diff --git a/CHANGELOG.md b/CHANGELOG.md index c69bff38c..4beb310ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -139,7 +139,7 @@ * Changes to SharePointDsc unit testing * Implemented Strict Mode version 1 for all code run during unit tests. - * Changed InstallAccount into PSDscRunAsCredential parameter + * Changed InstallAccount into PSDscRunAsCredential parameter in examples * SPAuthenticationRealm * New resource for setting farm authentication realm * SPConfigWizard diff --git a/Modules/SharePointDsc/en-US/about_SPAccessServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPAccessServiceApp.help.txt new file mode 100644 index 000000000..daedfdc63 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAccessServiceApp.help.txt @@ -0,0 +1,92 @@ +.NAME + SPAccessServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating Access Services Application instances + within the local SharePoint farm. The resource will provision and configure the + Access Services Service Application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the service application + +.PARAMETER ApplicationPool + Required - string + The name of the application pool to run the service app in + +.PARAMETER DatabaseServer + Required - string + The name of the database server to host Access Services databases + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy Access Services 2013 to the local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAccessServiceApp AccessServices + { + Name = "Access Services Service Application" + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + + This example shows how to remove a specific Access Services 2013 from the local + SharePoint farm. Because Application pool and database server are both required + parameters, but are not acutally needed to remove the app, any text value can + be supplied for these as they will be ignored. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAccessServiceApp AccessServices + { + Name = "Access Services Service Application" + ApplicationPool = "n/a" + DatabaseServer = "n/a" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPAccessServices2010.help.txt b/Modules/SharePointDsc/en-US/about_SPAccessServices2010.help.txt new file mode 100644 index 000000000..7306ce274 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAccessServices2010.help.txt @@ -0,0 +1,33 @@ +.NAME + SPAccessServices2010 + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating Access Services 2010 Application + instances within the local SharePoint farm. The resource will provision and + configure the Access Services 2010 Service Application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - String + The name of the service application + +.PARAMETER ApplicationPool + Required - String + The name of the application pool to run the service app in + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run thsi resource as, use PsDscRunAsCredential if using PowerShell 5 + + diff --git a/Modules/SharePointDsc/en-US/about_SPAlternateUrl.help.txt b/Modules/SharePointDsc/en-US/about_SPAlternateUrl.help.txt new file mode 100644 index 000000000..b61e08714 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAlternateUrl.help.txt @@ -0,0 +1,118 @@ +.NAME + SPAlternateUrl + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to define an alternate access mapping URL for a specified + web application. These can be assigned to specific zones for each web + application. Alternatively a URL can be removed from a zone to ensure that it + will remain empty and have no alternate URL. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the setting is configured. + + ## Central Administration + + To select the Central Administration site, use the following command to retrieve + the correct web application name: + (Get-SPWebApplication -IncludeCentralAdministration | Where-Object { + $_.IsAdministrationWebApplication + }).DisplayName + + To update the existing Default Zone AAM for Central Administration (e.g. to + implement HTTPS), use the above command to retrieve the web application name + (by default, it will be "SharePoint Central Administration v4") and specify + "Default" as the Zone. If you wish to add AAM's instead, you may use the other + zones to do so. + + Using SPAlternateUrl to update the Default Zone AAM for Central Administration + will update the AAM in SharePoint as well as the CentralAdministrationUrl value + in the registry. It will not, however, update bindings in IIS. It is recommended + to use the xWebsite resource from the xWebAdministration module to configure the + appropriate bindings in IIS. + +.PARAMETER WebAppName + Key - String + The name of the web application to apply the alternate URL to + +.PARAMETER Zone + Key - String + Allowed values: Default, Intranet, Extranet, Custom, Internet + The Zone to use for the alternate URL + +.PARAMETER Url + Key - String + The new alternate URL + +.PARAMETER Internal + Write - Boolean + Specifies if the URL has to be configured as internal + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures the URL is set for this zone on this web app, Absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to add a new alternate URL to a specific web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAlternateUrl CentralAdminAAM + { + WebAppName = "SharePoint - www.domain.com80" + Zone = "Intranet" + Url = "https://admin.sharepoint.contoso.com" + Internal = $false + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to remove an alternate URL from a specified zone for a specific + web application. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAlternateUrl CentralAdminAAM + { + WebAppName = "SharePoint - www.domain.com80" + Zone = "Intranet" + Url = "http://www.externaldomain.com" + Internal = $false + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPAntivirusSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPAntivirusSettings.help.txt new file mode 100644 index 000000000..1a51b0d64 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAntivirusSettings.help.txt @@ -0,0 +1,74 @@ +.NAME + SPAntivirusSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to set the global antivirus settings for the local farm. + These settings will be used to control the behavior of an external anti-virus + scanning tool that is able to integrate with SharePoint. Note that this will + not scan documents for viruses on it's own, an external tool still needs to be + installed on the servers that integrates with SharePoint. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER ScanOnDownload + Write - Boolean + Should documents be scanned before being downloaded + +.PARAMETER ScanOnUpload + Write - Boolean + Should documents be scanned on upload + +.PARAMETER AllowDownloadInfected + Write - Boolean + Should documents that are infected be allowed to be downloaded + +.PARAMETER AttemptToClean + Write - Boolean + Should infected documents be handed to the AV engine to attempt cleaning + +.PARAMETER TimeoutDuration + Write - Uint16 + What is the timeout for an AV scan in seconds + +.PARAMETER NumberOfThreads + Write - Uint16 + How many concurrent threads should the AV engine be able to run on a server + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply specific anti-virus configuration to the farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAntivirusSettings AVSettings + { + IsSingleInstance = "Yes" + ScanOnDownload = $true + ScanOnUpload = $true + AllowDownloadInfected = $false + AttemptToClean = $false + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPAppCatalog.help.txt b/Modules/SharePointDsc/en-US/about_SPAppCatalog.help.txt new file mode 100644 index 000000000..de083e063 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAppCatalog.help.txt @@ -0,0 +1,48 @@ +.NAME + SPAppCatalog + +# Description + + **Type:** Distributed + **Requires CredSSP:** Yes + + This resource will ensure that a specific site collection is marked as the app + catalog for the web application that the site is in. The catalog site needs to + have been created using the correct template (APPCATALOG#0). + + This resource should NOT be run using the farm account. The resource will + retrieve the farm credentials from SharePoint and use that to update the + AppCatalog. This does mean it requires CredSSP to be setup! + +.PARAMETER SiteUrl + Key - string + The URL of the site collection that will be the app catalog for the web app that it is in + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure the AppCatalog in the farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAppCatalog MainAppCatalog + { + SiteUrl = "https://content.sharepoint.contoso.com/sites/AppCatalog" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPAppDomain.help.txt b/Modules/SharePointDsc/en-US/about_SPAppDomain.help.txt new file mode 100644 index 000000000..6acffc7e5 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAppDomain.help.txt @@ -0,0 +1,48 @@ +.NAME + SPAppDomain + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will set the value for the app domain settings at the farm level. + You can set the domain name and the prefix that is to be used for app URLs. + +.PARAMETER AppDomain + Key - string + The domain name for apps to use in this farm + +.PARAMETER Prefix + Required - string + The prefix to go on to app URLs + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply app URLs to the current farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAppDomain LocalFarmAppUrls + { + AppDomain = "contosointranetapps.com" + Prefix = "app" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPAppManagementServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPAppManagementServiceApp.help.txt new file mode 100644 index 000000000..6e88b4c7e --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAppManagementServiceApp.help.txt @@ -0,0 +1,104 @@ +.NAME + SPAppManagementServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to provision and manage an instance of the App Management + Services Service Application. It will identify an instance of the app + management service application through the application display name. Currently + the resource will provision the app if it does not yet exist, and will change + the application pool associated to the app if it does not match the + configuration. Database names or server name will not be changed if the + configuration does not match, these parameters are only used for the initial + provisioning of the service application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the app management service application + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER ApplicationPool + Required - String + The app pool that should be used to run the service app + +.PARAMETER DatabaseName + Write - string + The name of the database for the service application + +.PARAMETER DatabaseServer + Write - String + The name of the server for the database + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a new app management service application in the + local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAppManagementServiceApp AppManagementServiceApp + { + Name = "App Management Service Application" + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL01.contoso.com" + DatabaseName = "SP_AppManagement" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to remove a specific app management service application in the + local SharePoint farm. The application pool property is still mandatory but it is not + used so therefore the value is not important. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAppManagementServiceApp AppManagementServiceApp + { + Name = "App Management Service Application" + ApplicationPool = "n/a" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPAppStoreSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPAppStoreSettings.help.txt new file mode 100644 index 000000000..07ae80b41 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAppStoreSettings.help.txt @@ -0,0 +1,102 @@ +.NAME + SPAppStoreSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will configure the ability to purchase apps for both SharePoint + and Office apps. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER AllowAppPurchases + Write - Boolean + Specifies if App Purchases from the SharePoint Store are allowed + +.PARAMETER AllowAppsForOffice + Write - Boolean + Specifies if App Purchases for Office applications are allowed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure the AppCatalog in the farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAppStoreSettings EnableSharePointAppStore + { + WebAppUrl = "https://sharepoint.contoso.com" + AllowAppPurchases = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to configure the AppCatalog in the farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAppStoreSettings EnableAppStores + { + WebAppUrl = "https://sharepoint.contoso.com" + AllowAppPurchases = $true + AllowAppsForOffice = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to configure the AppCatalog in the farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAppStoreSettings DisableAppStores + { + WebAppUrl = "https://sharepoint.contoso.com" + AllowAppPurchases = $false + AllowAppsForOffice = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPAuthenticationRealm.help.txt b/Modules/SharePointDsc/en-US/about_SPAuthenticationRealm.help.txt new file mode 100644 index 000000000..4098b0467 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPAuthenticationRealm.help.txt @@ -0,0 +1,56 @@ +.NAME + SPAuthenticationRealm + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to set the authentication realm for a farm. + By default the authentication realm for a new farm installation + is the same as the farm id. + + Note: + + SharePoint automatically converts the realm to lower case ASCII printable characters. + The specified authentication realm must therefore conform to this for the test + method to be able to detect a correct configuration. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER AuthenticationRealm + Required - String + The authentication realm to be set + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example sets the farm atuhentication realm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPAuthenticationRealm AuthenticationRealm + { + IsSingleInstance = "Yes" + AuthenticationRealm = "14757a87-4d74-4323-83b9-fb1e77e8f22f" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPBCSServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPBCSServiceApp.help.txt new file mode 100644 index 000000000..15c05165d --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPBCSServiceApp.help.txt @@ -0,0 +1,104 @@ +.NAME + SPBCSServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to provision and manage an instance of the Business + Connectivity Services Service Application. It will identify an instance + of the BCS app through the application display name. Currently the resource + will provision the app if it does not yet exist, and will change the service + account associated to the app if it does not match the configuration. Database + names or server name will not be changed if the configuration does not match, + these parameters are only used for the initial provisioning of the service + application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the BCS service app + +.PARAMETER ProxyName + Write - string + The name of the BCS service application proxy + +.PARAMETER ApplicationPool + Required - String + The application pool it should run in + +.PARAMETER DatabaseName + Write - string + Name of the database to create for the service app + +.PARAMETER DatabaseServer + Write - String + Name of the database server to host the database on + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy a Business Connectivity Services application to the + local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPBCSServiceApp BCSServiceApp + { + Name = "BCS Service Application" + ApplicationPool = "SharePoint Service Applications" + DatabaseName = "SP_BCS" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to deploy a Business Connectivity Services application to the + local SharePoint farm. The application pool account is mandatory but the value is + ignored when removing a service app, so the value entered here does not matter. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPBCSServiceApp BCSServiceApp + { + Name = "BCS Service Application" + ApplicationPool = "n/a" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPBlobCacheSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPBlobCacheSettings.help.txt new file mode 100644 index 000000000..60c7bfe86 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPBlobCacheSettings.help.txt @@ -0,0 +1,89 @@ +.NAME + SPBlobCacheSettings + +# Description + + **Type:** Specific + **Requires CredSSP:** No + + This resource is used to configure the Blob Cache settings for a web + application. + + Important: + This resource only configures the local server. It changes the web.config + file directly and is NOT using the SPWebConfigModifications class. In order + to configure all WFE servers in the farm, you have to apply this resource + to all servers. + + NOTE: + In order to prevent inconsistancy between different web front end servers, + make sure you configure this setting on all servers equally. + If the specified folder does not exist, the resource will create the folder. + + Best practice: + Specify a directory that is not on the same drive as where either the server + operating system swap files or server log files are stored. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER Zone + Key - string + Allowed values: Default, Intranet, Internet, Custom, Extranet + The zone of the web application for which blob cache has to be configured + +.PARAMETER EnableCache + Required - Boolean + Specify if the blob cache has to be enabled + +.PARAMETER Location + Write - string + The location where the blob cache has to store its files + +.PARAMETER MaxSizeInGB + Write - Uint16 + The maximum size (in GB) of disk space the blob cache is allowed to use + +.PARAMETER MaxAgeInSeconds + Write - Uint32 + The maximum age (in seconds) that a browser caches a blob + +.PARAMETER FileTypes + Write - string + Specify the file types that must be stored by the blob cache + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure the blob cache settings on the local server for the + specified web application and zone + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPBlobCacheSettings BlobCacheSettings + { + WebAppUrl = "http://intranet.contoso.com" + Zone = "Default" + EnableCache = $true + Location = "F:\BlobCache" + MaxSizeInGB = 10 + FileTypes = "\.(gif|jpg|png|css|js)$" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPCacheAccounts.help.txt b/Modules/SharePointDsc/en-US/about_SPCacheAccounts.help.txt new file mode 100644 index 000000000..13d3df0a2 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPCacheAccounts.help.txt @@ -0,0 +1,87 @@ +.NAME + SPCacheAccounts + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to set the "super user" and "super reader" cache accounts + for the specified web application object (as described in the TechNet article + [Configure object cache user accounts in SharePoint Server 2013](https://technet.microsoft.com/en-us/library/ff758656.aspx)). + +.PARAMETER WebAppUrl + Key - string + The URL of the web application to set the accounts for + +.PARAMETER SuperUserAlias + Required - string + The account name for the super user + +.PARAMETER SuperReaderAlias + Required - string + The account name for the super reader + +.PARAMETER SetWebAppPolicy + Write - boolean + Should the web app policy be set for these accounts? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example sets the super use and reader accounts for the specified web app. It will + also set the appropriate web app policies by default for these accounts. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPCacheAccounts SetCacheAccounts + { + WebAppUrl = "http://sharepoint.contoso.com" + SuperUserAlias = "DEMO\svcSPSuperUser" + SuperReaderAlias = "DEMO\svcSPReader" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example sets the super use and reader accounts for the specified web app. It will + not set the web app policies for these accounts though, allowing them to be controlled + elsewhere (either manually or with SPWebAppPolicy) + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPCacheAccounts SetCacheAccounts + { + WebAppUrl = "http://sharepoint.contoso.com" + SuperUserAlias = "DEMO\svcSPSuperUser" + SuperReaderAlias = "DEMO\svcSPReader" + SetWebAppPolicy = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPConfigWizard.help.txt b/Modules/SharePointDsc/en-US/about_SPConfigWizard.help.txt new file mode 100644 index 000000000..83197c294 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPConfigWizard.help.txt @@ -0,0 +1,87 @@ +.NAME + SPConfigWizard + +# Description + + **Type:** Utility + **Requires CredSSP:** No + + This resource is used to perform the upgrade step of installing SharePoint + updates, like Cumulative Updates, Service Packs and Language Packs. The + DatabaseUpgradeDays and DatabaseUpgradeTime parameters specify a window in + which the update can be installed. This module has to be used to complete the + update installation step, performed by SPProductUpdate. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to run the Configuration Wizard. Absent is currently not supported + +.PARAMETER DatabaseUpgradeDays + Write - String + Allowed values: mon, tue, wed, thu, fri, sat, sun + Specify on which dates running the Configuration Wizard is allowed + +.PARAMETER DatabaseUpgradeTime + Write - String + Specify in which time frame running the Configuration Wizard is allowed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example runs the Configuration Wizard as soon as it is applied. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPConfigWizard RunConfigWizard + { + IsSingleInstance = "Yes" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example only runs the Configuration Wizard in the specified window: + - Saturday and Sunday night between 3am and 5am. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPConfigWizard RunConfigWizard + { + IsSingleInstance = "Yes" + DatabaseUpgradeDays = "sat", "sun" + DatabaseUpgradeTime = "3:00am to 5:00am" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPContentDatabase.help.txt b/Modules/SharePointDsc/en-US/about_SPContentDatabase.help.txt new file mode 100644 index 000000000..820a6cdd1 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPContentDatabase.help.txt @@ -0,0 +1,109 @@ +.NAME + SPContentDatabase + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to add and remove Content Databases to web applications + and configure these databases. + + NOTE: + The resource cannot be used to move the database to a different SQL instance. + It will throw an error when it detects that the specified SQL instance is a + different instance that is currently in use. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the content database is provisioned. + +.PARAMETER Name + Key - String + Specifies the name of the content database + +.PARAMETER DatabaseServer + Write - string + The name of the database server to host the content DB + +.PARAMETER WebAppUrl + Required - string + The URL of the web application + +.PARAMETER Enabled + Write - Boolean + Should the database be enabled + +.PARAMETER WarningSiteCount + Write - Uint16 + Specify the site collection warning limit for the content database + +.PARAMETER MaximumSiteCount + Write - Uint16 + Specify the site collection maximum limit for the content database + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to create this database, absent to ensure it does not exist + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new content database for the specified web application. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPContentDatabase ContentDB + { + Name = "SharePoint_Content_01" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + WebAppUrl = "http://sharepoint.contoso.com" + Enabled = $true + WarningSiteCount = 2000 + MaximumSiteCount = 5000 + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example dismounts a content database from the specified web application. This + will not remove the database from SQL server however, only taking it out of the + web applications configuration. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPContentDatabase ContentDB + { + Name = "SharePoint_Content_01" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + WebAppUrl = "http://sharepoint.contoso.com" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPDatabaseAAG.help.txt b/Modules/SharePointDsc/en-US/about_SPDatabaseAAG.help.txt new file mode 100644 index 000000000..d722e76bd --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPDatabaseAAG.help.txt @@ -0,0 +1,129 @@ +.NAME + SPDatabaseAAG + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will allow specifying which SQL Server AlwaysOn Availability + group a resource should be in. This resource does not configure the + Availability Groups on SQL Server, they must already exist. It simply adds + the specified database to the group. + + You can add a single database name by specifying the database name, or + multiple databases by specifying wildcards. For example: + SP_Content* or *Content* + + Important: + This resource requires the April 2014 CU to be installed. The required + cmdlets have been added in this CU: http://support.microsoft.com/kb/2880551 + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the content database is added to the AAG. + + Note: + By design the Add-DatabaseToAvailabilityGroup cmdlet updates the database + connection string to the specified availability group. If this is NOT what + you want (for example: You are using SQL aliasses which point to the AG + listener), you should NOT use this resource. + +.PARAMETER DatabaseName + Key - string + The name of the database to put in the AlwaysOn group + +.PARAMETER AGName + Required - string + Name of the AlwaysOn group on the SQL server - this must already exist + +.PARAMETER FileShare + Write - string + The fileshare to use for the SQL backup when adding to the group + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the database should be in this AlwaysOn group, or Absent if it should not be in the group + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example takes an existing SharePoint database and puts it in to the specified + AlwaysOn Availability Group (AAG). + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDatabaseAAG ConfigDBAAG + { + DatabaseName = "SP_Config" + AGName = "MyAvailabilityGroup" + FileShare = "\\SQL\Backups" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example takes existing SharePoint databases, based on the database name pattern, and puts + them in to the specified AlwaysOn Availability Group (AAG). + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDatabaseAAG ConfigDBAAG + { + DatabaseName = "*Content*" + AGName = "MyAvailabilityGroup" + FileShare = "\\SQL\Backups" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes a database from the specified AlwaysOn Availability Group (AAG) + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDatabaseAAG ConfigDBAAG + { + DatabaseName = "SP_Config" + AGName = "MyAvailabilityGroup" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPDesignerSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPDesignerSettings.help.txt new file mode 100644 index 000000000..76b780aa1 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPDesignerSettings.help.txt @@ -0,0 +1,99 @@ +.NAME + SPDesignerSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to set the SharePoint Designer settings for the local + farm or site collections. These settings will be used to control if users are + allowed to make changes using SharePoint Designer. Note that this will not + prevent users from installing SharePoint Designer, just from using SharePoint + Designer to connect to the farm. + + Settings can be applied against an entire web application, or a specific site + collection. Use the "SettingsScope" property to set it to either + "WebApplication" or "SiteCollection" to define which you are targetting. + + Known issue: + When using PowerShell v4 or PowerShell v5 with the InstallAccount switch + (instead of PsDscRunAsCredential), you cannot use the SettingsScope + "SiteCollection". Due to an issue with Remote PowerShell and SharePoint, + changing the Site Collection settings results in an Access Denied error. + Consider implementing PowerShell v5 and switching to the PsDscRunAsCredential + +.PARAMETER WebAppUrl + Key - string + The URL of the web application or site collection to configure + +.PARAMETER SettingsScope + Required - string + Allowed values: WebApplication, SiteCollection + Define the scope of the configuration - either WebApplication or SiteCollection + +.PARAMETER AllowSharePointDesigner + Write - Boolean + Allow the use of SharePoint Designer + +.PARAMETER AllowDetachPagesFromDefinition + Write - Boolean + Allow pages to be un-ghosted by SharePoint Designer + +.PARAMETER AllowCustomiseMasterPage + Write - Boolean + Allow masterpages to be changed by SharePoint Designer + +.PARAMETER AllowManageSiteURLStructure + Write - Boolean + Allow site URL structure to be changed by SharePoint Designer + +.PARAMETER AllowCreateDeclarativeWorkflow + Write - Boolean + Allow users to create declarative workflows with SharePoint Designer + +.PARAMETER AllowSavePublishDeclarativeWorkflow + Write - Boolean + Allow users to save and re-publish declarative workflows with SharePoint Designer + +.PARAMETER AllowSaveDeclarativeWorkflowAsTemplate + Write - Boolean + Allow users to save declarative workflows as a template from SharePoint Designer + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example applies settings to disable SharePoint Designer access to the + specified web application. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDesignerSettings MainWebAppSPDSettings + { + WebAppUrl = "https://intranet.sharepoint.contoso.com" + SettingsScope = "WebApplication" + AllowSharePointDesigner = $false + AllowDetachPagesFromDefinition = $false + AllowCustomiseMasterPage = $false + AllowManageSiteURLStructure = $false + AllowCreateDeclarativeWorkflow = $false + AllowSavePublishDeclarativeWorkflow = $false + AllowSaveDeclarativeWorkflowAsTemplate = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPDiagnosticLoggingSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPDiagnosticLoggingSettings.help.txt new file mode 100644 index 000000000..08fb18203 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPDiagnosticLoggingSettings.help.txt @@ -0,0 +1,138 @@ +.NAME + SPDiagnosticLoggingSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuring settings to do with the diagnostic + (ULS) logging on servers in the farm. These settings are applied to the + diagnostic logging service for the farm and do not need to be applied to each + server individually, the settings will be propagated throughout the farm when + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER LogPath + Required - string + The physical path on each server to store ULS logs + +.PARAMETER LogSpaceInGB + Required - uint32 + The space in GB that should be used to store ULS logs + +.PARAMETER AppAnalyticsAutomaticUploadEnabled + Write - boolean + Should app analytics automatically be uploaded + +.PARAMETER CustomerExperienceImprovementProgramEnabled + Write - boolean + Should the customer experience program be enabled in this farm + +.PARAMETER DaysToKeepLogs + Write - uint32 + How many days should ULS logs be kept for + +.PARAMETER DownloadErrorReportingUpdatesEnabled + Write - boolean + Should updates to error reporting tools be automatically downloaded + +.PARAMETER ErrorReportingAutomaticUploadEnabled + Write - boolean + Should error reports be automatically uploaded + +.PARAMETER ErrorReportingEnabled + Write - boolean + Should reporting of errors be enabled + +.PARAMETER EventLogFloodProtectionEnabled + Write - boolean + Protect event logs with Event Log Flood Protection + +.PARAMETER EventLogFloodProtectionNotifyInterval + Write - uint32 + What interval should the event logs report a flood event + +.PARAMETER EventLogFloodProtectionQuietPeriod + Write - uint32 + What quiet period should reset the event log flood protection thresholds + +.PARAMETER EventLogFloodProtectionThreshold + Write - uint32 + What is the event log flood protection threshold + +.PARAMETER EventLogFloodProtectionTriggerPeriod + Write - uint32 + What is the time period that will trigger event log flood protection + +.PARAMETER LogCutInterval + Write - uint32 + How many minutes of activity will a ULS log file leep in an individual file + +.PARAMETER LogMaxDiskSpaceUsageEnabled + Write - boolean + Will the maximum disk space setting be enabled + +.PARAMETER ScriptErrorReportingDelay + Write - uint32 + What delay will be set before script error reporting is triggered + +.PARAMETER ScriptErrorReportingEnabled + Write - boolean + Is script error reporting enabled in this farm + +.PARAMETER ScriptErrorReportingRequireAuth + Write - boolean + Require users to be authenticated to allow script errors to be reported + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example applies the specified diagnostic logging settings to the local + SharPoint farm. Any setting not defined will be left as it default, or to + whatever value has been manually configured outside of DSC. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDiagnosticLoggingSettings ApplyDiagnosticLogSettings + { + IsSingleInstance = "Yes" + LogPath = "L:\ULSLogs" + LogSpaceInGB = 10 + AppAnalyticsAutomaticUploadEnabled = $false + CustomerExperienceImprovementProgramEnabled = $true + DaysToKeepLogs = 7 + DownloadErrorReportingUpdatesEnabled = $false + ErrorReportingAutomaticUploadEnabled = $false + ErrorReportingEnabled = $false + EventLogFloodProtectionEnabled = $true + EventLogFloodProtectionNotifyInterval = 5 + EventLogFloodProtectionQuietPeriod = 2 + EventLogFloodProtectionThreshold = 5 + EventLogFloodProtectionTriggerPeriod = 2 + LogCutInterval = 15 + LogMaxDiskSpaceUsageEnabled = $true + ScriptErrorReportingDelay = 30 + ScriptErrorReportingEnabled = $true + ScriptErrorReportingRequireAuth = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPDiagnosticsProvider.help.txt b/Modules/SharePointDsc/en-US/about_SPDiagnosticsProvider.help.txt new file mode 100644 index 000000000..bfc898057 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPDiagnosticsProvider.help.txt @@ -0,0 +1,65 @@ +.NAME + SPDiagnosticsProvider + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuring the Diagnostics Provider within + the local SharePoint farm. Using Ensure equals to Absent is not supported. + This resource can only apply configuration, not ensure they don't exist. + +.PARAMETER Name + Key - string + Name of the Diagnostics Provider to configure + +.PARAMETER Retention + Write - Uint16 + Sets the retention period in days + +.PARAMETER MaxTotalSizeInBytes + Write - Uint64 + Sets the maximum retention size in bytes + +.PARAMETER Enabled + Write - Boolean + True enables the Diagnostics Provider + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to configure the diagnostics provider + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure the retention period for a Diagnostics Provider. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDiagnosticsProvider BlockingQueryProvider + { + Ensure = "Present" + Name = "job-diagnostics-blocking-query-provider" + MaxTotalSizeInBytes = 10000000000000 + Retention = 14 + Enabled = $true + PSDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPDistributedCacheClientSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPDistributedCacheClientSettings.help.txt new file mode 100644 index 000000000..267a33eb0 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPDistributedCacheClientSettings.help.txt @@ -0,0 +1,328 @@ +.NAME + SPDistributedCacheClientSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuring the distributed cache client + settings. It only accepts Ensure='Present' as a key. The resource can + configure the following cache components: DistributedLogonTokenCache, + DistributedViewStateCache, DistributedAccessCache, + DistributedActivityFeedCache, DistributedActivityFeedLMTCache, + DistributedBouncerCache, DistributedDefaultCache, DistributedSearchCache, + DistributedSecurityTrimmingCache, and DistributedServerToAppServerAccessTokenCache. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Unique key for the resource. Set to 'Yes' to apply configuration. + +.PARAMETER DLTCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Logon Token Cache + +.PARAMETER DLTCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Logon Token Cache + +.PARAMETER DLTCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Logon Token Cache + +.PARAMETER DVSCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed View State Cache + +.PARAMETER DVSCRequestTimeout + Write - UInt32 + Request timeout for the Distributed View State Cache + +.PARAMETER DVSCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed View State Cache + +.PARAMETER DACMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Access Cache + +.PARAMETER DACRequestTimeout + Write - UInt32 + Request timeout for the Distributed Access Cache + +.PARAMETER DACChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Access Cache + +.PARAMETER DAFMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Activity Feed Cache + +.PARAMETER DAFRequestTimeout + Write - UInt32 + Request timeout for the Distributed Activity Feed Cache + +.PARAMETER DAFChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Activity Feed Cache + +.PARAMETER DAFCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Activity Feed LMT Cache + +.PARAMETER DAFCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Activity Feed LMT Cache + +.PARAMETER DAFCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Activity Feed LMT Cache + +.PARAMETER DBCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Bouncer Cache + +.PARAMETER DBCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Bouncer Cache + +.PARAMETER DBCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Bouncer Cache + +.PARAMETER DDCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Default Cache + +.PARAMETER DDCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Default Cache + +.PARAMETER DDCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Default Cache + +.PARAMETER DSCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Search Cache + +.PARAMETER DSCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Search Cache + +.PARAMETER DSCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Search Cache + +.PARAMETER DTCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Security Trimming Cache + +.PARAMETER DTCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Security Trimming Cache + +.PARAMETER DTCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Security Trimming Cache + +.PARAMETER DSTACMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Server to Application Server Cache + +.PARAMETER DSTACRequestTimeout + Write - UInt32 + Request timeout for the Distributed Server to Application Server Cache + +.PARAMETER DSTACChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Server to Application Server Cache + +.PARAMETER DFLTCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed File Lock Throttler Cache (SP2016 and above) + +.PARAMETER DFLTCRequestTimeout + Write - UInt32 + Request timeout for the Distributed File Lock Throttler Cache (SP2016 and above) + +.PARAMETER DFLTCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed File Lock Throttler Cache (SP2016 and above) + +.PARAMETER DSWUCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Shared With User Cache (SP2016 and above) + +.PARAMETER DSWUCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Shared With User Cache (SP2016 and above) + +.PARAMETER DSWUCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Shared With User Cache (SP2016 and above) + +.PARAMETER DUGCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Unified Groups Cache (SP2016 and above) + +.PARAMETER DUGCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Unified Groups Cache (SP2016 and above) + +.PARAMETER DUGCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Unified Groups Cache (SP2016 and above) + +.PARAMETER DRTCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Resource Tally Cache (SP2016 and above) + +.PARAMETER DRTCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Resource Tally Cache (SP2016 and above) + +.PARAMETER DRTCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Resource Tally Cache (SP2016 and above) + +.PARAMETER DHSCMaxConnectionsToServer + Write - UInt32 + Maximum number of connections to the Distributed Health Score Cache (SP2016 and above) + +.PARAMETER DHSCRequestTimeout + Write - UInt32 + Request timeout for the Distributed Health Score Cache (SP2016 and above) + +.PARAMETER DHSCChannelOpenTimeOut + Write - UInt32 + Channel timeout for the Distributed Health Score Cache (SP2016 and above) + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example configures the distributed cache client settings. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDistributedCacheClientSettings Settings + { + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = 3 + DLTCRequestTimeout = 1000 + DLTCChannelOpenTimeOut = 1000 + DVSCMaxConnectionsToServer = 3 + DVSCRequestTimeout = 1000 + DVSCChannelOpenTimeOut = 1000 + DACMaxConnectionsToServer = 3 + DACRequestTimeout = 1000 + DACChannelOpenTimeOut = 1000 + DAFMaxConnectionsToServer = 3 + DAFRequestTimeout = 1000 + DAFChannelOpenTimeOut = 1000 + DAFCMaxConnectionsToServer = 3 + DAFCRequestTimeout = 1000 + DAFCChannelOpenTimeOut = 1000 + DBCMaxConnectionsToServer = 3 + DBCRequestTimeout = 1000 + DBCChannelOpenTimeOut = 1000 + DDCMaxConnectionsToServer = 3 + DDCRequestTimeout = 1000 + DDCChannelOpenTimeOut = 1000 + DSCMaxConnectionsToServer = 3 + DSCRequestTimeout = 1000 + DSCChannelOpenTimeOut = 1000 + DTCMaxConnectionsToServer = 3 + DTCRequestTimeout = 1000 + DTCChannelOpenTimeOut = 1000 + DSTACMaxConnectionsToServer = 3 + DSTACRequestTimeout = 1000 + DSTACChannelOpenTimeOut = 1000 + PsDscRunAscredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example configures the distributed cache client settings + in SharePoint 2016. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDistributedCacheClientSettings Settings + { + IsSingleInstance = "Yes" + DLTCMaxConnectionsToServer = 3 + DLTCRequestTimeout = 1000 + DLTCChannelOpenTimeOut = 1000 + DVSCMaxConnectionsToServer = 3 + DVSCRequestTimeout = 1000 + DVSCChannelOpenTimeOut = 1000 + DACMaxConnectionsToServer = 3 + DACRequestTimeout = 1000 + DACChannelOpenTimeOut = 1000 + DAFMaxConnectionsToServer = 3 + DAFRequestTimeout = 1000 + DAFChannelOpenTimeOut = 1000 + DAFCMaxConnectionsToServer = 3 + DAFCRequestTimeout = 1000 + DAFCChannelOpenTimeOut = 1000 + DBCMaxConnectionsToServer = 3 + DBCRequestTimeout = 1000 + DBCChannelOpenTimeOut = 1000 + DDCMaxConnectionsToServer = 3 + DDCRequestTimeout = 1000 + DDCChannelOpenTimeOut = 1000 + DSCMaxConnectionsToServer = 3 + DSCRequestTimeout = 1000 + DSCChannelOpenTimeOut = 1000 + DTCMaxConnectionsToServer = 3 + DTCRequestTimeout = 1000 + DTCChannelOpenTimeOut = 1000 + DSTACMaxConnectionsToServer = 3 + DSTACRequestTimeout = 1000 + DSTACChannelOpenTimeOut = 1000 + DFLTCMaxConnectionsToServer = 3 + DFLTCRequestTimeout = 1000 + DFLTCChannelOpenTimeOut = 1000 + DSWUCMaxConnectionsToServer = 3 + DSWUCRequestTimeout = 1000 + DSWUCChannelOpenTimeOut = 1000 + DUGCMaxConnectionsToServer = 3 + DUGCRequestTimeout = 1000 + DUGCChannelOpenTimeOut = 1000 + DRTCMaxConnectionsToServer = 3 + DRTCRequestTimeout = 1000 + DRTCChannelOpenTimeOut = 1000 + DHSCMaxConnectionsToServer = 3 + DHSCRequestTimeout = 1000 + DHSCChannelOpenTimeOut = 1000 + PsDscRunAscredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPDistributedCacheService.help.txt b/Modules/SharePointDsc/en-US/about_SPDistributedCacheService.help.txt new file mode 100644 index 000000000..aa26c70a7 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPDistributedCacheService.help.txt @@ -0,0 +1,177 @@ +.NAME + SPDistributedCacheService + +# Description + + **Type:** Specific + **Requires CredSSP:** No + + This resource is responsible for provisioning the distributed cache to the + service it runs on. This is required in your farm on at least one server (as + the behavior of SPCreateFarm and SPJoinFarm is to not enroll every server as a + cache server). The service will be provisioned or de-provisioned based on the + Ensure property, and when provisioned the CacheSizeInMB property and + ServiceAccount property will be used to configure it. The property + createFirewallRules is used to determine if exceptions should be added to the + windows firewall to allow communication between servers on the appropriate + ports. + + The ServerProvisionOrder optional property is used when a pull server is + handing out configurations to nodes in order to tell this resource about a + specific order of enabling the caches. This allows for multiple servers to + receive the same configuration, but they will always check for the server + before them in the list first to ensure that it is running distributed cache. + By doing this you can ensure that you do not create conflicts with two or more + servers provisioning a cache at the same time. Note, this approach only makes + a server check the others for distributed cache, it does not provision the + cache automatically on all servers. If a previous server in the sequence does + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the distributed cache is provisioned. + +.PARAMETER Name + Key - String + A name to assign to this resource - not really used. For example - AppFabricCachingService + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to ensure the current server should be running distributed cache, absent to ensure that it isn't running + +.PARAMETER CacheSizeInMB + Required - UInt32 + How many MB should be used for the cache. The maximum supported is 16384 + +.PARAMETER ServiceAccount + Required - String + The name of the service account to run the service as. This should already be registered as a managed account in SharePoint + +.PARAMETER ServerProvisionOrder + Write - String + A list of servers which specifies the order they should provision the cache in to ensure that two servers do not do it at the same time + +.PARAMETER CreateFirewallRules + Required - Boolean + Should the Windows Firewall rules for distributed cache be created? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example applies the distributed cache service to the current server, + also setting the rules in Windows firewall to allow communication with + other cache hosts. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDistributedCacheService EnableDistributedCache + { + Name = "AppFabricCachingService" + CacheSizeInMB = 8192 + ServiceAccount = "DEMO\ServiceAccount" + PsDscRunAsCredential = $SetupAccount + CreateFirewallRules = $true + } + } + } + + +.EXAMPLE + This example applies the distributed cache service to the current server, + but will not apply the rules to allow it to communicate with other cache + hosts to the Windows Firewall. Use this approach if you have an alternate + firewall solution. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPDistributedCacheService EnableDistributedCache + { + Name = "AppFabricCachingService" + CacheSizeInMB = 8192 + ServiceAccount = "DEMO\ServiceAccount" + PsDscRunAsCredential = $SetupAccount + CreateFirewallRules = $false + } + } + } + + +.EXAMPLE + This example applies the distributed cache service to both "server1" and + "server2". The ServerProvisionOrder will ensure that it applies it to + server1 first and then server2, making sure they don't both attempt to + create the cache at the same time, resuling in errors. + + Note: Do not allow plain text passwords in production environments. + + + $ConfigurationData = @{ + AllNodes = @( + @{ + NodeName = 'Server1' + PSDscAllowPlainTextPassword = $true + }, + @{ + NodeName = 'Server2' + PSDscAllowPlainTextPassword = $true + } + ) + } + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node "Server1" + { + SPDistributedCacheService EnableDistributedCache + { + Name = "AppFabricCachingService" + CacheSizeInMB = 8192 + ServiceAccount = "DEMO\ServiceAccount" + ServerProvisionOrder = @("Server1","Server2") + CreateFirewallRules = $true + PsDscRunAsCredential = $SetupAccount + } + } + + node "Server2" + { + SPDistributedCacheService EnableDistributedCache + { + Name = "AppFabricCachingService" + CacheSizeInMB = 8192 + ServiceAccount = "DEMO\ServiceAccount" + ServerProvisionOrder = @("Server1","Server2") + CreateFirewallRules = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPExcelServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPExcelServiceApp.help.txt new file mode 100644 index 000000000..4c38fc440 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPExcelServiceApp.help.txt @@ -0,0 +1,155 @@ +.NAME + SPExcelServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating Excel Services Application instances + within the local SharePoint farm. The resource will provision and configure the + Excel Services Service Application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the service application + +.PARAMETER ApplicationPool + Required - string + The name of the application pool to run the service app in + +.PARAMETER TrustedFileLocations + Write - string + Trusted file locations for the service app + +.PARAMETER CachingOfUnusedFilesEnable + Write - Boolean + Specifies that files that are no longer used by Excel Services Application can remain in the cache for later use. + +.PARAMETER CrossDomainAccessAllowed + Write - Boolean + Specifies that trusted workbooks and data connection files can be requested and rendered by Web Parts or pages that reside in other HTTP domains. + +.PARAMETER EncryptedUserConnectionRequired + Write - String + Allowed values: None, Connection + Requires that encryption is used between the end-user and the server running Excel Services Application. + +.PARAMETER ExternalDataConnectionLifetime + Write - Uint32 + Specifies the maximum number of seconds that an external data connection can remain open in the connection pool. + +.PARAMETER FileAccessMethod + Write - String + Allowed values: UseImpersonation, UseFileAccessAccount + Specifies the authentication method that Excel Services Application uses to retrieve files. + +.PARAMETER LoadBalancingScheme + Write - String + Allowed values: RoundRobin, Local, WorkbookURL + Specifies the load-balancing schema that is used by the Excel Services Application Web service application to send requests to different back-end Excel Services Application computers. + +.PARAMETER MemoryCacheThreshold + Write - Uint32 + Specifies the percentage of the maximum private bytes that can be allocated to inactive objects. + +.PARAMETER PrivateBytesMax + Write - Uint32 + Specifies the maximum private bytes, in megabytes, that are used by Excel Services Application. + +.PARAMETER SessionsPerUserMax + Write - Uint32 + Specifies the maximum number of sessions allowed for a user. + +.PARAMETER SiteCollectionAnonymousSessionsMax + Write - Uint32 + Specifies the maximum number of anonymous sessions allowed per site collection. + +.PARAMETER TerminateProcessOnAccessViolation + Write - Boolean + Terminates Excel Services Application when an access violation occurs in the process. + +.PARAMETER ThrottleAccessViolationsPerSiteCollection + Write - Uint32 + Specifies that if a workbook causes an access violation error on Excel Services Application, all files originating from that workbook’s site collection are blocked from loading for the specified period (in seconds). + +.PARAMETER UnattendedAccountApplicationId + Write - String + Specifies that the application ID that is used to look up the unattended service account credentials from the secure storage service that is specified by the UnattendedAccountSecureServiceAppName parameter. + +.PARAMETER UnusedObjectAgeMax + Write - Uint32 + Specifies the maximum amount of time, in minutes, that objects not currently used in a session are kept in the memory cache. + +.PARAMETER WorkbookCache + Write - String + Specifies the local file system location of the cache that is used to store workbooks that are used by Excel Services Application. + +.PARAMETER WorkbookCacheSizeMax + Write - Uint32 + Specifies the maximum allowable size, in megabytes, of an individual session. + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy Excel Services to the local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPExcelServiceApp ExcelServices + { + Name = "Excel Services Service Application" + ApplicationPool = "SharePoint Service Applications" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to remove Excel Services from the local SharePoint farm. + Here application pool is a required parameter, but it is not actually used when + removing a service app and as such can be ignored and set to any value. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPExcelServiceApp ExcelServices + { + Name = "Excel Services Service Application" + ApplicationPool = "n/a" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPFarm.help.txt b/Modules/SharePointDsc/en-US/about_SPFarm.help.txt new file mode 100644 index 000000000..909404e5b --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPFarm.help.txt @@ -0,0 +1,242 @@ +.NAME + SPFarm + +# Description + + **Type:** Specific + **Requires CredSSP:** No + + This resource is used to create a new SharePoint farm and allow servers to + join that farm. It will detect the presence of the configuration database + on the SQL server as a first step, and if it does not exist then the farm + will be created. If the database does exist, the server will join that + configuration database. Once the config DB has been created, the + resource will install local help collections, secure resources and activate + features. + + If the central admin site is to be running on the local server, the + RunCentralAdmin property should be set to true. In the event that the central + admin site has not been provisioned, this resource will first create it, + otherwise it will simply start the central admin service instance on the + local server. + + The passphrase is passed as a Credential object.The username of this + credential is ignored, only the value of the password is used as the farm + passphrase. + + The port of the Central Admin website can be set by using the + CentralAdministrationPort property. If this is not defined, the site will be + provisioned on port 9999 unless the CentralAdministrationUrl property is + specified and begins with https, in which case it will default to port 443. + However, this setting will not impact existing deployments that already have + Central Admin provisioned on another port. Also, when a farm is created, the + current behavior is to not enroll the server as a cache server (which is the + default behavior of SharePoint). This means you need to use + SPDistributedCacheService on at least one server in the farm to designate it + as a cache server. + + CentralAdministrationAuth can be specified as "NTLM" or "KERBEROS". If not + specified, it defaults to NTLM. If using Kerberos, make sure to have + appropriate SPNs setup for Farm account and Central Administration URI. + + To provision Central Admin as an SSL web application, specify a value for + the CentralAdministrationUrl property that begins with https:// followed + by the vanity host name or server name you wish to use to access CA. + (e.g. https://admin.sharepoint.contoso.com). + + DeveloperDashboard can be specified as "On", "Off" and (only when using + SharePoint 2013) to "OnDemand". + + NOTE: + When using SharePoint 2016 and later and enabling the Developer Dashboard, + please make sure you also provision the Usage and Health service application + to make sure the Developer Dashboard works properly. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Present to create/join the farm. Absent is currently not supported + +.PARAMETER FarmConfigDatabaseName + Required - String + Name of the configuration database + +.PARAMETER DatabaseServer + Required - String + Server that will host the configuration and admin content databases + +.PARAMETER FarmAccount + Required - String + The account to use as the main farm account + +.PARAMETER Passphrase + Required - String + The passphrase to use to allow servers to join this farm + +.PARAMETER AdminContentDatabaseName + Required - String + The name of the admin content database + +.PARAMETER RunCentralAdmin + Required - Boolean + Should the central admin site run on this specific server? + +.PARAMETER CentralAdministrationUrl + Write - String + Vanity URL for Central Administration to be used with SSL + +.PARAMETER CentralAdministrationPort + Write - Uint32 + What port will Central Admin be provisioned to - default is 9999 + +.PARAMETER CentralAdministrationAuth + Write - String + Allowed values: NTLM, Kerberos + The authentication provider of the CentralAdministration web application + +.PARAMETER ServerRole + Write - String + Allowed values: Application, ApplicationWithSearch, Custom, DistributedCache, Search, SingleServer, SingleServerFarm, WebFrontEnd, WebFrontEndWithDistributedCache + SharePoint 2016 & 2019 only - the MinRole role to enroll this server as + +.PARAMETER DeveloperDashboard + Write - String + Allowed values: Off, On, OnDemand + Specifies the state of the Developer Dashboard ('OnDemand' is SP2013 only) + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how a basic SharePoint farm can be created. The database server and names + are specified, and the accounts to run the setup as, the farm account and the passphrase are + all passed in to the configuration to be applied. By default the central admin site in this + example is provisioned to port 9999 using NTLM authentication. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $FarmAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $Passphrase + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFarm SharePointFarm + { + IsSingleInstance = "Yes" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + FarmConfigDatabaseName = "SP_Config" + AdminContentDatabaseName = "SP_AdminContent" + Passphrase = $Passphrase + FarmAccount = $FarmAccount + RunCentralAdmin = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how a basic SharePoint farm can be created. The database server and names + are specified, and the accounts to run the setup as, the farm account and the passphrase are + all passed in to the configuration to be applied. Here the port for the central admin site to + run on, as well as the authentication mode for the site are also specified. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $FarmAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $Passphrase + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFarm SharePointFarm + { + IsSingleInstance = "Yes" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + FarmConfigDatabaseName = "SP_Config" + AdminContentDatabaseName = "SP_AdminContent" + CentralAdministrationPort = 5000 + CentralAdministrationAuth = "Kerberos" + Passphrase = $Passphrase + FarmAccount = $FarmAccount + RunCentralAdmin = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how a basic SharePoint farm can be created. The database server and names + are specified, and the accounts to run the setup as, the farm account and the passphrase are + all passed in to the configuration to be applied. By default the central admin site in this + example is provisioned to port 9999 using NTLM authentication. In this example we also see + the server role defined as "Application" which tells SharePoint 2016/2019 the role to apply to + this server as soon as the farm is created. This property is not supported for SharePoint 2013 + and so this specific example would fail if used against that verison. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $FarmAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $Passphrase + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFarm SharePointFarm + { + IsSingleInstance = "Yes" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + FarmConfigDatabaseName = "SP_Config" + AdminContentDatabaseName = "SP_AdminContent" + ServerRole = "Application" + Passphrase = $Passphrase + FarmAccount = $FarmAccount + RunCentralAdmin = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPFarmAdministrators.help.txt b/Modules/SharePointDsc/en-US/about_SPFarmAdministrators.help.txt new file mode 100644 index 000000000..a7b8c17f4 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPFarmAdministrators.help.txt @@ -0,0 +1,93 @@ +.NAME + SPFarmAdministrators + +# Description + + **Type:** Common + **Requires CredSSP:** No + + This resource is used to manage the membership of the farm administrators + group. There are a number of approaches to how this can be implemented. The + "members" property will set a specific list of members for the group, making + sure that every user/group in the list is in the group and all others that are + members and who are not in this list will be removed. The "MembersToInclude" + and "MembersToExclude" properties will allow you to control a specific set of + users to add or remove, without changing any other members that are in the + group already that may not be specified here, allowing for some manual + management outside of this configuration resource. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Members + Write - String + A list of members to set the group to. Those not in this list will be removed + +.PARAMETER MembersToInclude + Write - String + A list of members to add. Members not in this list will be left in the group + +.PARAMETER MembersToExclude + Write - String + A list of members to remove. Members not in this list will be left in the group + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to set a specific list of members for the farm admins group. + Any members not in this list will be removed. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFarmAdministrators LocalFarmAdmins + { + IsSingleInstance = "Yes" + Members = @("CONTOSO\user1", "CONTOSO\user2") + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how certain changes are made to the farm admins groups. Here any + members in the MembersToInclude property are added, and members in the MembersToExclude + property are removed. Any members that exist in the farm admins group that aren't listed + in either of these properties are left alone. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFarmAdministrators LocalFarmAdmins + { + IsSingleInstance = "Yes" + MembersToInclude = @("CONTOSO\user1") + MembersToExclude = @("CONTOSO\user2") + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPFarmPropertyBag.help.txt b/Modules/SharePointDsc/en-US/about_SPFarmPropertyBag.help.txt new file mode 100644 index 000000000..318f1fa0b --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPFarmPropertyBag.help.txt @@ -0,0 +1,87 @@ +.NAME + SPFarmPropertyBag + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to work with SharePoint Property Bags at the farm level. + The account that runs this resource must be a farm administrator. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the property bag is configured. + +.PARAMETER Key + Key - string + The key of the SPFarm property bag + +.PARAMETER Value + Write - String + Value of the SPfarm property bag + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Set to present to ensure the SPfarm property exists, or absent to ensure it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how add property bag in the current farm. + + +Configuration Example +{ + param + ( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPFarmPropertyBag APPLICATION_APPCodeProperty + { + PsDscRunAsCredential = $SetupAccount + Key = "FARM_TYPE" + Value = "SearchFarm" + Ensure = "Present" + } + } +} + + +.EXAMPLE + This example shows how remove property bag in the current farm. + + +Configuration Example +{ + param + ( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPFarmPropertyBag APPLICATION_APPCodeProperty + { + PsDscRunAsCredential = $SetupAccount + Key = "KeyToRemove" + Ensure = "Absent" + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPFarmSolution.help.txt b/Modules/SharePointDsc/en-US/about_SPFarmSolution.help.txt new file mode 100644 index 000000000..b0aca92a2 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPFarmSolution.help.txt @@ -0,0 +1,80 @@ +.NAME + SPFarmSolution + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to make sure that a specific farm solution is either + present or absent in a farm. The solution can be deployed to one or more web + application passing an array of URL's to the WebApplications property. If the + solution contains resources scoped for web applications and no WebApplications + are specified, the solution will be deployed to all web applications. If the + solution does not contain resources scoped for web applications the property + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the solution is deployed. + +.PARAMETER Name + Key - string + The filename of the WSP package + +.PARAMETER LiteralPath + Required - string + The full path to the WSP file + +.PARAMETER WebAppUrls + Write - string + A list of the web applications to deploy this to + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the WSP should be deployed, or Absent if it should be removed + +.PARAMETER Version + Write - string + The version of the package that is being modified + +.PARAMETER Deployed + Write - Boolean + Should the solution be deployed to the farm, or just installed to the farm + +.PARAMETER SolutionLevel + Write - string + Allowed values: 14, 15, All + What compatability level should the WSP be deployed as? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy a WSP to specific web applications. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFarmSolution SampleWsp + { + Name = "MySolution.wsp" + LiteralPath = "C:\src\MySolution.wsp" + Ensure = "Present" + Version = "1.0.0" + WebAppUrls = @("http://collaboration", "http://mysites") + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPFeature.help.txt b/Modules/SharePointDsc/en-US/about_SPFeature.help.txt new file mode 100644 index 000000000..425e7f266 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPFeature.help.txt @@ -0,0 +1,96 @@ +.NAME + SPFeature + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to make sure that a specific feature is either enabled + or disabled at a given URL/scope. The Ensure property will dictate if the + feature should be on or off. The name property is the name of the feature + based on its folder name in the FEATURES folder in the SharePoint hive + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the feature is enabled. + +.PARAMETER Name + Key - string + The name of the feature + +.PARAMETER FeatureScope + Required - string + Allowed values: Farm, WebApplication, Site, Web + The scope to change the feature at - Farm, WebApplication, SiteCollection or Site + +.PARAMETER Url + Key - string + The URL to change the feature at + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the feature is to be enabled, Absent if it is to be disabled + +.PARAMETER Version + Write - string + The version of the feature to check against + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to enable a site collection scoped feature + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFeature EnableViewFormsLockDown + { + Name = "ViewFormPagesLockDown" + Url = "http://www.contoso.com" + FeatureScope = "Site" + PsDscRunAsCredential = $SetupAccount + Version = "1.0.0.0" + } + } + } + + +.EXAMPLE + This example shows how to disable a site collection scoped feature + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPFeature EnableViewFormsLockDown + { + Name = "ViewFormPagesLockDown" + Url = "http://www.contoso.com" + FeatureScope = "Site" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + Version = "1.0.0.0" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPHealthAnalyzerRuleState.help.txt b/Modules/SharePointDsc/en-US/about_SPHealthAnalyzerRuleState.help.txt new file mode 100644 index 000000000..a3e5ecb59 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPHealthAnalyzerRuleState.help.txt @@ -0,0 +1,65 @@ +.NAME + SPHealthAnalyzerRuleState + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to configure Health Analyzer rules for the local farm. + The resource is able to enable/disable and configure the specified rule. + +.PARAMETER Name + Key - String + The name of the rule exactly as it appears in central admin + +.PARAMETER Enabled + Required - Boolean + Should the rule be enabled? + +.PARAMETER RuleScope + Write - String + Allowed values: All Servers, Any Server + What is the scope of this rule + +.PARAMETER Schedule + Write - String + Allowed values: Hourly, Daily, Weekly, Monthly, OnDemandOnly + How often should the rule check + +.PARAMETER FixAutomatically + Write - Boolean + Should the rule fix itself automatically + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to disable a health analyzer rule + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPHealthAnalyzerRuleState DisableDiskSpaceRule + { + Name = "Drives are at risk of running out of free space." + Enabled = $false + RuleScope = "All Servers" + Schedule = "Daily" + FixAutomatically = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPIncomingEmailSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPIncomingEmailSettings.help.txt new file mode 100644 index 000000000..dd70dbad7 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPIncomingEmailSettings.help.txt @@ -0,0 +1,120 @@ +.NAME + SPIncomingEmailSettings + +# Description + + **Type:** Common + **Requires CredSSP:** No + + This resource is used to enable and configure SharePoint incoming email. + Setting the Ensure parameter to 'Present' or 'Absent' will enable or disable + incoming email accordingly. When enabled, this resource allows for configuring + of required parameters for both Automatic and Advanced methods of supporting + SharePoint incoming email. + + This resource does not currently support setting the Active Directory OU + where SharePoint can create mail contacts and distribution groups. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Ensure + Required - String + Allowed values: Present, Absent + Present ensures Incoming Email is enabled. Absent disables incoming email + +.PARAMETER UseAutomaticSettings + Write - Boolean + Automatic Settings enables a local SMTP service on the SharePoint server. Set to False to use an external drop folder + +.PARAMETER UseDirectoryManagementService + Write - string + Allowed values: Yes, No, Remote + Set to Yes, the service supports the creation and management of e-mail distribution groups from SharePoint Sites, and creates mail contacts mail enabled SharePoint lists. Set to Remote to use a remote SharePoint Directory Management Web Service + +.PARAMETER RemoteDirectoryManagementURL + Write - String + URL to the remote SharePoint Directory Management Web Service + +.PARAMETER ServerAddress + Write - String + SMTP Server Address when Directory Managment Service mode is used + +.PARAMETER DLsRequireAuthenticatedSenders + Write - Boolean + SharePoint Distribution lists accept from authenticated senders only + +.PARAMETER DistributionGroupsEnabled + Write - Boolean + Allow creation of distribution groups from within SharePoint + +.PARAMETER ServerDisplayAddress + Write - String + Email server display address 'mylist@example.com' + +.PARAMETER DropFolder + Write - String + Path to email drop folder if not using Automatic Settings + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure SharePoint Incoming Email in Automatic Mode + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPIncomingEmailSettings AutomaticEmail + { + IsSingleInstance = "Yes" + Ensure = "Present" + UseAutomaticSettings = $true + UseDirectoryManagementService = "No" + ServerDisplayAddress = "contoso.com" + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example shows how to configure SharePoint Incoming Email in Advanced Mode + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPIncomingEmailSettings AutomaticEmail + { + IsSingleInstance = "Yes" + Ensure = "Present" + UseAutomaticSettings = $false + UseDirectoryManagementService = "No" + ServerDisplayAddress = "contoso.com" + DropFolder = "\\MailServer\Pickup" + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPInfoPathFormsServiceConfig.help.txt b/Modules/SharePointDsc/en-US/about_SPInfoPathFormsServiceConfig.help.txt new file mode 100644 index 000000000..649af4074 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPInfoPathFormsServiceConfig.help.txt @@ -0,0 +1,119 @@ +.NAME + SPInfoPathFormsServiceConfig + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuring the InfoPath Forms service within + the local SharePoint farm. Using Ensure equals to Absent is not supported. + This resource can only apply configuration, not ensure they don't exist. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures the settings are applied + +.PARAMETER AllowUserFormBrowserEnabling + Write - Boolean + True sets the InfoPath Forms Service to allow users to browse forms + +.PARAMETER AllowUserFormBrowserRendering + Write - Boolean + True sets the InfoPath Forms Service to render forms in the browser + +.PARAMETER MaxDataConnectionTimeout + Write - Uint32 + Sets the maximum connection timeout in milliseconds + +.PARAMETER DefaultDataConnectionTimeout + Write - Uint32 + Sets the default connection timeout in milliseconds + +.PARAMETER MaxDataConnectionResponseSize + Write - Uint32 + Sets the maximum response size in kb for the user response + +.PARAMETER RequireSslForDataConnections + Write - Boolean + True sets the InfoPath Forms Service to require SSL for its connections + +.PARAMETER AllowEmbeddedSqlForDataConnections + Write - Boolean + True sets the InfoPath Forms Service to allow embedded SQL sonnections in Forms + +.PARAMETER AllowUdcAuthenticationForDataConnections + Write - Boolean + True sets the InfoPath Forms Service to allow User Defined connections + +.PARAMETER AllowUserFormCrossDomainDataConnections + Write - Boolean + True sets the InfoPath Forms Service to allow Cross-Domain connections + +.PARAMETER AllowEventPropagation + Write - Boolean + True enables the original performance optimization + +.PARAMETER MaxPostbacksPerSession + Write - Uint16 + Maximum number of postback allowed per session + +.PARAMETER MaxUserActionsPerPostback + Write - Uint16 + Maximum number of actions that can be triggered per postback + +.PARAMETER ActiveSessionsTimeout + Write - Uint16 + Timeout in minutes for active sessions + +.PARAMETER MaxSizeOfUserFormState + Write - Uint16 + Maximum size of user session data + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure the InfoPath Forms Service + in the local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInfoPathFormsServiceConfig InfoPathFormsServiceConfig + { + IsSingleInstance = "Yes" + AllowUserFormBrowserEnabling = $true + AllowUserFormBrowserRendering = $true + MaxDataConnectionTimeout = 20000 + DefaultDataConnectionTimeout = 10000 + MaxDataConnectionResponseSize = 1500 + RequireSslForDataConnections = $true + AllowEmbeddedSqlForDataConnections = $false + AllowUdcAuthenticationForDataConnections = $false + AllowUserFormCrossDomainDataConnections = $false + MaxPostbacksPerSession = 75 + MaxUserActionsPerPostback = 200 + ActiveSessionsTimeout = 1440 + MaxSizeOfUserFormState = 4096 + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPInstall.help.txt b/Modules/SharePointDsc/en-US/about_SPInstall.help.txt new file mode 100644 index 000000000..9ab537fc8 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPInstall.help.txt @@ -0,0 +1,139 @@ +.NAME + SPInstall + +# Description + + **Type:** Common + **Requires CredSSP:** No + + This resource is used to install the SharePoint binaries. The BinaryDir + parameter should point to the path that setup.exe is located (not to setup.exe + itself). The ProductKey parameter is used to inject in to the configuration + file and validate the license key during the installation process. This module + depends on the prerequisites already being installed, which can be done + + NOTE: + This resource only supports SharePoint Server. SharePoint Foundation + is not supported. For examples to install SharePoint Foundation using DSC, see: + https://github.com/PowerShell/SharePointDsc/wiki/SPInstall (Example 3) + + NOTE 2: + When files are downloaded from the Internet, a Zone.Identifier alternate data + stream is added to indicate that the file is potentially from an unsafe source. + To use these files, make sure you first unblock them using Unblock-File. + SPInstall will throw an error when it detects the file is blocked. + + ## Multilingual support + + Where possible, resources in SharePointDsc have been written in a way that + they should support working with multiple language packs for multilingual + deployments. However due to constraints in how we set up and install the + product, only English ISOs are supported for installing SharePoint. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER BinaryDir + Required - String + The directory that contains all of the SharePoint binaries + +.PARAMETER ProductKey + Required - String + The product key to use during the installation + +.PARAMETER InstallPath + Write - String + The install directory to use in the installation, leave blank to use the setup defaults + +.PARAMETER DataPath + Write - String + The data directory to use in the installation, leave blank to use the setup defaults + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to install SharePoint. Absent is currently not supported + + +.EXAMPLE + This module will install SharePoint to the default locations. The binaries for + SharePoint in this scenario are stored at C:\SPInstall (so it will look to run + C:\SPInstall\Setup.exe) + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInstall InstallBinaries + { + IsSingleInstance = "Yes" + BinaryDir = "C:\SPInstall" + ProductKey = "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX" + } + } + } + + +.EXAMPLE + This module will install SharePoint to the specific locations set for the + InstallPath and DataPath directories. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInstall InstallBinaries + { + IsSingleInstance = "Yes" + BinaryDir = "D:\SharePoint\Binaries" + InstallPath = "D:\SharePoint\Install" + DataPath = "D:\SharePoint\Data" + ProductKey = "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX" + } + } + } + + +.EXAMPLE + This module will install SharePoint Foundation 2013 to the local server + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName PSDesiredStateConfiguration + + node localhost { + Package InstallSharePointFoundation + { + Ensure = "Present" + Name = "Microsoft SharePoint Foundation 2013 Core" + Path = "E:\SharePoint2013\Setup.exe" + Arguments = "/config E:\SharePoint2013\files\setupfarmsilent\config.xml" + ProductID = "90150000-1014-0000-1000-0000000FF1CE" + ReturnCode = 0 + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPInstallLanguagePack.help.txt b/Modules/SharePointDsc/en-US/about_SPInstallLanguagePack.help.txt new file mode 100644 index 000000000..6bc3c2bbe --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPInstallLanguagePack.help.txt @@ -0,0 +1,100 @@ +.NAME + SPInstallLanguagePack + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to install the SharePoint Language Pack binaries. The + BinaryDir parameter should point to the path that setup.exe is located (not to + setup.exe itself). + + The BinaryInstallDays and BinaryInstallTime parameters specify a window in which + the update can be installed. + + Starting with SharePoint 2016, the Language Packs are offered as an EXE package. + You have to extract this package before installing, using the following command: + .\serverlanguagepack.exe /extract:[Extract Folder] + + NOTE: + When files are downloaded from the Internet, a Zone.Identifier alternate data + stream is added to indicate that the file is potentially from an unsafe source. + To use these files, make sure you first unblock them using Unblock-File. + SPInstallLanguagePack will throw an error when it detects the file is blocked. + +.PARAMETER BinaryDir + Key - String + The directory that contains all of the SharePoint binaries + +.PARAMETER BinaryInstallDays + Write - String + Allowed values: mon, tue, wed, thu, fri, sat, sun + Specify on which dates the installation is allowed + +.PARAMETER BinaryInstallTime + Write - String + Specify in which time frame the installation is allowed + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to install SharePoint. Absent is currently not supported + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This module will install the SharePoint Language Pack. The binaries for + SharePoint in this scenario are stored at C:\SPInstall (so it will look to run + C:\SPInstall\Setup.exe) + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInstallLanguagePack InstallLPBinaries + { + BinaryDir = "C:\SPInstall" + Ensure = "Present" + } + } + } + + +.EXAMPLE + This module will install the SharePoint Language Pack in the specified timeframe. + The binaries for SharePoint in this scenario are stored at C:\SPInstall (so it + will look to run C:\SPInstall\Setup.exe) + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInstallLanguagePack InstallLPBinaries + { + BinaryDir = "C:\SPInstall" + BinaryInstallDays = "sat", "sun" + BinaryInstallTime = "12:00am to 2:00am" + Ensure = "Present" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPInstallPrereqs.help.txt b/Modules/SharePointDsc/en-US/about_SPInstallPrereqs.help.txt new file mode 100644 index 000000000..8f8278fd9 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPInstallPrereqs.help.txt @@ -0,0 +1,249 @@ +.NAME + SPInstallPrereqs + +# Description + + **Type:** Common + **Requires CredSSP:** No + + This resource is responsible for ensuring the installation of all SharePoint + prerequisites. It makes use of the PrerequisiteInstaller.exe file that is part + of the SharePoint binaries, and will install the required Windows features as + well as additional software. The OnlineMode boolean will tell the prerequisite + installer which mode to run in, if it is online you do not need to list any + other parameters for this resource. If you do not use online mode, you must + include all other parameters to specify where the installation files are + located. These additional parameters map directly to the options passed to + prerequisiteinstaller.exe. For installations with no connectivity to Windows + Update, use the SXSpath parameter to specify the path to the SXS store of your + Windows Server install media. + + Additionally, the process of installing the prerequisites on a Windows Server + usually results in 2-3 restarts of the system being required. To ensure the + DSC configuration is able to restart the server when needed, ensure the below + settings for the local configuration manager are included in your DSC file. + + LocalConfigurationManager + { + RebootNodeIfNeeded = $true + } + + ## Installing from network locations + + If you wish to install the prerequisites from a network location this can + be done, however you must disable User Account Control (UAC) on the server + to allow DSC to run the executable from a remote location, and also set + the PsDscRunAsCredential value to run as an account with local admin + permissions as well as read access to the network location. + + It is *not recommended* to disable UAC for security reasons. The recommended + approach is to copy the installation media to the local nodes first and + then execute the installation from there. + + ## Downloading prerequisites + + The SharePoint prerequisites can be downloaded from the following locations: + + SharePoint 2013: + https://docs.microsoft.com/en-us/SharePoint/install/hardware-and-software-requirements-0#section5 + + SharePoint 2016: + https://docs.microsoft.com/en-us/SharePoint/install/hardware-and-software-requirements#section5 + + SharePoint 2019: + https://docs.microsoft.com/en-us/sharepoint/install/hardware-and-software-requirements-2019#links-to-applicable-software + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER InstallerPath + Required - String + The full path to prerequisiteinstaller.exe + +.PARAMETER OnlineMode + Required - Boolean + Should the installer download prerequisites from the internet or not + +.PARAMETER SXSpath + Write - String + The path to the Windows Server Operating System SXS source files, for use in closed environments without access to Windows Update + +.PARAMETER SQLNCli + Write - String + The path to the installer for this prerequisite (SP2013 and SP2016) + +.PARAMETER PowerShell + Write - String + The path to the installer for this prerequisite (SP2013 only) + +.PARAMETER NETFX + Write - String + The path to the installer for this prerequisite (SP2013 only) + +.PARAMETER IDFX + Write - String + The path to the installer for this prerequisite (SP2013 only) + +.PARAMETER Sync + Write - String + The path to the installer for this prerequisite (SP2013 and SP2016) + +.PARAMETER AppFabric + Write - String + The path to the installer for this prerequisite (SP2013 and SP2016) + +.PARAMETER IDFX11 + Write - String + The path to the installer for this prerequisite (SP2013 and SP2016) + +.PARAMETER MSIPCClient + Write - String + The path to the installer for this prerequisite (SP2013 and SP2016) + +.PARAMETER WCFDataServices + Write - String + The path to the installer for this prerequisite (SP2013 only) + +.PARAMETER KB2671763 + Write - String + The path to the installer for this prerequisite (SP2013 only) + +.PARAMETER WCFDataServices56 + Write - String + The path to the installer for this prerequisite (SP2013 and SP2016) + +.PARAMETER MSVCRT11 + Write - String + The path to the installer for this prerequisite (SP2016 only) + +.PARAMETER MSVCRT14 + Write - String + The path to the installer for this prerequisite (SP2016 only) + +.PARAMETER KB3092423 + Write - String + The path to the installer for this prerequisite (SP2016 only) + +.PARAMETER ODBC + Write - String + The path to the installer for this prerequisite (SP2016 only) + +.PARAMETER DotNetFx + Write - String + The path to the installer for this prerequisite (SP2016 only) + +.PARAMETER DotNet472 + Write - String + The path to the installer for this prerequisite (SP2019 only) + +.PARAMETER MSVCRT141 + Write - String + The path to the installer for this prerequisite (SP2019 only) + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to install the prerequisites. Absent is currently not supported + + +.EXAMPLE + This module will install the prerequisites for SharePoint. This resource will run in + online mode, looking to download all prerequisites from the internet. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInstallPrereqs InstallPrerequisites + { + IsSingleInstance = "Yes" + InstallerPath = "C:\SPInstall\Prerequisiteinstaller.exe" + OnlineMode = $true + } + } + } + + +.EXAMPLE + This module will install the prerequisites for SharePoint 2013. This resource will run in + offline mode, running all prerequisite installations from the specified paths. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInstallPrereqs InstallPrerequisites + { + IsSingleInstance = "Yes" + InstallerPath = "C:\SPInstall\Prerequisiteinstaller.exe" + OnlineMode = $false + SXSpath = "c:\SPInstall\Windows2012r2-SXS" + SQLNCli = "C:\SPInstall\prerequisiteinstallerfiles\sqlncli.msi" + PowerShell = "C:\SPInstall\prerequisiteinstallerfiles\Windows6.1-KB2506143-x64.msu" + NETFX = "C:\SPInstall\prerequisiteinstallerfiles\dotNetFx45_Full_setup.exe" + IDFX = "C:\SPInstall\prerequisiteinstallerfiles\Windows6.1-KB974405-x64.msu" + Sync = "C:\SPInstall\prerequisiteinstallerfiles\Synchronization.msi" + AppFabric = "C:\SPInstall\prerequisiteinstallerfiles\WindowsServerAppFabricSetup_x64.exe" + IDFX11 = "C:\SPInstall\prerequisiteinstallerfiles\MicrosoftIdentityExtensions-64.msi" + MSIPCClient = "C:\SPInstall\prerequisiteinstallerfiles\setup_msipc_x64.msi" + WCFDataServices = "C:\SPInstall\prerequisiteinstallerfiles\WcfDataServices.exe" + KB2671763 = "C:\SPInstall\prerequisiteinstallerfiles\AppFabric1.1-RTM-KB2671763-x64-ENU.exe" + WCFDataServices56 = "C:\SPInstall\prerequisiteinstallerfiles\WcfDataServices56.exe" + } + } + } + + +.EXAMPLE + This module will install the prerequisites for SharePoint 2016/2019. This resource will run in + offline mode, running all prerequisite installations from the specified paths. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPInstallPrereqs InstallPrerequisites + { + IsSingleInstance = "Yes" + InstallerPath = "C:\SPInstall\Prerequisiteinstaller.exe" + OnlineMode = $false + SXSpath = "C:\SPInstall\Windows2012r2-SXS" + SQLNCli = "C:\SPInstall\prerequisiteinstallerfiles\sqlncli.msi" + Sync = "C:\SPInstall\prerequisiteinstallerfiles\Synchronization.msi" + AppFabric = "C:\SPInstall\prerequisiteinstallerfiles\WindowsServerAppFabricSetup_x64.exe" + IDFX11 = "C:\SPInstall\prerequisiteinstallerfiles\MicrosoftIdentityExtensions-64.msi" + MSIPCClient = "C:\SPInstall\prerequisiteinstallerfiles\setup_msipc_x64.msi" + WCFDataServices56 = "C:\SPInstall\prerequisiteinstallerfiles\WcfDataServices56.exe" + MSVCRT11 = "C:\SPInstall\prerequisiteinstallerfiles\vcredist_x64.exe" + MSVCRT14 = "C:\SPInstall\prerequisiteinstallerfiles\vc_redist.x64.exe" + KB3092423 = "C:\SPInstall\prerequisiteinstallerfiles\AppFabric-KB3092423-x64-ENU.exe" + ODBC = "C:\SPInstall\prerequisiteinstallerfiles\msodbcsql.msi" + DotNetFx = "C:\SPInstall\prerequisiteinstallerfiles\NDP46-KB3045557-x86-x64-AllOS-ENU.exe" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPIrmSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPIrmSettings.help.txt new file mode 100644 index 000000000..5440b52f4 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPIrmSettings.help.txt @@ -0,0 +1,62 @@ +.NAME + SPIrmSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to manipulate the IRM settings in SharePoint, integrating + it with AD RMS + + The default value for the Ensure parameter is Present. When not specifying this + parameter, IRM is configured. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Enable or Disable IRM on this farm + +.PARAMETER UseADRMS + Write - Boolean + Use the RMS server published in this farm's Active Directory + +.PARAMETER RMSserver + Write - String + Use the specified RMS server, must provide in URL format + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply the RMS settings to a local farm, pointing to + a specific RMS server + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPIrmSettings RMSSettings + { + IsSingleInstance = "Yes" + RMSserver = "https://rms.contoso.com" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPLogLevel.help.txt b/Modules/SharePointDsc/en-US/about_SPLogLevel.help.txt new file mode 100644 index 000000000..d3edae9ef --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPLogLevel.help.txt @@ -0,0 +1,125 @@ +.NAME + SPLogLevel + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to change the minimum severity of events captured in + the trace logs (ULS logs) and the Windows event logs. Settings can be changed + globally for all areas and categories (using the '*' character as the + wildcard), for all categories within an area, and for specific categories + within an area. Settings can be changed to desired valid values, or set to the + default by using the keyword 'Default' as the trace level and event level. + You must specify a unique name for each instance of this resource in a configuration. + +.PARAMETER Name + Key - String + Friendly Name used to reference this collection of log level settings + +.PARAMETER SPLogLevelSetting + Required - String + Collection of SPLogLevelItems to set + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example sets an Area / Category item to a custom value. + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPLogLevel SetUserProfileLogingtoVerbose + { + Name = "SP_Database-Verbose" + SPLogLevelSetting = @( + MSFT_SPLogLevelItem { + Area = "SharePoint Server" + Name = "Database" + TraceLevel = "Verbose" + EventLevel = "Verbose" + } + ) + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example sets an entire Area to the default values + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPLogLevel SetAllSPServerToDefault + { + Name = "SPServer_defaults" + SPLogLevelSetting = @( + MSFT_SPLogLevelItem { + Area = "SharePoint Server" + Name = "*" + TraceLevel = "Default" + EventLevel = "Default" + } + ) + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example sets multiple items to custom values + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPLogLevel SetCustomValues + { + Name = "CustomLoggingSettings" + SPLogLevelSetting = @( + MSFT_SPLogLevelItem { + Area = "SharePoint Server" + Name = "Database" + TraceLevel = "Verbose" + EventLevel = "Verbose" + } + MSFT_SPLogLevelItem { + Area = "Business Connectivity Services" + Name = "Business Data" + TraceLevel = "Unexpected" + EventLevel = "Error" + } + ) + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPMachineTranslationServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPMachineTranslationServiceApp.help.txt new file mode 100644 index 000000000..01d77d580 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPMachineTranslationServiceApp.help.txt @@ -0,0 +1,102 @@ +.NAME + SPMachineTranslationServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to provision and manage an instance of the Machine + Translation Service Application. It will identify an instance of the MT + app through the application display name. Currently the resource will + provision the app if it does not yet exist, and will change the service + account associated to the app if it does not match the configuration. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - String + Specifies the name of the service application. + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER DatabaseName + Required - String + Specifies the name of the database for the service application. + +.PARAMETER DatabaseServer + Required - String + Specifies the name of the database server for the service application. + +.PARAMETER ApplicationPool + Required - String + Specifies the application pool to use with the service application. + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy the SP Machine Translation Service App to the local SharePoint farm. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPMachineTranslationServiceApp MachineTranslationServiceApp + { + Name = "Translation Service Application" + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local" + DatabaseName = "Translation" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example shows how to remove the SP Machine Translation Service App to the local SharePoint farm. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPMachineTranslationServiceApp MachineTranslationServiceApp + { + Name = "Translation Service Application" + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local" + DatabaseName = "Translation" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPManagedAccount.help.txt b/Modules/SharePointDsc/en-US/about_SPManagedAccount.help.txt new file mode 100644 index 000000000..b646af763 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPManagedAccount.help.txt @@ -0,0 +1,108 @@ +.NAME + SPManagedAccount + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will ensure a managed account is provisioned in to the SharePoint + farm. The Account object specific the credential to store (including username + and password) to set as the managed account. The settings for + EmailNotification, PreExpireDays and Schedule all relate to enabling automatic + password change for the managed account, leaving these option out of the + resource will ensure that no automatic password changing from SharePoint occurs. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the managed account is created. + +.PARAMETER AccountName + Key - string + The username of the account + +.PARAMETER Account + Write - String + The credential with password of the account + +.PARAMETER EmailNotification + Write - Uint32 + How many days before a password change should an email be sent + +.PARAMETER PreExpireDays + Write - Uint32 + How many days before a password expires should it be changed + +.PARAMETER Schedule + Write - string + What is the schedule for the password reset + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures managed account exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a new managed account in a local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $ManagedAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedAccount NewManagedAccount + { + AccountName = $ManagedAccount.UserName + Account = $ManagedAccount + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to create a new managed account in a local farm, using + the automatic password change schedule + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $ManagedAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedAccount NewManagedAccount + { + AccountName = $ManagedAccount.UserName + Account = $ManagedAccount + Ensure = "Present" + Schedule = "monthly between 7 02:00:00 and 7 03:00:00" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPManagedMetaDataServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPManagedMetaDataServiceApp.help.txt new file mode 100644 index 000000000..60ae1d5ef --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPManagedMetaDataServiceApp.help.txt @@ -0,0 +1,257 @@ +.NAME + SPManagedMetaDataServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + Creates a managed metadata service application. The application pool property + specifies which application pool it should use, and will reset the application + back to this pool if it is changed after its initial provisioning. The + database server and database name properties are only used during + provisioning, and will not be altered as part of the ongoing operation of the + set method. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + + The content type hub url will be set or reset. + + The language settings (default and working) are only changed if they are part of + the bound parameters. Otherwise they will not be altered. + + ContentTypePushdownEnabled and ContentTypeSyndicationEnabled will only be altered + if they are part of the bound parameters. + +.PARAMETER Name + Key - string + The name of the managed metadata service application + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER ApplicationPool + Required - string + The application pool that the service app will use + +.PARAMETER DatabaseServer + Write - string + The name of the database server which will host the application + +.PARAMETER DatabaseName + Write - string + The name of the database for the service application + +.PARAMETER TermStoreAdministrators + Write - string + A list of the users/groups who are administrators of the term store + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER ContentTypeHubUrl + Write - string + The URL of the content type hub for this app (only set when the app is provisioned) + +.PARAMETER DefaultLanguage + Write - UInt32 + The LCID of the default language (only set when the app is provisioned) + +.PARAMETER Languages + Write - UInt32 + The LCIDs of the working languages (only set when the app is provisioned) + +.PARAMETER ContentTypePushdownEnabled + Write - boolean + Specifies that existing instances of changed content types in subsites and libraries will be updated. + +.PARAMETER ContentTypeSyndicationEnabled + Write - boolean + Specifies that this connection will provide access to the content types that are associated with the managed metadata service application. + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy the Managed Metadata service app to the local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedMetaDataServiceApp ManagedMetadataServiceApp + { + Name = "Managed Metadata Service Application" + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local" + DatabaseName = "SP_ManagedMetadata" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + + This example shows how to remove a specific managed metadata service app from the + local SharePoint farm. Because Application pool parameter is required + but is not acutally needed to remove the app, any text value can + be supplied for these as it will be ignored. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedMetaDataServiceApp ManagedMetadataServiceApp + { + Name = "Managed Metadata Service Application" + ApplicationPool = "none" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to deploy the Managed Metadata service app to the local SharePoint farm + and also include a specific list of users to be the term store administrators. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedMetaDataServiceApp ManagedMetadataServiceApp + { + Name = "Managed Metadata Service Application" + PsDscRunAsCredential = $SetupAccount + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local" + DatabaseName = "SP_ManagedMetadata" + TermStoreAdministrators = @( + "CONTOSO\user1", + "CONTOSO\user2" + ) + } + } + } + + +.EXAMPLE + This example shows how to deploy the Managed Metadata service app to the local SharePoint farm + and also include a specific list of users to be the term store administrators. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedMetaDataServiceApp ManagedMetadataServiceApp + { + Name = "Managed Metadata Service Application" + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local" + DatabaseName = "SP_ManagedMetadata" + TermStoreAdministrators = @( + "CONTOSO\user1", + "CONTOSO\user2" + ) + DefaultLanguage = 1033 + Languages = @(1031, 1033) + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to deploy the Managed Metadata service app to the local SharePoint farm + and also include a specific list of users to be the term store administrators. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedMetaDataServiceApp ManagedMetadataServiceApp + { + Name = "Managed Metadata Service Application" + PSDscRunAsCredential = $SetupAccount + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local" + DatabaseName = "SP_ManagedMetadata" + ContentTypeHubUrl = "http://contoso.sharepoint.com/sites/ct" + } + } +} + + +.EXAMPLE + This example shows how to deploy the Managed Metadata service app to the local SharePoint farm + and also include a specific list of users to be the term store administrators. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedMetaDataServiceApp ManagedMetadataServiceApp + { + Name = "Managed Metadata Service Application" + PSDscRunAsCredential = $SetupAccount + ApplicationPool = "SharePoint Service Applications" + DatabaseServer = "SQL.contoso.local" + DatabaseName = "SP_ManagedMetadata" + ContentTypeHubUrl = "http://contoso.sharepoint.com/sites/ct" + ContentTypePushdownEnabled = $true + ContentTypeSyndicationEnabled = $true + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPManagedMetaDataServiceAppDefault.help.txt b/Modules/SharePointDsc/en-US/about_SPManagedMetaDataServiceAppDefault.help.txt new file mode 100644 index 000000000..5646b491e --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPManagedMetaDataServiceAppDefault.help.txt @@ -0,0 +1,59 @@ +.NAME + SPManagedMetaDataServiceAppDefault + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + Using several managed metadata service instances in a farm requires some + configuration, which service application proxy should be used as default + for keywords or site collection specific term sets. + + This setting has to be configured in conjunction with the SPManagedMetadataServiceApp + resource. This resource allows to specify which managed metadata service application + proxy should be used as default for these two settings. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER DefaultSiteCollectionProxyName + Required - String + The name of the managed metadata service application proxy used as default column terms set + +.PARAMETER DefaultKeywordProxyName + Required - String + The name of the managed metadata service application proxy used as default keyword terms set + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy the Managed Metadata service app to the local SharePoint farm. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedMetaDataServiceAppDefault ManagedMetadataServiceAppDefault + { + IsSingleInstance = "Yes" + DefaultSiteCollectionProxyName = "Managed Metadata Service Application Proxy" + DefaultKeywordProxyName = "Managed Metadata Service Application Proxy" + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPManagedPath.help.txt b/Modules/SharePointDsc/en-US/about_SPManagedPath.help.txt new file mode 100644 index 000000000..fd77db72e --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPManagedPath.help.txt @@ -0,0 +1,124 @@ +.NAME + SPManagedPath + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating managed paths associated with a + specific web application. The WebAppUrl parameter is used to specify the web + application to create the path against, and the RelativeUrl parameter lets you + set the URL. Explicit when set to true will create an explicit inclusion path, + if set to false the path is created as wildcard inclusion. If you are using + host named site collections set HostHeader to true and the path will be + created as a host header path to be applied for host named site collections. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the managed path is created. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application to apply the managed path to - this is ignored for host header web applications + +.PARAMETER RelativeUrl + Key - string + The relative URL of the managed path + +.PARAMETER Explicit + Required - boolean + Should the host header be explicit? If false then it is a wildcard + +.PARAMETER HostHeader + Required - boolean + Is this a host header web application? + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures managed path exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to deploy an explicit managed path to a specifici web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedPath TestManagedPath + { + WebAppUrl = "http://sharepoint.contoso.com" + RelativeUrl = "example" + Explicit = $true + HostHeader = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to add a wildcard managed path to a specific web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedPath TestManagedPath + { + WebAppUrl = "http://sharepoint.contoso.com" + RelativeUrl = "teams" + Explicit = $false + HostHeader = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to remove a wildcard managed path from a specific web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPManagedPath TestManagedPath + { + WebAppUrl = "http://sharepoint.contoso.com" + RelativeUrl = "teams" + Explicit = $false + HostHeader = $true + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPMinRoleCompliance.help.txt b/Modules/SharePointDsc/en-US/about_SPMinRoleCompliance.help.txt new file mode 100644 index 000000000..294d794cd --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPMinRoleCompliance.help.txt @@ -0,0 +1,53 @@ +.NAME + SPMinRoleCompliance + +# Description + + **Type:** Utility + **Requires CredSSP:** No + + This resource will help manage compliance of MinRole based servers. Each time + the resource runs it will investigate which service instances should be running + based on the role of servers anywhere in the farm, and if they are not in a + compliant state it will tell SharePoint to create timer jobs to make the + necesssary modifications to make the farm compliant again. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER State + Required - string + Allowed values: Compliant, NonCompliant + Should the state be set to compliant + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to ensure the farm is always compliant with MinRole settings + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPMinRoleCompliance MinRoleCompliance + { + IsSingleInstance = "Yes" + State = "Compliant" + PSDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPOfficeOnlineServerBinding.help.txt b/Modules/SharePointDsc/en-US/about_SPOfficeOnlineServerBinding.help.txt new file mode 100644 index 000000000..0cf347584 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPOfficeOnlineServerBinding.help.txt @@ -0,0 +1,91 @@ +.NAME + SPOfficeOnlineServerBinding + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will create a binding to an Office Online Server (formerly known + as Office Web Apps). The DnsName property can be a single server name, or a + FQDN of a load balanced end point that will direct traffic to a farm. + + NOTE: + This resource is designed to be used where all WOPI bindings will be + targeted to the same Office Online Server farm. If used on a clean + environment, the new bindings will all point to the one DNS Name. If used on + an existing configuration that does not follow this rule, it will match only + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the zone is configured. + +.PARAMETER Zone + Key - string + Allowed values: Internal-HTTP, Internal-HTTPS, External-HTTP, External-HTTPS + The zone for this binding + +.PARAMETER DnsName + Required - string + The DNS name of the server/s that are running Office Web Apps + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures the binding for this zone exists, absent ensures it doesn't + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create bindings to the internal-https zone for the + local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPOfficeOnlineServerBinding OosBinding + { + Zone = "internal-https" + DnsName = "webapps.contoso.com" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to remove bindings from the internal-http zone for the + local SharePoint farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPOfficeOnlineServerBinding OosBinding + { + Zone = "Internal-HTTP" + DnsName = "webapps.contoso.com" + PsDscRunAsCredential = $SetupAccount + Ensure = "Absent" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPOutgoingEmailSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPOutgoingEmailSettings.help.txt new file mode 100644 index 000000000..c61283630 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPOutgoingEmailSettings.help.txt @@ -0,0 +1,103 @@ +.NAME + SPOutgoingEmailSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to set the outgoing email settings for either a single + web application, or the whole farm. To configure the resource for a specific + web app, use the URL of the web application for the WebAppUrl property, to + change the settings for the whole farm use the URL of the central admin + website instead. It is possible to set the outgoing server, from address, + reply to address and the character set to be used for emails. + +.PARAMETER WebAppUrl + key - string + The URL of the web application. If you want to set the global settings use the Central Admin URL + +.PARAMETER SMTPServer + Required - string + The SMTP server for outgoing mail + +.PARAMETER FromAddress + Required - string + The from address to put on messages + +.PARAMETER ReplyToAddress + Required - string + The email address that replies should be directed to + +.PARAMETER CharacterSet + Required - string + The character set to use on messages + +.PARAMETER UseTLS + Write - boolean + Use TLS when connecting to the SMTP server (SharePoint 2016 and 2019 only) + +.PARAMETER SMTPPort + Write - uint32 + The port which is used to connect to the SMTP server (SharePoint 2016 and 2019 only) + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows to set outgoing email settings for the entire farm. Use the URL + of the central admin site for the web app URL to apply for the entire farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPOutgoingEmailSettings FarmWideEmailSettings + { + WebAppUrl = "http://sharepoint1:2013" + SMTPServer = "smtp.contoso.com" + FromAddress = "sharepoint`@contoso.com" + ReplyToAddress = "noreply`@contoso.com" + CharacterSet = "65001" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows to set outgoing email settings for a specific web app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPOutgoingEmailSettings FarmWideEmailSettings + { + WebAppUrl = "http://site.contoso.com" + SMTPServer = "smtp.contoso.com" + FromAddress = "sharepoint`@contoso.com" + ReplyToAddress = "noreply`@contoso.com" + CharacterSet = "65001" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPPasswordChangeSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPPasswordChangeSettings.help.txt new file mode 100644 index 000000000..534d81e89 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPPasswordChangeSettings.help.txt @@ -0,0 +1,67 @@ +.NAME + SPPasswordChangeSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to control settings that relate to the automatic + changing of passwords for managed accounts (where they opt-in to be managed by + SharePoint). These settings can be manually controlled through central + administration, or configured in this resource. The settings relate to email + notifications of when passwords are reset, as well as behavior when a reset + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER MailAddress + Required - string + The email address to send notifications of password changes to + +.PARAMETER DaysBeforeExpiry + Write - Uint32 + The number of days before password expiry to send send emails + +.PARAMETER PasswordChangeWaitTimeSeconds + Write - Uint32 + The duration that a password reset will wait for before it times out + +.PARAMETER NumberOfRetries + Write - Uint32 + How many retries if the password change fails + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example sets the password change settings for managed accounts in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPPasswordChangeSettings ManagedAccountPasswordResetSettings + { + IsSingleInstance = "Yes" + MailAddress = "sharepoint@contoso.com" + DaysBeforeExpiry = "14" + PasswordChangeWaitTimeSeconds = "60" + NumberOfRetries = "3" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPPerformancePointServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPPerformancePointServiceApp.help.txt new file mode 100644 index 000000000..7abb8a8e5 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPPerformancePointServiceApp.help.txt @@ -0,0 +1,96 @@ +.NAME + SPPerformancePointServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating Performance Point Service Application + instances within the local SharePoint farm. The resource will provision and + configure the Performance Point Service Application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the service application + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER ApplicationPool + Required - string + The name of the application pool to run the service app in + +.PARAMETER DatabaseName + Write - string + The name of the database for the service app + +.PARAMETER DatabaseServer + Write - string + The name of the database server to host the database + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures service app exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new performance point service app in the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPPerformancePointServiceApp PerformancePoint + { + Name = "Performance Point Service Application" + ApplicationPool = "SharePoint Web Services" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes the specific performance point service app from the local + farm. The ApplicationPool parameter is still mandatory but it is not used, so + the value can be anything. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPPerformancePointServiceApp PerformancePoint + { + Name = "Performance Point Service Application" + ApplicationPool = "n/a" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPPowerPointAutomationServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPPowerPointAutomationServiceApp.help.txt new file mode 100644 index 000000000..a3531185a --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPPowerPointAutomationServiceApp.help.txt @@ -0,0 +1,112 @@ +.NAME + SPPowerPointAutomationServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating PowerPoint Automation Service + Application instances within the local SharePoint farm. The resource will + provision and configure the PowerPoint Automation Service Application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - String + The name of the service application + +.PARAMETER ProxyName + Write - String + The name of the service application proxy + +.PARAMETER ApplicationPool + Write - String + The name of the application pool to run the service app in + +.PARAMETER CacheExpirationPeriodInSeconds + Write - Uint32 + Specifies the maximum time, in seconds, that items remain in the back-end server cache. The default value is 600 seconds (10 minutes). + +.PARAMETER MaximumConversionsPerWorker + Write - Uint32 + Specifies the maximum number of presentations that a conversion worker process can convert before recycling. The default value is 5. + +.PARAMETER WorkerKeepAliveTimeoutInSeconds + Write - Uint32 + Specifies the maximum time, in seconds, that a conversion worker process can be unresponsive before being terminated. The default value is 120 seconds. + +.PARAMETER WorkerProcessCount + Write - Uint32 + Specifies the number of active instances of the conversion worker process on each back-end. This value must be less than the Windows Communication Foundation (WCF) connection limit for this computer. The default value is 3. + +.PARAMETER WorkerTimeoutInSeconds + Write - Uint32 + Specifies the maximum time, in seconds, that a conversion worker process is given for any single conversion. The default is 300 seconds (5 minutes). + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Ensure the crawl rule is Present or Absent + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run thsi resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example makes sure the service application exists and has a specific configuration + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPPowerPointAutomationServiceApp PowerPointAutomation + { + Name = "PowerPoint Automation Service Application" + ProxyName = "PowerPoint Automation Service Application Proxy" + CacheExpirationPeriodInSeconds = 600 + MaximumConversionsPerWorker = 5 + WorkerKeepAliveTimeoutInSeconds = 120 + WorkerProcessCount = 3 + WorkerTimeoutInSeconds = 300 + ApplicationPool = "SharePoint Web Services" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes a word automation service app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPPowerPointAutomationServiceApp WordAutomation + { + Name = "PowerPoint Automation Service Application" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPProductUpdate.help.txt b/Modules/SharePointDsc/en-US/about_SPProductUpdate.help.txt new file mode 100644 index 000000000..079a04c75 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProductUpdate.help.txt @@ -0,0 +1,148 @@ +.NAME + SPProductUpdate + +# Description + + **Type:** Common + **Requires CredSSP:** No + + This resource is used to perform the update step of installing SharePoint + updates, like Cumulative Updates and Service Packs. The SetupFile parameter + should point to the update file. The ShutdownServices parameter is used to + indicate if some services (Timer, Search and IIS services) have to be stopped + before installation of the update. This will speed up the installation. The + BinaryInstallDays and BinaryInstallTime parameters specify a window in which + the update can be installed. This module requires the Configuration Wizard + resource to fully complete the installation of the update, which can be done + through the use of SPConfigWizard. + + NOTE: + When files are downloaded from the Internet, a Zone.Identifier alternate data + stream is added to indicate that the file is potentially from an unsafe source. + To use these files, make sure you first unblock them using Unblock-File. + SPProductUpdate will throw an error when it detects the file is blocked. + + IMPORTANT: + This resource retrieves build information from the Configuration Database. + Therefore it requires SharePoint to be installed and a farm created. If you + like to deploy a new farm and install updates automatically, you need to + implement the following order: + + 1. Install the SharePoint Binaries (SPInstall) + 2. (Optional) Install SharePoint Language Pack(s) Binaries + (SPInstallLanguagePack) + 3. Create SPFarm (SPFarm) + 4. Install Cumulative Updates (SPProductUpdate) + 5. Run the Configuration Wizard (SPConfigWizard) + +.PARAMETER SetupFile + Key - String + The name of the update setup file + +.PARAMETER ShutdownServices + Write - Boolean + Shutdown SharePoint services to speed up installation + +.PARAMETER BinaryInstallDays + Write - String + Allowed values: mon, tue, wed, thu, fri, sat, sun + Specify on which dates the installation is allowed + +.PARAMETER BinaryInstallTime + Write - String + Specify in which time frame the installation is allowed + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to install SharePoint. Absent is currently not supported + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example installs the Cumulative Update only in the specified window. + It also shuts down services to speed up the installation process. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProductUpdate InstallCUMay2016 + { + SetupFile = "C:\Install\CUMay2016\ubersrv2013-kb3115029-fullfile-x64-glb.exe" + ShutdownServices = $true + BinaryInstallDays = "sat", "sun" + BinaryInstallTime = "12:00am to 2:00am" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example installs the SharePoint 2013 Service Pack only in the specified window. + It also shuts down services to speed up the installation process. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProductUpdate InstallCUMay2016 + { + SetupFile = "C:\Install\SP2013SP1\officeserversp2013-kb2880552-fullfile-x64-en-us.exe" + ShutdownServices = $true + BinaryInstallDays = "sat", "sun" + BinaryInstallTime = "12:00am to 2:00am" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example installs the SharePoint 2013 Dutch Language Pack Service Pack only in the specified window. + It also shuts down services to speed up the installation process. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProductUpdate InstallCUMay2016 + { + SetupFile = "C:\Install\SP2013-LP_NL-SP1\serverlpksp2013-kb2880554-fullfile-x64-nl-nl.exe" + ShutdownServices = $true + BinaryInstallDays = "sat", "sun" + BinaryInstallTime = "12:00am to 2:00am" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerADResourcePoolSync.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerADResourcePoolSync.help.txt new file mode 100644 index 000000000..5cb4d1094 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerADResourcePoolSync.help.txt @@ -0,0 +1,100 @@ +.NAME + SPProjectServerADResourcePoolSync + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to control the settings of the Active Directory + resource pool sync for Project Server, for a specific PWA instance. + You can control which AD groups should be imported from and control + settings about reactivitating users. + + NOTE: + The schedule for this import is controlled via a standard + SharePoint server timer job, and as such it can be controlled with + the SPTimerJobState resource. Below is an example of how to set + this resource to run the AD import job daily. The name of the job + here may change if you have multiple Project Server service apps + in the same farm. + + SPTimerJobState RunProjectSeverADImport + { + Name = "ActiveDirectorySync" + Enabled = $true + Schedule = "daily between 03:00:00 and 03:00:00" + PsDscRunAsCredential = $SetupAccount + } + +.PARAMETER Url + Key - string + The default zone URL of the Project site to set permissions for + +.PARAMETER GroupNames + Write - string + The names of groups in the current domain to sync resources from + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Should the resource sync process be present or absent for this site? + +.PARAMETER AutoReactivateUsers + Write - boolean + Should inactive users found in sync be automatically reactiviated? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example enables Project Server AD resource pool sync + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerADResourcePoolSync EnableSync + { + Ensure = "Present" + Url = "http://projects.contoso.com/pwa" + GroupNames = @("DOMAIN\Group 1", "DOMAIN\Group 2") + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example disables Project Server AD resource pool sync + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerADResourcePoolSync EnableSync + { + Ensure = "Absent" + Url = "http://projects.contoso.com/pwa" + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerAdditionalSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerAdditionalSettings.help.txt new file mode 100644 index 000000000..0683e92bf --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerAdditionalSettings.help.txt @@ -0,0 +1,58 @@ +.NAME + SPProjectServerAdditionalSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to manage the "additional settings" for a PWA instance + (based on what is in the 'additional settings' page of the web interface). + +.PARAMETER Url + Key - string + The default zone URL of the Project site to manage settings at + +.PARAMETER ProjectProfessionalMinBuildNumber + Write - string + What is the minimum build number for the Project Professional client that can connect? + +.PARAMETER ServerCurrency + Write - string + What is the default server currency? + +.PARAMETER EnforceServerCurrency + Write - boolean + Should all projects be forced to use the server currency? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply additional settings to the PWA site + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerAdditionalSettings Settings + { + Url = "http://projects.contoso.com/pwa" + ServerCurrency = "AUD" + EnforceServerCurrency = $true + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerGlobalPermissions.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerGlobalPermissions.help.txt new file mode 100644 index 000000000..f20c5a217 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerGlobalPermissions.help.txt @@ -0,0 +1,157 @@ +.NAME + SPProjectServerGlobalPermissions + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource allows you to enforce global permissions in a PWA site for a + specific project server group or an individual resource. + +.PARAMETER Url + Key - string + The default zone URL of the Project site to manage the group at + +.PARAMETER EntityName + Key - string + The name of the user or group + +.PARAMETER EntityType + Key - string + Allowed values: User, Group + What type of entity are you setting permissions for? + +.PARAMETER AllowPermissions + Write - string + What permissions should be allowed for this entity? + +.PARAMETER DenyPermissions + Write - string + What permissions should be denied for this entity? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to set permissions for a specific resource in a PWA site + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerGlobalPermissions Permissions + { + Url = "http://projects.contoso.com" + EntityName = "Domain\user" + EntityType = "User" + AllowPermissions = @( + "LogOn", + "NewTaskAssignment", + "AccessProjectDataService", + "ReassignTask", + "ManagePortfolioAnalyses", + "ManageUsersAndGroups", + "ManageWorkflow", + "ManageCheckIns", + "ManageGanttChartAndGroupingFormats", + "ManageEnterpriseCustomFields", + "ManageSecurity", + "ManageEnterpriseCalendars", + "ManageCubeBuildingService", + "CleanupProjectServerDatabase", + "SaveEnterpriseGlobal", + "ManageWindowsSharePointServices", + "ManagePrioritizations", + "ManageViews", + "ContributeToProjectWebAccess", + "ManageQueue", + "LogOnToProjectServerFromProjectProfessional", + "ManageDrivers", + "ManagePersonalNotifications", + "ManageServerConfiguration", + "ChangeWorkflow", + "ManageActiveDirectorySettings", + "ManageServerEvents", + "ManageSiteWideExchangeSync", + "ManageListsInProjectWebAccess" + ) + DenyPermissions = @( + "NewProject" + ) + PSDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example shows how to set permissions for a specific group that exists in a PWA site + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerGlobalPermissions Permissions + { + Url = "http://projects.contoso.com" + EntityName = "Group Name" + EntityType = "Group" + AllowPermissions = @( + "LogOn", + "NewTaskAssignment", + "AccessProjectDataService", + "ReassignTask", + "ManagePortfolioAnalyses", + "ManageUsersAndGroups", + "ManageWorkflow", + "ManageCheckIns", + "ManageGanttChartAndGroupingFormats", + "ManageEnterpriseCustomFields", + "ManageSecurity", + "ManageEnterpriseCalendars", + "ManageCubeBuildingService", + "CleanupProjectServerDatabase", + "SaveEnterpriseGlobal", + "ManageWindowsSharePointServices", + "ManagePrioritizations", + "ManageViews", + "ContributeToProjectWebAccess", + "ManageQueue", + "LogOnToProjectServerFromProjectProfessional", + "ManageDrivers", + "ManagePersonalNotifications", + "ManageServerConfiguration", + "ChangeWorkflow", + "ManageActiveDirectorySettings", + "ManageServerEvents", + "ManageSiteWideExchangeSync", + "ManageListsInProjectWebAccess" + ) + DenyPermissions = @( + "NewProject" + ) + PSDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerGroup.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerGroup.help.txt new file mode 100644 index 000000000..ab2cae30f --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerGroup.help.txt @@ -0,0 +1,105 @@ +.NAME + SPProjectServerGroup + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to configure a group within Project Server. This is only + available for use when the site is configured to use Project Server permissions + mode and for Project Server 2016 only. + +.PARAMETER Url + Key - string + The default zone URL of the Project site to manage the group at + +.PARAMETER Name + Key - string + The name of the group + +.PARAMETER Description + Write - string + The description of the group + +.PARAMETER ADGroup + Write - string + What AD group should be used to synchronise membership to this Project Server group, cannot be used with Members, MembersToInclude or MembersToExclude + +.PARAMETER Members + Write - string + A fixed list of members to be in this group, cannot be used with ADGroup, MembersToInclude or MembersToExclude + +.PARAMETER MembersToInclude + Write - string + A list of members to ensure are in this group, cannot be used with ADGroup or Members + +.PARAMETER MembersToExclude + Write - string + A list of members to ensure are not in this group, cannot be used with ADGroup or Members + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a group with a specific list of members in a PWA site + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerGroup Group + { + Url = "http://projects.contoso.com" + Name = "My group" + Members = @( + "Domain\User1" + "Domain\User2" + ) + PSDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example shows how to create a PWA group mapped to a group in AD + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerGroup Group + { + Url = "http://projects.contoso.com" + Name = "My group" + ADGroup = "Domain\Group" + PSDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerLicense.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerLicense.help.txt new file mode 100644 index 000000000..9d6b9229e --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerLicense.help.txt @@ -0,0 +1,78 @@ +.NAME + SPProjectServerLicense + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to enable a Project Server license in to a SharePoint + 2016 or 2019 farm. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Should a Project Server license be enabled or disabled + +.PARAMETER ProductKey + Write - string + What is the product key for Project Server + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example enables Project Server in the current environment + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerLicense ProjectLicense + { + IsSingleInstance = "Yes" + ProductKey = "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX" + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example disables Project Server in the current environment + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerLicense ProjectLicense + { + IsSingleInstance = "Yes" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerPermissionMode.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerPermissionMode.help.txt new file mode 100644 index 000000000..b6984f2bb --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerPermissionMode.help.txt @@ -0,0 +1,74 @@ +.NAME + SPProjectServerPermissionMode + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource allows you to set the permissions mode (either SharePoint or + ProjectServer) for a specific project server site. + +.PARAMETER Url + Key - string + The default zone URL of the Project site to set permissions for + +.PARAMETER PermissionMode + Required - string + Allowed values: SharePoint, ProjectServer + What permission mode should PWA use + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to a specific PWA site to use SharePoint permission mode. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerPermissionMode PermissionMode + { + Url = "http://projects.contoso.com" + PermissionMode = "SharePoint" + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example shows how to a specific PWA site to use Project server + permission mode. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerPermissionMode PermissionMode + { + Url = "http://projects.contoso.com" + PermissionMode = "ProjectServer" + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerServiceApp.help.txt new file mode 100644 index 000000000..3b09af3d0 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerServiceApp.help.txt @@ -0,0 +1,107 @@ +.NAME + SPProjectServerServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for provisioning and managing the Project Server + service application in SharePoint Server 2016 or 2019. + + To create a Project Server site the following DSC resources can + be used to create the site and enable the feature. + + SPSite PWASite + { + Url = "http://projects.contoso.com" + OwnerAlias = "CONTOSO\ExampleUser" + HostHeaderWebApplication = "http://spsites.contoso.com" + Name = "PWA Site" + Template = "PWA#0" + PsDscRunAsCredential = $SetupAccount + } + + SPFeature PWASiteFeature + { + Name = "PWASITE" + Url = "http://projects.contoso.com" + FeatureScope = "Site" + PsDscRunAsCredential = $SetupAccount + DependsOn = "[SPSite]PWASite" + } + +.PARAMETER Name + Key - string + The name of the service application + +.PARAMETER ApplicationPool + Required - string + The name of the application pool to run the service app in + +.PARAMETER ProxyName + Write - string + The name of the Project Server Service Application Proxy + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a new project server services service app + in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerServiceApp ProjectServiceApp + { + Name = "Project Server Service Application" + ApplicationPool = "SharePoint Web Services" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to remove a project server service app in the local farm. + The ApplicationPool property is still required but is not used when removing, so + the value used here doesn't matter. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPProjectServerServiceApp ProjectServiceApp + { + Name = "Project Server Service Application" + ApplicationPool = "n/a" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerTimeSheetSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerTimeSheetSettings.help.txt new file mode 100644 index 000000000..77c0bd2be --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerTimeSheetSettings.help.txt @@ -0,0 +1,128 @@ +.NAME + SPProjectServerTimeSheetSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + Allows you to configure the default timesheet settings for a specific PWA + instance. + +.PARAMETER Url + Key - string + The default zone URL of the Project site to set timesheet settings for + +.PARAMETER EnableOvertimeAndNonBillableTracking + Write - boolean + Should timesheets allow tracking of overtime and non-billable work types + +.PARAMETER DefaultTimesheetCreationMode + Write - string + Allowed values: CurrentTaskAssignments, CurrentProjects, NoPrepopulation + What is the default mode for timesheets to be created in + +.PARAMETER DefaultTrackingUnit + Write - string + Allowed values: Days, Weeks + What is the default tracking unit for timesheets + +.PARAMETER DefaultReportingUnit + Write - string + Allowed values: Hours, Days + What is the default reporting unit for timesheets + +.PARAMETER HoursInStandardDay + Write - Real32 + How many hours are in a standard timesheeet day? + +.PARAMETER HoursInStandardWeek + Write - Real32 + How many hours are in a standard timesheeet week? + +.PARAMETER MaxHoursPerTimesheet + Write - Real32 + Maximum hours per timesheet + +.PARAMETER MinHoursPerTimesheet + Write - Real32 + Minimum hours per timesheet + +.PARAMETER MaxHoursPerDay + Write - Real32 + Maximum hours per day + +.PARAMETER AllowFutureTimeReporting + Write - boolean + Allow future time reporting? + +.PARAMETER AllowNewPersonalTasks + Write - boolean + Allow new personal tasks? + +.PARAMETER AllowTopLevelTimeReporting + Write - boolean + Allow top-level time reporting? + +.PARAMETER RequireTaskStatusManagerApproval + Write - boolean + Require task status manager approval? + +.PARAMETER RequireLineApprovalBeforeTimesheetApproval + Write - boolean + Require line approval before timesheet approval? + +.PARAMETER EnableTimesheetAuditing + Write - boolean + Enable timesheet auditing? + +.PARAMETER FixedApprovalRouting + Write - boolean + Enable fixed approval routing? + +.PARAMETER SingleEntryMode + Write - boolean + Enable single entry mode? + +.PARAMETER DefaultTrackingMode + Write - string + Allowed values: PercentComplete, ActualDoneAndRemaining, HoursPerPeriod, FreeForm + What is the default tracking mode for tasks? + +.PARAMETER ForceTrackingModeForAllProjects + Write - boolean + Force project managers to use the specified tracking mode for each project? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example demonstrates how to apply timesheet settings to a specific + PWA instance + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerTimeSheetSettings ConfigureTimeSheets + { + Url = "http://projects.contoso.com/pwa" + HoursInStandardDay = 8 + HoursInStandardWeek = 40 + AllowFutureTimeReporting = $false + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerUserSyncSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerUserSyncSettings.help.txt new file mode 100644 index 000000000..a22ad256e --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerUserSyncSettings.help.txt @@ -0,0 +1,59 @@ +.NAME + SPProjectServerUserSyncSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuration of the user sync settings between + projects and project sites. + +.PARAMETER Url + Key - string + The default zone URL of the Project site to set user sync settings for + +.PARAMETER EnableProjectWebAppSync + Required - boolean + Enable Project Web App Sync + +.PARAMETER EnableProjectSiteSync + Required - boolean + Enable Project Site Sync + +.PARAMETER EnableProjectSiteSyncForSPTaskLists + Required - boolean + Enable Project Site Sync for SharePoint Task List Projects + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example demonstrates how to set user sync settings for a PWA site + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerUserSyncSettings UserSyncSettings + { + Url = "http://projects.contoso.com/pwa" + EnableProjectWebAppSync = $true + EnableProjectSiteSync = $true + EnableProjectSiteSyncForSPTaskLists = $true + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPProjectServerWssSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPProjectServerWssSettings.help.txt new file mode 100644 index 000000000..e4f8913c3 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPProjectServerWssSettings.help.txt @@ -0,0 +1,56 @@ +.NAME + SPProjectServerWssSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to control settings that relate to the SharePoint sites + that are linked to projects in Project Server. + + NOTE: + The account you use to run this resource (through either the InstallAccount + or PsDscRunAsCredential properties) needs to have elevated rights to execute + this resource. It is recommended to use the SharePoint Farm Account for this + purpose to avoid receiving a "GeneralSecurityAccessDenied" error. + +.PARAMETER Url + Key - string + The default zone URL of the Project site to set WSS settings for + +.PARAMETER CreateProjectSiteMode + Required - string + Allowed values: AutoCreate, UserChoice, DontCreate + How should new SharePoint sites be created? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example demonstrates how to set WSS settings for a PWA site + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPProjectServerWssSettings WssSettings + { + Url = "http://projects.contoso.com/pwa" + CreateProjectSiteMode = "AutoCreate" + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPPublishServiceApplication.help.txt b/Modules/SharePointDsc/en-US/about_SPPublishServiceApplication.help.txt new file mode 100644 index 000000000..fc39354f8 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPPublishServiceApplication.help.txt @@ -0,0 +1,90 @@ +.NAME + SPPublishServiceApplication + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to specify if a specific service application should be + published (Ensure = "Present") or not published (Ensure = "Absent") on the + current server. The name is the display name of the service application as + shown in the Central Admin website. + + You can publish the following service applications in a SharePoint Server + 2013/2016/2019 farm: + + * Business Data Connectivity + * Machine Translation + * Managed Metadata + * User Profile + * Search + * Secure Store + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the service application to publish + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to ensure it runs on this server, or absent to ensure it is stopped + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to ensure that the managed metadata service is published + within the farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPPublishServiceApplication PublishManagedMetadataServiceApp + { + Name = "Managed Metadata Service Application" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to ensure that the Secure Store Service is not + published within the farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPPublishServiceApplication UnpublishSecureStoreServiceApp + { + Name = "Secure Store Service Application" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPQuotaTemplate.help.txt b/Modules/SharePointDsc/en-US/about_SPQuotaTemplate.help.txt new file mode 100644 index 000000000..8adb95d9f --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPQuotaTemplate.help.txt @@ -0,0 +1,72 @@ +.NAME + SPQuotaTemplate + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to configure quota templates in the farm. These settings + will be used to make sure a certain quota template exists or not. When it + exists, it will also make sure the settings are configured as specified. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the quota template is created. + +.PARAMETER Name + Key - string + The name of the quota template + +.PARAMETER StorageMaxInMB + Write - uint32 + The maximum storage for sites of this template in MB + +.PARAMETER StorageWarningInMB + Write - uint32 + The amount of storage for sites of this template that triggers a warning + +.PARAMETER MaximumUsagePointsSolutions + Write - uint32 + The maximum number of performance points for sandbox solutions for this template + +.PARAMETER WarningUsagePointsSolutions + Write - uint32 + The warning number of performance points for sandbox solutions for this template + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to create this template, absent to ensure it does not exist + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a specific quota template in the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPQuotaTemplate TeamsiteTemplate + { + Name = "Teamsite" + StorageMaxInMB = 1024 + StorageWarningInMB = 512 + MaximumUsagePointsSolutions = 1000 + WarningUsagePointsSolutions = 800 + Ensure = "Present" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPRemoteFarmTrust.help.txt b/Modules/SharePointDsc/en-US/about_SPRemoteFarmTrust.help.txt new file mode 100644 index 000000000..3dbff7ac5 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPRemoteFarmTrust.help.txt @@ -0,0 +1,63 @@ +.NAME + SPRemoteFarmTrust + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to trust a remote SharePoint farm. This is used when + federating search results between two different SharePoint farms. The + technique is described at: + https://technet.microsoft.com/en-us/library/dn133749.aspx + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the remote farm trust is created. + +.PARAMETER Name + Key - string + A name of the remote farm, used to create token issuer and root authority + +.PARAMETER RemoteWebAppUrl + Required - string + The URL of a web app in the remote farm, must use HTTPS + +.PARAMETER LocalWebAppUrl + Required - string + The URL of a local web app to connect the remote farm to + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Set to present to ensure the trust exists, or absent to ensure it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a remote farm trust so that the local web app trusts calls + that will come from the remote web app. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPRemoteFarmTrust TrustRemoteFarmForSearch + { + Name = "CentralSearchFarm" + RemoteWebAppUrl = "https://search.sharepoint.contoso.com" + LocalWebAppUrl = "https://local.sharepoint2.contoso.com" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchAuthoritativePage.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchAuthoritativePage.help.txt new file mode 100644 index 000000000..3331d2679 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchAuthoritativePage.help.txt @@ -0,0 +1,95 @@ +.NAME + SPSearchAuthoritativePage + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for managing the search authoritative pages in the + search service application. You can create new pages, change existing pages and + remove existing pages. + + The default value for the Ensure parameter is Present. When you omit this + parameter the crawl rule is created. + +.PARAMETER ServiceAppName + Key - String + Search Service Application Name + +.PARAMETER Path + Key - String + Source URI for the authoritative page + +.PARAMETER Level + Write - Real32 + Level of Authoratitive Page, values between 0.0 and 2.0 + +.PARAMETER Action + Write - String + Allowed values: Authoratative, Demoted + The resource will either make the page authoritative or demoted based on this value + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Ensure the Authoritative is Present or Absent + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a Search Authoritative Page + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchAuthoritativePage AuthoratativePage + { + ServiceAppName = "Search Service Application" + Path = "http://site.sharepoint.com/Pages/authoritative.aspx" + Action = "Authoratative" + Level = 0.0 + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to create a Search Demoted Page + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchAuthoritativePage AuthoratativePage + { + ServiceAppName = "Search Service Application" + Path = "http://site.sharepoint.com/Pages/demoted.aspx" + Action = "Demoted" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchContentSource.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchContentSource.help.txt new file mode 100644 index 000000000..17581f6c9 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchContentSource.help.txt @@ -0,0 +1,153 @@ +.NAME + SPSearchContentSource + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will deploy and configure a content source in a specified search + service application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the content source is created. + +.PARAMETER Name + Key - String + The name of the content source + +.PARAMETER ServiceAppName + Key - String + The name of the search service app that this content source exists within + +.PARAMETER ContentSourceType + Required - String + Allowed values: SharePoint, Website, FileShare, Business + The type of content source - currently only SharePoint, Website, File Shares and Business are supported + +.PARAMETER Addresses + Write - String + A list of the addresses this content source includes + +.PARAMETER CrawlSetting + Write - String + Allowed values: CrawlEverything, CrawlFirstOnly, Custom + Should the crawler index everything, just the first site or page, or a custom depth (applies to websites only) + +.PARAMETER ContinuousCrawl + Write - Boolean + Should this content source use continuous crawl (SharePoint sites only) + +.PARAMETER IncrementalSchedule + Write - String + What is the incremental schedule for this content source + +.PARAMETER FullSchedule + Write - String + What is the full schedule for this content source + +.PARAMETER Priority + Write - String + Allowed values: Normal, High + What is the priority on this content source + +.PARAMETER LimitPageDepth + Write - Uint32 + How many pages deep should the crawler go (-1 = unlimited, website sources only) + +.PARAMETER LimitServerHops + Write - Uint32 + How many server hops should the crawler make (-1 = unlimtied, website sources only) + +.PARAMETER LOBSystemSet + Write - String + Line of Business System and System Instance names + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the source should exist, absent if it should not + +.PARAMETER Force + Write - Boolean + Specify true if DSC is allowed to delete and recreate a content source to apply the correct settings, otherwise false will just report errors if a change can not be applied. + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a SharePoint sites content source + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchContentSource LocalSharePointSites + { + Name = "Local SharePoint Sites" + ServiceAppName = "Search Service Application" + ContentSourceType = "SharePoint" + Addresses = @("http://sharepointsite1.contoso.com", "http://sharepointsite2.contoso.com") + CrawlSetting = "CrawlEverything" + ContinuousCrawl = $true + FullSchedule = $null + Priority = "Normal" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to create a website content source + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchContentSource WebsiteSource + { + Name = "Contoso website" + ServiceAppName = "Search Service Application" + ContentSourceType = "Website" + Addresses = @("http://www.contoso.com") + CrawlSetting = "Custom" + LimitPageDepth = 5 + IncrementalSchedule = MSFT_SPSearchCrawlSchedule{ + ScheduleType = "Daily" + StartHour = "0" + StartMinute = "0" + CrawlScheduleRepeatDuration = "1440" + CrawlScheduleRepeatInterval = "5" + } + FullSchedule = MSFT_SPSearchCrawlSchedule{ + ScheduleType = "Weekly" + CrawlScheduleDaysOfWeek = @("Monday", "Wednesday", "Friday") + StartHour = "3" + StartMinute = "0" + } + Priority = "Normal" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchCrawlMapping.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchCrawlMapping.help.txt new file mode 100644 index 000000000..4029ebce5 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchCrawlMapping.help.txt @@ -0,0 +1,67 @@ +.NAME + SPSearchCrawlMapping + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for managing the search crawl mapping in the + search service application. You can create new mappings, change existing mappings + and remove existing mappings. + + The default value for the Ensure parameter is Present. When you omit this + parameter the crawl rule is created. + +.PARAMETER ServiceAppName + Key - String + Search Service Application Name + +.PARAMETER Url + Key - String + Source URI for the crawl mapping + +.PARAMETER Target + Required - String + Target URI for the crawl mapping + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Ensure the crawl mapping is Present or Absent + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply a Search Crawl Mapping rule to a search application. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + + SPSearchCrawlMapping IntranetCrawlMapping + { + ServiceAppName = "Search Service Application" + Url = "http://crawl.sharepoint.com" + Target = "http://site.sharepoint.com" + Ensure = "Present" + PsDScRunAsCredential = $SetupAccount + } + + } + } + + + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchCrawlRule.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchCrawlRule.help.txt new file mode 100644 index 000000000..f01096fb1 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchCrawlRule.help.txt @@ -0,0 +1,113 @@ +.NAME + SPSearchCrawlRule + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for managing the search crawl rules in the search + service application. You can create new rules, change existing rules and remove + existing rules. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the crawl rule is created. + +.PARAMETER Path + Key - string + The name of the search service application + +.PARAMETER ServiceAppName + Required - string + The name of the search service application + +.PARAMETER AuthenticationType + Write - string + Allowed values: DefaultRuleAccess, BasicAccountRuleAccess, CertificateRuleAccess, NTLMAccountRuleAccess, FormRuleAccess, CookieRuleAccess, AnonymousAccess + Authentication type used by the crawl rule + +.PARAMETER RuleType + Write - string + Allowed values: InclusionRule, ExclusionRule + The type of the rule + +.PARAMETER CrawlConfigurationRules + Write - string + Allowed values: FollowLinksNoPageCrawl, CrawlComplexUrls, CrawlAsHTTP + The configuration options for this rule + +.PARAMETER AuthenticationCredentials + Write - String + The credentials used for this crawl rule (used for types BasicAccountRuleAccess and NTLMAccountRuleAccess) + +.PARAMETER CertificateName + Write - string + The certificate used for this crawl rule (used for type CertificateRuleAccess) + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the crawl rule should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply settings to a sepcific URL in search + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchCrawlRule IntranetCrawlAccount + { + Path = "https://intranet.sharepoint.contoso.com" + ServiceAppName = "Search Service Application" + Ensure = "Present" + RuleType = "InclusionRule" + CrawlConfigurationRules = "FollowLinksNoPageCrawl","CrawlComplexUrls", "CrawlAsHTTP" + AuthenticationType = "DefaultRuleAccess" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to set a certificate for authentication to a content source + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchCrawlRule IntranetCrawlAccountCertificate + { + Path = "https://intranet.sharepoint.contoso.com" + ServiceAppName = "Search Service Application" + Ensure = "Present" + RuleType = "InclusionRule" + CrawlConfigurationRules = "FollowLinksNoPageCrawl","CrawlComplexUrls", "CrawlAsHTTP" + AuthenticationType = "CertificateRuleAccess" + CertificateName = "Certificate Name" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchCrawlerImpactRule.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchCrawlerImpactRule.help.txt new file mode 100644 index 000000000..1b6c64173 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchCrawlerImpactRule.help.txt @@ -0,0 +1,45 @@ +.NAME + SPSearchCrawlerImpactRule + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for managing the search crawl impact rules in the + search service application. You can create new rules, change existing rules and + remove existing rules. + + The default value for the Ensure parameter is Present. When you omit this + parameter the crawl rule is created. + +.PARAMETER ServiceAppName + Key - String + Search Service Application Name + +.PARAMETER Name + Key - String + The Site for the crawl impact rule + +.PARAMETER Behavior + Read - String + The Behavior (RequestLimit or WaitTime) for this crawl impact rule + +.PARAMETER RequestLimit + Write - UInt32 + The RequestLimit setting for the crawl impact rule + +.PARAMETER WaitTime + Write - UInt32 + The WaitTime setting for the crawl impact rule + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Ensure the crawl rule is Present or Absent + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchFileType.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchFileType.help.txt new file mode 100644 index 000000000..a987ee9a9 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchFileType.help.txt @@ -0,0 +1,100 @@ +.NAME + SPSearchFileType + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for managing the search file types in the search + service application. You can create new file types, change existing types and + remove existing file types. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the file type is added. + +.PARAMETER FileType + Key - string + The name of the file type + +.PARAMETER ServiceAppName + Key - string + The name of the search service application + +.PARAMETER Description + Write - string + The description of the file type + +.PARAMETER MimeType + Write - string + The mime type of the file type + +.PARAMETER Enabled + Write - boolean + The state of the file type + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the file type should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply settings to a specific file type in search, using the required parameters + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchFileType PDF + { + FileType = "pdf" + ServiceAppName = "Search Service Application" + Description = "PDF" + MimeType = "application/pdf" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to disable a specific file type in search + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchFileType PDF + { + FileType = "pdf" + ServiceAppName = "Search Service Application" + Description = "PDF" + MimeType = "application/pdf" + Enabled = $false + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchIndexPartition.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchIndexPartition.help.txt new file mode 100644 index 000000000..11a4dc11a --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchIndexPartition.help.txt @@ -0,0 +1,71 @@ +.NAME + SPSearchIndexPartition + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating search indexes. It works by creating + the index topology components and updating the topology from the server that + runs this resource. For this reason this resource only needs to run from one + server and not from each server which will host the index component. The + search service application and existing search topology must be deployed + before creating additional indexes. The first index will be created through + the use of the SPSearchRoles resource. Additional search index partitions can + be created through using this resource. + + Note that for the search topology to apply correctly, the path specified for + RootDirectory needs to exist on the server that is executing this resource. For + example, if the below example was executed on "Server1" it would also need to + ensure that it was able to create the index path at I:\. If no disk labeled I: + was available on server1, this would fail, even though it will not hold an + actual index component. + +.PARAMETER Index + Key - Uint32 + The number of the partition in this farm + +.PARAMETER Servers + Required - String + A list of the servers that this partition should exist on + +.PARAMETER RootDirectory + Write - String + The directory that the index should use locally on each server to store data + +.PARAMETER ServiceAppName + Key - String + The name of the search service application + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example adds an extra search partition to the local farms topology + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchIndexPartition AdditionalPartition + { + Servers = @("Server2", "Server3") + Index = 1 + RootDirectory = "I:\SearchIndexes\1" + ServiceAppName = "Search Service Application" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchManagedProperty.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchManagedProperty.help.txt new file mode 100644 index 000000000..bcade07fd --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchManagedProperty.help.txt @@ -0,0 +1,113 @@ +.NAME + SPSearchManagedProperty + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will deploy and configure a managed property in a specified search + service application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the managed property is created. + +.PARAMETER Name + Key - String + The name of the managed property + +.PARAMETER ServiceAppName + Key - String + The name of the search service app that this managed property exists within + +.PARAMETER PropertyType + Required - String + Allowed values: Binary, DateTime, Decimal, Double, Integer, Text, YesNo + The type of managed property - choose between Binary, DateTime, Decimal, Double, Integer, Text, and YesNo + +.PARAMETER Searchable + Write - Boolean + Should the property be Searchable + +.PARAMETER Queryable + Write - Boolean + Should the property be Queryable + +.PARAMETER Retrievable + Write - Boolean + Should the property be Retrievable + +.PARAMETER HasMultipleValues + Write - Boolean + Should the property allow for multiple values to be selected + +.PARAMETER Refinable + Write - Boolean + Should the property be Refinable + +.PARAMETER Sortable + Write - Boolean + Should the property be Sortable + +.PARAMETER SafeForAnonymous + Write - Boolean + Should the property be marked as safe for anonymous access + +.PARAMETER Aliases + Write - String + Aliases of the managed property + +.PARAMETER TokenNormalization + Write - Boolean + Should the property be case sensitive + +.PARAMETER NoWordBreaker + Write - Boolean + Should the property only match exact content + +.PARAMETER IncludeAllCrawledProperties + Write - Boolean + Should the property be mapped to all crawled properties + +.PARAMETER CrawledProperties + Write - String + List of crawled properties that the property is mapped with + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the source should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how create a new Managed Property, using the required parameters + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchManagedProperty MyProperty + { + Name = "MyProperty" + ServiceAppName = "Search Service Application" + PropertyType = "Text" + Searchable = $true + IncludeAllCrawledProperties = $false + CrawledProperties = @("OWS_Notes, Personal:AboutMe") + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchMetadataCategory.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchMetadataCategory.help.txt new file mode 100644 index 000000000..6db4cd921 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchMetadataCategory.help.txt @@ -0,0 +1,72 @@ +.NAME + SPSearchMetadataCategory + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will deploy and configure a Metadata Category in a specified search + service application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the Metadata Category is created. + +.PARAMETER Name + Key - String + The name of the Metadata Category + +.PARAMETER ServiceAppName + Key - String + The name of the search service app that this Metadata Category exists within + +.PARAMETER AutoCreateNewManagedProperties + Write - Boolean + Specifies that when a new crawled property in this category is found, a corresponding managed property is created and mapped to this new crawled property + +.PARAMETER DiscoverNewProperties + Write - Boolean + Specifies that if there are unknown properties in this category, these new properties are discovered during a crawl. + +.PARAMETER MapToContents + Write - Boolean + Specifies that all crawled properties of type string are mapped to corresponding managed properties of this category. + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the result source should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a new Search Metadata Category, using the required parameters + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchMetadataCategory NewCategory + { + Name = "My New category" + ServiceAppName = "Search Service Application" + AutoCreateNewManagedProperties = $true + DiscoverNewProperties = $true + MapToContents = $true + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchResultSource.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchResultSource.help.txt new file mode 100644 index 000000000..56f434a35 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchResultSource.help.txt @@ -0,0 +1,107 @@ +.NAME + SPSearchResultSource + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to configure search result sources in the SharePoint + search service application. Result sources can be configured to be of the + following provider types: + + * Exchange Search Provider + * Local People Provider + * Local SharePoint Provider + * OpenSearch Provider + * Remote People Provider + * Remote SharePoint Provider + + > **Important:** + > The above provider types are specific to the used localized version of SharePoint. + > Please make sure you use the correct localized values. Use the below script to + > check of all possible values. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the result source is created. + + To define a result source as global, use the value 'SSA' as the ScopeName + value. + + ## Script + + ``` PowerShell + $serviceApp = Get-SPEnterpriseSearchServiceApplication -Identity "SearchServiceAppName" + + $fedManager = New-Object Microsoft.Office.Server.Search.Administration.Query.FederationManager($serviceApp) + $providers = $fedManager.ListProviders() + $providers.Keys + ``` + +.PARAMETER Name + Key - String + The name of the result source + +.PARAMETER ScopeName + Key - String + Allowed values: SSA, SPSite, SPWeb + The scope at which the Result Source will be created. Options are SSA, SPSite or SPWeb + +.PARAMETER ScopeUrl + Key - String + The URI of the site where to create the result source. Leave empty to have it created globally + +.PARAMETER SearchServiceAppName + Required - String + The name of the search service application to associate this result source with + +.PARAMETER Query + Required - String + The query to pass to the provider source + +.PARAMETER ProviderType + Required - String + The provider type to use for the result source + +.PARAMETER ConnectionUrl + Write - String + The URI to connect to the remote location + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the result source should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a remote sharepoint search result source + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchResultSource RemoteSharePointFarm + { + Name = "External SharePoint results" + ScopeName = "SPSite" + ScopeUrl = "https://SharePoint.contoso.com" + SearchServiceAppName = "Search Service Application" + Query = "{searchTerms}" + ProviderType = "Remote SharePoint Provider" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchServiceApp.help.txt new file mode 100644 index 000000000..760142417 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchServiceApp.help.txt @@ -0,0 +1,124 @@ +.NAME + SPSearchServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for provisioning the search service application. + The current version lets you specify the database name and server, as well as + the application pool. If the application pool is changed the DSC resource will + set it back as per what is set in the resource. The database name parameter is + used as the prefix for all search databases (so you will end up with one for + the admin database which matches the name, and then + "_analyticsreportingstore", "_crawlstore" and "_linkstore" databases as well). + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + + NOTE: The WindowsServiceAccount parameter is deprecated and no longer does + anything. The functionality for changing this account has been moved to + SPSearchServiceSettings. + +.PARAMETER Name + Key - string + The name of the search service application + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER ApplicationPool + Required - string + The application pool that it should run in + +.PARAMETER SearchCenterUrl + Write - string + The URL of the enterprise search center site collection + +.PARAMETER DatabaseName + Write - string + The name of the database (noting that some search databases will use this as a prefix) + +.PARAMETER DatabaseServer + Write - string + The server that host the databases for this service application + +.PARAMETER DefaultContentAccessAccount + Write - String + The default content access account for this search service app + +.PARAMETER CloudIndex + Write - boolean + Should this search service application be a cloud based service app + +.PARAMETER AlertsEnabled + Write - boolean + Should alerts be enabled for this search service application + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER WindowsServiceAccount + Write - string + This setting is moved to SPSearchServiceSettings and deprecated here. + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new search service app in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchServiceApp SearchServiceApp + { + Name = "Search Service Application" + DatabaseName = "SP_Search" + ApplicationPool = "SharePoint Service Applications" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes a search service app in the local farm. The ApplicationPool + parameter is still required but is not actually used, so its value does not matter. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchServiceApp SearchServiceApp + { + Name = "Search Service Application" + Ensure = "Absent" + ApplicationPool = "n/a" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchServiceSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchServiceSettings.help.txt new file mode 100644 index 000000000..1ae6932f5 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchServiceSettings.help.txt @@ -0,0 +1,66 @@ +.NAME + SPSearchServiceSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuring settings for the search + service, like the crawler performance level. All settings are farm + wide settings, which is why this resource should only be used once + in each configuration. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER PerformanceLevel + Write - string + Allowed values: Reduced, PartlyReduced, Maximum + Specifies the performance level of the crawler + +.PARAMETER ContactEmail + Write - string + Specifies the contact email used by the crawler + +.PARAMETER WindowsServiceAccount + Write - string + Sets the windows services for search to run as this account + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new search service app in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $SearchAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchServiceSettings SearchServiceSettings + { + IsSingleInstance = "Yes" + PerformanceLevel = "Maximum" + ContactEmail = "sharepoint@contoso.com" + WindowsServiceAccount = $SearchAccount + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSearchTopology.help.txt b/Modules/SharePointDsc/en-US/about_SPSearchTopology.help.txt new file mode 100644 index 000000000..93e38a46d --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSearchTopology.help.txt @@ -0,0 +1,96 @@ +.NAME + SPSearchTopology + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for provisioning a search topology in to the + current farm. It allows the configuration to dictate the search topology roles + that the current server should be running. Any combination of roles can be + specified and the topology will be upaded to reflect the current servers new + roles. If this is the first server to apply topology to a farm, then at least + one search index must be provided. + + You only need to run the topology resource on a single server in the farm. + It will enable the components on each server in the farm, as specified in + the configuration. It is not required to also include SPServiceInstance as + the SPSearchTopology will make sure they are started when applying the + topology. However, it can be a good idea to include it so that the services + will be started later on if they are ever found to be stopped. + + Note that for the search topology to apply correctly, the path specified for + FirstPartitionDirectory needs to exist on the server that is executing this + resource. For example, if a configuration was executed on "Server1" it would + also need to ensure that it was able to create the index path at I:\. If no + disk labeled I: was available on server1, this would fail, even though it will + not hold an actual index component. + +.PARAMETER ServiceAppName + Key - String + The name of the search service application for this topology + +.PARAMETER Admin + Required - String + A list of servers that will run the admin component + +.PARAMETER Crawler + Required - String + A list of servers that will run the crawler component + +.PARAMETER ContentProcessing + Required - String + A list of servers that will run the content processing component + +.PARAMETER AnalyticsProcessing + Required - String + A list of servers that will run the analytics processing component + +.PARAMETER QueryProcessing + Required - String + A list of servers that will run the query processing component + +.PARAMETER IndexPartition + Required - String + A list of servers that will host the first (0) index partition + +.PARAMETER FirstPartitionDirectory + Required - String + The local directory servers will use to store the first index partition + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply a specific topology to the search service app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSearchTopology LocalSearchTopology + { + ServiceAppName = "Search Service Application" + Admin = @("Server1","Server2") + Crawler = @("Server1","Server2") + ContentProcessing = @("Server1","Server2") + AnalyticsProcessing = @("Server1","Server2") + QueryProcessing = @("Server3","Server4") + PsDscRunAsCredential = $SetupAccount + FirstPartitionDirectory = "I:\SearchIndexes\0" + IndexPartition = @("Server3","Server4") + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSecureStoreServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPSecureStoreServiceApp.help.txt new file mode 100644 index 000000000..05a8c583c --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSecureStoreServiceApp.help.txt @@ -0,0 +1,130 @@ +.NAME + SPSecureStoreServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for provisioning and configuring the secure store + service application. The parameters passed in (except those related to database + specifics) are validated and set when the resource is run, the database values + are only used in provisioning of the service application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the secure store service app + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER ApplicationPool + Required - string + The name of the application pool it will run in + +.PARAMETER AuditingEnabled + Required - boolean + Is auditing enabled for this service app + +.PARAMETER AuditlogMaxSize + Write - uint32 + What is the maximum size of the audit log in MB + +.PARAMETER DatabaseCredentials + Write - String + What SQL credentials should be used to access the database + +.PARAMETER DatabaseName + Write - string + The name of the database for the service app + +.PARAMETER DatabaseServer + Write - string + The name of the database server to host the database + +.PARAMETER DatabaseAuthenticationType + Write - string + Allowed values: Windows, SQL + What type of authentication should be used to access the database + +.PARAMETER FailoverDatabaseServer + Write - string + The name of the database server hosting a failover instance of the database + +.PARAMETER PartitionMode + Write - boolean + Is partition mode enabled for this service app + +.PARAMETER Sharing + Write - boolean + Is sharing enabled for this service app + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new secure store service app. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSecureStoreServiceApp SecureStoreServiceApp + { + Name = "Secure Store Service Application" + ApplicationPool = "SharePoint Service Applications" + AuditingEnabled = $true + AuditlogMaxSize = 30 + DatabaseName = "SP_SecureStore" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes a secure store service app. The ApplicationPool and + AuditingEnabled parameters are required, but are not used so their values + are able to be set to anything. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSecureStoreServiceApp SecureStoreServiceApp + { + Name = "Secure Store Service Application" + ApplicationPool = "n/a" + AuditingEnabled = $false + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSecurityTokenServiceConfig.help.txt b/Modules/SharePointDsc/en-US/about_SPSecurityTokenServiceConfig.help.txt new file mode 100644 index 000000000..c25220d64 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSecurityTokenServiceConfig.help.txt @@ -0,0 +1,75 @@ +.NAME + SPSecurityTokenServiceConfig + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuring the Security Token Service within + the local SharePoint farm. Using Ensure equals to Absent is not supported. + This resource can only apply configuration, not ensure they don't exist. + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Name + Required - string + The name of the security token service + +.PARAMETER NameIdentifier + Write - string + The identifier for the security token service + +.PARAMETER UseSessionCookies + Write - Boolean + True set the security token service to use cookies + +.PARAMETER AllowOAuthOverHttp + Write - Boolean + True set the security token service to allow OAuth over HTTP + +.PARAMETER AllowMetadataOverHttp + Write - Boolean + True set the security token service to allow metadata exchange over HTTP + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present ensures the configurations are applied + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example configures the Security Token Service + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSecurityTokenServiceConfig SecurityTokenService + { + IsSingleInstance = "Yes" + Name = "SPSecurityTokenService" + NameIdentifier = "00000003-0000-0ff1-ce00-000000000000@9f11c5ea-2df9-4950-8dcf-da8cd7aa4eff" + UseSessionCookies = $false + AllowOAuthOverHttp = $false + AllowMetadataOverHttp = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSelfServiceSiteCreation.help.txt b/Modules/SharePointDsc/en-US/about_SPSelfServiceSiteCreation.help.txt new file mode 100644 index 000000000..9b3992c5b --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSelfServiceSiteCreation.help.txt @@ -0,0 +1,194 @@ +.NAME + SPSelfServiceSiteCreation + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to configure self-service site creation on a web + application. + + NOTE: + The web application needs a root level ("/") site collection for the + self-service site creation to function properly. It is not required to have this + site collection present in the web application to succesfully configure this + resource. + + NOTE2: + If Enabled is set to false, ShowStartASiteMenuItem is automatically set to false + by the resource if ShowStartASiteMenuItem is not specified. Setting + ShowStartASiteMenuItem to true at the same time as Enabled is set to false + will generate an error. + + ## Hybrid self-service site creation + + It is possible to configure self-service site creation to create sites in + SharePoint Online. This requires that [hybrid self-service site creation](https://docs.microsoft.com/en-us/sharepoint/hybrid/hybrid-self-service-site-creation) + is configured using the Hybrid Picker. + +.PARAMETER WebAppUrl + Key - string + The url of the web application + +.PARAMETER Enabled + Required - boolean + Specifies if users are allowed to create site collections or not + +.PARAMETER OnlineEnabled + Write - boolean + Specifies if site collections are created in SharePoint Online in a hybrid configuration. Hybrid configuration needs to be caried out seperately using the Hybrid Picker + +.PARAMETER QuotaTemplate + Write - string + The quota template to apply to new site collections. Specify null to not apply any qouta template + +.PARAMETER ShowStartASiteMenuItem + Write - boolean + Should the Start a Site link be displayed. Must be false or not specified if Enabled is false + +.PARAMETER CreateIndividualSite + Write - boolean + Should Self Service Site Creation create an individual Site, false for a Site Collection + +.PARAMETER represent + Write - to + Specifies the URL of the parent site where new sites are to be created. This is only used when CreateIndividualSite is true. Use [%userid%] to represent the ID of the user who is creating the site, for example: /projects/[%userid%] + +.PARAMETER PolicyOption + Write - string + Allowed values: MustHavePolicy, CanHavePolicy, NotHavePolicy + Specifies what site classification should be displayed + +.PARAMETER RequireSecondaryContact + Write - boolean + Specifies if users needs to provide one or more additional site administrators + +.PARAMETER CustomFormUrl + Write - string + Specifies a custom form URL to use for Self Service Site Creation. This is only used when CreateIndividualSite is true. Must be an absolute URL or empty to use built in form (_layouts/_layouts/15/scsignup.aspx) + +.PARAMETER ManagedPath + Write - string + Specifies the managed path in which site collections have to be created (SP2019 only) + +.PARAMETER AlternateUrl + Write - string + Specifies the URL of the web application in which site collections have to be created (SP2019 only) + +.PARAMETER UserExperienceVersion + Write - string + Allowed values: Modern, Classic, Latest + Specifies the if the site collection has to be created as modern or classic site (SP2019 only) + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure self-service site creation for a web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSelfServiceSiteCreation SSC + { + WebAppUrl = "http://example.contoso.local" + Enabled = $true + OnlineEnabled = $false + QuotaTemplate = "SSCQoutaTemplate" + ShowStartASiteMenuItem = $true + CreateIndividualSite = $true + PolicyOption = "CanHavePolicy" + RequireSecondaryContact = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to configure self-service site creation with a custom form for a web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSelfServiceSiteCreation SSC + { + WebAppUrl = "http://example.contoso.local" + Enabled = $true + ShowStartASiteMenuItem = $true + CustomFormUrl = "http://ssc.contoso.com.local/ssc" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to disable self-service site creation for a web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSelfServiceSiteCreation SSC + { + WebAppUrl = "http://example.contoso.local" + Enabled = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to configure self-service site creation with a custom form for a web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSelfServiceSiteCreation SSC + { + WebAppUrl = "http://example.contoso.local" + Enabled = $true + ManagedPath = "sites" + UserExperienceVersion = "Modern" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPServiceAppPool.help.txt b/Modules/SharePointDsc/en-US/about_SPServiceAppPool.help.txt new file mode 100644 index 000000000..313972269 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPServiceAppPool.help.txt @@ -0,0 +1,58 @@ +.NAME + SPServiceAppPool + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used for provisioning an application pool that can be used for + service applications. The account used for the service account must already be + registered as a managed account (which can be provisioned through + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application pool is provisioned. + +.PARAMETER Name + Key - string + The name of application pool + +.PARAMETER ServiceAccount + Required - string + The name of the managed account to run this service account as + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app pool should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a service application pool for service apps to run in. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPServiceAppPool MainServiceAppPool + { + Name = "SharePoint Service Applications" + ServiceAccount = "Demo\ServiceAccount" + PsDscRunAsCredential = $SetupAccount + Ensure = "Present" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPServiceAppProxyGroup.help.txt b/Modules/SharePointDsc/en-US/about_SPServiceAppProxyGroup.help.txt new file mode 100644 index 000000000..8f2391453 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPServiceAppProxyGroup.help.txt @@ -0,0 +1,86 @@ +.NAME + SPServiceAppProxyGroup + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to manage SharePoint Service Application Proxy Groups. + The "Ensure" parameter controls whether or not the Proxy Group should exist. A + proxy group cannot be removed if a web application is using it. The + "ServiceAppProxies" property will set a specific list of Service App Proxies + to be members of this Proxy Group. It will add and remove proxies to ensure + the group matches this list exactly. The "ServiceAppProxiesToInclude" and + "ServiceAppProxiesToExclude" properties will allow you to add and remove + proxies from the group, leaving other proxies that are in the group but not in + either list intact. + + Use the proxy group name "Default" to manipulate the default proxy group. + + Requirements: + At least one of the ServiceAppProxies, ServiceAppProxiesToInclude or + ServiceAppProxiesToExclude properties needs to be specified. Do not combine + the ServiceAppProxies property with the ServiceAppProxiesToInclude and + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the proxy group is created. + +.PARAMETER Name + Key - String + Name of the Proxy Group to create + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present creates the proxy group if it does not already exist, Absent will delete the proxy group if it exists + +.PARAMETER ServiceAppProxies + Write - String + List of service application proxies that belong in this proxy group, all others will be removed + +.PARAMETER ServiceAppProxiesToInclude + Write - String + List of service application proxies to add to this proxy group, existing proxies will remain + +.PARAMETER ServiceAppProxiesToExclude + Write - String + List of service application proxies to remove from this proxy grop, all others will remain + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates two seperate proxy groups of service apps that can be + assigned to web apps in the farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPServiceAppProxyGroup ProxyGroup1 + { + Name = "Proxy Group 1" + Ensure = "Present" + ServiceAppProxies = "Web 1 User Profile Service Application","Web 1 MMS Service Application","State Service Application" + } + + SPServiceAppProxyGroup ProxyGroup2 + { + Name = "Proxy Group 2" + Ensure = "Present" + ServiceAppProxiesToInclude = "Web 2 User Profile Service Application" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPServiceAppSecurity.help.txt b/Modules/SharePointDsc/en-US/about_SPServiceAppSecurity.help.txt new file mode 100644 index 000000000..8768e73e9 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPServiceAppSecurity.help.txt @@ -0,0 +1,185 @@ +.NAME + SPServiceAppSecurity + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to manage the sharing security settings of a specific + service application. There are a number of approaches to how this can be + implemented. Firstly you can set permissions for the app administrators, or + for the sharing permission by specifying the SecurityType attribute. These + options correlate to the buttons seen in the ribbon on the "manage service + applications" page in Central Administration after you select a specific + service app. The "Members" property will set a specific list of members for + the service app, making sure that every user/group in the list is in the group + and all others that are members and who are not in this list will be removed. + The "MembersToInclude" and "MembersToExclude" properties will allow you to + control a specific set of users to add or remove, without changing any other + members that are in the group already that may not be specified here, allowing + + NOTE: + In order to specify Local Farm you can use the token "\{LocalFarm\}" + as the username. The token is case sensitive. + + ## Permission overview + + > **Important** + > When using localized versions of Windows and/or SharePoint, it is possible + > that permissions levels are also in the local language. In that case, use + > the localized permissions levels. All possible values can be retrieved using + > the script at the bottom of this page. The below permissions are the English + > versions. + + Available permissions for Administrators are Full Control except for these + service applications: + + Secure Store Service Application: + + - Full Control + - Create Target Application + - Delete Target Application + - Manage Target Application + - All Target Applications + + User Profile Service Application: + + - Full Control + - Manage Profiles + - Manage Audiences + - Manage Permissions + - Retrieve People Data for Search Crawlers + - Manage Social Data + + Search Service Application: + + - Full Control + - Read (Diagnostics Pages Only) + + Permissions for Sharing Permissions are Full Control except for these + service applications: + + Managed Metadata Service Application: + + - Read Access to Term Store + - Read and Restricted Write Access to Term Store + - Full Access to Term Store + + NOTE: + Multiple permissions can be specified for each principal. Full Control + will include all other permissions. It is not required to specify all + available permissions if Full Control is specified. + + ## Script + + ``` PowerShell + $serviceApp = Get-SPServiceApplication -Name "ServiceAppName" + + $perms = Get-SPServiceApplicationSecurity -Identity $serviceApp + $perms.NamedAccessRights.Name + + $perms = Get-SPServiceApplicationSecurity -Identity $serviceApp -Admin + $perms.NamedAccessRights.Name + ``` + +.PARAMETER ServiceAppName + Key - String + The name of the service application you wish to apply security settings to + +.PARAMETER SecurityType + Key - string + Allowed values: Administrators, SharingPermissions + Administrators will set the administrators for the service app, SharingPermissions will set those granted access through the permissions button seen in the Sharing section of the ribbon in central admin + +.PARAMETER Members + Write - String + A list of members to set the group to. Those not in this list will be removed + +.PARAMETER MembersToInclude + Write - String + A list of members to add. Members not in this list will be left in the group + +.PARAMETER MembersToExclude + Write - String + A list of members to remove. Members not in this list will be left in the group + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how full control permission can be given to the farm + account and service app pool account to the user profile service app's + sharing permission. + It also shows granting access to specific areas to a user. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + $membersToInclude = @() + $membersToInclude += MSFT_SPServiceAppSecurityEntry { + Username = "CONTOSO\SharePointFarmAccount" + AccessLevels = @("Full Control") + } + $membersToInclude += MSFT_SPServiceAppSecurityEntry { + Username = "CONTOSO\SharePointServiceApps" + AccessLevels = @("Full Control") + } + $membersToInclude += MSFT_SPServiceAppSecurityEntry { + Username = "CONTOSO\User1" + AccessLevels = @("Manage Profiles", "Manage Social Data") + } + SPServiceAppSecurity UserProfileServiceSecurity + { + ServiceAppName = "User Profile Service Application" + SecurityType = "SharingPermissions" + MembersToInclude = $membersToInclude + MembersToExclude = @("CONTOSO\BadAccount1", "CONTOSO\BadAccount2") + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to use the local farm token to grant + full control permission to the local farm to the + user profile service app's sharing permission. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + $members = @() + $members += MSFT_SPServiceAppSecurityEntry { + Username = "{LocalFarm}" + AccessLevels = @("Full Control") + } + SPServiceAppSecurity UserProfileServiceSecurity + { + ServiceAppName = "User Profile Service Application" + SecurityType = "SharingPermissions" + Members = $members + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPServiceIdentity.help.txt b/Modules/SharePointDsc/en-US/about_SPServiceIdentity.help.txt new file mode 100644 index 000000000..079c2d27c --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPServiceIdentity.help.txt @@ -0,0 +1,54 @@ +.NAME + SPServiceIdentity + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to specify a managed account to be used to run a service instance. + You can also specify LocalService, LocalSystem or NetworkService as ManagedAccount. + The name is the typename of the service as shown in the Central Admin website. + This resource only needs to be run on one server in the farm, as the process identity + update method will apply the settings to all instances of the service. + +.PARAMETER Name + Key - string + The name of the service instance to manage + +.PARAMETER ManagedAccount + Required - string + The user name of a managed account, LocalService, LocalSystem or NetworkService that will be used to run the service + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to set the SandBox Code Service to run under a specifed service account. + The account must already be registered as a managed account. + + +Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + + Import-DscResource -ModuleName SharePointDsc + + node localhost { + + SPServiceIdentity SandBoxUserAccount + { + Name = "Microsoft SharePoint Foundation Sandboxed Code Service" + ManagedAccount = "CONTOSO\SPUserCode" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPServiceInstance.help.txt b/Modules/SharePointDsc/en-US/about_SPServiceInstance.help.txt new file mode 100644 index 000000000..234778b9b --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPServiceInstance.help.txt @@ -0,0 +1,79 @@ +.NAME + SPServiceInstance + +# Description + + **Type:** Specific + **Requires CredSSP:** No + + This resource is used to specify if a specific service should be running + (Ensure = "Present") or not running (Ensure = "Absent") on the current server. + The name is the display name of the service as shown in the Central Admin + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service instance is started. + +.PARAMETER Name + Key - string + The name of the service instance to manage + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to ensure it runs on this server, or absent to ensure it is stopped + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to ensure that the managed metadata service is running + on the local server. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPServiceInstance ManagedMetadataServiceInstance + { + Name = "Managed Metadata Web Service" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to ensure that the Business Data Connectivity Service + is not running on the local server. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPServiceInstance StopBCSServiceInstance + { + Name = "Business Data Connectivity Service" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSessionStateService.help.txt b/Modules/SharePointDsc/en-US/about_SPSessionStateService.help.txt new file mode 100644 index 000000000..bd2261a38 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSessionStateService.help.txt @@ -0,0 +1,62 @@ +.NAME + SPSessionStateService + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will provision a state service app to the local farm. Specify + the name of the database server and database name to provision the app with, + and optionally include the session timeout value. If session timeout is not + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER DatabaseName + Key - string + The name of the database for the service + +.PARAMETER DatabaseServer + Key - string + The name of the database server for the database + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present is the state service should be enabled, absent if it should be disabled + +.PARAMETER SessionTimeout + Write - uint32 + What is the timeout on sessions + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new session state service on the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSessionStateService StateServiceApp + { + DatabaseName = "SP_StateService" + DatabaseServer = "SQL.test.domain" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPShellAdmins.help.txt b/Modules/SharePointDsc/en-US/about_SPShellAdmins.help.txt new file mode 100644 index 000000000..bda7639b0 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPShellAdmins.help.txt @@ -0,0 +1,165 @@ +.NAME + SPShellAdmins + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to manage the users with Shell Admin permissions. There + are a number of approaches to how this can be implemented. The "Members" + property will set a specific list of members for the group, making sure that + every user/group in the list is in the group and all others that are members + and who are not in this list will be removed. The "MembersToInclude" and + "MembersToExclude" properties will allow you to control a specific set of + users to add or remove, without changing any other members that are in the + group already that may not be specified here, allowing for some manual + management outside of this configuration resource. The "ContentDatabases" and + "AllContentDatabases" properties will allow you to control the permissions on + Content Databases. + + Requirements: + + * At least one of the Members, MemberToInclude or MembersToExclude properties + needs to be specified. + * Do not combine the Members property with the MemberToInclude and + MembersToExclude properties. + * Do not combine the ContentDatabase property with the AllContentDatabases + property. + + Required permissions: + + The documentation of the Shell Admin cmdlets states that you need the following + permissions to successfully run this resource: + "When you run this cmdlet to add a user to the SharePoint_Shell_Access role, + you must have membership in the securityadmin fixed server role on the SQL + Server instance, membership in the db_owner fixed database role on all + affected databases, and local administrative permission on the local computer." + https://docs.microsoft.com/en-us/powershell/module/sharepoint-server/add-spshelladmin?view=sharepoint-ps + + Notes: + 1.) If a content database is created using the Central Admin, the farm account + is the owner of that content database in SQL Server. When this is true, you + cannot add it to the Shell Admins (common for AllContentDatabases parameter) + and the resource will throw an error. Workaround: Change database owner in SQL + +.PARAMETER IsSingleInstance + Key - String + Allowed values: Yes + Specifies the resource is a single instance, the value must be 'Yes' + +.PARAMETER Members + Write - String + Exact list of accounts that will have to get Shell Admin permissions + +.PARAMETER MembersToInclude + Write - String + List of all accounts that must be in the Shell Admins group + +.PARAMETER MembersToExclude + Write - String + List of all accounts that are not allowed to have Shell Admin permissions + +.PARAMETER Databases + Write - String + Shell Admin configuration of Databases + +.PARAMETER AllDatabases + Write - Boolean + Specify if all databases must get the same config as the general config + +.PARAMETER ExcludeDatabases + Write - String + Specify all databases that must be excluded from AllDatabases + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example gives admin access to the specified users for the local farm as well as + all content databases in the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPShellAdmins ShellAdmins + { + IsSingleInstance = "Yes" + Members = "CONTOSO\user1", "CONTOSO\user2" + AllDatabases = $true + } + } + } + + +.EXAMPLE + This example gives admin access to the specified users for the local farm as well as + all content databases in the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPShellAdmins ShellAdmins + { + IsSingleInstance = "Yes" + Members = "CONTOSO\user1", "CONTOSO\user2" + Databases = @( + @(MSFT_SPDatabasePermissions { + Name = "SharePoint_Content_1" + Members = "CONTOSO\user2", "CONTOSO\user3" + }) + @(MSFT_SPDatabasePermissions { + Name = "SharePoint_Content_2" + Members = "CONTOSO\user3", "CONTOSO\user4" + }) + ) + } + } + } + + +.EXAMPLE + This example gives admin access to the specified users for the local farm as + well as all content databases in the local farm, with the exception of database + WSS_Content_Portal. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPShellAdmins ShellAdmins + { + IsSingleInstance = "Yes" + Members = "CONTOSO\user1", "CONTOSO\user2" + AllDatabases = $true + ExcludeDatabases = "WSS_Content_Portal" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSite.help.txt b/Modules/SharePointDsc/en-US/about_SPSite.help.txt new file mode 100644 index 000000000..8fd06e444 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSite.help.txt @@ -0,0 +1,182 @@ +.NAME + SPSite + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will provision a site collection to the current farm, based on + the settings that are passed through. These settings map to the New-SPSite + cmdlet and accept the same values and types. + + The current version of SharePointDsc is only able to check for the existence + of a site collection, the additional parameters are not checked for yet, but + will be in a later release + + NOTE: + When creating Host Header Site Collections, do not use the HostHeader + parameter in SPWebApplication. This will set the specified host header on your + IIS site and prevent the site from listening for the URL of the Host Header + Site Collection. + If you want to change the IIS website binding settings, please use the xWebsite + resource in the xWebAdministration module. + + NOTE2: + The CreateDefaultGroups parameter is only used for creating default site + groups. It will not remove or change the default groups if they already exist. + + NOTE3: + AdministrationSiteType is used in combination with the resource + SPWebAppClientCallableSettings. The required proxy library must be configured + before the administration site type has any effect. + +.PARAMETER Url + Key - string + The URL of the site collection + +.PARAMETER OwnerAlias + Required - string + The username of the site collection administrator + +.PARAMETER CompatibilityLevel + Write - uint32 + The compatibility level of the site + +.PARAMETER ContentDatabase + Write - string + The name of the content database to create the site in + +.PARAMETER Description + Write - string + The description to apply to the site collection + +.PARAMETER HostHeaderWebApplication + Write - string + The URL of the host header web application to create this site in + +.PARAMETER Language + Write - uint32 + The language code of the site + +.PARAMETER Name + Write - string + The display name of the site collection + +.PARAMETER OwnerEmail + Write - string + The email address of the site collection administrator + +.PARAMETER QuotaTemplate + Write - string + The quota template to apply to the site collection + +.PARAMETER SecondaryEmail + Write - string + The secondary site collection admin email address + +.PARAMETER SecondaryOwnerAlias + Write - string + The secondary site collection admin username + +.PARAMETER Template + Write - string + The template to apply to the site collection + +.PARAMETER CreateDefaultGroups + Write - boolean + Create the default site groups in the site collection + +.PARAMETER AdministrationSiteType + Write - string + Allowed values: TenantAdministration, None + Specifies the type of the site collection: Regular site or tenant administration site + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a site collection with the provided details + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSite TeamSite + { + Url = "http://sharepoint.contoso.com" + OwnerAlias = "CONTOSO\ExampleUser" + HostHeaderWebApplication = "http://spsites.contoso.com" + Name = "Team Sites" + Template = "STS#0" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example creates a site collection with the provided details + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSite TeamSite + { + Url = "http://sharepoint.contoso.com" + OwnerAlias = "CONTOSO\ExampleUser" + HostHeaderWebApplication = "http://spsites.contoso.com" + Name = "Team Sites" + Template = "STS#0" + QuotaTemplate = "Teamsite" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example creates a site collection with the provided details + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSite TeamSite + { + Url = "http://sharepoint.contoso.com" + OwnerAlias = "CONTOSO\ExampleUser" + HostHeaderWebApplication = "http://spsites.contoso.com" + Name = "Team Sites" + Template = "STS#0" + AdministrationSiteType = "TenantAdministration" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSitePropertyBag.help.txt b/Modules/SharePointDsc/en-US/about_SPSitePropertyBag.help.txt new file mode 100644 index 000000000..aa7b2a608 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSitePropertyBag.help.txt @@ -0,0 +1,94 @@ +.NAME + SPSitePropertyBag + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to work with SharePoint Property Bags at the site + collection level. The account that runs this resource (PsDscRunAsCredential + or InstallAccount) must be a site collection administrator. + + The default value for the Ensure parameter is Present. When not specifying + this parameter, the property bag is configured. + +.PARAMETER Url + Key - string + The URL of the site collection + +.PARAMETER Key + Key - string + The key of the SPSite property + +.PARAMETER Value + Write - String + Value of the SPSite property + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Set to present to ensure the SPSite property exists, or absent to ensure it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how add property bag value in a site collection. + + +Configuration Example +{ + param + ( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPSitePropertyBag Site_APPCodeProperty + { + PsDscRunAsCredential = $SetupAccount + Url = "https://web.contoso.com" + Key = "KeyToAdd" + Value = "ValueToAddOrModify" + Ensure = "Present" + } + } +} + + +.EXAMPLE + This example shows how remove a property bag value in a site collection. + + +Configuration Example +{ + param + ( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPSitePropertyBag Site_APPCodeProperty + { + PsDscRunAsCredential = $SetupAccount + Url = "https://web.contoso.com" + Key = "KeyToRemove" + Ensure = "Absent" + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPSiteUrl.help.txt b/Modules/SharePointDsc/en-US/about_SPSiteUrl.help.txt new file mode 100644 index 000000000..476a3c355 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSiteUrl.help.txt @@ -0,0 +1,71 @@ +.NAME + SPSiteUrl + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will configure the site url for a host named site collection. + There are four available zones to configure: Intranet, Internet, Extranet + and Custom. + + It is not possible to change the site url for the Default zone, since this + means changing the url that is used as identity. A site collection rename + is required for that: + $site = Get-SPSite "http://old.contoso.com" + $new = "http://new.contoso.com" + $site.Rename($new) + ((Get-SPSite $new).contentdatabase).RefreshSitesInConfigurationDatabase + +.PARAMETER Url + Key - string + The URL of the site collection + +.PARAMETER Intranet + Write - string + The URL of the Intranet zone + +.PARAMETER Internet + Write - string + The URL of the Internet zone + +.PARAMETER Extranet + Write - string + The URL of the Extranet zone + +.PARAMETER Custom + Write - string + The URL of the Custom zone + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example configures the site collection urls for the specified + Host Named Site Collection + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSiteUrl TeamSite + { + Url = "http://sharepoint.contoso.intra" + Intranet = "http://sharepoint.contoso.com" + Internet = "https://sharepoint.contoso.com" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPStateServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPStateServiceApp.help.txt new file mode 100644 index 000000000..b9c70d895 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPStateServiceApp.help.txt @@ -0,0 +1,70 @@ +.NAME + SPStateServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource provisions an instance of the state service in to the local farm. + The database specific parameters are only used during initial provisioning of + the app, and will not change database settings beyond the initial deployment. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the state service app + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER DatabaseCredentials + Write - String + The database credentials for accessing the database + +.PARAMETER DatabaseName + Required - string + The name of the database for the service app + +.PARAMETER DatabaseServer + Write - string + The name of the database server + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a state service application in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPStateServiceApp StateServiceApp + { + Name = "State Service Application" + DatabaseName = "SP_State" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPSubscriptionSettingsServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPSubscriptionSettingsServiceApp.help.txt new file mode 100644 index 000000000..9a9dcd244 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPSubscriptionSettingsServiceApp.help.txt @@ -0,0 +1,99 @@ +.NAME + SPSubscriptionSettingsServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to provision and manage an instance of the App Management + Services Service Application. It will identify an instance of the subscription + settings service app through the application display name. Currently the + resource will provision the app if it does not yet exist, and will change the + service account associated to the app if it does not match the configuration. + Database names or server name will not be changed if the configuration does + not match, these parameters are only used for the initial provisioning of the + service application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the subscription settings service app + +.PARAMETER ApplicationPool + Required - String + The name of the application pool the service app runs in + +.PARAMETER DatabaseName + Write - string + The name of the database for the service app + +.PARAMETER DatabaseServer + Write - String + The name of the database server + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new subscription settings service app in the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSubscriptionSettingsServiceApp SubscriptionSettingsServiceApp + { + Name = "Subscription Settings Service Application" + ApplicationPool = "SharePoint web services" + DatabaseServer = "SQL01.contoso.com" + DatabaseName = "SP_SubscriptionSettings" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes a subscription settings service app in the local farm. + The ApplicationPool property is required, but is ignored when removing a + service app. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPSubscriptionSettingsServiceApp SubscriptionSettingsServiceApp + { + Name = "Subscription Settings Service Application" + ApplicationPool = "n/a" + PsDscRunAsCredential = $SetupAccount + Ensure = "Absent" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPTimerJobState.help.txt b/Modules/SharePointDsc/en-US/about_SPTimerJobState.help.txt new file mode 100644 index 000000000..126b5fc78 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPTimerJobState.help.txt @@ -0,0 +1,79 @@ +.NAME + SPTimerJobState + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to configure a timer job and make sure it is in a + specific state. The resource can be used to enable or disabled the job and + configure the schedule of the job. + + The schedule parameter has to be written in the SPSchedule format + (https://technet.microsoft.com/en-us/library/ff607916.aspx). + + Examples are: + + - Every 5 minutes between 0 and 59 + - Hourly between 0 and 59 + - Daily at 15:00:00 + - Weekly between Fri 22:00:00 and Sun 06:00:00 + - Monthly at 15 15:00:00 + - Yearly at Jan 1 15:00:00 + + NOTE: + Make sure you use the typename timer job name, not the display name! Use + "Get-SPTimerJob | Where-Object { $_.Title -eq "\" } | Select typename" + to find the typename for each Timer Job. + + NOTE2: You cannot use SPTimerJobState to change the Health Analyzer jobs, because + these are configured to specific times by default. + +.PARAMETER TypeName + Key - String + The type name of the timer job (not the display name) + +.PARAMETER WebAppUrl + Key - String + The URL of the web application that the timer job belongs to. Use the value 'N/A' if no web application is applicable + +.PARAMETER Enabled + Write - Boolean + Should the timer job be enabled or not + +.PARAMETER Schedule + Write - String + The schedule for the timer job to execute on + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example show how to disable the dead site delete job in the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPTimerJobState DisableTimerJob_AppServerJob + { + TypeName = "Microsoft.Office.Server.Administration.ApplicationServerJob" + WebAppUrl = "http://sites.sharepoint.contoso.com" + Enabled = $false + Schedule ="weekly at sat 5:00" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPTrustedIdentityTokenIssuer.help.txt b/Modules/SharePointDsc/en-US/about_SPTrustedIdentityTokenIssuer.help.txt new file mode 100644 index 000000000..9ffd968f2 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPTrustedIdentityTokenIssuer.help.txt @@ -0,0 +1,175 @@ +.NAME + SPTrustedIdentityTokenIssuer + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to create or remove SPTrustedIdentityTokenIssuer in a + SharePoint farm. + + Either parameter SigningCertificateThumbPrint or SigningCertificateFilePath + must be set, but not both. + + The SigningCertificateThumbPrint must be the thumbprint of the signing + certificate stored in the certificate store LocalMachine\My of the server + + Note that the private key of the certificate must not be available in the + certiificate store because SharePoint does not accept it. + + The SigningCertificateFilePath must be the file path to the public key of + the signing certificate. + + The ClaimsMappings property is an array of MSFT_SPClaimTypeMapping to use + with cmdlet New-SPClaimTypeMapping. Each MSFT_SPClaimTypeMapping requires + properties Name and IncomingClaimType. Property LocalClaimType is not + required if its value is identical to IncomingClaimType. + + The IdentifierClaim property must match an IncomingClaimType element in + ClaimsMappings array. + + The ClaimProviderName property can be set to specify a custom claims provider. + It must be already installed in the SharePoint farm and returned by cmdlet + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the token issuer is created. + +.PARAMETER Name + Key - String + Name of the SPTrustedIdentityTokenIssuer + +.PARAMETER Description + Required - String + Description of the SPTrustedIdentityTokenIssuer + +.PARAMETER Realm + Required - String + Default Realm that is passed to identity provider + +.PARAMETER SignInUrl + Required - String + URL of the identity provider where user is redirected to for authentication + +.PARAMETER IdentifierClaim + Required - String + Identity claim type that uniquely identifies the user + +.PARAMETER ClaimsMappings + Required - String + Array of MSFT_SPClaimTypeMapping to use with cmdlet New-SPClaimTypeMapping + +.PARAMETER SigningCertificateThumbprint + Write - String + Specify the thumbprint of the signing certificate, which must be located in certificate store LocalMachine\\My + +.PARAMETER SigningCertificateFilePath + Write - String + Specify the file path to the signing certificate if it is not stored in the local certificate store already + +.PARAMETER ClaimProviderName + Write - String + Name of a claims provider to set with this SPTrustedIdentityTokenIssuer + +.PARAMETER ProviderSignOutUri + Write - String + Sign-out URL + +.PARAMETER UseWReplyParameter + Write - Boolean + WReply parameter allows SharePoint to specify the return URL to the 3rd party STS upon successful authentication + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Present if the SPTrustedIdentityTokenIssuer should be created, or Absent if it should be removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example deploys a trusted token issuer to the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPTrustedIdentityTokenIssuer SampleSPTrust + { + Name = "Contoso" + Description = "Contoso" + Realm = "https://sharepoint.contoso.com" + SignInUrl = "https://adfs.contoso.com/adfs/ls/" + IdentifierClaim = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" + ClaimsMappings = @( + MSFT_SPClaimTypeMapping{ + Name = "Email" + IncomingClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" + } + MSFT_SPClaimTypeMapping{ + Name = "Role" + IncomingClaimType = "http://schemas.xmlsoap.org/ExternalSTSGroupType" + LocalClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" + } + ) + SigningCertificateThumbPrint = "F0D3D9D8E38C1D55A3CEF3AAD1C18AD6A90D5628" + ClaimProviderName = "LDAPCP" + ProviderSignOutUri = "https://adfs.contoso.com/adfs/ls/" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example deploys a trusted token issuer to the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPTrustedIdentityTokenIssuer SampleSPTrust + { + Name = "Contoso" + Description = "Contoso" + Realm = "https://sharepoint.contoso.com" + SignInUrl = "https://adfs.contoso.com/adfs/ls/" + IdentifierClaim = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" + ClaimsMappings = @( + MSFT_SPClaimTypeMapping{ + Name = "Email" + IncomingClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" + } + MSFT_SPClaimTypeMapping{ + Name = "Role" + IncomingClaimType = "http://schemas.xmlsoap.org/ExternalSTSGroupType" + LocalClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" + } + ) + SigningCertificateFilePath = "F:\Data\DSC\FakeSigning.cer" + ClaimProviderName = "LDAPCP" + ProviderSignOutUri = "https://adfs.contoso.com/adfs/ls/" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPTrustedIdentityTokenIssuerProviderRealms.help.txt b/Modules/SharePointDsc/en-US/about_SPTrustedIdentityTokenIssuerProviderRealms.help.txt new file mode 100644 index 000000000..2b2005933 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPTrustedIdentityTokenIssuerProviderRealms.help.txt @@ -0,0 +1,208 @@ +.NAME + SPTrustedIdentityTokenIssuerProviderRealms + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to add or remove provider realms to + SPTrustedIdentityTokenIssuer in a SharePoint farm. The "ProviderRealms" + property will set a specific list of realms, making sure + that every realm in the list is set and all others that are + already configured but not in this list will be removed. + The "ProviderRealmsToInclude" and "ProviderRealmsToExclude" properties + will allow you to control a specific set of realms to add or remove, + without changing any other realms that are set already. Include and + Exclude can be combined together. RealmUrl is the key and should be + unique, otherwise existing RealmUrn value will be updated/replaced. + +.PARAMETER IssuerName + Key - String + Name of the SPTrustedIdentityTokenIssuer + +.PARAMETER ProviderRealms + Write - String + Realms to set. Those not in this list will be removed + +.PARAMETER ProviderRealmsToInclude + Write - String + Realms to add. Realms not in this list will be left + +.PARAMETER ProviderRealmsToExclude + Write - String + Realms to remove. Realms not in this list will be left + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Present if the ProviderRealms should be created, or Absent if it should be removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example adds provider realms to existing trusted token issuer. + Existing will be removed. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + $ProviderRealms = @() + $ProviderRealms += MSFT_SPProviderRealm { + RealmUrl = "https://search.contoso.com" + RealmUrn = "urn:sharepoint:contoso:search" + } + + $ProviderRealms += MSFT_SPProviderRealm { + RealmUrl = "https://intranet.contoso.com" + RealmUrn = "urn:sharepoint:contoso:intranet" + } + + SPTrustedIdentityTokenIssuerProviderRealms Farm1OverwriteExample + { + IssuerName = "Contoso" + ProviderRealms = $ProviderRealms + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example adds provider realms to existing trusted token issuer. + Existing are left and not removed. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + + $ProviderRealmsToInclude = @() + $ProviderRealmsToInclude += MSFT_SPProviderRealm { + RealmUrl = "https://search.contoso.com" + RealmUrn = "urn:sharepoint:contoso:search" + } + + $ProviderRealmsToInclude += MSFT_SPProviderRealm { + RealmUrl = "https://intranet.contoso.com" + RealmUrn = "urn:sharepoint:contoso:intranet" + } + + SPTrustedIdentityTokenIssuerProviderRealms Farm1IncludeExample + { + IssuerName = "Contoso" + ProviderRealmsToInclude = $ProviderRealmsToInclude + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example excludes provider realms from + existing trusted token issuer. + Existing and not excluded are left and not removed. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + $ProviderRealmsToExclude = @() + $ProviderRealmsToExclude += MSFT_SPProviderRealm { + RealmUrl = "https://search.contoso.com" + RealmUrn = "urn:sharepoint:contoso:search" + } + + $ProviderRealmsToExclude += MSFT_SPProviderRealm { + RealmUrl = "https://intranet.contoso.com" + RealmUrn = "urn:sharepoint:contoso:intranet" + } + + SPTrustedIdentityTokenIssuerProviderRealms Farm1ExcludeExample + { + IssuerName = "Contoso" + ProviderRealmsToExclude = $ProviderRealmsToExclude + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } +} + + +.EXAMPLE + This example includes and excludes provider realms + from existing trusted token issuer. + Existing and not excluded are left and not removed. + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + $ProviderRealmsToInclude = @() + $ProviderRealmsToInclude += MSFT_SPProviderRealm { + RealmUrl = "https://search.contoso.com" + RealmUrn = "urn:sharepoint:contoso:search" + } + + $ProviderRealmsToInclude += MSFT_SPProviderRealm { + RealmUrl = "https://intranet.contoso.com" + RealmUrn = "urn:sharepoint:contoso:intranet" + } + + $ProviderRealmsToExclude = @() + $ProviderRealmsToExclude += MSFT_SPProviderRealm { + RealmUrl = "https://search1.contoso.com" + RealmUrn = "urn:sharepoint:contoso:search1" + } + + $ProviderRealmsToExclude += MSFT_SPProviderRealm { + RealmUrl = "https://intranet.contoso.com" + RealmUrn = "urn:sharepoint:contoso:intranet" + } + + SPTrustedIdentityTokenIssuerProviderRealms Farm1IncludeExcludeExample + { + IssuerName = "Contoso" + ProviderRealmsToInclude = $ProviderRealmsToInclude + ProviderRealmsToExclude = $ProviderRealmsToExclude + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPTrustedRootAuthority.help.txt b/Modules/SharePointDsc/en-US/about_SPTrustedRootAuthority.help.txt new file mode 100644 index 000000000..a2813d345 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPTrustedRootAuthority.help.txt @@ -0,0 +1,110 @@ +.NAME + SPTrustedRootAuthority + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to create or remove SPTrustedRootAuthority in a + SharePoint farm. It imports the certificate into SharePoint in order for + high trust apps or consuming service applications from other farms will + work. + +.PARAMETER Name + Key - String + Specifies the name of the trusted root authority to create. + +.PARAMETER CertificateThumbprint + Write - String + Specifies the X.509 certificate of the trusted root authority, as a certificate thumbprint. + +.PARAMETER CertificateFilePath + Write - String + Specify the file path to the certificate if it is not stored in the local certificate store already. Private key should not be present. + +.PARAMETER Ensure + Write - String + Allowed values: Present, Absent + Present ensures the trusted root authority exists, absent ensures it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example deploys a SP Trusted Root Authority to the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPTrustedRootAuthority SampleRootAuthority + { + Name = "Contoso" + CertificateThumbprint = "770515261D1AB169057E246E0EE6431D557C3AFB" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example deploys a SP Trusted Root Authority to the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPTrustedRootAuthority SampleRootAuthority + { + Name = "Contoso" + CertificateFilePath = "C:\Certificates\RootAuthority.cer" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes a SP Trusted Root Authority from the local farm. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPTrustedRootAuthority SampleRootAuthority + { + Name = "Contoso" + CertificateThumbprint = "770515261D1AB169057E246E0EE6431D557C3AFB" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPUsageApplication.help.txt b/Modules/SharePointDsc/en-US/about_SPUsageApplication.help.txt new file mode 100644 index 000000000..7a78137dc --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPUsageApplication.help.txt @@ -0,0 +1,89 @@ +.NAME + SPUsageApplication + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource provisions an instance of the usage and health monitoring service + application. The database settings are only used for initial provisioning, but + the usage settings can be changed and will be enforced as the resource is + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the service application + +.PARAMETER DatabaseName + Write - string + The name of the database for the service app + +.PARAMETER DatabaseServer + Write - string + The name of the database server + +.PARAMETER DatabaseCredentials + Write - String + The credentials to use to access the database + +.PARAMETER FailoverDatabaseServer + Write - string + The name of the failover database server + +.PARAMETER UsageLogCutTime + Write - uint32 + The time in minutes to cut over to new log files + +.PARAMETER UsageLogLocation + Write - string + The location on each server to store the log files + +.PARAMETER UsageLogMaxFileSizeKB + Write - uint32 + The maximum file size for log files in KB + +.PARAMETER UsageLogMaxSpaceGB + Write - uint32 + The total space of all log files on disk in GB + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example deploys a usage application to the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUsageApplication UsageApplication + { + Name = "Usage Service Application" + DatabaseName = "SP_Usage" + UsageLogCutTime = 5 + UsageLogLocation = "L:\UsageLogs" + UsageLogMaxFileSizeKB = 1024 + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileProperty.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileProperty.help.txt new file mode 100644 index 000000000..77226fd26 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileProperty.help.txt @@ -0,0 +1,166 @@ +.NAME + SPUserProfileProperty + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will create a property in a user profile service application. It + creates, update or delete a property using the parameters that are passed in to + it. + + The parameter DisplayOrder is absolute. ie.: If you want it to be placed as the + 5th field of section Bla, which has propertyName value of 5000 then your + DisplayOrder needs to be 5005. If no DisplayOrder is added then SharePoint + adds it as the last property of section X. + + Length is only relevant if Field type is "String". + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the user profile property is created. + +.PARAMETER Name + Key - string + The internal name of the user profile property + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the property should exist, absent if it should be removed + +.PARAMETER UserProfileService + Required - string + The name of the user profile service application + +.PARAMETER DisplayName + Write - string + The display name of the property + +.PARAMETER Type + Write - string + Allowed values: Big Integer, Binary, Boolean, Date, DateNoYear, Date Time, Email, Float, HTML, Integer, Person, String (Single Value), String (Multi Value), TimeZone, Unique Identifier, URL + The type of the property + +.PARAMETER Description + Write - string + The description of the property + +.PARAMETER PolicySetting + Write - string + Allowed values: Mandatory, Optin, Optout, Disabled + The policy setting to apply to the property + +.PARAMETER PrivacySetting + Write - string + Allowed values: Public, Contacts, Organization, Manager, Private + The privacy setting for the property + +.PARAMETER PropertyMappings + Write - string + The details about the property mapping + +.PARAMETER Length + Write - uint32 + The length of the field + +.PARAMETER DisplayOrder + Write - uint32 + The display order to put the property in to the list at + +.PARAMETER IsEventLog + Write - boolean + Is this field used for event logging + +.PARAMETER IsVisibleOnEditor + Write - boolean + Is this field visible when editing a users profile, or hidden from editing + +.PARAMETER IsVisibleOnViewer + Write - boolean + Is this field visible when viewing a users profile + +.PARAMETER IsUserEditable + Write - boolean + Is this field able to be edited by a user, or only an administrator + +.PARAMETER IsAlias + Write - boolean + Is this field an alias that can be used to refer to a user by + +.PARAMETER IsSearchable + Write - boolean + Is this field able to be searched upon + +.PARAMETER UserOverridePrivacy + Write - boolean + Can users override the default privacy policy + +.PARAMETER TermStore + Write - string + The name of the term store to look up managed terms from + +.PARAMETER TermGroup + Write - string + The name of the term store group that terms are in for this field + +.PARAMETER TermSet + Write - string + The name of the term set to allow values to be selected from + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example deploys/updates the WorkEmail2 property in the user profile service + app + + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + + SPUserProfileProperty WorkEmailProperty + { + Name = "WorkEmail2" + Ensure = "Present" + UserProfileService = "User Profile Service Application" + DisplayName = "Work Email" + Type = "Email" + Description = "" #implementation isn't using it yet + PolicySetting = "Mandatory" + PrivacySetting = "Public" + PropertyMappings = @( + MSFT_SPUserProfilePropertyMapping { + ConnectionName = "contoso.com" + PropertyName = "mail" + Direction = "Import" + } + ) + Length = 10 + DisplayOrder = 25 + IsEventLog = $false + IsVisibleOnEditor = $true + IsVisibleOnViewer = $true + IsUserEditable = $true + IsAlias = $false + IsSearchable = $false + TermStore = "" + TermGroup = "" + TermSet = "" + UserOverridePrivacy = $false + PsDscRunAsCredential = $SetupAccount + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileSection.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileSection.help.txt new file mode 100644 index 000000000..11a9f7ea0 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileSection.help.txt @@ -0,0 +1,71 @@ +.NAME + SPUserProfileSection + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will create a section in a user profile service application. It + creates, update or delete a section using the parameters that are passed in to + it. + + If no DisplayOrder is added then SharePoint will automatically assigned an ID + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the user profile section is created. + +.PARAMETER Name + Key - string + The internal name of the user profile section + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the section should exist, absent if it should be removed + +.PARAMETER UserProfileService + Required - string + The name of the user profile service application this section exists in + +.PARAMETER DisplayName + Write - string + The display name of the section + +.PARAMETER DisplayOrder + Write - uint32 + A number used to sort sections by + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example adds a new section for profile properties to the specified + user profile service app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUserProfileSection PersonalInformationSection + { + Name = "PersonalInformationSection" + UserProfileService = "User Profile Service Application" + DisplayName = "Personal Information" + DisplayOrder = 5000 + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileServiceApp.help.txt new file mode 100644 index 000000000..40cf7d83e --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileServiceApp.help.txt @@ -0,0 +1,217 @@ +.NAME + SPUserProfileServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** Yes + + This resource will provision an instance of the user profile service to the + farm. It creates the required databases using the parameters that are passed + in to it (although these are only used during the initial provisioning). + + The specified InstallAccount or PSDSCRunAsCredential cannot be the Farm Account. + The resource will throw an error when it is. + + To allow successful provisioning, the farm account must be in the local + administrators group, however it is not best practice to leave this account in + the Administrators group. Therefore this resource will add the Farm Account + credential to the local administrators group at the beginning of the set method + and remove it again later on. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + + The parameter SiteNamingConflictResolution accepts three values: Username_CollisionError, + Username_CollisionDomain and Domain_Username. More information on each of these + parameters can be found at: + https://docs.microsoft.com/en-us/dotnet/api/microsoft.office.server.userprofiles.sitenameformat?view=sharepoint-server + + NOTE: + Due to the fact that SharePoint requires certain User Profile components to be + provisioned as the Farm account, this resource and SPUserProfileSyncService + retrieve the Farm account from the Managed Accounts. + This does however mean that CredSSP is required, which has some security + implications. More information about these risks can be found at: + http://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp/ + + NOTE2: + You should always specify the MySiteHostLocation parameter. Currently this is not + a required parameter, but will be as of SharePointDsc v4.0. + +.PARAMETER Name + Key - string + The name of the user profile service + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER ApplicationPool + Required - string + The name of the application pool to run the service app in + +.PARAMETER MySiteHostLocation + Write - string + The URL of the my site host collection + +.PARAMETER MySiteManagedPath + Write - string + The Managed Path of the my site sites + +.PARAMETER ProfileDBName + Write - string + The name of the profile database + +.PARAMETER ProfileDBServer + Write - string + The name of the server to host the profile database + +.PARAMETER SocialDBName + Write - string + The name of the social database + +.PARAMETER SocialDBServer + Write - string + The name of the database server to host the social database + +.PARAMETER SyncDBName + Write - string + The name of the sync database + +.PARAMETER SyncDBServer + Write - string + The name of the database server to host the sync database + +.PARAMETER EnableNetBIOS + Write - boolean + Whether Farm should resolve NetBIOS domain names + +.PARAMETER NoILMUsed + Write - boolean + Specifies if the service application should be configured to use AD Import + +.PARAMETER SiteNamingConflictResolution + Write - string + Allowed values: Username_CollisionError, Username_CollisionDomain, Domain_Username + Specifies which SiteNamingConflictResolution should be used + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example adds a new user profile service application to the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUserProfileServiceApp UserProfileServiceApp + { + Name = "User Profile Service Application" + ApplicationPool = "SharePoint Service Applications" + MySiteHostLocation = "http://my.sharepoint.contoso.local" + MySiteManagedPath = "personal" + ProfileDBName = "SP_UserProfiles" + ProfileDBServer = "SQL.contoso.local\SQLINSTANCE" + SocialDBName = "SP_Social" + SocialDBServer = "SQL.contoso.local\SQLINSTANCE" + SyncDBName = "SP_ProfileSync" + SyncDBServer = "SQL.contoso.local\SQLINSTANCE" + EnableNetBIOS = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example adds a new user profile service application to the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $FarmAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUserProfileServiceApp UserProfileServiceApp + { + Name = "User Profile Service Application" + ApplicationPool = "SharePoint Service Applications" + MySiteHostLocation = "http://my.sharepoint.contoso.local" + MySiteManagedPath = "personal" + ProfileDBName = "SP_UserProfiles" + ProfileDBServer = "SQL.contoso.local\SQLINSTANCE" + SocialDBName = "SP_Social" + SocialDBServer = "SQL.contoso.local\SQLINSTANCE" + SyncDBName = "SP_ProfileSync" + SyncDBServer = "SQL.contoso.local\SQLINSTANCE" + EnableNetBIOS = $false + NoILMUsed = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example adds a new user profile service application to the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $FarmAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUserProfileServiceApp UserProfileServiceApp + { + Name = "User Profile Service Application" + ApplicationPool = "SharePoint Service Applications" + MySiteHostLocation = "http://my.sharepoint.contoso.local" + MySiteManagedPath = "personal" + ProfileDBName = "SP_UserProfiles" + ProfileDBServer = "SQL.contoso.local\SQLINSTANCE" + SocialDBName = "SP_Social" + SocialDBServer = "SQL.contoso.local\SQLINSTANCE" + SyncDBName = "SP_ProfileSync" + SyncDBServer = "SQL.contoso.local\SQLINSTANCE" + EnableNetBIOS = $false + SiteNamingConflictResolution = "Domain_Username" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileServiceAppPermissions.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileServiceAppPermissions.help.txt new file mode 100644 index 000000000..2b250c58e --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileServiceAppPermissions.help.txt @@ -0,0 +1,62 @@ +.NAME + SPUserProfileServiceAppPermissions + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will apply permissions to a user profile service application. + These can control access to create my sites, use social features, and use + tagging. If you want to allow all users the ability to use a specific + permisisons include "Everyone" as a user in the corresponding property. To + specify that there should be no permissions on a type, use "none" + +.PARAMETER ProxyName + Key - string + The name of the proxy that is attached to the user profile service you wish to set permissions for + +.PARAMETER CreatePersonalSite + Write - string + A list of user principals that will have the Create personal site permission + +.PARAMETER FollowAndEditProfile + Write - string + A list of user principals that will have the Follow users and edit profile permission + +.PARAMETER UseTagsAndNotes + Write - string + A list of user principals that will have the Use tags and notes permission + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example applies permissions for the user profile service application to limit + access to specific features. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUserProfileServiceAppPermissions UPAPermissions + { + ProxyName = "User Profile Service Application Proxy" + CreatePersonalSite = @("DEMO\Group", "DEMO\User1") + FollowAndEditProfile = @("Everyone") + UseTagsAndNotes = @("None") + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileSyncConnection.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileSyncConnection.help.txt new file mode 100644 index 000000000..9f39949a0 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileSyncConnection.help.txt @@ -0,0 +1,116 @@ +.NAME + SPUserProfileSyncConnection + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will ensure a specifc user profile sync connection + is in place and that it is configured accordingly to its definition + + This resource currently supports AD only. + + Force only works with SharePoint 2013. For SharePoint 2016/2019 + the resource is not able to remove existing OUs. + You will have to use the ExcludedOUs for this. This means you need + to know which OUs to remove. If any extra OUs exists after the + configuration has run the test method will report the resource not + in desired state. + +.PARAMETER Name + Key - string + The name of the connection + +.PARAMETER Forest + Required - string + The name of the AD forest to read from + +.PARAMETER UserProfileService + Required - string + The name of the user profile service that this connection is attached to + +.PARAMETER ConnectionCredentials + Required - string + The credentials to connect to Active Directory with + +.PARAMETER IncludedOUs + Required - string + A list of the OUs to import users from. For SharePoint 2016/2019 existing OUs will not be removed if not included in this list. Use ExludedOUs for removing OUs in SharePoint 2016/2019 + +.PARAMETER ExcludedOUs + Write - string + A list of the OUs to ignore users from. For SharePoint 2016/2019 matching existing OUs to include are removed. + +.PARAMETER Server + Write - string + The specific AD server to connect to + +.PARAMETER Port + Write - uint32 + The specific port to connect to + +.PARAMETER UseSSL + Write - boolean + Should SSL be used for the connection + +.PARAMETER UseDisabledFilter + Write - boolean + Should disabled accounts be filtered + +.PARAMETER Force + Write - boolean + Set to true to run the set method on every call to this resource. Only has effect on SharePoint 2013 + +.PARAMETER ConnectionType + Write - string + Allowed values: ActiveDirectory, BusinessDataCatalog + The type of the connection - currently only Active Directory is supported + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the connection should exist, absent if it should not + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example adds a new user profile sync connection to the specified user + profile service app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $ConnectionAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUserProfileSyncConnection MainDomain + { + UserProfileService = "User Profile Service Application" + Forest = "contoso.com" + Name = "Contoso" + ConnectionCredentials = $ConnectionAccount + Server = "server.contoso.com" + UseSSL = $false + IncludedOUs = @("OU=SharePoint Users,DC=Contoso,DC=com") + ExcludedOUs = @("OU=Notes Usersa,DC=Contoso,DC=com") + Force = $false + ConnectionType = "ActiveDirectory" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPUserProfileSyncService.help.txt b/Modules/SharePointDsc/en-US/about_SPUserProfileSyncService.help.txt new file mode 100644 index 000000000..d0814a799 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPUserProfileSyncService.help.txt @@ -0,0 +1,84 @@ +.NAME + SPUserProfileSyncService + +# Description + + **Type:** Specific + **Requires CredSSP:** Yes + + This resource is responsible for ensuring that the user profile sync service + has been provisioned (Ensure = "Present") or is not running (Ensure = + "Absent") on the current server. + + The specified InstallAccount or PSDSCRunAsCredential cannot be the Farm Account. + The resource will throw an error when it is. + + To allow successful provisioning, the farm account must be in the local + administrators group, however it is not best practice to leave this account in + the Administrators group. Therefore this resource will add the Farm Account + credential to the local administrators group at the beginning of the set method + and remove it again later on. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the user profile sync service is provisioned. + + NOTE: + Due to the fact that SharePoint requires certain User Profile components to be + provisioned as the Farm account, this resource and SPUserProfileServiceApp + retrieve the Farm account from the Managed Accounts. + This does however mean that CredSSP is required, which has some security + implications. More information about these risks can be found at: + http://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp/ + +.PARAMETER UserProfileServiceAppName + Key - string + The name of the user profile service for this sync instance + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to ensure the service is running, absent to ensure it is not + +.PARAMETER FarmAccount + Write - String + PARAMETER IS NOT USED ANYMORE, WILL BE REMOVED IN V3.0 + +.PARAMETER RunOnlyWhenWriteable + Write - Boolean + Should the sync service only run when the user profile database is in a writeable state? + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example provisions the user profile sync service to the local server + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $FarmAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPUserProfileSyncService UserProfileSyncService + { + UserProfileServiceAppName = "User Profile Service Application" + Ensure = "Present" + FarmAccount = $FarmAccount + RunOnlyWhenWriteable = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPVisioServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPVisioServiceApp.help.txt new file mode 100644 index 000000000..f2064e744 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPVisioServiceApp.help.txt @@ -0,0 +1,88 @@ +.NAME + SPVisioServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating Visio Graphics Service Application + instances within the local SharePoint farm. The resource will provision and + configure the Visio Graphics Service Application. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + The name of the service application + +.PARAMETER ApplicationPool + Required - string + The name of the application pool to run the service app in + +.PARAMETER ProxyName + Write - string + The name of the Visio Service Application Proxy + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the service app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a new visio services service app in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPVisioServiceApp VisioServices + { + Name = "Visio Graphics Service Application" + ApplicationPool = "SharePoint Web Services" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to remove a visio services service app in the local farm. + The ApplicationPool property is still requried but is not used when removing, so + the value used here doesn't matter. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPVisioServiceApp VisioServices + { + Name = "Visio Graphics Service Application" + ApplicationPool = "n/a" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWeb.help.txt b/Modules/SharePointDsc/en-US/about_SPWeb.help.txt new file mode 100644 index 000000000..56dfc25df --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWeb.help.txt @@ -0,0 +1,156 @@ +.NAME + SPWeb + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will provision a SPWeb based on the settings that are passed + through. These settings map to the New-SPWeb cmdlet and accept the same values + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the web is created. + +.PARAMETER Url + Key - string + The URL of the web + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the web should exist or Absent if it should be removed + +.PARAMETER Description + Write - string + The description to apply to the web + +.PARAMETER Name + Write - string + The Name of the web + +.PARAMETER Language + Write - uint32 + The Lanhuage (LCID) of the web + +.PARAMETER Template + Write - string + The WebTemplate to use to create the web + +.PARAMETER UniquePermissions + Write - Boolean + True if the web should have unique permissions, otherwise false. + +.PARAMETER UseParentTopNav + Write - Boolean + True if the web should use the parent nav bar, otherwise false. + +.PARAMETER AddToQuickLaunch + Write - Boolean + True if the web should be in the quick launch of the parent web, otherwise false. + +.PARAMETER AddToTopNav + Write - Boolean + True if the web should be added to the top nav bar of the parent web, otherwise false. + +.PARAMETER RequestAccessEmail + Write - string + The e-mail address to which requests for access are sent. Set to emtpy string to disable access requests. + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example deploys a subsite in a specific location + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWeb TeamSite + { + Url = "http://sharepoint.contoso.com/sites/site/subweb" + Name = "Team Sites" + Ensure = "Present" + Description = "A place to share documents with your team." + Template = "STS#0" + Language = 1033 + AddToTopNav = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example deploys a subsite in a specific location and enables + access requests for this web + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWeb TeamSite + { + Url = "http://sharepoint.contoso.com/sites/site/subweb" + Name = "Team Sites" + Ensure = "Present" + Description = "A place to share documents with your team." + Template = "STS#0" + Language = 1033 + AddToTopNav = $true + UniquePermissions = $true + RequestAccessEmail = "sample@contoso.com" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example deploys a subsite in a specific location and disables + access requests for this web + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWeb TeamSite + { + Url = "http://sharepoint.contoso.com/sites/site/subweb" + Name = "Team Sites" + Ensure = "Present" + Description = "A place to share documents with your team." + Template = "STS#0" + Language = 1033 + AddToTopNav = $true + RequestAccessEmail = "" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppAuthentication.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppAuthentication.help.txt new file mode 100644 index 000000000..2ee0cff66 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppAuthentication.help.txt @@ -0,0 +1,154 @@ +.NAME + SPWebAppAuthentication + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for configuring the authentication on a web + application within the local SharePoint farm. The resource is able to + configure the five available zones (if they exist) separately and each + zone can have multiple authentication methods configured. + + NOTE: + This resource cannot be used to convert a Classic web application + to Claims mode. You have to run Convert-SPWebApplication manually for that. + + NOTE 2: + Updating the configuration can take a long time, up to five minutes. + The Set-SPWebApplication cmdlet sometimes requires several minutes to + complete its action. This is not a SharePointDsc issue. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER Default + Write - string + Specifies the authentication for the Default zone. + +.PARAMETER Intranet + Write - string + Specifies the authentication for the Intranet zone. + +.PARAMETER Internet + Write - string + Specifies the authentication for the Internet zone. + +.PARAMETER Extranet + Write - string + Specifies the authentication for the Extranet zone. + +.PARAMETER Custom + Write - string + Specifies the authentication for the Custom zone. + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure the authentication of a web application in the local farm using a custom + claim provider. A SPTrustedIdentityTokenIssuer is created named Contoso, then this SPTrustedIdentityTokenIssuer + is referenced by the SPWebAppAuthentication as the AuthenticationProvider and the AuthenticationMethod is set + to "Federated" value. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + + SPWebAppAuthentication ContosoAuthentication + { + WebAppUrl = "http://sharepoint.contoso.com" + Default = @( + MSFT_SPWebAppAuthenticationMode { + AuthenticationMethod = "NTLM" + } + ) + Extranet = @( + MSFT_SPWebAppAuthenticationMode { + AuthenticationMethod = "FBA" + MembershipProvider = "MemberPRovider" + RoleProvider = "RoleProvider" + } + ) + } + } + } + + +.EXAMPLE + This example shows how to configure the authentication of a web application in the local farm using a custom + claim provider. A SPTrustedIdentityTokenIssuer is created named Contoso, then this SPTrustedIdentityTokenIssuer + is referenced by the SPWebAppAuthentication as the AuthenticationProvider and the AuthenticationMethod is set + to "Federated" value. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + + + SPTrustedIdentityTokenIssuer SampleSPTrust + { + Name = "Contoso" + Description = "Contoso" + Realm = "https://sharepoint.contoso.com" + SignInUrl = "https://adfs.contoso.com/adfs/ls/" + IdentifierClaim = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" + ClaimsMappings = @( + MSFT_SPClaimTypeMapping{ + Name = "Email" + IncomingClaimType = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" + } + MSFT_SPClaimTypeMapping{ + Name = "Role" + IncomingClaimType = "http://schemas.xmlsoap.org/ExternalSTSGroupType" + LocalClaimType = "http://schemas.microsoft.com/ws/2008/06/identity/claims/role" + } + ) + SigningCertificateThumbPrint = "F3229E7CCA1DA812E29284B0ED75A9A019A83B08" + ClaimProviderName = "LDAPCP" + ProviderSignOutUri = "https://adfs.contoso.com/adfs/ls/" + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + + + SPWebAppAuthentication ContosoAuthentication + { + WebAppUrl = "http://sharepoint.contoso.com" + Default = @( + MSFT_SPWebAppAuthenticationMode { + AuthenticationMethod = "NTLM" + } + ) + Internet = @( + MSFT_SPWebAppAuthenticationMode { + AuthenticationMethod = "Federated" + AuthenticationProvider = "Contoso" + } + ) + DependsOn = "[SPTrustedIdentityTokenIssuer]SampleSPTrust" + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppBlockedFileTypes.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppBlockedFileTypes.help.txt new file mode 100644 index 000000000..250c210c4 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppBlockedFileTypes.help.txt @@ -0,0 +1,93 @@ +.NAME + SPWebAppBlockedFileTypes + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for controlling the blocked file type setting on a + specific web application. It has two modes of operation, the first is to use + the "blocked" property, where you are able to define a specific list of file + types that will be blocked. In this mode when it is detected that the list + does not match the local farm, it is set to match this list exactly. The + second mode is to use the "EnsureBlocked" and "EnsureAllowed" properties. + EnsureBlocked will check to make sure that the specified file types are on the + list, and if not they will be added. EnsureAllowed checks to make sure that a + file type is not on the list, and if it is it will be removed. Both of these + properties will only make changes to the file types in their list and will + leave the full list as it is otherwise, whereas the blocked property resets + +.PARAMETER WebAppUrl + Key - string + The URL of the web application to set blocked file types for + +.PARAMETER Blocked + write - string + This is a fixed list to use for blocked file types in this web app + +.PARAMETER EnsureBlocked + write - string + This list of file types that will always be added to the list for this web app. Types not in this list will be left in the list + +.PARAMETER EnsureAllowed + write - string + This list of file types that will always be removedfrom the list for this web app. Types not in this list will be left in the list + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to ensure that specific file types are always blocked while + others will always be allowed. Any file types not mentioned in this config will be + able to be managed manually. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppBlockedFileTypes PrimaryWebAppBlockedFileTypes + { + WebAppUrl = "http://example.contoso.local" + EnsureBlocked = @("exe", "dll", "msi") + EnsureAllowed = @("pdf", "docx", "xlsx") + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to ensure that the blocked file type list always + specifically matches this list. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppBlockedFileTypes PrimaryWebAppBlockedFileTypes + { + WebAppUrl = "http://example.contoso.local" + Blocked = @("exe", "dll", "msi") + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppClientCallableSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppClientCallableSettings.help.txt new file mode 100644 index 000000000..c218791b1 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppClientCallableSettings.help.txt @@ -0,0 +1,169 @@ +.NAME + SPWebAppClientCallableSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource sets the client callable settings for the web application. + It can set the proxy libraries and specific properties for the client + callable settings. The resource can for example be used to increase the + timeout for client code, and to enable the tenant administration + functionality. + + Tenant administration functionality enables client code to work with + the namespace Microsoft.Online.SharePoint.Client.Tenant from the + assembly with the same name. This enables client code to create site + collection, list all site collections, and more. + + In order to use the tenant administration client code a site collection + within the web application needs to be designated as a tenant + administration site collection. This can be done using the SPSite + resource setting the AdministrationSiteType to TenantAdministration. + Use this site collection when creating a client side connection. + + More information about the tenant can be found in a [blog + post] + (https://blogs.msdn.microsoft.com/vesku/2015/12/04/sharepoint-tenant-csom-object-support-in-sharepoint-2013-and-2016/) + by Vesa Juvonen. In another [blog post] + (https://blogs.msdn.microsoft.com/vesku/2014/06/09/provisioning-site-collections-using-sp-app-model-in-on-premises-with-just-csom/) + he goes into more details of + the setup and architecture, and includes sample code for how to use. + + NOTE: + Proxy library used for enabling tenant administration: + + **SharePoint 2013** (Requires mininum April 2014 Cumulative Update): + Microsoft.Online.SharePoint.Dedicated.TenantAdmin.ServerStub + , Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c + + **SharePoint 2016/2019**: + Microsoft.Online.SharePoint.Dedicated.TenantAdmin.ServerStub + , Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c + + In both version set the SupportAppAuthentication property to true. + + NOTE2: + An IIS reset needs to be performed on all servers in the farm after + modifying the registered proxy libraries. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application to set blocked file types for + +.PARAMETER ProxyLibraries + write - string + A list of proxy libraries to set. Those not in this list will be removed + +.PARAMETER ProxyLibrariesToInclude + write - string + A list of proxy libraries to add. Proxy libraries not in this list will be kept + +.PARAMETER ProxyLibrariesToExclude + write - string + A list of proxy libraries to remove. Proxy libraries not in this list will be kept + +.PARAMETER MaxResourcesPerRequest + write - UInt32 + Sets the maximum number of internal SPRequest objects that can be included in one request + +.PARAMETER MaxObjectPaths + write - UInt32 + Sets the maximum number of object paths that can be used within one request + +.PARAMETER ExecutionTimeout + write - UInt32 + Sets the execution timeout for the client request in minutes + +.PARAMETER RequestXmlMaxDepth + write - UInt32 + Sets the maximum depth of the request XML that is sent by the client measured in 'tag' count + +.PARAMETER EnableXsdValidation + write - Boolean + Sets a Boolean value that specifies whether to enable XSD validation against an XML request or not + +.PARAMETER EnableStackTrace + write - Boolean + Sets a Boolean value that specifies whether the server can send stack trace data to the client + +.PARAMETER RequestUsageExecutionTimeThreshold + write - UInt32 + Sets the threshold in milliseconds for logging csom request usage data + +.PARAMETER EnableRequestUsage + write - Boolean + Sets a Boolean value that specifies whether to log usage data or not + +.PARAMETER LogActionsIfHasRequestException + write - Boolean + Sets a Boolean value that specifies whether to log usage data when request has an exception or not + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to set the client callable settings for a web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppClientCallableSettings DefaultClientCallableSettings + { + WebAppUrl = "http://example.contoso.local" + MaxResourcesPerRequest = 16 + MaxObjectPaths = 256 + ExecutionTimeout = 90 + RequestXmlMaxDepth = 32 + EnableXsdValidation = $true + EnableStackTrace = $false + RequestUsageExecutionTimeThreshold = 800 + EnableRequestUsage = $true + LogActionsIfHasRequestException = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to enable tenant administration for a web application in a SharePoint 2013 farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + $proxyLibraries = @() + $proxyLibraries += MSFT_SPProxyLibraryEntry { + AssemblyName = "Microsoft.Online.SharePoint.Dedicated.TenantAdmin.ServerStub, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" + SupportAppAuthentication = $true + } + + SPWebAppClientCallableSettings TenantAdministration + { + WebAppUrl = "http://example.contoso.local" + ProxyLibraries = $proxyLibraries + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppGeneralSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppGeneralSettings.help.txt new file mode 100644 index 000000000..f39677ea4 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppGeneralSettings.help.txt @@ -0,0 +1,131 @@ +.NAME + SPWebAppGeneralSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for setting web application settings that are + found under the "general settings" screen in central admin. The web + application is specified through the URL property, and then any combination of + settings can be applied. Any settings not included will be left as the default + (or whatever they have been manually changed to within SharePoint). + +.PARAMETER WebAppUrl + Key - string + The URL of the web app to set the general settings for + +.PARAMETER TimeZone + Write - uint32 + The timezone code to use for this web app. A full list is at https://msdn.microsoft.com/en-us/library/office/microsoft.sharepoint.spregionalsettings.timezones.aspx + +.PARAMETER Alerts + Write - boolean + Should alerts be enabled for this web app + +.PARAMETER AlertsLimit + Write - uint32 + What is the maximum number of alerts that a user can create in this web app + +.PARAMETER RSS + Write - boolean + Should RSS feeds be enabled in this web app + +.PARAMETER BlogAPI + Write - boolean + Should the Blog API be enabled in this web app + +.PARAMETER BlogAPIAuthenticated + Write - boolean + Is authentication required for the blog API + +.PARAMETER BrowserFileHandling + Write - String + Allowed values: Strict, Permissive + What file handling mode should be used in this web app - strict or permissive + +.PARAMETER SecurityValidation + Write - boolean + Is security validation enforced in this web app + +.PARAMETER SecurityValidationExpires + Write - boolean + Does security validation expire after a set time + +.PARAMETER SecurityValidationTimeOutMinutes + Write - uint32 + Number of minutes security validation will expire if securityvalidationexpires is set + +.PARAMETER RecycleBinEnabled + Write - boolean + Is the recycle bin enabled in this web application + +.PARAMETER RecycleBinCleanupEnabled + Write - boolean + Is automatic cleanup of the recycle bin enabled in this web app + +.PARAMETER RecycleBinRetentionPeriod + Write - uint32 + How many days does the recycle bin keep content for + +.PARAMETER SecondStageRecycleBinQuota + Write - uint32 + How much content does the second stage recycle bin keep content for + +.PARAMETER MaximumUploadSize + Write - uint32 + What is the maximum file upload size for this web app (in MB) + +.PARAMETER CustomerExperienceProgram + Write - boolean + Should the customer experience program be enabled in this web app + +.PARAMETER AllowOnlineWebPartCatalog + Write - boolean + Should the Online WebPart Gallery be enabled for this web app + +.PARAMETER SelfServiceSiteCreationEnabled + Write - boolean + Should Self Service Site Creation be enabled + +.PARAMETER PresenceEnabled + Write - boolean + Is Skype for Business presence enabled for this web app + +.PARAMETER DefaultQuotaTemplate + Write - string + What is the default quota template for this web app + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply some of the available general settings to the + specified web app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppGeneralSettings PrimaryWebAppGeneralSettings + { + WebAppUrl = "http://example.contoso.local" + TimeZone = 76 + Alerts = $true + RSS = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppPeoplePickerSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppPeoplePickerSettings.help.txt new file mode 100644 index 000000000..b8f01206b --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppPeoplePickerSettings.help.txt @@ -0,0 +1,88 @@ +.NAME + SPWebAppPeoplePickerSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to configure the People Picker settings for a web + application. + + NOTE: + If the forest or domain on which SharePoint is installed has a one-way + trust with another forest or domain, you must first set the credentials + for an account that can authenticate with the forest or domain to be + queried before you can configure the SearchActiveDirectoryDomains. + + The encryption key must be set on every front-end web server in the farm + on which SharePoint is installed: + https://technet.microsoft.com/en-us/library/gg602075(v=office.15).aspx#section3 + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER ActiveDirectoryCustomFilter + Write - String + Sets a customized query filter to send to Active Directory + +.PARAMETER ActiveDirectoryCustomQuery + Write - String + Sets the custom query that is sent to Active Directory + +.PARAMETER ActiveDirectorySearchTimeout + Write - Uint16 + Sets the time-out in seconds when a query is issued to Active Directory + +.PARAMETER OnlySearchWithinSiteCollection + Write - Boolean + Specifies whether to search only the current site collection + +.PARAMETER SearchActiveDirectoryDomains + Write - String + List of all domains/forests that must be searched + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to configure the people picker settings on the specified web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $AccessAccount, + + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppPeoplePickerSettings ConfigurePeoplePicker + { + WebAppUrl = "http://sharepoint.contoso.com" + ActiveDirectoryCustomFilter = $null + ActiveDirectoryCustomQuery = $null + ActiveDirectorySearchTimeout = 30 + OnlySearchWithinSiteCollection = $false + SearchActiveDirectoryDomains = @( + MSFT_SPWebAppPPSearchDomain { + FQDN = "contoso.com" + IsForest = $false + AccessAccount = $AccessAccount + } + ) + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppPermissions.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppPermissions.help.txt new file mode 100644 index 000000000..eeecb1ecb --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppPermissions.help.txt @@ -0,0 +1,92 @@ +.NAME + SPWebAppPermissions + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for managing the user permissions for a web + application. You can either specify to set all permissions or specify + individual permissions per category. + + More info about the permission levels: + +.PARAMETER WebAppUrl + Key - string + The url of the web application + +.PARAMETER ListPermissions + Write - string + Allowed values: Manage Lists, Override List Behaviors, Add Items, Edit Items, Delete Items, View Items, Approve Items, Open Items, View Versions, Delete Versions, Create Alerts, View Application Pages + List permissions that need to be configured + +.PARAMETER SitePermissions + Write - string + Allowed values: Manage Permissions, View Web Analytics Data, Create Subsites, Manage Web Site, Add and Customize Pages, Apply Themes and Borders, Apply Style Sheets, Create Groups, Browse Directories, Use Self-Service Site Creation, View Pages, Enumerate Permissions, Browse User Information, Manage Alerts, Use Remote Interfaces, Use Client Integration Features, Open, Edit Personal User Information + Site permissions that need to be configured + +.PARAMETER PersonalPermissions + Write - string + Allowed values: Manage Personal Views, Add/Remove Personal Web Parts, Update Personal Web Parts + Personal permissions that need to be configured + +.PARAMETER AllPermissions + Write - boolean + Set all permissions + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to limit the available permisions within a web app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppPermissions WebApplicationPermissions + { + WebAppUrl = "https://intranet.sharepoint.contoso.com" + ListPermissions = "Manage Lists","Override List Behaviors","Add Items","Edit Items","Delete Items","View Items","Approve Items","Open Items","View Versions","Delete Versions","Create Alerts","View Application Pages" + SitePermissions = "Manage Permissions","View Web Analytics Data","Create Subsites","Manage Web Site","Add and Customize Pages","Apply Themes and Borders","Apply Style Sheets","Create Groups","Browse Directories","Use Self-Service Site Creation","View Pages","Enumerate Permissions","Browse User Information","Manage Alerts","Use Remote Interfaces","Use Client Integration Features","Open","Edit Personal User Information" + PersonalPermissions = "Manage Personal Views","Add/Remove Personal Web Parts","Update Personal Web Parts" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to ensure all permissions are available for a web app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppPermissions WebApplicationPermissions + { + WebAppUrl = "https://portal.sharepoint.contoso.com" + AllPermissions = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppPolicy.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppPolicy.help.txt new file mode 100644 index 000000000..93ac24f56 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppPolicy.help.txt @@ -0,0 +1,126 @@ +.NAME + SPWebAppPolicy + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to set the User Policies for web applications. The + usernames can be either specified in Classic or Claims format, both will be + accepted. There are a number of approaches to how this can be implemented. The + "Members" property will set a specific list of members for the group, making + sure that every user/group in the list is in the group and all others that are + members and who are not in this list will be removed. The "MembersToInclude" + and "MembersToExclude" properties will allow you to control a specific set of + users to add or remove, without changing any other members that are in the + group already that may not be specified here, allowing for some manual + management outside of this configuration resource. + + Requirements: + At least one of the Members, MemberToInclude or MembersToExclude properties + needs to be specified. Do not combine the Members property with the + MemberToInclude and MembersToExclude properties. Do not set the + ActAsSystemAccount property to $true without setting the permission level to + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER Members + Write - String + Exact list of accounts that will have to get Web Policy permissions + +.PARAMETER MembersToInclude + Write - String + List of all accounts that must be in the Web Policy group + +.PARAMETER MembersToExclude + Write - String + List of all accounts that are not allowed to have any Web Policy permissions + +.PARAMETER SetCacheAccountsPolicy + Write - Boolean + Include the Cache Accounts in the policy or not + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example sets the specific web app policy for the specified web app to + match the provided list below. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppPolicy WebAppPolicy + { + WebAppUrl = "http://sharepoint.contoso.com" + Members = @( + MSFT_SPWebPolicyPermissions { + Username = "contoso\user1" + PermissionLevel = "Full Control" + ActAsSystemAccount = $true + } + MSFT_SPWebPolicyPermissions { + Username = "contoso\Group 1" + PermissionLevel = "Full Read" + IdentityType = "Claims" + } + ) + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example shows how to include specific members while excluding other members + from the policy of the web app. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppPolicy WebAppPolicy + { + WebAppUrl = "http://sharepoint.contoso.com" + MembersToInclude = @( + @(MSFT_SPWebPolicyPermissions { + Username = "contoso\user1" + PermissionLevel = "Full Control" + }) + @(MSFT_SPWebPolicyPermissions { + Username = "contoso\user2" + PermissionLevel = "Full Read" + }) + ) + MembersToExclude = @( + @(MSFT_SPWebPolicyPermissions { + Username = "contoso\user3" + }) + ) + SetCacheAccountsPolicy = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppPropertyBag.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppPropertyBag.help.txt new file mode 100644 index 000000000..9c1975845 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppPropertyBag.help.txt @@ -0,0 +1,94 @@ +.NAME + SPWebAppPropertyBag + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to work with SharePoint Property Bags at the web + application level. The account that runs this resource must be a farm + administrator. + + The default value for the Ensure parameter is Present. When not specifying + this parameter, the property bag is configured. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER Key + Key - string + The key of the SPWebApplication property + +.PARAMETER Value + Write - String + Value of the SPWebApplication property + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Set to present to ensure the SPWebApplication property exists, or absent to ensure it is removed + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how add property bag value in a web application. + + +Configuration Example +{ + param + ( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPWebAppPropertyBag APPLICATION_APPCodeProperty + { + PsDscRunAsCredential = $SetupAccount + WebAppUrl = "https://web.contoso.com" + Key = "KeyToAdd" + Value = "ValueToAddOrModify" + Ensure = "Present" + } + } +} + + +.EXAMPLE + This example shows how remove a property bag value in a web application. + + +Configuration Example +{ + param + ( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + + Import-DscResource -ModuleName SharePointDsc + + node localhost + { + SPWebAppPropertyBag APPLICATION_APPCodeProperty + { + PsDscRunAsCredential = $SetupAccount + WebAppUrl = "https://web.contoso.com" + Key = "KeyToRemove" + Ensure = "Absent" + } + } +} + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppProxyGroup.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppProxyGroup.help.txt new file mode 100644 index 000000000..62800c8bb --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppProxyGroup.help.txt @@ -0,0 +1,55 @@ +.NAME + SPWebAppProxyGroup + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to associate a web application to a service application + proxy group. Use the proxy group name "Default" to associate the web + application to the default proxy group. A web applicaiton can only connect to + a single service application proxy group. This resource will overright the + existing service application proxy group association. + + This resource is used in conjunction with the SPServiceAppProxyGroup resource, + which creates the proxy groups and associates the desired service application + proxies with it. Within your configuration, that resource should be a + +.PARAMETER WebAppUrl + Key - String + URL of the web application + +.PARAMETER ServiceAppProxyGroup + Required - string + Name of the Service Application Proxy Group + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to assign a specific proxy group to the specified web app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppProxyGroup ContosoWeb + { + WebAppUrl = "https://web.contoso.com" + ServiceAppProxyGroup = "Proxy Group 1" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppSiteUseAndDeletion.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppSiteUseAndDeletion.help.txt new file mode 100644 index 000000000..2bebd9a97 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppSiteUseAndDeletion.help.txt @@ -0,0 +1,65 @@ +.NAME + SPWebAppSiteUseAndDeletion + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for controlling the Site Use and Deletion + settings on a specific web application. You can enable or disable the Site Use + and Deletion feature, specify the amount of days after which the alerts are + being send, if sites have to be deleted automatically and if so after how many + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER SendUnusedSiteCollectionNotifications + Write - boolean + Should emails be sent to notify site owners of unused site collections + +.PARAMETER UnusedSiteNotificationPeriod + Write - uint32 + How many days should pass before a site is flagged as unused + +.PARAMETER AutomaticallyDeleteUnusedSiteCollections + Write - boolean + Should unused site collection be automatically deleted + +.PARAMETER UnusedSiteNotificationsBeforeDeletion + Write - uint32 + How many days before an unused site is deleted should an email be sent to the owner + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply site use and deletion settings to the specified web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppSiteUseAndDeletion ConfigureSiteUseAndDeletion + { + WebAppUrl = "http://example.contoso.local" + SendUnusedSiteCollectionNotifications = $true + UnusedSiteNotificationPeriod = 90 + AutomaticallyDeleteUnusedSiteCollections = $true + UnusedSiteNotificationsBeforeDeletion = 24 + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppSuiteBar.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppSuiteBar.help.txt new file mode 100644 index 000000000..1f1da82f0 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppSuiteBar.help.txt @@ -0,0 +1,100 @@ +.NAME + SPWebAppSuiteBar + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to set the Suite Bar branding for web + applications. It supports both the SharePoint 2013 and SharePoint + 2016/2019 ways of branding the suite bar. + + Requirements: + For SharePoint 2013, only the SuiteBarBrandingElementHtml should + be specified, whereas for SharePoint 2016/2019, all properties + are supported. Note that SuiteBarBrandingElementHtml has no + effect unless using a SharePoint 2013 master page. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER SuiteNavBrandingLogoNavigationUrl + Write - String + SP2016+: Url to take the users to when the suite bar logo is clicked + +.PARAMETER SuiteNavBrandingLogoTitle + Write - String + SP2016+: Alternative text for the Suite Bar Logo + +.PARAMETER SuiteNavBrandingLogoUrl + Write - String + SP2016+: URL of the logo for the Suite Bar + +.PARAMETER SuiteNavBrandingText + Write - String + SP2016+: Text to display at the left hand side of the suite bar + +.PARAMETER SuiteBarBrandingElementHtml + Write - String + SP2013+: HTML to inject in the left hand-side of the Suite Bar + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example sets the branding for the suite bar of a given + Web Application in SharePoint 2016/2019. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppSuiteBar SP2016Branding + { + WebAppUrl = "https://intranet.sharepoint.contoso.com" + SuiteNavBrandingLogoNavigationUrl = "http://sites.sharepoint.com" + SuiteNavBrandingLogoTitle = "This is my logo" + SuiteNavBrandingLogoUrl = "http://sites.sharepoint.com/images/logo.gif" + SuiteNavBrandingText = "SharePointDSC WebApp" + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example sets the branding for the suite bar of a given + Web Application in SharePoint 2013. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppSuiteBar SP2013Branding + { + WebAppUrl = "https://intranet.sharepoint.contoso.com" + SuiteBarBrandingElementHtml = "
SharePointDSC WebApp
" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppThrottlingSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppThrottlingSettings.help.txt new file mode 100644 index 000000000..f9cba718a --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppThrottlingSettings.help.txt @@ -0,0 +1,100 @@ +.NAME + SPWebAppThrottlingSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for setting web application settings that are + found under the "resource throttling" screen in central admin. The web + application is specified through the URL property, and then any combination of + settings can be applied. Any settings not included will be left as the default + (or whatever they have been manually changed to within SharePoint). Happy hour + is the setting used to control the window where threshold do not apply + throughout the day. You can specify the start time of this window as well as + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER ListViewThreshold + Write - uint32 + What should the list view threshold for this site be set to + +.PARAMETER AllowObjectModelOverride + Write - boolean + Should object model code be able to be override the list view threshold + +.PARAMETER AdminThreshold + Write - uint32 + What is the list view threshold for site administrators + +.PARAMETER ListViewLookupThreshold + Write - uint32 + What is the maximum number of lookup fields in a single list view + +.PARAMETER HappyHourEnabled + Write - boolean + Should the happy hour window be enabled for this web app + +.PARAMETER HappyHour + Write - string + The time window for happy hour + +.PARAMETER UniquePermissionThreshold + Write - uint32 + What is the limit for unique permissions on a single object in this web app + +.PARAMETER RequestThrottling + Write - boolean + Is request throttling enabled on this web app + +.PARAMETER ChangeLogEnabled + Write - boolean + Is the change log enabled for this web app + +.PARAMETER ChangeLogExpiryDays + Write - uint32 + How many days does the change log store data for + +.PARAMETER EventHandlersEnabled + Write - boolean + Are event handlers enabled in the web application + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply throttling settings to a specific web app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppThrottlingSettings PrimaryWebAppThrottlingSettings + { + WebAppUrl = "http://example.contoso.local" + ListViewThreshold = 5000 + AllowObjectModelOverride = $false + HappyHourEnabled = $true + HappyHour = MSFT_SPWebApplicationHappyHour { + Hour = 3 + Minute = 0 + Duration = 1 + } + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebAppWorkflowSettings.help.txt b/Modules/SharePointDsc/en-US/about_SPWebAppWorkflowSettings.help.txt new file mode 100644 index 000000000..c6986127b --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebAppWorkflowSettings.help.txt @@ -0,0 +1,60 @@ +.NAME + SPWebAppWorkflowSettings + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for setting web application settings that are + found under the "workflow settings" screen in central admin. The web + application is specified through the URL property, and then any combination of + settings can be applied. Any settings not included will be left as the default + (or whatever they have been manually changed to within SharePoint). + +.PARAMETER WebAppUrl + Key - string + The URL of the web application + +.PARAMETER ExternalWorkflowParticipantsEnabled + Write - boolean + Are external workflow participants enabled in the web app + +.PARAMETER UserDefinedWorkflowsEnabled + Write - boolean + Are user defined workflows enabled in this web app + +.PARAMETER EmailToNoPermissionWorkflowParticipantsEnable + Write - boolean + Are documents sent via email to external participants of workflow + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to apply workflow settings to the specific web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebAppWorkflowSettings PrimaryWebAppWorkflowSettings + { + WebAppUrl = "Shttp://example.contoso.local" + ExternalWorkflowParticipantsEnabled = $false + EmailToNoPermissionWorkflowParticipantsEnable = $false + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebApplication.help.txt b/Modules/SharePointDsc/en-US/about_SPWebApplication.help.txt new file mode 100644 index 000000000..c1cd03a9f --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebApplication.help.txt @@ -0,0 +1,109 @@ +.NAME + SPWebApplication + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for creating a web application within the local + SharePoint farm. The resource will provision the web application with all of + the current settings, and then ensure that it stays part of the correct + application pool beyond that (additional checking and setting of properties) + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the web application is provisioned. + + NOTE: + When using Host Header Site Collections, do not use the HostHeader + parameter in SPWebApplication. This will set the specified host header on your + IIS site and prevent the site from listening for the URL of the Host Header + Site Collection. + If you want to change the IIS website binding settings, please use the xWebsite + resource in the xWebAdministration module. + +.PARAMETER Name + Key - string + The name of the web application + +.PARAMETER ApplicationPool + Required - string + The name of the application pool to run this site in + +.PARAMETER ApplicationPoolAccount + Required - string + The name of the managed account to run the app pool with + +.PARAMETER WebAppUrl + Required - string + The URL of the web application + +.PARAMETER AllowAnonymous + Write - boolean + Should anonymous access be enabled for this web app + +.PARAMETER UseClassic + Write - boolean + Create the web application with Classic authentication (only used during creation of a new web application) + +.PARAMETER DatabaseName + Write - string + The name of the first content database to be created with this web app + +.PARAMETER DatabaseServer + Write - string + The name of the database server to host the default content DB + +.PARAMETER HostHeader + Write - string + The host header to use for the web app + +.PARAMETER Path + Write - string + The path on the local servers to host the IIS web site from + +.PARAMETER Port + Write - string + The port to run the site on + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the web app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a new web application in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebApplication HostNameSiteCollectionWebApp + { + Name = "SharePoint Sites" + ApplicationPool = "SharePoint Sites" + ApplicationPoolAccount = "CONTOSO\svcSPWebApp" + AllowAnonymous = $false + DatabaseName = "SP_Content_01" + DatabaseServer = "SQL.contoso.local\SQLINSTANCE" + WebAppUrl = "http://example.contoso.local" + Port = 80 + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebApplicationAppDomain.help.txt b/Modules/SharePointDsc/en-US/about_SPWebApplicationAppDomain.help.txt new file mode 100644 index 000000000..e27025010 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebApplicationAppDomain.help.txt @@ -0,0 +1,67 @@ +.NAME + SPWebApplicationAppDomain + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource will configure the App Domain at a specific zone for the given + Web Application. The configuration is done per zone on the specified web + application, allowing for the setting of unique app domains for each extension + of a web application. The app prefix should still be set using the SPAppDomain + resource before this is applied to customise a specific zone. + +.PARAMETER WebAppUrl + Key - string + The URL of the web application to set the app domain for + +.PARAMETER Zone + Key - string + Allowed values: Default, Internet, Intranet, Extranet, Custom + The zone that this app domain applies to + +.PARAMETER AppDomain + Required - string + The domain for apps in this web app zone + +.PARAMETER Port + Write - string + The port to run apps on + +.PARAMETER SSL + Write - boolean + Should apps run under SSL + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to set the app domain for a specified web application + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebApplicationAppDomain Domain + { + AppDomain = "contosointranetapps.com" + WebAppUrl ="http://portal.contoso.com"; + Zone = "Default"; + Port = 80; + SSL = $false; + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWebApplicationExtension.help.txt b/Modules/SharePointDsc/en-US/about_SPWebApplicationExtension.help.txt new file mode 100644 index 000000000..609149451 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWebApplicationExtension.help.txt @@ -0,0 +1,94 @@ +.NAME + SPWebApplicationExtension + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is responsible for extending an existing web application into a new + zone. The resource will provision the web application extension with all of + the current settings, and then ensure that it stays present and will ensure the + AllowAnonymous and Authentication methods remain consistent. Please note that this + currently does not support changing the claims provider on an existing claims + enabled web application externsion. + +.PARAMETER WebAppUrl + Key - string + The URL of the parent web application + +.PARAMETER Name + Required - string + The name of the web application extension + +.PARAMETER Url + Required - string + The URL of the web application extension + +.PARAMETER Zone + Key - string + Allowed values: Default, Intranet, Internet, Extranet, Custom + Specifies one of the five zones with which the internal URL of this new extension is to be associated. + +.PARAMETER AllowAnonymous + Write - boolean + Should anonymous access be enabled for this web app extension + +.PARAMETER HostHeader + Write - string + The host header to use for the web app extension + +.PARAMETER Path + Write - string + The path on the local servers to host the IIS web site from + +.PARAMETER Port + Write - string + The port to run the site on + +.PARAMETER UseSSL + Write - boolean + Should this web app extension use SSL + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present if the web app should exist, absent if it should not + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example shows how to create a new web application extension in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWebApplicationExtension IntranetZone + { + WebAppUrl = "http://example.contoso.local" + Name = "Contoso Intranet Zone" + AllowAnonymous = $false + Url = "http://intranet.contoso.local" + Zone = "Intranet" + HostHeader = "intranet.contoso.local" + Path = "c:\inetpub\wwwroot\wss\VirtualDirectories\intranet" + UseSSL = $false + Port = 80 + Ensure = "Present" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWordAutomationServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPWordAutomationServiceApp.help.txt new file mode 100644 index 000000000..d8aab140f --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWordAutomationServiceApp.help.txt @@ -0,0 +1,164 @@ +.NAME + SPWordAutomationServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + The resource is able to provision, unprovision and configure the Word + Automation Service Application. All settings that you can configure on the + Service Application administration page are configurable using this resource. + + Important: + When you specify Ensure=Present, the Application Pool and DatabaseName + parameters are required. When you specify Ensure=Absent, no other parameters + are allowed (with the exception of Name, InstallAccount or + PsDscRunAsCredential). + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + +.PARAMETER Name + Key - string + THe name of the service application + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to ensure the app exists, absent to ensure that it does not + +.PARAMETER ApplicationPool + Write - string + The name of the application pool to run the service app in + +.PARAMETER DatabaseName + Write - string + The name of the database for the service app + +.PARAMETER DatabaseServer + Write - string + The name of the server that will host the database + +.PARAMETER SupportedFileFormats + Write - string + Allowed values: docx, doc, mht, rtf, xml + The list of supported file types + +.PARAMETER DisableEmbeddedFonts + Write - boolean + Should embedded fonts be disabled + +.PARAMETER MaximumMemoryUsage + Write - uint32 + What is the maximum amount of memory the service app should use (in MB) + +.PARAMETER RecycleThreshold + Write - uint32 + What is the recycle threshold for this service app + +.PARAMETER DisableBinaryFileScan + Write - boolean + Should binary file scans be disabled + +.PARAMETER ConversionProcesses + Write - uint32 + How many conversion processes can be run at once + +.PARAMETER JobConversionFrequency + Write - uint32 + How frequently should new jobs be started from the queue (in minutes) + +.PARAMETER NumberOfConversionsPerProcess + Write - uint32 + How many document conversions should be included in a single process + +.PARAMETER TimeBeforeConversionIsMonitored + Write - uint32 + How long can a conversion be run before it becomes monitored + +.PARAMETER MaximumConversionAttempts + Write - uint32 + What is the maximum number of attempts to convert a document + +.PARAMETER MaximumSyncConversionRequests + Write - uint32 + What is the maximum number of sync conversion requests for the service app + +.PARAMETER KeepAliveTimeout + Write - uint32 + How long is the keep alive timeout set to for the service app + +.PARAMETER MaximumConversionTime + Write - uint32 + What is the maximum time in seconds for a document conversion to be allowed to run + +.PARAMETER InstallAccount + Write - string + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example makes sure the service application exists and has a specific configuration + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWordAutomationServiceApp WordAutomation + { + Name = "Word Automation Service Application" + Ensure = "Present" + ApplicationPool = "SharePoint Web Services" + DatabaseName = "WordAutomation_DB" + DatabaseServer = "SQLServer" + SupportedFileFormats = "docx", "doc", "mht", "rtf", "xml" + DisableEmbeddedFonts = $false + MaximumMemoryUsage = 100 + RecycleThreshold = 100 + DisableBinaryFileScan = $false + ConversionProcesses = 8 + JobConversionFrequency = 15 + NumberOfConversionsPerProcess = 12 + TimeBeforeConversionIsMonitored = 5 + MaximumConversionAttempts = 2 + MaximumSyncConversionRequests = 25 + KeepAliveTimeout = 30 + MaximumConversionTime = 300 + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example removes a word automation service app + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWordAutomationServiceApp WordAutomation + { + Name = "Word Automation Service Application" + Ensure = "Absent" + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWorkManagementServiceApp.help.txt b/Modules/SharePointDsc/en-US/about_SPWorkManagementServiceApp.help.txt new file mode 100644 index 000000000..b8050ab56 --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWorkManagementServiceApp.help.txt @@ -0,0 +1,101 @@ +.NAME + SPWorkManagementServiceApp + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to provision and manage an instance of the Work + Management Services Service Application. It will identify an instance of the + work management service application through the application display name. + Currently the resource will provision the app if it does not yet exist, and + will change the application pool associated to the app if it does not match + the configuration. + + Remarks + + - Parameters MinimumTimeBetweenEwsSyncSubscriptionSearches, + MinimumTimeBetweenProviderRefreshes, MinimumTimeBetweenSearchQueries are in + minutes. + + The default value for the Ensure parameter is Present. When not specifying this + parameter, the service application is provisioned. + + NOTE: + You cannot use this resource with SharePoint 2016/2019, since the Work + Management functionality has been removed in SharePoint 2016/2019. + More information: + https://technet.microsoft.com/en-us/library/mt346112(v=office.16).aspx + +.PARAMETER Name + Key - string + The name of the work management service application + +.PARAMETER ProxyName + Write - string + The proxy name, if not specified will be /Name of service app/ Proxy + +.PARAMETER Ensure + Write - string + Allowed values: Present, Absent + Present to ensure the app exists, Absent to ensure it is removed + +.PARAMETER ApplicationPool + Write - String + The name of the application pool this will run in + +.PARAMETER MinimumTimeBetweenEwsSyncSubscriptionSearches + Write - uint32 + The minimum amount of time bween EWS sync subscription searches + +.PARAMETER MinimumTimeBetweenProviderRefreshes + Write - uint32 + The minimum time between provider refreshes + +.PARAMETER MinimumTimeBetweenSearchQueries + Write - uint32 + The minimum time between search queries + +.PARAMETER NumberOfSubscriptionSyncsPerEwsSyncRun + Write - uint32 + The number of subscription syncronisations per EWS sync run + +.PARAMETER NumberOfUsersEwsSyncWillProcessAtOnce + Write - uint32 + How many users will EWS calls include at once + +.PARAMETER NumberOfUsersPerEwsSyncBatch + Write - uint32 + How many users are included in a batch for EWS + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example creates a new work management service app in the local farm + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWorkManagementServiceApp WorkManagementServiceApp + { + Name = "Work Management Service Application" + ApplicationPool = "SharePoint web services" + MinimumTimeBetweenEwsSyncSubscriptionSearches = 10 + PsDscRunAsCredential = $SetupAccount + } + } + } + + diff --git a/Modules/SharePointDsc/en-US/about_SPWorkflowService.help.txt b/Modules/SharePointDsc/en-US/about_SPWorkflowService.help.txt new file mode 100644 index 000000000..1de03496f --- /dev/null +++ b/Modules/SharePointDsc/en-US/about_SPWorkflowService.help.txt @@ -0,0 +1,95 @@ +.NAME + SPWorkflowService + +# Description + + **Type:** Distributed + **Requires CredSSP:** No + + This resource is used to register the SharePoint Server + against a Workflow Manager Instance. + + Requirements: + Provide the url of the Workflow Manager instance to + connect to. + Scope name is optional and defaults to SharePoint. + If scope name is not specified any configured scope name is + allowed by this resource. + + Remarks + + Change or configuration drift for AllowOAuthHttp is not detected + by this resource. + +.PARAMETER WorkflowHostUri + Key - string + The URL of the Workflow Service + +.PARAMETER SPSiteUrl + Key - String + The URL of the Site Collection to associate with the Workflow Service Proxy + +.PARAMETER ScopeName + Write - String + Specify scope name. If not specified SharePoint will use the default scope name 'SharePoint' + +.PARAMETER AllowOAuthHttp + Write - Boolean + Specify whether or not to allow connection to the Workflow Service over Http + +.PARAMETER InstallAccount + Write - String + POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5 + + +.EXAMPLE + This example registers the workflow service over http. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWorkflowService WorkflowService + { + WorkflowHostUri = "http://workflow.sharepoint.contoso.com" + SPSiteUrl = "http://sites.sharepoint.com" + AllowOAuthHttp = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + + +.EXAMPLE + This example registers the workflow service specifying a custom scope name. + + + Configuration Example + { + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $SetupAccount + ) + Import-DscResource -ModuleName SharePointDsc + + node localhost { + SPWorkflowService WorkflowService + { + WorkflowHostUri = "http://workflow.sharepoint.contoso.com" + ScopeName = "SharePointWorkflow" + SPSiteUrl = "http://sites.sharepoint.com" + AllowOAuthHttp = $true + PsDscRunAsCredential = $SetupAccount + } + } + } + +