Merge pull request #652 from PowerShell/release-1.9

Release 1.9

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Change log for SharePointDsc
 
+## 1.9
+
+* New resource: SPServiceIdentity
+
 ## 1.8
 
 * Fixed issue in SPServiceAppProxyGroup causing some service names to return as null

Modules/SharePointDsc/DSCResources/MSFT_SPServiceIdentity/MSFT_SPServiceIdentity.psm1

@@ -0,0 +1,122 @@
+function Get-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Collections.Hashtable])]
+    param
+    (
+        [parameter(Mandatory = $true)]  
+        [System.String]
+        $Name,
+
+        [parameter(Mandatory = $false)]
+        [System.Management.Automation.PSCredential] 
+        $InstallAccount,
+
+        [parameter(Mandatory = $true)] 
+        [System.String] 
+        $ManagedAccount
+    )
+
+    Write-Verbose -Message "Getting identity for service instance '$Name'"
+
+    $result = Invoke-SPDSCCommand -Credential $InstallAccount -Arguments $PSBoundParameters -ScriptBlock {
+        $params = $args[0]
+
+
+        $serviceInstance = Get-SPServiceInstance -Server $env:computername | Where-Object { $_.TypeName -eq $params.Name }
+
+        if ($null -eq $serviceInstance.service.processidentity) 
+        {
+            Write-Verbose "WARNING: Service $($params.name) does not support setting the process identity"
+        }
+
+        $ManagedAccount = $serviceInstance.service.processidentity.username
+
+        return @{
+            Name = $params.Name
+            ManagedAccount = $ManagedAccount
+        }     
+
+    }
+
+    return $result
+
+}
+
+function Set-TargetResource
+{
+    [CmdletBinding()]
+    param
+    (
+        [parameter(Mandatory = $true)]  
+        [System.String] 
+        $Name,
+
+        [parameter(Mandatory = $false)] 
+        [System.Management.Automation.PSCredential] 
+        $InstallAccount,
+
+        [parameter(Mandatory = $true)] 
+        [System.String] 
+        $ManagedAccount
+    )
+
+    Write-Verbose -Message "Setting service instance '$Name' to '$ManagedAccount'"
+
+    Invoke-SPDSCCommand -Credential $InstallAccount -Arguments $PSBoundParameters -ScriptBlock {
+        $params = $args[0]
+
+
+        $serviceInstance = Get-SPServiceInstance -Server $env:COMPUTERNAME| Where-Object { $_.TypeName -eq $params.Name }
+        $managedAccount = Get-SPManagedAccount $params.ManagedAccount
+        if ($null -eq $serviceInstance) 
+        {
+            throw [System.Exception] "Unable to locate service $($params.Name)"
+        }
+        if ($null -eq $managedAccount) 
+        {
+            throw [System.Exception] "Unable to locate Managed Account $($params.ManagedAccount)"
+        }
+
+       if ($null -eq $serviceInstance.service.processidentity) 
+       {
+           throw [System.Exception] "Service $($params.name) does not support setting the process identity"
+       }
+
+       $serviceInstance.service.processIdentity.CurrentIdentityType = [Microsoft.SharePoint.Administration.IdentityType]::SpecificUser 
+       $serviceInstance.service.processIdentity.ManagedAccount = $managedAccount
+       $serviceInstance.service.processIdentity.update()
+       $serviceInstance.service.processIdentity.deploy() 
+
+ }
+
+
+}
+
+
+function Test-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Boolean])]
+    param
+    (
+        [parameter(Mandatory = $true)]  
+        [System.String]
+        $Name,
+
+        [parameter(Mandatory = $false)] 
+        [System.Management.Automation.PSCredential] 
+        $InstallAccount,
+
+        [parameter(Mandatory = $true)] 
+        [System.String] 
+        $ManagedAccount
+    )
+
+  $CurrentValues = Get-TargetResource @PSBoundParameters
+  Write-Verbose -Message "Testing service instance '$Name' Process Identity"
+
+  return ($CurrentValues.ManagedAccount -eq $ManagedAccount)
+
+
+}

Modules/SharePointDsc/DSCResources/MSFT_SPServiceIdentity/MSFT_SPServiceIdentity.schema.mof

