From d561c225812233fed532cfd66b56360796614a77 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:13:03 +0100 Subject: [PATCH 01/25] Adds: Changelog for SPWebAppPeoplePickerSettings --- CHANGELOG.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f85f4ef8d..1d32892cb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,9 +5,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Added + + - SPWebAppPeoplePickerSettings + - Added the CustomFilter parameter to the resource + - Added the ShortDomainName parameter to the resource + ### Fixed + - SPWebApplication - Fixed an issue where the Set method tried to use the Parameter SecureSocketsLayer with Set-SPWebApplication on SharePoint Server older than Subscription Edition. +- SPWebAppPeoplePickerSettings + - Fixed an issue where the Set method would not update a non mandatory parameter on an existing SPWebAppPPSearchDomain ## [5.1.0] - 2022-02-24 From d3830e11ed7a8eb54a794fbf931f28bad3ad8416 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:13:29 +0100 Subject: [PATCH 02/25] Adds: Support for CustimFilter and ShortDomainName --- .../MSFT_SPWebAppPeoplePickerSettings.psm1 | 65 +++++++++++++++++++ ...FT_SPWebAppPeoplePickerSettings.schema.mof | 2 + 2 files changed, 67 insertions(+) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 index 96e776b69..ae4684abb 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 @@ -61,6 +61,8 @@ function Get-TargetResource $searchADDomain.FQDN = $searchDomain.DomainName $searchADDomain.IsForest = $searchDomain.IsForest $searchADDomain.AccessAccount = $searchDomain.LoginName + $searchADDomain.CustomFilter = $searchDomain.CustomFilter + $searchADDomain.ShortDomainName = $searchDomain.ShortDomainName $searchADDomains += $searchADDomain } @@ -211,9 +213,42 @@ function Set-TargetResource $adsearchobj.SetPassword($accessAccountPassword) } } + if ($searchADDomain.ContainsKey('CustomFilter')) + { + $adsearchobj.CustomFilter = $searchADDomain.CustomFilter + } + if ($searchADDomain.ContainsKey('ShortDomainName')) + { + $adsearchobj.ShortDomainName = $searchADDomain.ShortDomainName + } $wa.PeoplePickerSettings.SearchActiveDirectoryDomains.Add($adsearchobj) } + else + { + if ($searchADDomain.ContainsKey('AccessAccount')) + { + $configuredDomain.LoginName = $searchADDomain.AccessAccount.UserName + + if ([string]::IsNullOrEmpty($searchADDomain.AccessAccount.Password)) + { + $configuredDomain.SetPassword($null) + } + else + { + $accessAccountPassword = ConvertTo-SecureString $searchADDomain.AccessAccount.Password -AsPlainText -Force + $configuredDomain.SetPassword($accessAccountPassword) + } + } + if ($searchADDomain.ContainsKey('CustomFilter')) + { + $configuredDomain.CustomFilter = $searchADDomain.CustomFilter + } + if ($searchADDomain.ContainsKey('ShortDomainName')) + { + $configuredDomain.ShortDomainName = $searchADDomain.ShortDomainName + } + } } # Reverse Check: Configured domains do not exist in config @@ -319,6 +354,36 @@ function Test-TargetResource Write-Verbose -Message "Test-TargetResource returned false" return $false } + else + { + if ($searchADDomain.ContainsKey('AccessAccount') -and $searchADDomain.AccessAccount.UserName -ne $specifiedDomain.LoginName) + { + $message = "Current LoginName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } + if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) + { + $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } + if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) + { + $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } + } } $result = Test-SPDscParameterState -CurrentValues $CurrentValues ` diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof index fd2bdf8c7..ff1aed18b 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof @@ -4,6 +4,8 @@ Class MSFT_SPWebAppPPSearchDomain [Required, Description("FQDN of the domain or forest")] String FQDN; [Required, Description("Is the FQDN a forest?")] Boolean IsForest; [Write, Description("Specifies the credentials to use to connect to the specified domain or forest"), EmbeddedInstance("MSFT_Credential")] String AccessAccount; + [Write, Description("Sets a customized query filter to send to Active Directory"), String CustomFilter; + [Write, Description("NetBIOS name of the domain or forest"), String ShortDomainName; }; [ClassVersion("1.0.0.0"), FriendlyName("SPWebAppPeoplePickerSettings")] class MSFT_SPWebAppPeoplePickerSettings : OMI_BaseResource From bb9a0a716296ffa9ab95f4d06774202c1bd549b3 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:13:50 +0100 Subject: [PATCH 03/25] Adds: AccessAccount Limitation description --- .../DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md index 32987f58c..911595977 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md @@ -15,3 +15,8 @@ queried before you can configure the SearchActiveDirectoryDomains. The encryption key must be set on every front-end web server in the farm on which SharePoint is installed: https://technet.microsoft.com/en-us/library/gg602075(v=office.15).aspx#section3 + +Due to a SharePoint API limitation a password missmatch can not be detected. +To update the password after the initial add to the SearchActiveDirectoryDomains +the `SPPeoplePickerSearchActiveDirectoryDomain` has to be removed from the SearchActiveDirectoryDomains or +the the password needs to be updated with the `SetPassword(SecureString)` Method directly. From 75fe722a3edcffa05cb31a3f083a481c9759b66f Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:46:28 +0100 Subject: [PATCH 04/25] Fix: Parameter Syntax --- .../MSFT_SPWebAppPeoplePickerSettings.schema.mof | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof index ff1aed18b..f452421d1 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof @@ -4,8 +4,8 @@ Class MSFT_SPWebAppPPSearchDomain [Required, Description("FQDN of the domain or forest")] String FQDN; [Required, Description("Is the FQDN a forest?")] Boolean IsForest; [Write, Description("Specifies the credentials to use to connect to the specified domain or forest"), EmbeddedInstance("MSFT_Credential")] String AccessAccount; - [Write, Description("Sets a customized query filter to send to Active Directory"), String CustomFilter; - [Write, Description("NetBIOS name