644 index 000000000..bef1f6ef1 --- /dev/null +++ b/Tests/Unit/SharePointDsc/SharePointDsc.SPDistributedCacheClientSettings.Tests.ps1 @@ -0,0 +1,127 @@ +[CmdletBinding()] +param( + [Parameter()] + [string] + $SharePointCmdletModule = (Join-Path -Path $PSScriptRoot ` + -ChildPath "..\Stubs\SharePoint\15.0.4805.1000\Microsoft.SharePoint.PowerShell.psm1" ` + -Resolve) +) + +Import-Module -Name (Join-Path -Path $PSScriptRoot ` + -ChildPath "..\UnitTestHelper.psm1" ` + -Resolve) + +$Global:SPDscHelper = New-SPDscUnitTestHelper -SharePointStubModule $SharePointCmdletModule ` + -DscResource "SPDistributedCacheClientSettings" ` + -IncludeDistributedCacheStubs + +Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { + InModuleScope -ModuleName $Global:SPDscHelper.ModuleName -ScriptBlock { + Invoke-Command -ScriptBlock $Global:SPDscHelper.InitializeScript -NoNewScope + + # Mocks for all contexts + + Mock -CommandName Set-SPDistributedCacheClientSetting{} + + # Test contexts + Context -Name "Some Distributed Cache Client Settings are Not Properly Configured" -Fixture { + Mock -CommandName Get-SPDistributedCacheClientSetting -MockWith { + return @{ + MaxConnectionsToServer = 3 + RequestTimeout = 1000 + ChannelOpenTimeOut = 1000 + } } + $testParams = @{ + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = 5 + DLTCRequestTimeout = 1000 + DLTCChannelOpenTimeOut = 1000 + DVSCMaxConnectionsToServer = 3 + DVSCRequestTimeout = 1000 + DVSCChannelOpenTimeOut = 1000 + DACMaxConnectionsToServer = 3 + DACRequestTimeout = 1000 + DACChannelOpenTimeOut = 1000 + DAFMaxConnectionsToServer = 3 + DAFRequestTimeout = 1000 + DAFChannelOpenTimeOut = 1000 + DAFCMaxConnectionsToServer = 3 + DAFCRequestTimeout = 1000 + DAFCChannelOpenTimeOut = 1000 + DBCMaxConnectionsToServer = 3 + DBCRequestTimeout = 1000 + DBCChannelOpenTimeOut = 1000 + DDCMaxConnectionsToServer = 3 + DDCRequestTimeout = 1000 + DDCChannelOpenTimeOut = 1000 + DSCMaxConnectionsToServer = 5 + DSCRequestTimeout = 1000 + DSCChannelOpenTimeOut = 1000 + DTCMaxConnectionsToServer = 3 + DTCRequestTimeout = 1000 + DTCChannelOpenTimeOut = 1500 + DSTACMaxConnectionsToServer = 3 + DSTACRequestTimeout = 1000 + DSTACChannelOpenTimeOut = 1000 + } + + It "Should return IsSingleInstance equals Yes" { + (Get-TargetResource @testParams).IsSingleInstance | Should Be "Yes" + } + + It "Should properly set the settings" { + Set-TargetResource @testParams + } + + It "Should return false from Test-TargetResource" { + (Test-TargetResource @testParams) | Should Be $false + } + } + Context -Name "Some Distributed Cache Client Settings are Not Properly Configured" -Fixture { + Mock -CommandName Get-SPDistributedCacheClientSetting -MockWith { + return @{ + MaxConnectionsToServer = 1 + RequestTimeout = 3000 + ChannelOpenTimeOut = 3000 + } } + $testParams = @{ + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = 1 + DLTCRequestTimeout = 3000 + DLTCChannelOpenTimeOut = 3000 + DVSCMaxConnectionsToServer = 1 + DVSCRequestTimeout = 3000 + DVSCChannelOpenTimeOut = 3000 + DACMaxConnectionsToServer = 1 + DACRequestTimeout = 3000 + DACChannelOpenTimeOut = 3000 + DAFMaxConnectionsToServer = 1 + DAFRequestTimeout = 3000 + DAFChannelOpenTimeOut = 3000 + DAFCMaxConnectionsToServer = 1 + DAFCRequestTimeout = 3000 + DAFCChannelOpenTimeOut = 3000 + DBCMaxConnectionsToServer = 1 + DBCRequestTimeout = 3000 + DBCChannelOpenTimeOut = 3000 + DDCMaxConnectionsToServer = 1 + DDCRequestTimeout = 3000 + DDCChannelOpenTimeOut = 3000 + DSCMaxConnectionsToServer = 1 + DSCRequestTimeout = 3000 + DSCChannelOpenTimeOut = 3000 + DTCMaxConnectionsToServer = 1 + DTCRequestTimeout = 3000 + DTCChannelOpenTimeOut = 3000 + DSTACMaxConnectionsToServer = 1 + DSTACRequestTimeout = 3000 + DSTACChannelOpenTimeOut = 3000 + } + It "Should successfully test the resource" { + (Test-TargetResource @testParams) | Should Be $true + } + } + } +} + +Invoke-Command -ScriptBlock $Global:SPDscHelper.CleanupScript -NoNewScope diff --git a/Tests/Unit/SharePointDsc/SharePointDsc.SPManagedMetadataServiceAppDefault.Tests.ps1 