DSCResources/DSC_ExchAntiMalwareScanning/DSC_ExchAntiMalwareScanning.psm1

function Get-TargetResource
{
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]
    [CmdletBinding()]
    [OutputType([System.Collections.Hashtable])]
    param
    (
        [Parameter(Mandatory = $true)]
        [System.Boolean]
        $Enabled,

        [Parameter(Mandatory = $true)]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        $Credential,

        [Parameter()]
        [System.Boolean]
        $AllowServiceRestart = $false
    )

    Write-FunctionEntry -Parameters @{
        'Enabled' = $Enabled
    } -Verbose:$VerbosePreference

    # Establish remote PowerShell session
    Get-RemoteExchangeSession -Credential $Credential -CommandsToLoad 'Get-TransportAgent' -Verbose:$VerbosePreference

    $agent = Get-TransportAgent -Identity "Malware Agent"

    if ($null -ne $agent)
    {
        $returnValue = @{
            Enabled = [System.Boolean] $agent.Enabled
        }
    }

    $returnValue
}

function Set-TargetResource
{
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]
    [CmdletBinding()]
    param
    (
        [Parameter(Mandatory = $true)]
        [System.Boolean]
        $Enabled,

        [Parameter(Mandatory = $true)]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        $Credential,

        [Parameter()]
        [System.Boolean]
        $AllowServiceRestart = $false
    )

    Write-FunctionEntry -Parameters @{
        'Enabled' = $Enabled
    } -Verbose:$VerbosePreference

    $exScriptsRoot = Join-Path -Path ((Get-ItemProperty HKLM:\SOFTWARE\Microsoft\ExchangeServer\v15\Setup).MsiInstallPath) -ChildPath 'Scripts'

    if ($Enabled -eq $true)
    {
        $antiMalwareScriptPath = Join-Path -Path $exScriptsRoot -ChildPath 'Enable-AntimalwareScanning.ps1'
    }
    else
    {
        $antiMalwareScriptPath = Join-Path -Path $exScriptsRoot -ChildPath 'Disable-AntimalwareScanning.ps1'
    }

    # Override Write-Host, as it is used by the target scripts, and causes a DSC error since the session is not interactive
    New-Alias Write-Host Write-Verbose

    $antiMalwareScriptParams = @{}

    if ($AllowServiceRestart -eq $true)
    {
        $antiMalwareScriptParams.Add('ForceRestart', $true)
    }
    else
    {
        Write-Warning -Message 'The configuration will not take effect until the MSExchangeTransport service is manually restarted.'
    }

    $snapinsToRemove = @('Microsoft.Exchange.Management.Powershell.E2010', 'Microsoft.Forefront.Filtering.Management.PowerShell')

    Invoke-DotSourcedScript `
        -ScriptPath $antiMalwareScriptPath `
        -ScriptParams $antiMalwareScriptParams `
        -SnapinsToRemove $snapinsToRemove `
        -Verbose:$VerbosePreference

    Remove-Item Alias:Write-Host
}

function Test-TargetResource
{
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]
    [CmdletBinding()]
    [OutputType([System.Boolean])]
    param
    (
        [Parameter(Mandatory = $true)]
        [System.Boolean]
        $Enabled,

        [Parameter(Mandatory = $true)]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        $Credential,

        [Parameter()]
        [System.Boolean]
        $AllowServiceRestart = $false
    )

    Write-FunctionEntry -Parameters @{
        'Enabled' = $Enabled
    } -Verbose:$VerbosePreference

    $agentStatus = Get-TargetResource @PSBoundParameters

    $testResults = $true

    if ($null -eq $agentStatus -or $null -eq $agentStatus.Enabled)
    {
        Write-Verbose -Message 'Unable to retrieve AntiMalware Agent Status for server'

        $testResults = $false
    }
    else
    {
        if (!(Test-ExchangeSetting -Name 'Enabled' -Type 'Boolean' -ExpectedValue $Enabled -ActualValue $agentStatus.Enabled -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference))
        {
            $testResults = $false
        }
    }

    return $testResults
}

Export-ModuleMember -Function *-TargetResource