of the domain or forest"), String ShortDomainName; + [Write, Description("Sets a customized query filter to send to Active Directory")] String CustomFilter; + [Write, Description("NetBIOS name of the domain or forest")] String ShortDomainName; }; [ClassVersion("1.0.0.0"), FriendlyName("SPWebAppPeoplePickerSettings")] class MSFT_SPWebAppPeoplePickerSettings : OMI_BaseResource From f591aeaf263b33aec345e5927b84efe83ca80d24 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 11:42:35 +0100 Subject: [PATCH 05/25] Adds: Unittests for Parameter CustomFilter and ShortDomainName --- ...Dsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 104 ++++++++++++++++-- 1 file changed, 95 insertions(+), 9 deletions(-) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index c45ea920d..7964ff09c 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -32,7 +32,7 @@ function Invoke-TestSetup $script:testEnvironment = Initialize-TestEnvironment ` -DSCModuleName $script:DSCModuleName ` - -DSCResourceName $script:DSCResourceFullName ` + -DscResourceName $script:DSCResourceFullName ` -ResourceType 'Mof' ` -TestType 'Unit' } @@ -130,21 +130,23 @@ try } } - Context -Name "Search domain settings do not match actual values" -Fixture { + Context -Name "Search domain settings do not match actual values (Domain does not exist)" -Fixture { BeforeAll { $testParams = @{ WebAppUrl = "http://sharepoint.contoso.com" SearchActiveDirectoryDomains = @( (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ - FQDN = "contoso.intra" - IsForest = $false - AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` -Property @{ Username = [string]$mockAccount.UserName; Password = [string]$mockAccount.Password; } ` -Namespace root/microsoft/windows/desiredstateconfiguration ` -ClientOnly) + CustomFilter = "(company=Contoso)" + ShortDomainName = "CONTOSO" } -ClientOnly) ) } @@ -198,6 +200,82 @@ try } } + Context -Name "Search domain settings do not match actual values (Domain exists)" -Fixture { + BeforeAll { + $testParams = @{ + WebAppUrl = "http://sharepoint.contoso.com" + SearchActiveDirectoryDomains = @( + (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + -Property @{ + Username = [string]$mockAccount.UserName; + Password = [string]$mockAccount.Password; + } ` + -Namespace root/microsoft/windows/desiredstateconfiguration ` + -ClientOnly) + CustomFilter = "(company=Contoso)" + ShortDomainName = "CONTOSO" + } -ClientOnly) + ) + } + + Mock -CommandName Get-SPWebApplication -MockWith { + $searchADdom = New-Object -TypeName "System.Collections.Generic.List[System.Object]" + $searchDom1 = New-Object -TypeName "Object" | ` + Add-Member -MemberType NoteProperty ` + -Name DomainName ` + -Value ( "contoso.intra" ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name IsForest ` + -Value ( $false ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name LoginName ` + -Value ( 'wrongUsername' ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name CustomFilter ` + -Value ( "(company=Fabrikam)" ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name ShortDomainName ` + -Value ( "FABRIKAM" ) -PassThru + $searchADdom.Add($searchDom1) + + $returnval = @{ + PeoplePickerSettings = @{ + ActiveDirectoryCustomFilter = "()" + ActiveDirectoryCustomQuery = "()" + ActiveDirectorySearchTimeout = @{ + TotalSeconds = 10 + } + OnlySearchWithinSiteCollection = $true + PeopleEditorOnlyResolveWithinSiteCollection = $true + SearchActiveDirectoryDomains = $searchADdom + } + } + $returnval = $returnval | Add-Member -MemberType ScriptMethod -Name Update -Value { + $Global:SPDscWebApplicationUpdateCalled = $true + } -PassThru + + return $returnval + } + } + + It "Should return SearchTimeOut=10 from the get method" { + (Get-TargetResource @testParams).ActiveDirectorySearchTimeout | Should -Be 10 + } + + It "Should return false from the test method" { + Test-TargetResource @testParams | Should -Be $false + } + + It "Should update the people picker settings" { + $Global:SPDscWebApplicationUpdateCalled = $false + Set-TargetResource @testParams + $Global:SPDscWebApplicationUpdateCalled | Should -Be $true + } + } + Context -Name "Settings do not match actual values" -Fixture { BeforeAll { $testParams = @{ @@ -264,15 +342,17 @@ try WebAppUrl = "http://sharepoint.contoso.com" SearchActiveDirectoryDomains = @( (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ - FQDN = "contoso.intra" - IsForest = $false - AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` -Property @{ Username = [string]$mockAccount.UserName; Password = [string]$mockAccount.Password; } ` -Namespace root/microsoft/windows/desiredstateconfiguration ` -ClientOnly) + CustomFilter = "(company=Contoso)" + ShortDomainName = "CONTOSO" } -ClientOnly) ) } @@ -288,7 +368,13 @@ try -Value ( $false ) -PassThru | ` Add-Member -MemberType NoteProperty ` -Name LoginName ` - -Value ( $mockAccount.UserName ) -PassThru + -Value ( $mockAccount.UserName ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name CustomFilter ` + -Value ( "(company=Contoso)" ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name ShortDomainName ` + -Value ( "CONTOSO" ) -PassThru $searchADdom.Add($searchDom1) $returnval = @{ From 256edb3b5fb8bc43a7c5a6547b1c53c3df5e5977 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 12:21:04 +0100 Subject: [PATCH 06/25] Adds: Expanded example with CustomFilter and ShortDomainName --- .../SPWebAppPeoplePickerSettings/1-Example.ps1 | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 b/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 index fd1122727..c1cc25da6 100644 --- a/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 +++ b/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 @@ -64,10 +64,13 @@ Configuration Example ActiveDirectorySearchTimeout = 30 OnlySearchWithinSiteCollection = $false SearchActiveDirectoryDomains = @( - MSFT_SPWebAppPPSearchDomain { - FQDN = "contoso.com" - IsForest = $false - AccessAccount = $AccessAccount + MSFT_SPWebAppPPSearchDomain + { + FQDN = "contoso.com" + IsForest = $false + AccessAccount = $AccessAccount + CustomFilter = '(company=Contoso)' + ShortDomainName = 'CONTOSO' } ) PsDscRunAsCredential = $SetupAccount From 