b/Tests/Unit/SharePointDsc/SharePointDsc.SPManagedMetadataServiceAppDefault.Tests.ps1 index 85de716a2..261f1c4e2 100644 --- a/Tests/Unit/SharePointDsc/SharePointDsc.SPManagedMetadataServiceAppDefault.Tests.ps1 +++ b/Tests/Unit/SharePointDsc/SharePointDsc.SPManagedMetadataServiceAppDefault.Tests.ps1 @@ -18,7 +18,7 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { InModuleScope -ModuleName $Global:SPDscHelper.ModuleName -ScriptBlock { Invoke-Command -ScriptBlock $Global:SPDscHelper.InitializeScript -NoNewScope - $getTypeFullName = "Managed Metadata Service Connection" + $getTypeFullName = "Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy" $managedMetadataServiceApplicationProxy = @{ TypeName = "Managed Metadata Service Connection" diff --git a/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileServiceApp.Tests.ps1 b/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileServiceApp.Tests.ps1 index 44cb1b466..31c9fafdd 100644 --- a/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileServiceApp.Tests.ps1 +++ b/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileServiceApp.Tests.ps1 @@ -2,7 +2,7 @@ [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText", "")] param( [Parameter()] - [string] + [string] $SharePointCmdletModule = (Join-Path -Path $PSScriptRoot ` -ChildPath "..\Stubs\SharePoint\15.0.4805.1000\Microsoft.SharePoint.PowerShell.psm1" ` -Resolve) @@ -23,39 +23,41 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { $getTypeFullName = "Microsoft.Office.Server.Administration.UserProfileApplication" $mockPassword = ConvertTo-SecureString -String "password" -AsPlainText -Force $mockCredential = New-Object -TypeName System.Management.Automation.PSCredential ` - -ArgumentList @("DOMAIN\username", $mockPassword) + -ArgumentList @("$($Env:USERDOMAIN)\$($Env:USERNAME)", $mockPassword) + $mockFarmCredential = New-Object -TypeName System.Management.Automation.PSCredential ` + -ArgumentList @("DOMAIN\sp_farm", $mockPassword) - # Mocks for all contexts - Mock -CommandName Get-SPDSCFarmAccountName -MockWith { - return $mockCredential.Username + # Mocks for all contexts + Mock -CommandName Get-SPDSCFarmAccount -MockWith { + return $mockFarmCredential } - Mock -CommandName New-SPProfileServiceApplication -MockWith { + Mock -CommandName New-SPProfileServiceApplication -MockWith { return (@{ NetBIOSDomainNamesEnabled = $false NoILMUsed = $false } ) - } + } Mock -CommandName New-SPProfileServiceApplicationProxy -MockWith { } - Mock -CommandName Add-SPDSCUserToLocalAdmin -MockWith { } + Mock -CommandName Add-SPDSCUserToLocalAdmin -MockWith { } Mock -CommandName Test-SPDSCUserIsLocalAdmin -MockWith { return $false } Mock -CommandName Remove-SPDSCUserToLocalAdmin -MockWith { } - Mock -CommandName Remove-SPServiceApplication -MockWith { } + Mock -CommandName Remove-SPServiceApplication -MockWith { } # Test contexts - Context -Name "When PSDSCRunAsCredential does not match the Farm Account" -Fixture { + Context -Name "When PSDSCRunAsCredential matches the Farm Account" -Fixture { $testParams = @{ Name = "User Profile Service App" ApplicationPool = "SharePoint Service Applications" Ensure = "Present" - } + } - Mock -CommandName Get-SPDSCFarmAccountName -MockWith { - return "DOMAIN\sp_farm" + Mock -CommandName Get-SPDSCFarmAccount -MockWith { + return $mockCredential } - Mock -CommandName Get-SPServiceApplication -MockWith { - return $null + Mock -CommandName Get-SPServiceApplication -MockWith { + return $null } Mock -CommandName Restart-Service {} @@ -73,34 +75,30 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { } } - Context -Name "When InstallAccount does not match the Farm Account" -Fixture { + Context -Name "When InstallAccount matches the Farm Account" -Fixture { $testParams = @{ Name = "User Profile Service App" ApplicationPool = "SharePoint Service Applications" Ensure = "Present" - InstallAccount = $mockCredential - } - - Mock -CommandName Get-SPDSCFarmAccountName -MockWith { - return "DOMAIN\sp_farm" + InstallAccount = $mockFarmCredential } - Mock -CommandName Get-SPServiceApplication -MockWith { - return $null + Mock -CommandName Get-SPServiceApplication -MockWith { + return $null } Mock -CommandName Restart-Service {} It "Should throw exception in the Get method" { - { Get-TargetResource @testParams } | Should throw "Specified InstallAccount " + { Get-TargetResource @testParams } | Should throw "Specified InstallAccount " } It "Should throw exception in the Test method" { - { Test-TargetResource @testParams } | Should throw "Specified InstallAccount " + { Test-TargetResource @testParams } | Should throw "Specified InstallAccount " } It "Should throw exception in the set method" { - { Set-TargetResource @testParams } | Should throw "Specified InstallAccount " + { Set-TargetResource @testParams } | Should throw "Specified InstallAccount " } } @@ -109,17 +107,16 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Name = "User Profile Service App" ApplicationPool = "SharePoint Service Applications" Ensure = "Present" - InstallAccount = $mockCredential - } + } - Mock -CommandName Get-SPServiceApplication -MockWith { - return $null + Mock -CommandName Get-SPServiceApplication -MockWith { + return $null } Mock -CommandName Restart-Service {} It "Should return absent from the Get method" { - (Get-TargetResource @testParams).Ensure | Should Be "Absent" + (Get-TargetResource @testParams).Ensure | Should Be "Absent" } It "Should return false when the Test method is called" { @@ -137,25 +134,24 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Name = "User Profile Service App" ApplicationPool = "SharePoint Service Applications" Ensure = "Present" - InstallAccount = $mockCredential - } + } - Mock -CommandName Get-SPServiceApplication -MockWith { - $spServiceApp = [PSCustomObject]@{ - DisplayName = $testParams.Name - } + Mock -CommandName Get-SPServiceApplication -MockWith { + $spServiceApp = [PSCustomObject]@{ + DisplayName = $testParams.Name + } $spServiceApp | Add-Member -MemberType ScriptMethod ` -Name GetType ` - -Value { - return @{ - FullName = "Microsoft.Office.UnKnownWebServiceApplication" - } - } -PassThru -Force - return $spServiceApp + -Value { + return @{ + FullName = "Microsoft.Office.UnKnownWebServiceApplication" + } + } -PassThru -Force + return $spServiceApp } It "Should return absent from the Get method" { - (Get-TargetResource @testParams).Ensure | Should Be "Absent" + (Get-TargetResource @testParams).Ensure | Should Be "Absent" } It "Should return false when the Test method is called" { @@ -169,13 +165,12 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { ApplicationPool = "SharePoint Service Applications" EnableNetBIOS = $true Ensure = "Present" - InstallAccount = $mockCredential } - + Mock -CommandName Restart-Service -MockWith {} - Mock -CommandName Get-SPServiceApplication -MockWith { + Mock -CommandName Get-SPServiceApplication -MockWith { return @( - New-Object -TypeName "Object" | + New-Object -TypeName "Object" | Add-Member -MemberType NoteProperty ` -Name TypeName ` -Value "User Profile Service Application" ` @@ -183,7 +178,7 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Add-Member -MemberType NoteProperty ` -Name DisplayName ` -Value $testParams.Name ` - -PassThru | + -PassThru | Add-Member -MemberType NoteProperty ` -Name "NetBIOSDomainNamesEnabled" ` -Value $false ` @@ -195,9 +190,9 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { } -PassThru | Add-Member -MemberType NoteProperty ` -Name ApplicationPool ` - -Value @{ - Name = $testParams.ApplicationPool - } -PassThru | + -Value @{ + Name = $testParams.ApplicationPool + } -PassThru | Add-Member -MemberType ScriptMethod ` -Name GetType ` -Value { @@ -205,7 +200,7 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Add-Member -MemberType NoteProperty ` -Name FullName ` -Value $getTypeFullName ` - -PassThru | + -PassThru | Add-Member -MemberType ScriptMethod ` -Name GetProperties ` -Value { @@ -256,18 +251,18 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { ) ) } -PassThru - } -PassThru -Force + } -PassThru -Force ) } - + It "Should return false from the Get method" { - (Get-TargetResource @testParams).EnableNetBIOS | Should Be $false + (Get-TargetResource @testParams).EnableNetBIOS | Should Be $false } It "Should call Update method on Service Application before finishing set method" { - $Global:SPDscUPSAUpdateCalled = $false + $Global:SPDscUPSAUpdateCalled = $false Set-TargetResource @testParams - $Global:SPDscUPSAUpdateCalled | Should Be $true + $Global:SPDscUPSAUpdateCalled | Should Be $true } It "Should return false when the Test method is called" { @@ -286,13 +281,12 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { ApplicationPool = "SharePoint Service Applications" NoILMUsed = $true Ensure = "Present" - InstallAccount = $mockCredential } - + Mock -CommandName Restart-Service -MockWith {} - Mock -CommandName Get-SPServiceApplication -MockWith { + Mock -CommandName Get-SPServiceApplication -MockWith { return @( - New-Object -TypeName "Object" | + New-Object -TypeName "Object" | Add-Member -MemberType NoteProperty ` -Name TypeName ` -Value "User Profile Service Application" ` @@ -300,7 +294,7 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Add-Member -MemberType NoteProperty ` -Name DisplayName ` -Value $testParams.Name ` - -PassThru | + -PassThru | Add-Member -MemberType NoteProperty ` -Name "NoILMUsed" ` -Value $false ` @@ -312,9 +306,9 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { } -PassThru | Add-Member -MemberType NoteProperty ` -Name ApplicationPool ` - -Value @{ - Name = $testParams.ApplicationPool - } -PassThru | + -Value @{ + Name = $testParams.ApplicationPool + } -PassThru | Add-Member -MemberType ScriptMethod ` -Name GetType ` -Value { @@ -322,7 +316,7 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Add-Member -MemberType NoteProperty ` -Name FullName ` -Value $getTypeFullName ` - -PassThru | + -PassThru | Add-Member -MemberType ScriptMethod ` -Name GetProperties ` -Value { @@ -373,18 +367,18 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { ) ) } -PassThru - } -PassThru -Force + } -PassThru -Force ) } - + It "Should return false from the Get method" { - (Get-TargetResource @testParams).NoILMUsed | Should Be $false + (Get-TargetResource @testParams).NoILMUsed | Should Be $false } It "Should call Update method on Service Application before finishing set method" { - $Global:SPDscUPSAUpdateCalled = $false + $Global:SPDscUPSAUpdateCalled = $false Set-TargetResource @testParams - $Global:SPDscUPSAUpdateCalled | Should Be $true + $Global:SPDscUPSAUpdateCalled | Should Be $true } It "Should return false when the Test method is called" { @@ -402,12 +396,11 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Name = "User Profile Service App" ApplicationPool = "SharePoint Service Applications" Ensure = "Present" - InstallAccount = $mockCredential - } + } - Mock -CommandName Get-SPServiceApplication -MockWith { + Mock -CommandName Get-SPServiceApplication -MockWith { return @( - New-Object -TypeName "Object" | + New-Object -TypeName "Object" | Add-Member -MemberType NoteProperty ` -Name TypeName ` -Value "User Profile Service Application" ` @@ -415,7 +408,7 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Add-Member -MemberType NoteProperty ` -Name DisplayName ` -Value $testParams.Name ` - -PassThru | + -PassThru | Add-Member -MemberType NoteProperty ` -Name "NetBIOSDomainNamesEnabled" ` -Value $false ` @@ -427,9 +420,9 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { } -PassThru | Add-Member -MemberType NoteProperty ` -Name ApplicationPool ` - -Value @{ - Name = $testParams.ApplicationPool - } -PassThru | + -Value @{ + Name = $testParams.ApplicationPool + } -PassThru | Add-Member -MemberType ScriptMethod ` -Name GetType ` -Value { @@ -488,30 +481,29 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { ) ) } -PassThru - } -PassThru -Force + } -PassThru -Force ) } It "Should return present from the get method" { - (Get-TargetResource @testParams).Ensure | Should Be "Present" + (Get-TargetResource @testParams).Ensure | Should Be "Present" } It "Should return true when the Test method is called" { Test-TargetResource @testParams | Should Be $true } } - + Context -Name "When the service app exists but