Tests/Unit/MSFT_xADDomainController.Tests.ps1
|
[System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '')] param() #region HEADER $script:dscModuleName = 'xActiveDirectory' $script:dscResourceName = 'MSFT_xADDomainController' # Unit Test Template Version: 1.2.4 $script:moduleRoot = Split-Path -Parent (Split-Path -Parent $PSScriptRoot) if ( (-not (Test-Path -Path (Join-Path -Path $script:moduleRoot -ChildPath 'DSCResource.Tests'))) -or ` (-not (Test-Path -Path (Join-Path -Path $script:moduleRoot -ChildPath 'DSCResource.Tests\TestHelper.psm1'))) ) { & git @('clone', 'https://github.com/PowerShell/DscResource.Tests.git', (Join-Path -Path $script:moduleRoot -ChildPath 'DscResource.Tests')) } Import-Module -Name (Join-Path -Path $script:moduleRoot -ChildPath (Join-Path -Path 'DSCResource.Tests' -ChildPath 'TestHelper.psm1')) -Force # TODO: Insert the correct <ModuleName> and <ResourceName> for your resource $TestEnvironment = Initialize-TestEnvironment ` -DSCModuleName $script:dscModuleName ` -DSCResourceName $script:dscResourceName ` -ResourceType 'Mof' ` -TestType Unit #endregion HEADER function Invoke-TestSetup { } function Invoke-TestCleanup { Restore-TestEnvironment -TestEnvironment $TestEnvironment } # Begin Testing try { Invoke-TestSetup InModuleScope $script:dscResourceName { #Load the AD Module Stub, so we can mock the cmdlets, then load the AD types Import-Module (Join-Path -Path $PSScriptRoot -ChildPath 'Stubs\ActiveDirectoryStub.psm1') -Force # If one type does not exist, it's assumed the other ones does not exist either. if (-not ('Microsoft.ActiveDirectory.Management.ADAuthType' -as [Type])) { $adModuleStub = (Join-Path -Path $PSScriptRoot -ChildPath 'Stubs\Microsoft.ActiveDirectory.Management.cs') Add-Type -Path $adModuleStub } #region Pester Test Variable Initialization $correctDomainName = 'present.com' $testAdminCredential = [System.Management.Automation.PSCredential]::Empty $correctDatabasePath = 'C:\Windows\NTDS' $correctLogPath = 'C:\Windows\NTDS' $correctSysvolPath = 'C:\Windows\SYSVOL' $correctSiteName = 'PresentSite' $incorrectSiteName = 'IncorrectSite' $correctInstallationMediaPath = 'TestDrive:\IFM' $mockNtdsSettingsObjectDn = 'CN=NTDS Settings,CN=ServerName,CN=Servers,CN=PresentSite,CN=Sites,CN=Configuration,DC=present,DC=com' $testDefaultParams = @{ DomainAdministratorCredential = $testAdminCredential SafemodeAdministratorPassword = $testAdminCredential Verbose = $true } #Fake function because it is only available on Windows Server function Install-ADDSDomainController { [CmdletBinding()] param ( [Parameter()] $DomainName, [Parameter()] [System.Management.Automation.PSCredential] $SafeModeAdministratorPassword, [Parameter()] [System.Management.Automation.PSCredential] $Credential, [Parameter()] $NoRebootOnCompletion, [Parameter()] $Force, [Parameter()] $DatabasePath, [Parameter()] $LogPath, [Parameter()] $SysvolPath, [Parameter()] $SiteName, [Parameter()] $InstallationMediaPath, [Parameter()] $NoGlobalCatalog ) throw [exception] 'Not Implemented' } #endregion Pester Test Initialization #region Function Get-TargetResource Describe 'xActiveDirectory\Get-TargetResource' -Tag 'Get' { Context 'When the domain name is not available' { BeforeAll { Mock -CommandName Get-ADDomain -MockWith { throw New-Object -TypeName 'Microsoft.ActiveDirectory.Management.ADServerDownException' } } It 'Should throw the correct error' { { Get-TargetResource @testDefaultParams -DomainName $correctDomainName } | Should -Throw ($script:localizedData.MissingDomain -f $correctDomainName) } } Context 'Normal Operations' { Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject { return @{ Site = $correctSiteName Domain = $correctDomainName IsGlobalCatalog = $true } } Mock -CommandName Get-ItemProperty -ParameterFilter { $Path -eq 'HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Parameters' } -MockWith { return @{ 'Database log files path' = 'C:\Windows\NTDS' 'DSA Working Directory' = 'C:\Windows\NTDS' } } Mock -CommandName Get-ItemProperty -ParameterFilter { $Path -eq 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' } -MockWith { return @{ 'SysVol' = 'C:\Windows\SYSVOL\sysvol' } } New-Item -Path 'TestDrive:\' -ItemType Directory -Name IFM $result = Get-TargetResource @testDefaultParams -DomainName $correctDomainName It 'Returns current Domain Controller properties' { $result.DomainName | Should -Be $correctDomainName $result.DatabasePath | Should -Be $correctDatabasePath $result.LogPath | Should -Be $correctLogPath $result.SysvolPath | Should -Be $correctSysvolPath $result.SiteName | Should -Be $correctSiteName $result.Ensure | Should -Be $true $result.IsGlobalCatalog | Should -Be $true } } Context 'Domain Controller Service not installed on host' { Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject -MockWith { return $null } $result = Get-TargetResource @testDefaultParams -DomainName $correctDomainName It 'Returns Ensure = False' { $result.DomainName | Should -Be $correctDomainName $result.DatabasePath | Should -BeNullOrEmpty $result.LogPath | Should -BeNullOrEmpty $result.SysvolPath | Should -BeNullOrEmpty $result.SiteName | Should -BeNullOrEmpty $result.Ensure | Should -Be $false $result.IsGlobalCatalog | Should -Be $false $result.NtdsSettingsObjectDn | Should -BeNullOrEmpty } } } #endregion #region Function Test-TargetResource Describe 'xActiveDirectory\Test-TargetResource' -Tag 'Test' { $testDefaultParams = @{ DomainAdministratorCredential = $testAdminCredential SafemodeAdministratorPassword = $testAdminCredential Verbose = $true } It 'Returns "False" when "SiteName" does not match' { $stubDomain = @{ DNSRoot = $correctDomainName } $stubDomainController = @{ Site = $incorrectSiteName Domain = $correctDomainName } Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject -MockWith { return $stubDomainController } Mock -CommandName Test-ADReplicationSite -MockWith { return $true } Mock -CommandName Get-ItemProperty -MockWith { return @{ } } $result = Test-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName $result | Should -Be $false } It 'Returns "True" when "SiteName" matches' { $stubDomainController = @{ Site = $correctSiteName Domain = $correctDomainName } Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject -MockWith { return $stubDomainController } Mock -CommandName Test-ADReplicationSite -MockWith { return $true } Mock -CommandName Get-ItemProperty -MockWith { return @{ } } $result = Test-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName $result | Should -Be $true } It 'Throws if "SiteName" is wrong' { $stubDomainController = @{ Site = $correctSiteName Domain = $correctDomainName } Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject -MockWith { return $stubDomainController } Mock -CommandName Test-ADReplicationSite -MockWith { return $false } { Test-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $incorrectSiteName } | Should -Throw ($script:localizedData.FailedToFindSite -f $incorrectSiteName, $correctDomainName) } It 'Returns "False" when "IsGlobalCatalog" does not match' { $stubDomain = @{ DNSRoot = $correctDomainName } $stubDomainController = @{ Site = $correctSiteName Domain = $correctDomainName IsGlobalCatalog = $false } Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject -MockWith { return $stubDomainController } Mock -CommandName Test-ADReplicationSite -MockWith { return $true } Mock -CommandName Get-ItemProperty -MockWith { return @{ } } $result = Test-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName -IsGlobalCatalog $true $result | Should -Be $false } It 'Returns "False" when "IsGlobalCatalog" does not match' { $stubDomain = @{ DNSRoot = $correctDomainName } $stubDomainController = @{ Site = $correctSiteName Domain = $correctDomainName IsGlobalCatalog = $true } Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject -MockWith { return $stubDomainController } Mock -CommandName Test-ADReplicationSite -MockWith { return $true } Mock -CommandName Get-ItemProperty -MockWith { return @{ } } $result = Test-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName -IsGlobalCatalog $false $result | Should -Be $false } It 'Returns "True" when "IsGlobalCatalog" matches' { $stubDomain = @{ DNSRoot = $correctDomainName } $stubDomainController = @{ Site = $correctSiteName Domain = $correctDomainName IsGlobalCatalog = $true } Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-DomainControllerObject -MockWith { return $stubDomainController } Mock -CommandName Test-ADReplicationSite -MockWith { return $true } Mock -CommandName Get-ItemProperty -MockWith { return @{ } } $result = Test-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName -IsGlobalCatalog $true $result | Should -Be $true } } #endregion #region Function Set-TargetResource Describe 'xActiveDirectory\Set-TargetResource' -Tag 'Set' { Context 'When the system is not in the desired state' { BeforeAll { Mock -CommandName Install-ADDSDomainController Mock -CommandName Get-ADDomain -MockWith { return $true } Mock -CommandName Get-TargetResource -MockWith { return @{ Ensure = $false } } } Context 'When adding a domain controller to a specific site' { It 'It should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName } | Should -Not -Throw Assert-MockCalled -CommandName Install-ADDSDomainController -ParameterFilter { $SiteName -eq $correctSiteName } -Exactly -Times 1 -Scope It } } Context 'When adding a domain controller to a specific database path' { It 'It should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -DatabasePath $correctDatabasePath } | Should -Not -Throw Assert-MockCalled -CommandName Install-ADDSDomainController -ParameterFilter { $DatabasePath -eq $correctDatabasePath } -Exactly -Times 1 -Scope It } } Context 'When adding a domain controller to a specific SysVol path' { It 'It should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -SysVolPath $correctSysvolPath } | Should -Not -Throw Assert-MockCalled -CommandName Install-ADDSDomainController -ParameterFilter { $SysVolPath -eq $correctSysvolPath } -Exactly -Times 1 -Scope It } } Context 'When adding a domain controller to a specific log path' { It 'It should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -LogPath $correctLogPath } | Should -Not -Throw Assert-MockCalled -CommandName Install-ADDSDomainController -ParameterFilter { $LogPath -eq $correctLogPath } -Exactly -Times 1 -Scope It } } Context 'When adding a domain controller that should not be a Global Catalog' { It 'It should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -IsGlobalCatalog $false } | Should -Not -Throw Assert-MockCalled -CommandName Install-ADDSDomainController -ParameterFilter { $NoGlobalCatalog -eq $true } -Exactly -Times 1 -Scope It } } Context 'When adding a domain controller using IFM' { BeforeAll { New-Item -Path $correctInstallationMediaPath -ItemType 'Directory' -Force } It 'It should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -InstallationMediaPath $correctInstallationMediaPath } | Should -Not -Throw Assert-MockCalled -CommandName Install-ADDSDomainController -ParameterFilter { $InstallationMediaPath -eq $correctInstallationMediaPath } -Exactly -Times 1 -Scope It } } Context 'When a domain controller is in the wrong site' { BeforeAll { Mock -CommandName Move-ADDirectoryServer Mock -CommandName Get-TargetResource -MockWith { return @{ Ensure = $true SiteName = 'IncorrectSite' } } } It 'Should call the correct mocks to move the domain controller to the correct site' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName } | Should -Not -Throw # FYI: This test will fail when run locally, but should succeed on the build server Assert-MockCalled -CommandName Move-ADDirectoryServer -ParameterFilter { $Site.ToString() -eq $correctSiteName } -Exactly -Times 1 -Scope It } Context 'When the domain controller is in the wrong site, but SiteName is not specified' { It 'Should not move the domain controller' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName } | Should -Not -Throw Assert-MockCalled -CommandName Move-ADDirectoryServer -Exactly -Times 0 -Scope It } } } Context 'When specifying the IsGlobalCatalog parameter' { BeforeAll { Mock -CommandName Set-ADObject Mock -CommandName Get-DomainControllerObject { return @{ NTDSSettingsObjectDN = $mockNtdsSettingsObjectDn } } } Context 'When the domain controller should be a Global Catalog' { BeforeAll { Mock -CommandName Get-TargetResource -MockWith { return $stubTargetResource = @{ Ensure = $true SiteName = 'PresentSite' IsGlobalCatalog = $false } } } It 'Should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -IsGlobalCatalog $true } | Should -Not -Throw Assert-MockCalled -CommandName Set-ADObject -ParameterFilter { $Replace['options'] -eq 1 } -Exactly -Times 1 -Scope It } } Context 'When the domain controller should not be a Global Catalog' { BeforeAll { Mock -CommandName Get-TargetResource -MockWith { return $stubTargetResource = @{ Ensure = $true SiteName = 'PresentSite' IsGlobalCatalog = $true } } } It 'Should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -IsGlobalCatalog $false } | Should -Not -Throw Assert-MockCalled -CommandName Set-ADObject -ParameterFilter { $Replace['options'] -eq 0 } -Exactly -Times 1 -Scope It } } Context 'When the domain controller should change state of Global Catalog, but fail to return a domain controller object' { BeforeAll { Mock -CommandName Get-TargetResource -MockWith { return $stubTargetResource = @{ Ensure = $true SiteName = 'PresentSite' IsGlobalCatalog = $true } } Mock -CommandName Get-DomainControllerObject } It 'Should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -IsGlobalCatalog $false } | Should -Throw $script:localizedData.ExpectedDomainController Assert-MockCalled -CommandName Set-ADObject -Exactly -Times 0 -Scope It } } } } Context 'When the system is in the desired state' { Context 'When a domain controller is in the correct site' { BeforeAll { Mock -CommandName Move-ADDirectoryServer Mock -CommandName Get-TargetResource -MockWith { return @{ Ensure = $true SiteName = 'PresentSite' } } } It 'Should not move the domain controller' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -SiteName $correctSiteName } | Should -Not -Throw Assert-MockCalled -CommandName Move-ADDirectoryServer -Exactly -Times 0 -Scope It } } Context 'When specifying the IsGlobalCatalog parameter' { BeforeAll { Mock -CommandName Set-ADObject Mock -CommandName Get-DomainControllerObject { return @{ NTDSSettingsObjectDN = $mockNtdsSettingsObjectDn } } } Context 'When the domain controller should be a Global Catalog' { BeforeAll { Mock -CommandName Get-TargetResource -MockWith { return $stubTargetResource = @{ Ensure = $true SiteName = 'PresentSite' IsGlobalCatalog = $false } } } It 'Should call the correct mocks' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -IsGlobalCatalog $true } | Should -Not -Throw Assert-MockCalled -CommandName Set-ADObject -ParameterFilter { $Replace['options'] -eq 1 } -Exactly -Times 1 -Scope It } } Context 'When the domain controller already is a Global Catalog' { BeforeAll { Mock -CommandName Get-TargetResource -MockWith { return $stubTargetResource = @{ Ensure = $true SiteName = 'PresentSite' IsGlobalCatalog = $true } } } It 'Should not call the mock Set-ADObject' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -IsGlobalCatalog $true } | Should -Not -Throw Assert-MockCalled -CommandName Set-ADObject -Exactly -Times 0 -Scope It } } Context 'When the domain controller already are not a Global Catalog' { BeforeAll { Mock -CommandName Get-TargetResource -MockWith { return $stubTargetResource = @{ Ensure = $true SiteName = 'PresentSite' IsGlobalCatalog = $false } } } It 'Should not call the mock Set-ADObject' { { Set-TargetResource @testDefaultParams -DomainName $correctDomainName -IsGlobalCatalog $false } | Should -Not -Throw Assert-MockCalled -CommandName Set-ADObject -Exactly -Times 0 -Scope It } } } } } #endregion } } finally { Invoke-TestCleanup } |