DscResources/ConfigurationManagerConfiguration/ConfigurationManagerConfiguration.schema.psm1
Configuration ConfigurationManagerConfiguration { [CmdletBinding()] param ( [Parameter()] [System.String] $SiteName, [Parameter()] [System.String] $SiteCode, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] $SccmInstallAccount, [Parameter()] [hashtable[]] $CMAccounts, [Parameter()] [string[]] $LocalAdministrators = @('contoso\SCCM-Servers', 'contoso\SCCM-CMInstall', 'contoso\Admin'), [hashtable] $EmailSettings, [hashtable] $SystemDiscovery, [hashtable] $ForestDiscovery, [hashtable] $NetworkDiscovery, [hashtable] $HeartbeatDiscovery, [hashtable] $UserDiscovery, [hashtable] $ClientStatusSettings, [hashtable[]] $SiteMaintenanceConfigurations, [hashtable[]] $BoundaryGroups, [hashtable[]] $SiteAdmins, [hashtable] $CollectionSettings, [hashtable] $StatusReportingSettings, [hashtable[]] $DistributionPointGroups, [hashtable] $ManagementPoint, [hashtable] $SoftwareUpdatePoint, [hashtable] $SoftwareUpdatePointComponent ) Import-DscResource -ModuleName PSDesiredStateConfiguration Import-DscResource -ModuleName ConfigMgrCBDsc Import-DscResource -ModuleName UpdateServicesDsc # region ConfigCBMgr configurations foreach ($account in $CMAccounts) { CMAccounts "AddingAccount-$($account.UserName)" { SiteCode = $SiteCode Account = $account.UserName AccountPassword = $account.Password Ensure = 'Present' PsDscRunAsCredential = $SccmInstallAccount } } if ($EmailSettings) { $EmailSettings['SiteCode'] = $SiteCode $EmailSettings['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMEmailNotificationComponent -ExecutionName "CmMailSettings$($SiteCode)" -Properties $EmailSettings -NoInvoke).Invoke($EmailSettings) } if ($ForestDiscovery) { $ForestDiscovery['SiteCode'] = $SiteCode $ForestDiscovery['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMForestDiscovery -ExecutionName "CMForestDiscovery$($SiteCode)" -Properties $ForestDiscovery -NoInvoke).Invoke($ForestDiscovery) } if ($SystemDiscovery) { $SystemDiscovery['SiteCode'] = $SiteCode $SystemDiscovery['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMSystemDiscovery -ExecutionName "CMSystemDiscovery$($SiteCode)" -Properties $SystemDiscovery -NoInvoke).Invoke($SystemDiscovery) } if ($NetworkDiscovery) { $NetworkDiscovery['SiteCode'] = $SiteCode $NetworkDiscovery['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMNetworkDiscovery -ExecutionName "CMNetworkDiscovery$($SiteCode)" -Properties $NetworkDiscovery -NoInvoke).Invoke($NetworkDiscovery) } if ($HeartbeatDiscovery) { $HeartbeatDiscovery['SiteCode'] = $SiteCode $HeartbeatDiscovery['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMHeartbeatDiscovery -ExecutionName "CMHeartbeatDiscovery$($SiteCode)" -Properties $HeartbeatDiscovery -NoInvoke).Invoke($HeartbeatDiscovery) } if ($UserDiscovery) { $UserDiscovery['SiteCode'] = $SiteCode $UserDiscovery['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMUserDiscovery -ExecutionName "CMUserDiscovery$($SiteCode)" -Properties $UserDiscovery -NoInvoke).Invoke($UserDiscovery) } if ($ClientStatusSettings) { $ClientStatusSettings['SiteCode'] = $SiteCode $ClientStatusSettings['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMClientStatusSettings -ExecutionName "CMClientStatusSettings$($SiteCode)" -Properties $ClientStatusSettings -NoInvoke).Invoke($ClientStatusSettings) } foreach ($maintenance in $SiteMaintenanceConfigurations) { $maintenance['SiteCode'] = $SiteCode $maintenance['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMSiteMaintenance -ExecutionName "CMSiteMaintenance$($maintenance.TaskName -replace '\W')" -Properties $maintenance -NoInvoke).Invoke($maintenance) } foreach ($bg in $BoundaryGroups) { $boundaryDependencies = @() foreach ($boundary in $bg.Boundaries) { $boundary['SiteCode'] = $SiteCode $boundary['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMBoundaries -ExecutionName "CMBoundary$($boundary.DisplayName -replace '\W')" -Properties $boundary -NoInvoke).Invoke($boundary) $boundaryDependencies += "[CMBoundaries]CMBoundary$($boundary.DisplayName -replace '\W')" } $bg['SiteCode'] = $SiteCode $bg['PsDscRunAsCredential'] = $SccmInstallAccount $bg['DependsOn'] = $boundaryDependencies $bg.Boundaries = foreach ($bound in $bg.Boundaries) { DSC_CMBoundaryGroupsBoundaries { Value = $bound.Value Type = $bound.Type } } (Get-DscSplattedResource -ResourceName CMBoundaryGroups -ExecutionName "BoundaryGroup$($bg.BoundaryGroup -replace '\W')" -Properties $bg -NoInvoke).Invoke($bg) } foreach ($admin in $SiteAdmins) { $admin['SiteCode'] = $SiteCode $admin['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMAdministrativeUser -ExecutionName "Adminuser$($admin.AdminName.Replace('\', ''))" -Properties $admin -NoInvoke).Invoke($admin) } if ($CollectionSettings) { $CollectionSettings['SiteCode'] = $SiteCode $CollectionSettings['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMCollectionMembershipEvaluationComponent -ExecutionName "CollectionSettings$SiteCode" -Properties $CollectionSettings -NoInvoke).Invoke($CollectionSettings) } if ($StatusReportingSettings) { $StatusReportingSettings['SiteCode'] = $SiteCode $StatusReportingSettings['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMStatusReportingComponent -ExecutionName "CMStatusReportingComponent$SiteCode" -Properties $StatusReportingSettings -NoInvoke).Invoke($StatusReportingSettings) } foreach ($dg in $DistributionPointGroups) { CMDistributionGroup ($dg.DistributionGroup -replace '\W') { SiteCode = $SiteCode DistributionGroup = $dg.DistributionGroup Ensure = 'Present' PsDscRunAsCredential = $SccmInstallAccount } foreach ($dp in $dg.DistributionPoints) { $dp['SiteCode'] = $SiteCode $dp['SiteServerName'] = $node.NodeName $dp['PsDscRunAsCredential'] = $SccmInstallAccount $dp['DependsOn'] = '[CMDistributionGroup]{0}' -f ($dg.DistributionGroup -replace '\W') (Get-DscSplattedResource -ResourceName CMDistributionPoint -ExecutionName "$($dg.DistributionGroup -replace '\W')DP$((New-Guid).Guid)" -Properties $dp -NoInvoke).Invoke($dp) } if ($dg.Members) { $dg.Members['SiteCode'] = $SiteCode $dg.Members['DistributionPoint'] = $node.NodeName $dg.Members['PsDscRunAsCredential'] = $SccmInstallAccount $dg.Members['DependsOn'] = '[CMDistributionGroup]{0}' -f ($dg.DistributionGroup -replace '\W') (Get-DscSplattedResource -ResourceName CMDistributionPointGroupMembers -ExecutionName "$($dg.DistributionGroup -replace '\W')Members" -Properties $dg.Members -NoInvoke).Invoke($dg.Members) } } if ($ManagementPoint) { $ManagementPoint['SiteCode'] = $SiteCode $ManagementPoint['SiteServerName'] = $node.NodeName $ManagementPoint['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMManagementPoint -ExecutionName "ManagementPoint$($SiteName -replace '\W')" -Properties $ManagementPoint -NoInvoke).Invoke($ManagementPoint) } if ($SoftwareUpdatePoint) { $SoftwareUpdatePoint['SiteCode'] = $SiteCode $SoftwareUpdatePoint['SiteServerName'] = $node.NodeName $SoftwareUpdatePoint['PsDscRunAsCredential'] = $SccmInstallAccount (Get-DscSplattedResource -ResourceName CMSoftwareUpdatePoint -ExecutionName "UpdatePoint$($SiteName -replace '\W')" -Properties $SoftwareUpdatePoint -NoInvoke).Invoke($SoftwareUpdatePoint) } if ($SoftwareUpdatePointComponent) { $SoftwareUpdatePointComponent['SiteCode'] = $SiteCode $SoftwareUpdatePointComponent['PsDscRunAsCredential'] = $SccmInstallAccount if (-not $SoftwareUpdatePointComponent.ContainsKey('DefaultWsusServer')) { $SoftwareUpdatePointComponent['DefaultWsusServer'] = $node.NodeName } (Get-DscSplattedResource -ResourceName CMSoftwareUpdatePointComponent -ExecutionName "UpdatePointConfig$($SiteName -replace '\W')" -Properties $SoftwareUpdatePointComponent -NoInvoke).Invoke($SoftwareUpdatePointComponent) } } |