it shouldn't" -Fixture { $testParams = @{ Name = "Test App" ApplicationPool = "-" Ensure = "Absent" - InstallAccount = $mockCredential } - Mock -CommandName Get-SPServiceApplication -MockWith { + Mock -CommandName Get-SPServiceApplication -MockWith { return @( - New-Object -TypeName "Object" | + New-Object -TypeName "Object" | Add-Member -MemberType NoteProperty ` -Name TypeName ` -Value "User Profile Service Application" ` @@ -519,7 +511,7 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Add-Member -MemberType NoteProperty ` -Name DisplayName ` -Value $testParams.Name ` - -PassThru | + -PassThru | Add-Member -MemberType NoteProperty ` -Name "NetBIOSDomainNamesEnabled" ` -Value $false ` @@ -531,9 +523,9 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { } -PassThru | Add-Member -MemberType NoteProperty ` -Name ApplicationPool ` - -Value @{ - Name = $testParams.ApplicationPool - } -PassThru | + -Value @{ + Name = $testParams.ApplicationPool + } -PassThru | Add-Member -MemberType ScriptMethod ` -Name GetType ` -Value { @@ -592,40 +584,39 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { ) ) } -PassThru - } -PassThru -Force + } -PassThru -Force ) } - + It "Should return present from the Get method" { - (Get-TargetResource @testParams).Ensure | Should Be "Present" + (Get-TargetResource @testParams).Ensure | Should Be "Present" } - + It "Should return false from the test method" { Test-TargetResource @testParams | Should Be $false } - + It "Should remove the service application in the set method" { Set-TargetResource @testParams Assert-MockCalled Remove-SPServiceApplication } } - + Context -Name "When the service app doesn't exist and shouldn't" -Fixture { $testParams = @{ Name = "Test App" ApplicationPool = "-" Ensure = "Absent" - InstallAccount = $mockCredential } - Mock -CommandName Get-SPServiceApplication -MockWith { - return $null + Mock -CommandName Get-SPServiceApplication -MockWith { + return $null } - + It "Should return absent from the Get method" { - (Get-TargetResource @testParams).Ensure | Should Be "Absent" + (Get-TargetResource @testParams).Ensure | Should Be "Absent" } - + It "Should return false from the test method" { Test-TargetResource @testParams | Should Be $true } diff --git a/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileSyncService.Tests.ps1 b/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileSyncService.Tests.ps1 index 8b76cf554..fd49d4f56 100644 --- a/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileSyncService.Tests.ps1 +++ b/Tests/Unit/SharePointDsc/SharePointDsc.SPUserProfileSyncService.Tests.ps1 @@ -23,11 +23,14 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { $getTypeFullName = "Microsoft.Office.Server.Administration.UserProfileApplication" $mockPassword = ConvertTo-SecureString -String "password" -AsPlainText -Force $mockCredential = New-Object -TypeName System.Management.Automation.PSCredential ` - -ArgumentList @("DOMAIN\username", $mockPassword) + -ArgumentList @("$($Env:USERDOMAIN)\$($Env:USERNAME)", $mockPassword) + $mockFarmCredential = New-Object -TypeName System.Management.Automation.PSCredential ` + -ArgumentList @("DOMAIN\sp_farm", $mockPassword) # Mocks for all contexts - Mock -CommandName Get-SPDSCFarmAccountName -MockWith { - return $mockCredential.Username + Mock -CommandName Clear-SPDscKerberosToken -MockWith { } + Mock -CommandName Get-SPDSCFarmAccount -MockWith { + return $mockFarmCredential } Mock -CommandName Start-SPServiceInstance -MockWith { } Mock -CommandName Stop-SPServiceInstance -MockWith { } @@ -133,8 +136,8 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { Ensure = "Present" } - Mock -CommandName Get-SPDSCFarmAccountName -MockWith { - return "DOMAIN\sp_farm" + Mock -CommandName Get-SPDSCFarmAccount -MockWith { + return $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -142,28 +145,24 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { } It "Should throw exception in the get method" { - { Get-TargetResource @testParams } | Should throw "Specified PSDSCRunAsCredential isn't the Farm Account." + { Get-TargetResource @testParams } | Should throw "Specified PSDSCRunAsCredential " } It "Should throw exception in the test method" { - { Test-TargetResource @testParams } | Should throw "Specified PSDSCRunAsCredential isn't the Farm Account." + { Test-TargetResource @testParams } | Should throw "Specified PSDSCRunAsCredential " } It "Should throw exception in the set method" { - { Set-TargetResource @testParams } | Should throw "Specified PSDSCRunAsCredential isn't the Farm Account." + { Set-TargetResource @testParams } | Should throw "Specified PSDSCRunAsCredential " } } - Context -Name "When InstallAccount is not the Farm Account" -Fixture { + Context -Name "When InstallAccount is the Farm Account" -Fixture { $testParams = @{ UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential Ensure = "Present" - InstallAccount = $mockCredential - } - - Mock -CommandName Get-SPDSCFarmAccountName -MockWith { - return "DOMAIN\sp_farm" + InstallAccount = $mockFarmCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -171,15 +170,15 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { } It "Should throw exception in the get method" { - { Get-TargetResource @testParams } | Should throw "Specified InstallAccount isn't the Farm Account." + { Get-TargetResource @testParams } | Should throw "Specified InstallAccount " } It "Should throw exception in the test method" { - { Test-TargetResource @testParams } | Should throw "Specified InstallAccount isn't the Farm Account." + { Test-TargetResource @testParams } | Should throw "Specified InstallAccount " } It "Should throw exception in the set method" { - { Set-TargetResource @testParams } | Should throw "Specified InstallAccount isn't the Farm Account." + { Set-TargetResource @testParams } | Should throw "Specified InstallAccount " } } @@ -188,7 +187,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential Ensure = "Present" - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -206,7 +204,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential Ensure = "Present" - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -293,7 +290,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential Ensure = "Present" - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -323,7 +319,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential Ensure = "Absent" - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -371,7 +366,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential Ensure = "Absent" - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -402,7 +396,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { FarmAccount = $mockCredential Ensure = "Present" RunOnlyWhenWriteable = $true - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -442,7 +435,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { FarmAccount = $mockCredential Ensure = "Present" RunOnlyWhenWriteable = $true - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -488,7 +480,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { FarmAccount = $mockCredential Ensure = "Present" RunOnlyWhenWriteable = $true - InstallAccount = $mockCredential } Mock -CommandName Get-SPServiceInstance -MockWith { @@ -509,16 +500,16 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { { Set-TargetResource @testParams } | Should throw } } + Context -Name "Can't get the Farm Account" -Fixture{ $testParams = @{ UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential Ensure = "Present" RunOnlyWhenWriteable = $true - InstallAccount = $mockCredential } - Mock -CommandName Get-SPDSCFarmAccountName -MockWith{ + Mock -CommandName Get-SPDSCFarmAccount -MockWith{ return $null } @@ -536,7 +527,6 @@ Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { $testParams = @{ UserProfileServiceAppName = "User Profile Service Service App" FarmAccount = $mockCredential - InstallAccount = $mockCredential } It "Should throw on the get method" { diff --git a/appveyor.yml b/appveyor.yml index 5a37fd3b4..49d59a557 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -1,4 +1,4 @@ -version: 2.1.0.{build} +version: 2.2.0.{build} image: WMF 5 install: