Skip to content

Commit

Permalink
so we cna check login auditing #882
Browse files Browse the repository at this point in the history
  • Loading branch information
SQLDBAWithABeard committed May 9, 2023
1 parent b3767be commit f916963
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 1 deletion.
5 changes: 4 additions & 1 deletion developing/Robs-Instance.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ $Checks = 'MaxMemory'
$Checks = 'OrphanedFile'
$Checks = 'MemoryDump'
$Checks = 'HideInstance'
$Checks = 'LoginAuditFailed'
$Checks = 'LoginAuditSuccessful'
$Checks = 'LoginAuditSuccessful', 'LoginAuditFailed'

Invoke-PerfAndValidateCheck -Checks $Checks
Invoke-PerfAndValidateCheck -Checks $Checks -PerfDetail
Expand All @@ -19,7 +22,7 @@ $password = ConvertTo-SecureString "dbatools.IO" -AsPlainText -Force
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList "sqladmin", $password
$show = 'All'

$v4code = Invoke-DbcCheck -SqlInstance $Sqlinstances -SqlCredential $cred -Check $Checks -legacy $true -Show $show -PassThru
$v4code = Invoke-DbcCheck -SqlInstance $Sqlinstances -SqlCredential $cred -Check $Checks -legacy $true -Show $show -PassThru -verbose
# Run v5 checks
$v5code = Invoke-DbcCheck -SqlInstance $Sqlinstances -SqlCredential $cred -Check $Checks -legacy $false -Show $show -PassThru -Verbose

Expand Down
18 changes: 18 additions & 0 deletions source/checks/Instancev5.Tests.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -200,6 +200,24 @@ Describe "Linked Servers" -Tag LinkedServerConnection, Connectivity, Medium, Ins
}
}

Describe "Failed Login Auditing" -Tag LoginAuditFailed, Security, CIS, Medium, Instance -ForEach $InstancesToTest {
$skip = ($__dbcconfig | Where-Object { $_.Name -eq 'skip.security.loginauditlevelfailed' }).Value
Context "Testing if failed login auditing is in place on <_.Name>" {
It "The failed login auditing should be set on <_.Name>" -Skip:$skip {
$psitem.Settings.AuditLevel | Should -BeIn @("Failure", "All") -Because "We expected the audit level to be set to capture failed logins"
}
}
}

Describe "Successful Login Auditing" -Tag LoginAuditSuccessful, Security, CIS, Medium, Instance -ForEach $InstancesToTest {
$skip = ($__dbcconfig | Where-Object { $_.Name -eq 'skip.security.loginauditlevelsuccessful' }).Value
Context "Testing if successful and failed login auditing is in place on <_.Name>" {
It "The successful and failed auditing should be set on <_.Name>" -Skip:$skip {
$psitem.Settings.AuditLevel | Should -Be "All" -Because "We expected the audit level to be set to capture all logins (successful and failed)"
}
}
}

Describe "Instance MaxDop" -Tag MaxDopInstance, MaxDop, Medium, Instance -ForEach ($InstancesToTest | Where-Object { $psitem.Name -notin $psitem.ConfigValues.ExcludeInstanceMaxDop }) {
$skip = ($__dbcconfig | Where-Object { $_.Name -eq 'skip.instance.MaxDopInstance' }).Value
Context "Testing Instance MaxDop Value on <_.Name>" {
Expand Down
10 changes: 10 additions & 0 deletions source/internal/functions/NewGet-AllInstanceInfo.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -400,6 +400,16 @@ function NewGet-AllInstanceInfo {
}
}

'LoginAuditFailed' {
$SettingsInitFields.Add("AuditLevel") | Out-Null # so we can check auditlevel
$Instance.SetDefaultInitFields([Microsoft.SqlServer.Management.Smo.Settings], $SettingsInitFields)
}

'LoginAuditSuccessful' {
$SettingsInitFields.Add("AuditLevel") | Out-Null # so we can check auditlevel
$Instance.SetDefaultInitFields([Microsoft.SqlServer.Management.Smo.Settings], $SettingsInitFields)
}

Default { }
}

Expand Down

0 comments on commit f916963

Please sign in to comment.