DnsServerDsSetting: New Resource to Manage AD DNS settings (#258)

- DnsServerDsSetting
  - Added new resource to manage AD-integrated DNS settings

CHANGELOG.md

@@ -57,6 +57,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - Added new resource to manage NS records
 - DnsRecordNsScoped
   - Added new resource to manage scoped NS records
+- DnsServerDsSetting
+  - Added new resource to manage AD-integrated DNS settings
 
 ### Changed
 

source/Classes/001.ResourceBase.ps1

@@ -3,7 +3,7 @@
         A class with methods that are equal for all class-based resources.
 
     .DESCRIPTION
-       A class with methods that are equal for all class-based resources.
+        A class with methods that are equal for all class-based resources.
 
     .NOTES
         This class should not contain any DSC properties.
@@ -81,22 +81,22 @@ class ResourceBase
 
         if ($propertiesNotInDesiredState)
         {
-            $setDnsServerRecursionParameters = $this.GetDesiredStateForSplatting($propertiesNotInDesiredState)
+            $propertiesToModify = $this.GetDesiredStateForSplatting($propertiesNotInDesiredState)
 
-            $setDnsServerRecursionParameters.Keys | ForEach-Object -Process {
-                Write-Verbose -Message ($this.localizedData.SetProperty -f $_, $setDnsServerRecursionParameters.$_, $this.GetType().Name)
+            $propertiesToModify.Keys | ForEach-Object -Process {
+                Write-Verbose -Message ($this.localizedData.SetProperty -f $_, $propertiesToModify.$_, $this.GetType().Name)
             }
 
             if ($this.DnsServer -ne 'localhost')
             {
-                $setDnsServerRecursionParameters['ComputerName'] = $this.DnsServer
+                $propertiesToModify['ComputerName'] = $this.DnsServer
             }
 
             <#
                 Call the Modify() method with the properties that should be enforced
                 and was not in desired state.
             #>
-            $this.Modify($setDnsServerRecursionParameters)
+            $this.Modify($propertiesToModify)
         }
         else
         {
@@ -146,7 +146,7 @@ class ResourceBase
 
         <#
             Remove properties that have $null as the value, and remove read
-            properties so that there is no chance to campare those.
+            properties so that there is no chance to compare those.
         #>
         @($desiredState.Keys) | ForEach-Object -Process {
             $isReadProperty = $this.GetType().GetMember($_).CustomAttributes.Where( { $_.NamedArguments.MemberName -eq 'NotConfigurable' }).NamedArguments.TypedValue.Value -eq $true

