DSCResources/MSFT_SPWebApplicationExtension/MSFT_SPWebApplicationExtension.psm1
|
function Get-TargetResource { [CmdletBinding()] [OutputType([System.Collections.Hashtable])] param ( [parameter(Mandatory = $true)] [System.String] $WebAppUrl, [parameter(Mandatory = $true)] [System.String] $Name, [parameter(Mandatory = $true)] [System.String] $Url, [parameter(Mandatory = $true)] [ValidateSet("Default","Intranet","Internet","Extranet","Custom")] [System.String] $Zone, [parameter(Mandatory = $false)] [System.Boolean] $AllowAnonymous, [parameter(Mandatory = $false)] [System.String] $HostHeader, [parameter(Mandatory = $false)] [System.String] $Path, [parameter(Mandatory = $false)] [System.String] $Port, [parameter(Mandatory = $false)] [System.Boolean] $UseSSL, [parameter(Mandatory = $false)] [ValidateSet("NTLM","Kerberos","Claims")] [System.String] $AuthenticationMethod, [parameter(Mandatory = $false)] [System.String] $AuthenticationProvider, [parameter(Mandatory = $false)] [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", [parameter(Mandatory = $false)] [System.Management.Automation.PSCredential] $InstallAccount ) Write-Verbose -Message "Getting web application extension '$Name' config" $result = Invoke-SPDSCCommand -Credential $InstallAccount ` -Arguments @($PSBoundParameters,$PSScriptRoot) ` -ScriptBlock { $params = $args[0] $ScriptRoot = $args[1] $wa = Get-SPWebApplication -Identity $params.WebAppUrl -ErrorAction SilentlyContinue if ($null -eq $wa) { Write-Verbose -Message "WebApplication $($params.WebAppUrl) does not exist" return @{ WebAppUrl = $params.WebAppUrl Name = $params.Name Url = $null Zone = $null Ensure = "Absent" } } $zone = [Microsoft.SharePoint.Administration.SPUrlZone]::$($params.Zone) $waExt = $wa.IisSettings[$zone] if ($null -eq $waExt) { return @{ WebAppUrl = $params.WebAppUrl Name = $params.Name Url = $params.Url Zone = $params.zone Ensure = "Absent" } } $publicUrl = (Get-SPAlternateURL -WebApplication $params.WebAppUrl -Zone $params.zone).PublicUrl if ($null -ne $waExt.SecureBindings.HostHeader) #default to SSL bindings if present { $HostHeader = $waExt.SecureBindings.HostHeader $Port = $waExt.SecureBindings.Port $UseSSL = $true } else { $HostHeader = $waExt.ServerBindings.HostHeader $Port = $waExt.ServerBindings.Port $UseSSL = $false } $authProvider = Get-SPAuthenticationProvider -WebApplication $wa.Url -Zone $params.zone if($authProvider.DisplayName -eq "Windows Authentication") { if ($authProvider.DisableKerberos -eq $true) { $localAuthMode = "NTLM" } else { $localAuthMode = "Kerberos" } } else { $localAuthMode = "Claims" $authenticationProvider = $authProvider.DisplayName } return @{ WebAppUrl = $params.WebAppUrl Name = $waExt.ServerComment Url = $PublicURL AllowAnonymous = $authProvider.AllowAnonymous HostHeader = $HostHeader Path = $waExt.Path Port = $Port Zone = $params.zone AuthenticationMethod = $localAuthMode AuthenticationProvider = $authenticationProvider UseSSL = $UseSSL InstallAccount = $params.InstallAccount Ensure = "Present" } } return $result } function Set-TargetResource { [CmdletBinding()] param ( [parameter(Mandatory = $true)] [System.String] $WebAppUrl, [parameter(Mandatory = $true)] [System.String] $Name, [parameter(Mandatory = $true)] [System.String] $Url, [parameter(Mandatory = $true)] [ValidateSet("Default","Intranet","Internet","Extranet","Custom")] [System.String] $Zone, [parameter(Mandatory = $false)] [System.Boolean] $AllowAnonymous, [parameter(Mandatory = $false)] [System.String] $HostHeader, [parameter(Mandatory = $false)] [System.String] $Path, [parameter(Mandatory = $false)] [System.String] $Port, [parameter(Mandatory = $false)] [System.Boolean] $UseSSL, [parameter(Mandatory = $false)] [ValidateSet("NTLM","Kerberos","Claims")] [System.String] $AuthenticationMethod, [parameter(Mandatory = $false)] [System.String] $AuthenticationProvider, [parameter(Mandatory = $false)] [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", [parameter(Mandatory = $false)] [System.Management.Automation.PSCredential] $InstallAccount ) Write-Verbose -Message "Setting web application extension '$Name' config" if ($Ensure -eq "Present") { if ($AuthenticationMethod -eq "Claims" -and [string]::IsNullOrEmpty($AuthenticationProvider)) { throw [Exception] "When configuring SPWebApplication to use Claims the AuthenticationProvider value must be specified." } Invoke-SPDSCCommand -Credential $InstallAccount ` -Arguments @($PSBoundParameters,$PSScriptRoot) ` -ScriptBlock { $params = $args[0] $ScriptRoot = $args[1] $wa = Get-SPWebApplication -Identity $params.WebAppUrl -ErrorAction SilentlyContinue if ($null -eq $wa) { throw "Web Application with URL $($params.WebAppUrl) does not exist" } $zone = [Microsoft.SharePoint.Administration.SPUrlZone]::$($params.Zone) $waExt = $wa.IisSettings[$zone] if ($null -eq $waExt) { $newWebAppExtParams = @{ Name = $params.Name Url = $params.Url Zone = $params.zone } if ($params.ContainsKey("AuthenticationMethod") -eq $true) { if($params.AuthenticationMethod -eq "Claims") { try { $ap = Get-SPTrustedIdentityTokenIssuer -Identity $params.AuthenticationProvider -ErrorAction Stop } catch { throw [Exception] "Cannot find Authentication Provider $($params.AuthenticationProvider)" } } else { $disableKerberos = ($params.AuthenticationMethod -eq "NTLM") $ap = New-SPAuthenticationProvider -UseWindowsIntegratedAuthentication ` -DisableKerberos:$disableKerberos } $newWebAppExtParams.Add("AuthenticationProvider", $ap) } if ($params.ContainsKey("AllowAnonymous") -eq $true) { $newWebAppExtParams.Add("AllowAnonymousAccess", $params.AllowAnonymous) } if ($params.ContainsKey("HostHeader") -eq $true) { $newWebAppExtParams.Add("HostHeader", $params.HostHeader) } if ($params.ContainsKey("Path") -eq $true) { $newWebAppExtParams.Add("Path", $params.Path) } if ($params.ContainsKey("Port") -eq $true) { $newWebAppExtParams.Add("Port", $params.Port) } if ($params.ContainsKey("UseSSL") -eq $true) { $newWebAppExtParams.Add("SecureSocketsLayer", $params.UseSSL) } $wa | New-SPWebApplicationExtension @newWebAppExtParams | Out-Null } else { if ($params.ContainsKey("AllowAnonymous") -eq $true) { $waExt.AllowAnonymous = $params.AllowAnonymous $wa.update() } if ($params.ContainsKey("AuthenticationMethod") -eq $true) { if($params.AuthenticationMethod -eq "Claims") { try { $ap = Get-SPTrustedIdentityTokenIssuer -Identity $params.AuthenticationProvider -ErrorAction Stop } catch { throw [Exception] "Cannot find Authentication Provider $($params.AuthenticationProvider)" } } else { $disableKerberos = ($params.AuthenticationMethod -eq "NTLM") $ap = New-SPAuthenticationProvider -UseWindowsIntegratedAuthentication ` -DisableKerberos:$disableKerberos } Set-SPWebApplication -Identity $params.WebAppUrl -Zone $params.zone -AuthenticationProvider $ap } } } } if ($Ensure -eq "Absent") { Invoke-SPDSCCommand -Credential $InstallAccount ` -Arguments @($PSBoundParameters,$PSScriptRoot) ` -ScriptBlock { $params = $args[0] $ScriptRoot = $args[1] $wa = Get-SPWebApplication -Identity $params.WebAppUrl -ErrorAction SilentlyContinue if ($null -eq $wa) { throw "Web Application with URL $($params.WebAppUrl) does not exist" } if ($null -ne $wa) { $wa | Remove-SPWebApplication -Zone $params.zone -Confirm:$false -DeleteIISSite } } } } function Test-TargetResource { [CmdletBinding()] [OutputType([System.Boolean])] param ( [parameter(Mandatory = $true)] [System.String] $WebAppUrl, [parameter(Mandatory = $true)] [System.String] $Name, [parameter(Mandatory = $true)] [System.String] $Url, [parameter(Mandatory = $true)] [ValidateSet("Default","Intranet","Internet","Extranet","Custom")] [System.String] $Zone, [parameter(Mandatory = $false)] [System.Boolean] $AllowAnonymous, [parameter(Mandatory = $false)] [System.String] $HostHeader, [parameter(Mandatory = $false)] [System.String] $Path, [parameter(Mandatory = $false)] [System.String] $Port, [parameter(Mandatory = $false)] [System.Boolean] $UseSSL, [parameter(Mandatory = $false)] [ValidateSet("NTLM","Kerberos","Claims")] [System.String] $AuthenticationMethod, [parameter(Mandatory = $false)] [System.String] $AuthenticationProvider, [parameter(Mandatory = $false)] [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present", [parameter(Mandatory = $false)] [System.Management.Automation.PSCredential] $InstallAccount ) Write-Verbose -Message "Testing for web application extension '$Name'config" $PSBoundParameters.Ensure = $Ensure $CurrentValues = Get-TargetResource @PSBoundParameters $testReturn = Test-SPDscParameterState -CurrentValues $CurrentValues ` -DesiredValues $PSBoundParameters ` -ValuesToCheck @("Ensure","AuthenticationMethod","AllowAnonymous") return $testReturn } Export-ModuleMember -Function *-TargetResource |