91b67b41cdde11e525246934801197904388d28a Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 14:22:07 +0100 Subject: [PATCH 07/25] Fix: CimInstance does not have ContainsKey --- .../MSFT_SPWebAppPeoplePickerSettings.psm1 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 index ae4684abb..3856d675e 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 @@ -213,11 +213,11 @@ function Set-TargetResource $adsearchobj.SetPassword($accessAccountPassword) } } - if ($searchADDomain.ContainsKey('CustomFilter')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'CustomFilter' })) { $adsearchobj.CustomFilter = $searchADDomain.CustomFilter } - if ($searchADDomain.ContainsKey('ShortDomainName')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'ShortDomainName' })) { $adsearchobj.ShortDomainName = $searchADDomain.ShortDomainName } @@ -226,7 +226,7 @@ function Set-TargetResource } else { - if ($searchADDomain.ContainsKey('AccessAccount')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'AccessAccount' })) { $configuredDomain.LoginName = $searchADDomain.AccessAccount.UserName @@ -240,11 +240,11 @@ function Set-TargetResource $configuredDomain.SetPassword($accessAccountPassword) } } - if ($searchADDomain.ContainsKey('CustomFilter')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'CustomFilter' })) { $configuredDomain.CustomFilter = $searchADDomain.CustomFilter } - if ($searchADDomain.ContainsKey('ShortDomainName')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'ShortDomainName' })) { $configuredDomain.ShortDomainName = $searchADDomain.ShortDomainName } From 7330ff22f70bef0f56d3a46ea61b3927b56f7ee9 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 18:35:08 +0100 Subject: [PATCH 08/25] Adds: SetPassword ScriptMethod to test a credential Update --- ...Dsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 49 ++++++++++--------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index 7964ff09c..eb04d03e1 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -49,7 +49,7 @@ try InModuleScope -ModuleName $script:DSCResourceFullName -ScriptBlock { Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { BeforeAll { - Invoke-Command -Scriptblock $Global:SPDscHelper.InitializeScript -NoNewScope + Invoke-Command -ScriptBlock $Global:SPDscHelper.InitializeScript -NoNewScope # Initialize tests $mockPassword = ConvertTo-SecureString -String "password" -AsPlainText -Force @@ -136,17 +136,15 @@ try WebAppUrl = "http://sharepoint.contoso.com" SearchActiveDirectoryDomains = @( (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ - FQDN = "contoso.intra" - IsForest = $false - AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` -Property @{ Username = [string]$mockAccount.UserName; Password = [string]$mockAccount.Password; } ` -Namespace root/microsoft/windows/desiredstateconfiguration ` -ClientOnly) - CustomFilter = "(company=Contoso)" - ShortDomainName = "CONTOSO" } -ClientOnly) ) } @@ -223,22 +221,29 @@ try Mock -CommandName Get-SPWebApplication -MockWith { $searchADdom = New-Object -TypeName "System.Collections.Generic.List[System.Object]" - $searchDom1 = New-Object -TypeName "Object" | ` - Add-Member -MemberType NoteProperty ` - -Name DomainName ` - -Value ( "contoso.intra" ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name IsForest ` - -Value ( $false ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name LoginName ` - -Value ( 'wrongUsername' ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name CustomFilter ` - -Value ( "(company=Fabrikam)" ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name ShortDomainName ` - -Value ( "FABRIKAM" ) -PassThru + # Create a SPPeoplePickerSearchActiveDirectoryDomain + $searchDom1 = New-Object -TypeName "Object" + $addMember = @{ + InputObject = $searchDom1 + MemberType = 'NoteProperty' + } + Add-Member @addMember -Name DomainName -Value "contoso.intra" + Add-Member @addMember -Name IsForest -Value $false + Add-Member @addMember -Name LoginName -Value "wrongUsername" + Add-Member @addMember -Name CustomFilter -Value "(company=Fabrikam)" + Add-Member @addMember -Name ShortDomainName -Value "FABRIKAM" + $addMemberSetPassword = @{ + InputObject = $searchDom1 + MemberType = 'ScriptMethod' + Name = 'SetPassword' + Value = { + param( + [securestring] + $Password + ) + } + } + Add-Member @addMemberSetPassword $searchADdom.Add($searchDom1) $returnval = @{ From 8a867b6a667058d89ae77b1bdc8ebc01e4c83e45 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 18:47:45 +0100 Subject: [PATCH 09/25] Fix: DSC Resource Style Guidelines --- ...PointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index eb04d03e1..c6fdbd429 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -223,15 +223,11 @@ try $searchADdom = New-Object -TypeName "System.Collections.Generic.List[System.Object]" # Create a SPPeoplePickerSearchActiveDirectoryDomain $searchDom1 = New-Object -TypeName "Object" - $addMember = @{ - InputObject = $searchDom1 - MemberType = 'NoteProperty' - } - Add-Member @addMember -Name DomainName -Value "contoso.intra" - Add-Member @addMember -Name IsForest -Value $false - Add-Member @addMember -Name LoginName -Value "wrongUsername" - Add-Member @addMember -Name CustomFilter -Value "(company=Fabrikam)" - Add-Member @addMember -Name ShortDomainName -Value "FABRIKAM" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name DomainName -Value "contoso.intra" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name IsForest -Value $false + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name LoginName -Value "wrongUsername" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name CustomFilter -Value "(company=Fabrikam)" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name ShortDomainName -Value "FABRIKAM" $addMemberSetPassword = @{ InputObject = $searchDom1 MemberType = 'ScriptMethod' From 660b97fcd5c0c1574c94fa06dad4046c8ce72044 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 19:19:58 +0100 Subject: [PATCH 10/25] Fix: Typo --- .../DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md index 911595977..1c7289feb 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md @@ -16,7 +16,7 @@ The encryption key must be set on every front-end web server in the farm on which SharePoint is installed: https://technet.microsoft.com/en-us/library/gg602075(v=office.15).aspx#section3 -Due to a SharePoint API limitation a password missmatch can not be detected. +Due to a SharePoint API limitation a password missmatch cannot be detected. To update the password after the initial add to the SearchActiveDirectoryDomains the `SPPeoplePickerSearchActiveDirectoryDomain` has to be removed from the SearchActiveDirectoryDomains or the the password needs to be updated with the `SetPassword(SecureString)` Method directly. From 360fab535d3ca0ed9766888ef2336a16caffcf55 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Mon, 14 Mar 2022 16:06:54 +0100 Subject: [PATCH 11/25] Adds: Unittest with $null password --- ...Dsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index c6fdbd429..f7d119146 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -216,6 +216,19 @@ try CustomFilter = "(company=Contoso)" ShortDomainName = "CONTOSO" } -ClientOnly) + (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ + FQDN = "fabrikam.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + -Property @{ + Username = [string]$mockAccount.UserName; + Password = [string]$null; + } ` + -Namespace root/microsoft/windows/desiredstateconfiguration ` + -ClientOnly) + CustomFilter = "(company=FABRIKAM)" + ShortDomainName = "FABRIKAM" + } -ClientOnly) ) } @@ -242,6 +255,27 @@ try Add-Member @addMemberSetPassword $searchADdom.Add($searchDom1) + # Create a SPPeoplePickerSearchActiveDirectoryDomain + $searchDom2 = New-Object -TypeName "Object" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name DomainName -Value "fabrikam.intra" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name IsForest -Value $false + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name LoginName -Value "wrongUsername" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name CustomFilter -Value "(company=Fabrikam)" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name ShortDomainName -Value "FABRIKAM" + $addMemberSetPassword = @{ + InputObject = $searchDom2 + MemberType = 'ScriptMethod' + Name = 'SetPassword' + Value = { + param( + [securestring] + $Password + ) + } + } + Add-Member @addMemberSetPassword + $searchADdom.Add($searchDom2) + $returnval = @{ PeoplePickerSettings = @{ ActiveDirectoryCustomFilter = "()" From 9f7dc1be3eea1b5b35fb4ae34a055bc7421317ea Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 30 Mar 2022 22:24:44 +0200 Subject: [PATCH 12/25] Moved Parameters --- .../MSFT_SPWebAppPeoplePickerSettings.psm1 | 48 ++++++++++--------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 index 3856d675e..5fdbed95a 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 @@ -365,35 +365,37 @@ function Test-TargetResource Write-Verbose -Message "Test-TargetResource returned false" return $false } - if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) - { - $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." - Write-Verbose -Message $message - Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source - - Write-Verbose -Message "Test-TargetResource returned false" - return $false - } - if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) - { - $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." - Write-Verbose -Message $message - Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source - - Write-Verbose -Message "Test-TargetResource returned false" - return $false - } + #if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) + #{ + # $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + # Write-Verbose -Message $message + # Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + # + # Write-Verbose -Message "Test-TargetResource returned false" + # return $false + #} + #if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) + #{ + # $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + # Write-Verbose -Message $message + # Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + # + # Write-Verbose -Message "Test-TargetResource returned false" + # return $false + #} } } $result = Test-SPDscParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` - -ValuesToCheck @("ActiveDirectoryCustomFilter", ` - "ActiveDirectoryCustomQuery", ` - "ActiveDirectorySearchTimeout", ` - "OnlySearchWithinSiteCollection", - "PeopleEditorOnlyResolveWithinSiteCollection") + -ValuesToCheck @("ActiveDirectoryCustomFilter", + "ActiveDirectoryCustomQuery", + "ActiveDirectorySearchTimeout", + "OnlySearchWithinSiteCollection", + "PeopleEditorOnlyResolveWithinSiteCollection", + "CustomFilter", + "ShortDomainName") Write-Verbose -Message "Test-TargetResource returned $result" From 0a4b6dbf18d7ea957a5f3912a40ae16a6e21b011 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:13:03 +0100 Subject: [PATCH 13/25] Adds: Changelog for SPWebAppPeoplePickerSettings --- CHANGELOG.md | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index aa6287c83..092f03e7f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,21 +7,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added -- SPFarmPropertyBag - - Added support for boolean and int32 data types -- SPInstall - - Added additional ExitCode for incorrect license key -- SPShellAdmin - - Added additional logging to improve troubleshooting + - SPWebAppPeoplePickerSettings + - Added the CustomFilter parameter to the resource + - Added the ShortDomainName parameter to the resource ### Fixed -- SPSearchServiceApp - - Fixed issue where the database permissions were not corrected for new - search service applications. - SPWebApplication - - Fixed an issue where the Set method tried to use the Parameter SecureSocketsLayer with - Set-SPWebApplication on SharePoint Server older than Subscription Edition. + - Fixed an issue where the Set method tried to use the Parameter SecureSocketsLayer with Set-SPWebApplication on SharePoint Server older than Subscription Edition. +- SPWebAppPeoplePickerSettings + - Fixed an issue where the Set method would not update a non mandatory parameter on an existing SPWebAppPPSearchDomain ## [5.1.0] - 2022-02-24 From 3fe1bcc600887d18c521b813d3fbb7622382351a Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:13:29 +0100 Subject: [PATCH 14/25] Adds: Support for CustimFilter and ShortDomainName --- .../MSFT_SPWebAppPeoplePickerSettings.psm1 | 65 +++++++++++++++++++ ...FT_SPWebAppPeoplePickerSettings.schema.mof | 2 + 2 files changed, 67 insertions(+) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 index 96e776b69..ae4684abb 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 @@ -61,6 +61,8 @@ function Get-TargetResource $searchADDomain.FQDN = $searchDomain.DomainName $searchADDomain.IsForest = $searchDomain.IsForest $searchADDomain.AccessAccount = $searchDomain.LoginName + $searchADDomain.CustomFilter = $searchDomain.CustomFilter + $searchADDomain.ShortDomainName = $searchDomain.ShortDomainName $searchADDomains += $searchADDomain } @@ -211,9 +213,42 @@ function Set-TargetResource $adsearchobj.SetPassword($accessAccountPassword) } } + if ($searchADDomain.ContainsKey('CustomFilter')) + { + $adsearchobj.CustomFilter = $searchADDomain.CustomFilter + } + if ($searchADDomain.ContainsKey('ShortDomainName')) + { + $adsearchobj.ShortDomainName = $searchADDomain.ShortDomainName + } $wa.PeoplePickerSettings.SearchActiveDirectoryDomains.Add($adsearchobj) } + else + { + if ($searchADDomain.ContainsKey('AccessAccount')) + { + $configuredDomain.LoginName = $searchADDomain.AccessAccount.UserName + + if ([string]::IsNullOrEmpty($searchADDomain.AccessAccount.Password)) + { + $configuredDomain.SetPassword($null) + } + else + { + $accessAccountPassword = ConvertTo-SecureString $searchADDomain.AccessAccount.Password -AsPlainText -Force + $configuredDomain.SetPassword($accessAccountPassword) + } + } + if ($searchADDomain.ContainsKey('CustomFilter')) + { + $configuredDomain.CustomFilter = $searchADDomain.CustomFilter + } + if ($searchADDomain.ContainsKey('ShortDomainName')) + { + $configuredDomain.ShortDomainName = $searchADDomain.ShortDomainName + } + } } # Reverse Check: Configured domains do not exist in config @@ -319,6 +354,36 @@ function Test-TargetResource Write-Verbose -Message "Test-TargetResource returned false" return $false } + else + { + if ($searchADDomain.ContainsKey('AccessAccount') -and $searchADDomain.AccessAccount.UserName -ne $specifiedDomain.LoginName) + { + $message = "Current LoginName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } + if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) + { + $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } + if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) + { + $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } + } } $result = Test-SPDscParameterState -CurrentValues $CurrentValues ` diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof index fd2bdf8c7..ff1aed18b 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof @@ -4,6 +4,8 @@ Class MSFT_SPWebAppPPSearchDomain [Required, Description("FQDN of the domain or forest")] String FQDN; [Required, Description("Is the FQDN a forest?")] Boolean IsForest; [Write, Description("Specifies the credentials to use to connect to the specified domain or forest"), EmbeddedInstance("MSFT_Credential")] String AccessAccount; + [Write, Description("Sets a customized query filter to send to Active Directory"), String CustomFilter; + [Write, Description("NetBIOS name of the domain or forest"), String ShortDomainName; }; [ClassVersion("1.0.0.0"), FriendlyName("SPWebAppPeoplePickerSettings")] class MSFT_SPWebAppPeoplePickerSettings : OMI_BaseResource From ff05e58a6eaed0c9c6606aa75346ddb536a01c97 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:13:50 +0100 Subject: [PATCH 15/25] Adds: AccessAccount Limitation description --- .../DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md index 32987f58c..911595977 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md @@ -15,3 +15,8 @@ queried before you can configure the SearchActiveDirectoryDomains. The encryption key must be set on every front-end web server in the farm on which SharePoint is installed: https://technet.microsoft.com/en-us/library/gg602075(v=office.15).aspx#section3 + +Due to a SharePoint API limitation a password missmatch can not be detected. +To update the password after the initial add to the SearchActiveDirectoryDomains +the `SPPeoplePickerSearchActiveDirectoryDomain` has to be removed from the SearchActiveDirectoryDomains or +the the password needs to be updated with the `SetPassword(SecureString)` Method directly. From 976efc0e3ceb3066b63d84a04bfe3a8e379f1186 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 10:46:28 +0100 Subject: [PATCH 16/25] Fix: Parameter Syntax --- .../MSFT_SPWebAppPeoplePickerSettings.schema.mof | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof index ff1aed18b..f452421d1 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.schema.mof @@ -4,8 +4,8 @@ Class MSFT_SPWebAppPPSearchDomain [Required, Description("FQDN of the domain or forest")] String FQDN; [Required, Description("Is the FQDN a forest?")] Boolean IsForest; [Write, Description("Specifies the credentials to use to connect to the specified domain or forest"), EmbeddedInstance("MSFT_Credential")] String AccessAccount; - [Write, Description("Sets a customized query filter to send to Active Directory"), String CustomFilter; - [Write, Description("NetBIOS name of the domain or forest"), String ShortDomainName; + [Write, Description("Sets a customized query filter to send to Active Directory")] String CustomFilter; + [Write, Description("NetBIOS name of the domain or forest")] String ShortDomainName; }; [ClassVersion("1.0.0.0"), FriendlyName("SPWebAppPeoplePickerSettings")] class MSFT_SPWebAppPeoplePickerSettings : OMI_BaseResource From eadb6ccf939991356c004764f31aea564a55e809 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 11:42:35 +0100 Subject: [PATCH 17/25] Adds: Unittests for Parameter CustomFilter and ShortDomainName --- ...Dsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 104 ++++++++++++++++-- 1 file changed, 95 insertions(+), 9 deletions(-) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index c45ea920d..7964ff09c 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -32,7 +32,7 @@ function Invoke-TestSetup $script:testEnvironment = Initialize-TestEnvironment ` -DSCModuleName $script:DSCModuleName ` - -DSCResourceName $script:DSCResourceFullName ` + -DscResourceName $script:DSCResourceFullName ` -ResourceType 