source/Classes/003.DnsServerDsSetting.ps1

@@ -0,0 +1,163 @@
+<#
+    .SYNOPSIS
+        The DnsServerDsSetting DSC resource manages DNS Active Directory settings
+        on a Microsoft Domain Name System (DNS) server.
+
+    .DESCRIPTION
+        The DnsServerDsSetting DSC resource manages DNS Active Directory settings
+        on a Microsoft Domain Name System (DNS) server.
+
+    .PARAMETER DnsServer
+        The host name of the Domain Name System (DNS) server, or use `'localhost'`
+        for the current node.
+
+    .PARAMETER DirectoryPartitionAutoEnlistInterval
+        Specifies the interval, during which a DNS server tries to enlist itself
+        in a DNS domain partition and DNS forest partition, if it is not already
+        enlisted. We recommend that you limit this value to the range one hour to
+        180 days, inclusive, but you can use any value. We recommend that you set
+        the default value to one day. You must set the value 0 (zero) as a flag
+        value for the default value. However, you can allow zero and treat it
+        literally.
+
+    .PARAMETER LazyUpdateInterval
+        Specifies a value, in seconds, to determine how frequently the DNS server
+        submits updates to the directory server without specifying the
+        LDAP_SERVER_LAZY_COMMIT_OID control ([MS-ADTS] section 3.1.1.3.4.1.7) at
+        the same time that it processes DNS dynamic update requests. We recommend
+        that you limit this value to the range 0x00000000 to 0x0000003c. You must
+        set the default value to 0x00000003. You must set the value zero to
+        indicate that the DNS server does not specify the
+        LDAP_SERVER_LAZY_COMMIT_OID control at the same time that it processes
+        DNS dynamic update requests. For more information about
+        LDAP_SERVER_LAZY_COMMIT_OID, see LDAP_SERVER_LAZY_COMMIT_OID control
+        code. The LDAP_SERVER_LAZY_COMMIT_OID control instructs the DNS server
+        to return the results of a directory service modification command after
+        it is completed in memory but before it is committed to disk. In this
+        way, the server can return results quickly and save data to disk without
+        sacrificing performance. The DNS server must send this control only to
+        the directory server that is attached to an LDAP update that the DNS
+        server initiates in response to a DNS dynamic update request. If the
+        value is nonzero, LDAP updates that occur during the processing of DNS
+        dynamic update requests must not specify the LDAP_SERVER_LAZY_COMMIT_OID
+        control if a period of less than DsLazyUpdateInterval seconds has passed
+        since the last LDAP update that specifies this control. If a period that
+        is greater than DsLazyUpdateInterval seconds passes, during which time
+        the DNS server does not perform an LDAP update that specifies this
+        control, the DNS server must specify this control on the next update.
+
+    .PARAMETER MinimumBackgroundLoadThreads
+        Specifies the minimum number of background threads that the DNS server
+        uses to load zone data from the directory service. You must limit this
+        value to the range 0x00000000 to 0x00000005, inclusive. You must set the
+        default value to 0x00000001, and you must treat the value zero as a flag
+        value for the default value.
+
+    .PARAMETER PollingInterval
+        Specifies how frequently the DNS server polls Active Directory Domain
+        Services (AD DS) for changes in Active Directory-integrated zones. You
+        must limit the value to the range 30 seconds to 3,600 seconds, inclusive.
+
+    .PARAMETER RemoteReplicationDelay
+        Specifies the minimum interval, in seconds, that the DNS server waits
+        between the time that it determines that a single object has changed on
+        a remote directory server, to the time that it tries to replicate a
+        single object change. You must limit the value to the range 0x00000005
+        to 0x00000E10, inclusive. You must set the default value to 0x0000001E,
+        and you must treat the value zero as a flag value for the default value.
+
+    .PARAMETER TombstoneInterval
+        Specifies the amount of time that DNS keeps tombstoned records alive in
+        Active Directory. We recommend that you limit this value to the range
+        three days to eight weeks, inclusive, but you can set it to any value in
+        the range 82 hours to 8 weeks. We recommend that you set the default
+        value to 14 days and treat the value zero as a flag value for the
+        default. However, you can allow the value zero and treat it literally.
+        At 2:00 A.M. local time every day, the DNS server must search all
+        directory service zones for nodes that have the Active Directory
+        dnsTombstoned attribute set to True, and for a directory service
+        EntombedTime (section 2.2.2.2.3.23 of MS-DNSP) value that is greater
+        than previous directory service DSTombstoneInterval seconds. You must
+        permanently delete all such nodes from the directory server.
+#>
+
+[DscResource()]
+class DnsServerDsSetting : ResourceBase
+{
+    [DscProperty(Key)]
+    [System.String]
+    $DnsServer
+
+    [DscProperty()]
+    [System.String]
+    $DirectoryPartitionAutoEnlistInterval
+
+    [DscProperty()]
+    [Nullable[System.UInt32]]
+    $LazyUpdateInterval
+
+    [DscProperty()]
+    [Nullable[System.UInt32]]
+    $MinimumBackgroundLoadThreads
+
+    [DscProperty()]
+    [System.String]
+    $PollingInterval
+
+    [DscProperty()]
+    [Nullable[System.UInt32]]
+    $RemoteReplicationDelay
+
+    [DscProperty()]
+    [System.String]
+    $TombstoneInterval
+
+    [DnsServerDsSetting] Get()
+    {
+        # Call the base method to return the properties.
+        return ([ResourceBase] $this).Get()
+    }
+
+    # Base method Get() call this method to get the current state as a CimInstance.
+    [Microsoft.Management.Infrastructure.CimInstance] GetCurrentState([System.Collections.Hashtable] $properties)
+    {
+        return (Get-DnsServerDsSetting @properties)
+    }
+
+    [void] Set()
+    {
+        # Call the base method to enforce the properties.
+        ([ResourceBase] $this).Set()
+    }
+
+    <#
+        Base method Set() call this method with the properties that should be
+        enforced and that are not in desired state.
+    #>
+    [void] Modify([System.Collections.Hashtable] $properties)
+    {
+        Set-DnsServerDsSetting @properties
+    }
+
+    [System.Boolean] Test()
+    {
+        # Call the base method to test all of the properties that should be enforced.
+        return ([ResourceBase] $this).Test()
+    }
+
+    hidden [void] AssertProperties()
+    {
+        @(
+            'DirectoryPartitionAutoEnlistInterval',
+            'TombstoneInterval'
+        ) | ForEach-Object -Process {
+            $valueToConvert = $this.$_
+
+            # Only evaluate properties that have a value.
+            if ($null -ne $valueToConvert)
+            {
+                Assert-TimeSpan -PropertyName $_ -Value $valueToConvert -Minimum '0.00:00:00'
+            }
+        }
+    }
+}

source/Examples/Resources/DnsServerDsSetting/1-DnsServerDsSetting_DirectoryPartitionAutoEnlistInterval_Config.ps1

