-
Notifications
You must be signed in to change notification settings - Fork 4
/
DSC_Generate_MOFFiles.ps1
145 lines (126 loc) · 6.6 KB
/
DSC_Generate_MOFFiles.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#***************************************************************************************
# This Sample Code is provided for the purpose of illustration only and is not intended to be used in a production environment.
# THIS SAMPLE CODE AND ANY RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED
# TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS for A PARTICULAR PURPOSE. We grant You a nonexclusive, royalty-free right to use and modify
# the Sample Code and to reproduce and distribute the object code form of the Sample Code, provided that You agree: (i) to not use Our name, logo, or
# trademarks to market Your software product in which the Sample Code is embedded; (ii) to include a valid copyright notice on Your software product in
# which the Sample Code is embedded; and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and against any claims or lawsuits,
# including attorneys fees, that arise or result from the use or distribution of the Sample Code.
#
# This script collects username and passwords for service accounts then generates MOF files for DSC
#
# -Run this script as a local server Administrator
# -Run this script from elevaed prompt
#
# Don't forget to: Set-ExecutionPolicy RemoteSigned
#
# Written by Chris Weaver ([email protected])
#
#****************************************************************************************
param(
[string][Parameter(Mandatory=$true)] $ConfigDataFile = 'DSCConfigData.psd1',
[string][Parameter(Mandatory=$true)] $ConfigFile = 'DSCConfig.ps1'
)
#https://gallery.technet.microsoft.com/scriptcenter/Test-Credential-dda902c6
Function Test-Credential {
[OutputType([Bool])]
Param (
[Parameter(
Mandatory = $true,
ValueFromPipeLine = $true,
ValueFromPipelineByPropertyName = $true
)]
[Alias(
'PSCredential'
)]
[ValidateNotNull()]
[System.Management.Automation.PSCredential]
[System.Management.Automation.Credential()]
$Credential,
[Parameter()]
[String]
$Domain = $Credential.GetNetworkCredential().Domain
)
Begin {
[System.Reflection.Assembly]::LoadWithPartialName("System.DirectoryServices.AccountManagement") |
Out-Null
$principalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext(
[System.DirectoryServices.AccountManagement.ContextType]::Domain, $Domain
)
}
Process {
foreach ($item in $Credential) {
$networkCredential = $Credential.GetNetworkCredential()
Write-Output -InputObject $(
$principalContext.ValidateCredentials(
$networkCredential.UserName, $networkCredential.Password
)
)
}
}
End {
$principalContext.Dispose()
}
}
. "$PSScriptRoot\$ConfigFile"
$ConfigData = "$PSScriptRoot\$ConfigDataFile"
#Load the Data File to get the Accounts
$data = Invoke-Expression (Get-Content $ConfigData | out-string)
$dscConfigPath = $data.NonNodeData.DSCConfig.DSCConfigPath + "\Configurations"
#Delete all mof and checksum files as we will create new ones
Write-Host "Removing all configurations files from $dscConfigPath"
Get-ChildItem $dscConfigPath | where {!$_.PSISContainer} | Remove-Item
$setupAccountName = $data.NonNodeData.SharePoint.ServiceAccounts.SetupAccount
$farmAccountName = $data.NonNodeData.SharePoint.ServiceAccounts.FarmAccount
$webAppAccountName = $data.NonNodeData.SharePoint.ServiceAccounts.WebAppPoolAccount
$svcAppAccountName = $data.NonNodeData.SharePoint.ServiceAccounts.ServicesAppPoolAccount
$srcContentAccessAccount = $data.NonNodeData.SharePoint.ServiceAccounts.ContentAccessAccount
#$ConnectAccounts = $data.NonNodeData.SharePoint.ServiceAccounts.ConnectionAccount
Write-Host "Getting Service Account Credentials" -ForegroundColor Green
$Domain = $data.NonNodeData.DomainDetails.DomainName
Do {
$SetupAccount = Get-Credential -UserName $setupAccountName -Message "Setup Account"
}While ((Test-Credential -Credential $SetupAccount -Domain $Domain) -eq $false)
Do {
$FarmAccount = Get-Credential -UserName $farmAccountName -Message "Farm Account"
}While ((Test-Credential -Credential $FarmAccount -Domain $Domain) -eq $false)
Do {
$WebAppPoolAccount = Get-Credential -UserName $webAppAccountName -Message "Web App Pool Account"
}While ((Test-Credential -Credential $WebAppPoolAccount -Domain $Domain) -eq $false)
Do {
$ServicePoolAccount = Get-Credential -UserName $svcAppAccountName -Message "Svc App Pool Account"
}While ((Test-Credential -Credential $ServicePoolAccount -Domain $Domain) -eq $false)
Do {
$ContentAccessAccount = Get-Credential -UserName $srcContentAccessAccount -Message "Search Default Content Access Account"
}While ((Test-Credential -Credential $ContentAccessAccount -Domain $Domain) -eq $false)
$passPhrase = Get-Credential -Message "Farm PassPhrase" -UserName "PassPhrase"
<#
if ($ConfigurationData.NonNodeData.SharePoint.Version -eq 2013)
{
if(($ConnectAccounts).count -ge 1)
{
$ConnectAccount = @()
$ConnectAccounts | ForEach-Object {
$ConnectAccount += Get-Credential -UserName $_ -Message "UPA Sync Connection Account"
}
}
}
#>
Write-Host "Generating DSC Configuration into " $dscConfigPath -ForegroundColor Green
SharePointServer -FarmAccount $FarmAccount -WebPoolManagedAccount $WebAppPoolAccount -SPSetupAccount $SetupAccount -ServicePoolManagedAccount $ServicePoolAccount -ContentAccessAccount $ContentAccessAccount -outputpath $dscConfigPath -ConfigurationData $ConfigData -PassPhrase $passPhrase # -UPASyncConnectAccounts $ConnectAccount
Write-Host "Creating checksums for all MOF..." -ForegroundColor Green
New-DSCCheckSum -Path $dscConfigPath -Force
<#
#Will need to find another value other than minrole
Write-Host "Removing old MOF from client servers" -ForegroundColor green
$data.AllNodes | ?{$_.MinRole} | ForEach-Object {
$ServerCIMSession = New-CimSession -ComputerName $_.NodeName -Credential $SetupAccount
Remove-DscConfigurationDocument -CimSession $ServerCIMSession -Stage Current,Pending,Previous -Force -Verbose
}
Get-CimSession | Remove-CimSession
Write-Host "Updating configuration on client machines" -ForegroundColor green
$data.AllNodes | ?{$_.MinRole} | ForEach-Object {
$node = $_.NodeName
Update-DscConfiguration -ComputerName $node -Verbose
}
#>