'Mof' ` -TestType 'Unit' } @@ -130,21 +130,23 @@ try } } - Context -Name "Search domain settings do not match actual values" -Fixture { + Context -Name "Search domain settings do not match actual values (Domain does not exist)" -Fixture { BeforeAll { $testParams = @{ WebAppUrl = "http://sharepoint.contoso.com" SearchActiveDirectoryDomains = @( (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ - FQDN = "contoso.intra" - IsForest = $false - AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` -Property @{ Username = [string]$mockAccount.UserName; Password = [string]$mockAccount.Password; } ` -Namespace root/microsoft/windows/desiredstateconfiguration ` -ClientOnly) + CustomFilter = "(company=Contoso)" + ShortDomainName = "CONTOSO" } -ClientOnly) ) } @@ -198,6 +200,82 @@ try } } + Context -Name "Search domain settings do not match actual values (Domain exists)" -Fixture { + BeforeAll { + $testParams = @{ + WebAppUrl = "http://sharepoint.contoso.com" + SearchActiveDirectoryDomains = @( + (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + -Property @{ + Username = [string]$mockAccount.UserName; + Password = [string]$mockAccount.Password; + } ` + -Namespace root/microsoft/windows/desiredstateconfiguration ` + -ClientOnly) + CustomFilter = "(company=Contoso)" + ShortDomainName = "CONTOSO" + } -ClientOnly) + ) + } + + Mock -CommandName Get-SPWebApplication -MockWith { + $searchADdom = New-Object -TypeName "System.Collections.Generic.List[System.Object]" + $searchDom1 = New-Object -TypeName "Object" | ` + Add-Member -MemberType NoteProperty ` + -Name DomainName ` + -Value ( "contoso.intra" ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name IsForest ` + -Value ( $false ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name LoginName ` + -Value ( 'wrongUsername' ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name CustomFilter ` + -Value ( "(company=Fabrikam)" ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name ShortDomainName ` + -Value ( "FABRIKAM" ) -PassThru + $searchADdom.Add($searchDom1) + + $returnval = @{ + PeoplePickerSettings = @{ + ActiveDirectoryCustomFilter = "()" + ActiveDirectoryCustomQuery = "()" + ActiveDirectorySearchTimeout = @{ + TotalSeconds = 10 + } + OnlySearchWithinSiteCollection = $true + PeopleEditorOnlyResolveWithinSiteCollection = $true + SearchActiveDirectoryDomains = $searchADdom + } + } + $returnval = $returnval | Add-Member -MemberType ScriptMethod -Name Update -Value { + $Global:SPDscWebApplicationUpdateCalled = $true + } -PassThru + + return $returnval + } + } + + It "Should return SearchTimeOut=10 from the get method" { + (Get-TargetResource @testParams).ActiveDirectorySearchTimeout | Should -Be 10 + } + + It "Should return false from the test method" { + Test-TargetResource @testParams | Should -Be $false + } + + It "Should update the people picker settings" { + $Global:SPDscWebApplicationUpdateCalled = $false + Set-TargetResource @testParams + $Global:SPDscWebApplicationUpdateCalled | Should -Be $true + } + } + Context -Name "Settings do not match actual values" -Fixture { BeforeAll { $testParams = @{ @@ -264,15 +342,17 @@ try WebAppUrl = "http://sharepoint.contoso.com" SearchActiveDirectoryDomains = @( (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ - FQDN = "contoso.intra" - IsForest = $false - AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` -Property @{ Username = [string]$mockAccount.UserName; Password = [string]$mockAccount.Password; } ` -Namespace root/microsoft/windows/desiredstateconfiguration ` -ClientOnly) + CustomFilter = "(company=Contoso)" + ShortDomainName = "CONTOSO" } -ClientOnly) ) } @@ -288,7 +368,13 @@ try -Value ( $false ) -PassThru | ` Add-Member -MemberType NoteProperty ` -Name LoginName ` - -Value ( $mockAccount.UserName ) -PassThru + -Value ( $mockAccount.UserName ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name CustomFilter ` + -Value ( "(company=Contoso)" ) -PassThru | ` + Add-Member -MemberType NoteProperty ` + -Name ShortDomainName ` + -Value ( "CONTOSO" ) -PassThru $searchADdom.Add($searchDom1) $returnval = @{ From 24583ea0c3b5e1f8b7a0bab6ac0c928675d314ac Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 12:21:04 +0100 Subject: [PATCH 18/25] Adds: Expanded example with CustomFilter and ShortDomainName --- .../SPWebAppPeoplePickerSettings/1-Example.ps1 | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 b/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 index fd1122727..c1cc25da6 100644 --- a/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 +++ b/SharePointDsc/Examples/Resources/SPWebAppPeoplePickerSettings/1-Example.ps1 @@ -64,10 +64,13 @@ Configuration Example ActiveDirectorySearchTimeout = 30 OnlySearchWithinSiteCollection = $false SearchActiveDirectoryDomains = @( - MSFT_SPWebAppPPSearchDomain { - FQDN = "contoso.com" - IsForest = $false - AccessAccount = $AccessAccount + MSFT_SPWebAppPPSearchDomain + { + FQDN = "contoso.com" + IsForest = $false + AccessAccount = $AccessAccount + CustomFilter = '(company=Contoso)' + ShortDomainName = 'CONTOSO' } ) PsDscRunAsCredential = $SetupAccount From 6361eae5b7d278ea2e844be90160e1cf70f8a286 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 14:22:07 +0100 Subject: [PATCH 19/25] Fix: CimInstance does not have ContainsKey --- .../MSFT_SPWebAppPeoplePickerSettings.psm1 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 index ae4684abb..3856d675e 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 @@ -213,11 +213,11 @@ function Set-TargetResource $adsearchobj.SetPassword($accessAccountPassword) } } - if ($searchADDomain.ContainsKey('CustomFilter')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'CustomFilter' })) { $adsearchobj.CustomFilter = $searchADDomain.CustomFilter } - if ($searchADDomain.ContainsKey('ShortDomainName')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'ShortDomainName' })) { $adsearchobj.ShortDomainName = $searchADDomain.ShortDomainName } @@ -226,7 +226,7 @@ function Set-TargetResource } else { - if ($searchADDomain.ContainsKey('AccessAccount')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'AccessAccount' })) { $configuredDomain.LoginName = $searchADDomain.AccessAccount.UserName @@ -240,11 +240,11 @@ function Set-TargetResource $configuredDomain.SetPassword($accessAccountPassword) } } - if ($searchADDomain.ContainsKey('CustomFilter')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'CustomFilter' })) { $configuredDomain.CustomFilter = $searchADDomain.CustomFilter } - if ($searchADDomain.ContainsKey('ShortDomainName')) + if ($null -ne ($searchADDomain.CimInstanceProperties | Where-Object -FilterScript { $_.Name -eq 'ShortDomainName' })) { $configuredDomain.ShortDomainName = $searchADDomain.ShortDomainName } From 994daad9d7f54354f83c6202346abe06ec44d4bf Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 18:35:08 +0100 Subject: [PATCH 20/25] Adds: SetPassword ScriptMethod to test a credential Update --- ...Dsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 49 ++++++++++--------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index 7964ff09c..eb04d03e1 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -49,7 +49,7 @@ try InModuleScope -ModuleName $script:DSCResourceFullName -ScriptBlock { Describe -Name $Global:SPDscHelper.DescribeHeader -Fixture { BeforeAll { - Invoke-Command -Scriptblock $Global:SPDscHelper.InitializeScript -NoNewScope + Invoke-Command -ScriptBlock $Global:SPDscHelper.InitializeScript -NoNewScope # Initialize tests $mockPassword = ConvertTo-SecureString -String "password" -AsPlainText -Force @@ -136,17 +136,15 @@ try WebAppUrl = "http://sharepoint.contoso.com" SearchActiveDirectoryDomains = @( (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ - FQDN = "contoso.intra" - IsForest = $false - AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + FQDN = "contoso.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` -Property @{ Username = [string]$mockAccount.UserName; Password = [string]$mockAccount.Password; } ` -Namespace root/microsoft/windows/desiredstateconfiguration ` -ClientOnly) - CustomFilter = "(company=Contoso)" - ShortDomainName = "CONTOSO" } -ClientOnly) ) } @@ -223,22 +221,29 @@ try Mock -CommandName Get-SPWebApplication -MockWith { $searchADdom = New-Object -TypeName "System.Collections.Generic.List[System.Object]" - $searchDom1 = New-Object -TypeName "Object" | ` - Add-Member -MemberType NoteProperty ` - -Name DomainName ` - -Value ( "contoso.intra" ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name IsForest ` - -Value ( $false ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name LoginName ` - -Value ( 'wrongUsername' ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name CustomFilter ` - -Value ( "(company=Fabrikam)" ) -PassThru | ` - Add-Member -MemberType NoteProperty ` - -Name ShortDomainName ` - -Value ( "FABRIKAM" ) -PassThru + # Create a SPPeoplePickerSearchActiveDirectoryDomain + $searchDom1 = New-Object -TypeName "Object" + $addMember = @{ + InputObject = $searchDom1 + MemberType = 'NoteProperty' + } + Add-Member @addMember -Name DomainName -Value "contoso.intra" + Add-Member @addMember -Name IsForest -Value $false + Add-Member @addMember -Name LoginName -Value "wrongUsername" + Add-Member @addMember -Name CustomFilter -Value "(company=Fabrikam)" + Add-Member @addMember -Name ShortDomainName -Value "FABRIKAM" + $addMemberSetPassword = @{ + InputObject = $searchDom1 + MemberType = 'ScriptMethod' + Name = 'SetPassword' + Value = { + param( + [securestring] + $Password + ) + } + } + Add-Member @addMemberSetPassword $searchADdom.Add($searchDom1) $returnval = @{ From 797e532930f5d4b454a161e2ea29c4b9b9cca254 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 18:47:45 +0100 Subject: [PATCH 21/25] Fix: DSC Resource Style Guidelines --- ...PointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index eb04d03e1..c6fdbd429 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -223,15 +223,11 @@ try $searchADdom = New-Object -TypeName "System.Collections.Generic.List[System.Object]" # Create a SPPeoplePickerSearchActiveDirectoryDomain $searchDom1 = New-Object -TypeName "Object" - $addMember = @{ - InputObject = $searchDom1 - MemberType = 'NoteProperty' - } - Add-Member @addMember -Name DomainName -Value "contoso.intra" - Add-Member @addMember -Name IsForest -Value $false - Add-Member @addMember -Name LoginName -Value "wrongUsername" - Add-Member @addMember -Name CustomFilter -Value "(company=Fabrikam)" - Add-Member @addMember -Name ShortDomainName -Value "FABRIKAM" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name DomainName -Value "contoso.intra" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name IsForest -Value $false + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name LoginName -Value "wrongUsername" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name CustomFilter -Value "(company=Fabrikam)" + Add-Member -InputObject $searchDom1 -MemberType 'NoteProperty' -Name ShortDomainName -Value "FABRIKAM" $addMemberSetPassword = @{ InputObject = $searchDom1 MemberType = 'ScriptMethod' From 629b1457464de97e80835e7c5603afaa60582455 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 9 Mar 2022 19:19:58 +0100 Subject: [PATCH 22/25] Fix: Typo --- .../DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md index 911595977..1c7289feb 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/readme.md @@ -16,7 +16,7 @@ The encryption key must be set on every front-end web server in the farm on which SharePoint is installed: https://technet.microsoft.com/en-us/library/gg602075(v=office.15).aspx#section3 -Due to a SharePoint API limitation a password missmatch can not be detected. +Due to a SharePoint API limitation a password missmatch cannot be detected. To update the password after the initial add to the SearchActiveDirectoryDomains the `SPPeoplePickerSearchActiveDirectoryDomain` has to be removed from the SearchActiveDirectoryDomains or the the password needs to be updated with the `SetPassword(SecureString)` Method directly. From bd935b6a8f78bc5275cf27910f50ce76e777ef94 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Mon, 14 Mar 2022 16:06:54 +0100 Subject: [PATCH 23/25] Adds: Unittest with $null password --- ...Dsc.SPWebAppPeoplePickerSettings.Tests.ps1 | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 index c6fdbd429..f7d119146 100644 --- a/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 +++ b/tests/Unit/SharePointDsc/SharePointDsc.SPWebAppPeoplePickerSettings.Tests.ps1 @@ -216,6 +216,19 @@ try CustomFilter = "(company=Contoso)" ShortDomainName = "CONTOSO" } -ClientOnly) + (New-CimInstance -ClassName MSFT_SPWebAppPPSearchDomain -Property @{ + FQDN = "fabrikam.intra" + IsForest = $false + AccessAccount = (New-CimInstance -ClassName MSFT_Credential ` + -Property @{ + Username = [string]$mockAccount.UserName; + Password = [string]$null; + } ` + -Namespace root/microsoft/windows/desiredstateconfiguration ` + -ClientOnly) + CustomFilter = "(company=FABRIKAM)" + ShortDomainName = "FABRIKAM" + } -ClientOnly) ) } @@ -242,6 +255,27 @@ try Add-Member @addMemberSetPassword $searchADdom.Add($searchDom1) + # Create a SPPeoplePickerSearchActiveDirectoryDomain + $searchDom2 = New-Object -TypeName "Object" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name DomainName -Value "fabrikam.intra" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name IsForest -Value $false + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name LoginName -Value "wrongUsername" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name CustomFilter -Value "(company=Fabrikam)" + Add-Member -InputObject $searchDom2 -MemberType 'NoteProperty' -Name ShortDomainName -Value "FABRIKAM" + $addMemberSetPassword = @{ + InputObject = $searchDom2 + MemberType = 'ScriptMethod' + Name = 'SetPassword' + Value = { + param( + [securestring] + $Password + ) + } + } + Add-Member @addMemberSetPassword + $searchADdom.Add($searchDom2) + $returnval = @{ PeoplePickerSettings = @{ ActiveDirectoryCustomFilter = "()" From 0d5e3b2d3b0bf196a1cfec490e09357dbf934d38 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Wed, 30 Mar 2022 22:24:44 +0200 Subject: [PATCH 24/25] Moved Parameters --- .../MSFT_SPWebAppPeoplePickerSettings.psm1 | 48 ++++++++++--------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 index 3856d675e..5fdbed95a 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 @@ -365,35 +365,37 @@ function Test-TargetResource Write-Verbose -Message "Test-TargetResource returned false" return $false } - if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) - { - $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." - Write-Verbose -Message $message - Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source - - Write-Verbose -Message "Test-TargetResource returned false" - return $false - } - if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) - { - $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." - Write-Verbose -Message $message - Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source - - Write-Verbose -Message "Test-TargetResource returned false" - return $false - } + #if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) + #{ + # $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + # Write-Verbose -Message $message + # Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + # + # Write-Verbose -Message "Test-TargetResource returned false" + # return $false + #} + #if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) + #{ + # $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + # Write-Verbose -Message $message + # Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + # + # Write-Verbose -Message "Test-TargetResource returned false" + # return $false + #} } } $result = Test-SPDscParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` - -ValuesToCheck @("ActiveDirectoryCustomFilter", ` - "ActiveDirectoryCustomQuery", ` - "ActiveDirectorySearchTimeout", ` - "OnlySearchWithinSiteCollection", - "PeopleEditorOnlyResolveWithinSiteCollection") + -ValuesToCheck @("ActiveDirectoryCustomFilter", + "ActiveDirectoryCustomQuery", + "ActiveDirectorySearchTimeout", + "OnlySearchWithinSiteCollection", + "PeopleEditorOnlyResolveWithinSiteCollection", + "CustomFilter", + "ShortDomainName") Write-Verbose -Message "Test-TargetResource returned $result" From 290d64dc7864a5efd408e7c6567a695337691f72 Mon Sep 17 00:00:00 2001 From: "Hannappel, Christoph" Date: Thu, 31 Mar 2022 13:04:21 +0200 Subject: [PATCH 25/25] Fixed: Parameter Test --- .../MSFT_SPWebAppPeoplePickerSettings.psm1 | 40 +++++++++---------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 index 5fdbed95a..25f2adc6e 100644 --- a/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 +++ b/SharePointDsc/DSCResources/MSFT_SPWebAppPeoplePickerSettings/MSFT_SPWebAppPeoplePickerSettings.psm1 @@ -365,24 +365,24 @@ function Test-TargetResource Write-Verbose -Message "Test-TargetResource returned false" return $false } - #if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) - #{ - # $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." - # Write-Verbose -Message $message - # Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source - # - # Write-Verbose -Message "Test-TargetResource returned false" - # return $false - #} - #if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) - #{ - # $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." - # Write-Verbose -Message $message - # Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source - # - # Write-Verbose -Message "Test-TargetResource returned false" - # return $false - #} + if ($searchADDomain.ContainsKey('CustomFilter') -and $searchADDomain.CustomFilter -ne $specifiedDomain.CustomFilter) + { + $message = "Current CustomFilter Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } + if ($searchADDomain.ContainsKey('ShortDomainName') -and $searchADDomain.ShortDomainName -ne $specifiedDomain.ShortDomainName) + { + $message = "Current ShortDomainName Property of SearchActiveDirectoryDomain $searchADDomain does not match the desired state." + Write-Verbose -Message $message + Add-SPDscEvent -Message $message -EntryType 'Error' -EventID 1 -Source $MyInvocation.MyCommand.Source + + Write-Verbose -Message "Test-TargetResource returned false" + return $false + } } } @@ -393,9 +393,7 @@ function Test-TargetResource "ActiveDirectoryCustomQuery", "ActiveDirectorySearchTimeout", "OnlySearchWithinSiteCollection", - "PeopleEditorOnlyResolveWithinSiteCollection", - "CustomFilter", - "ShortDomainName") + "PeopleEditorOnlyResolveWithinSiteCollection") Write-Verbose -Message "Test-TargetResource returned $result"