@@ -0,0 +1,54 @@
+<#PSScriptInfo
+
+.VERSION 1.0.0
+
+.GUID a822d4a5-c575-45f9-ba1a-aaea21a43c00
+
+.AUTHOR DSC Community
+
+.COMPANYNAME DSC Community
+
+.COPYRIGHT DSC Community contributors. All rights reserved.
+
+.TAGS DSCConfiguration
+
+.LICENSEURI https://github.com/dsccommunity/DnsServerDsc/blob/main/LICENSE
+
+.PROJECTURI https://github.com/dsccommunity/DnsServerDsc
+
+.ICONURI https://dsccommunity.org/images/DSC_Logo_300p.png
+
+.EXTERNALMODULEDEPENDENCIES
+
+.REQUIREDSCRIPTS
+
+.EXTERNALSCRIPTDEPENDENCIES
+
+.RELEASENOTES
+First version.
+
+.PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core
+
+#>
+
+#Requires -Module DnsServerDsc
+
+<#
+    .DESCRIPTION
+        This configuration will change the Directory Partition Auto Enlist
+        Interval in Active Directory.
+#>
+
+configuration DnsServerDsSetting_DirectoryPartitionAutoEnlistInterval_Config
+{
+    Import-DscResource -ModuleName 'DnsServerDsc'
+
+    node localhost
+    {
+        DnsServerDsSetting 'Integration_Test'
+        {
+            DnsServer    = 'localhost'
+            DirectoryPartitionAutoEnlistInterval = '1.00:00:00'
+        }
+    }
+}

source/Examples/Resources/DnsServerDsSetting/2-DnsServerDsSetting_LazyUpdateInterval_Config.ps1

@@ -0,0 +1,54 @@
+<#PSScriptInfo
+
+.VERSION 1.0.0
+
+.GUID 57cdc411-d737-4dc2-9ede-86ffea596094
+
+.AUTHOR DSC Community
+
+.COMPANYNAME DSC Community
+
+.COPYRIGHT DSC Community contributors. All rights reserved.
+
+.TAGS DSCConfiguration
+
+.LICENSEURI https://github.com/dsccommunity/DnsServerDsc/blob/main/LICENSE
+
+.PROJECTURI https://github.com/dsccommunity/DnsServerDsc
+
+.ICONURI https://dsccommunity.org/images/DSC_Logo_300p.png
+
+.EXTERNALMODULEDEPENDENCIES
+
+.REQUIREDSCRIPTS
+
+.EXTERNALSCRIPTDEPENDENCIES
+
+.RELEASENOTES
+First version.
+
+.PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core
+
+#>
+
+#Requires -Module DnsServerDsc
+
+<#
+    .DESCRIPTION
+        This configuration will change the Lazy Update
+        Interval in Active Directory.
+#>
+
+configuration DnsServerDsSetting_LazyUpdateInterval_Config
+{
+    Import-DscResource -ModuleName 'DnsServerDsc'
+
+    node localhost
+    {
+        DnsServerDsSetting 'Integration_Test'
+        {
+            DnsServer    = 'localhost'
+            LazyUpdateInterval = 3
+        }
+    }
+}

source/Examples/Resources/DnsServerDsSetting/3-DnsServerDsSetting_MinimumBackgroundLoadThreads_Config.ps1

@@ -0,0 +1,54 @@
+<#PSScriptInfo
+
+.VERSION 1.0.0
+
+.GUID 0feef9f4-1d8f-4d56-be15-7599cf2ed3b2
+
+.AUTHOR DSC Community
+
+.COMPANYNAME DSC Community
+
+.COPYRIGHT DSC Community contributors. All rights reserved.
+
+.TAGS DSCConfiguration
+
+.LICENSEURI https://github.com/dsccommunity/DnsServerDsc/blob/main/LICENSE
+
+.PROJECTURI https://github.com/dsccommunity/DnsServerDsc
+
+.ICONURI https://dsccommunity.org/images/DSC_Logo_300p.png
+
+.EXTERNALMODULEDEPENDENCIES
+
+.REQUIREDSCRIPTS
+
+.EXTERNALSCRIPTDEPENDENCIES
+
+.RELEASENOTES
+First version.
+
+.PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core
+
+#>
+
+#Requires -Module DnsServerDsc
+
+<#
+    .DESCRIPTION
+        This configuration will change the Minimum Background Load Threads
+        in Active Directory.
+#>
+
+configuration DnsServerDsSetting_MinimumBackgroundLoadThreads_Config
+{
+    Import-DscResource -ModuleName 'DnsServerDsc'
+
+    node localhost
+    {
+        DnsServerDsSetting 'Integration_Test'
+        {
+            DnsServer       = 'localhost'
+            MinimumBackgroundLoadThreads = 1
+        }
+    }
+}