@@ -0,0 +1,7 @@
+[ClassVersion("1.0.0.0"), FriendlyName("SPServiceIdentity")]
+class MSFT_SPServiceIdentity : OMI_BaseResource
+{
+    [Key, Description("The name of the service instance to manage")] string Name;
+    [Required, Description("The user name of a managed account that will be used to run the service") ] string ManagedAccount;
+    [Write, Description("POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsAccount if using PowerShell 5"), EmbeddedInstance("MSFT_Credential")] String InstallAccount;
+};

Modules/SharePointDsc/DSCResources/MSFT_SPServiceIdentity/readme.md

@@ -0,0 +1,6 @@
+# Description
+
+This resource is used to specify a managed account to be used to run a service instance.
+The name is the typename of the service as shown in the Central Admin website.
+This resource only needs to be run on one server in the farm, as the process identity
+update method will apply the settings to all instances of the service.

Modules/SharePointDsc/Examples/Resources/SPServiceIdentity/1-Example.ps1

@@ -0,0 +1,26 @@
+<#
+.EXAMPLE
+    This example shows how to set the SandBox Code Service to run under a specifed service account. 
+    The account must already be registered as a managed account.
+#>
+
+Configuration Example 
+    {
+        param(
+            [Parameter(Mandatory = $true)]
+            [PSCredential]
+            $SetupAccount
+        )
+
+ Import-DscResource -ModuleName SharePointDsc
+
+        node localhost {
+
+            SPServiceIdentity SandBoxUserAccount
+            {  
+                Name           = "Microsoft SharePoint Foundation Sandboxed Code Service"
+                ManagedAccount = "CONTOSO\SPUserCode"
+                PsDscRunAsCredential = $SetupAccount
+            }
+        }
+    }

Modules/SharePointDsc/SharePointDsc.psd1

@@ -12,7 +12,7 @@
 # RootModule = ''
 
 # Version number of this module.
-ModuleVersion = '1.8.0.0'
+ModuleVersion = '1.9.0.0'
 
 # ID used to uniquely identify this module
 GUID = '6c1176a0-4fac-4134-8ca2-3fa8a21a7b90'
@@ -126,34 +126,7 @@ PrivateData = @{
 
         # ReleaseNotes of this module
         ReleaseNotes = "
-* Fixed issue in SPServiceAppProxyGroup causing some service names to return as null
-* Added TLS and SMTP port support for SharePoint 2016
-* Fixed issue in SPWebApplication where the Get method didn't return Classic
-  web applications properly
-* Fixed issue in SPSubscriptionSettingsServiceApp not returning database values
-* Updated Readme of SPInstall to include SharePoint Foundation is not supported
-* Fixed issue with Access Denied in SPDesignerSettings
-* Fixed missing brackets in error message in SPExcelServiceApp
-* Removed the requirement for the ConfigWizard in SPInstallLanguagePack
-* Fixed Language Pack detection issue in SPInstallLanguagePack
-* Added support to set Windows service accounts for search related services to
-  SPSearchServiceApp resource
-* Fixed issue in SPCreateFarm and SPJoinFarm where an exception was not handled
-  correctly
-* Fixed issue in SPSessionStateService not returning correct database server
-  and name
-* Fixed missing Ensure property default in SPRemoteFarmTrust
-* Fixed issue in SPWebAppGeneralSettings where -1 was returned for the TimeZone
-* Fixed incorrect UsagePoint check in SPQuotaTemplate
-* Fixed issue in SPWebAppPolicy module where verbose messages are causing errors
-* Fixed incorrect parameter naming in Get method of SPUserProfilePropery
-* Fixed issue in SPBlobCacheSettings when trying to declare same URL with
-  different zone
-* Improve documentation on SPProductUpdate to specify the need to unblock downloaded
-  files
-* Added check if file is blocked in SPProductUpdate to prevent endless wait
-* Enhance SPUserProfileServiceApp to allow for NoILM to be enabled
-* Fixed issue in SPUserProfileProperty where PropertyMapping was Null
+* New resource: SPServiceIdentity
 "
 
     } # End of PSData hashtable

Tests/Integration/Azure/AzureEnvironmentBuilder.psm1

@@ -0,0 +1,156 @@
+<#
+.SYNOPSIS
+The New-SPDscAzureLab cmdlet will create a new environment in Azure that can be used to develop
+for SharePointDsc or to run integration tests against
+
+.DESCRIPTION
+The New-SPDscAzureLab cmdlet will deploy a new resource group in to your current Azure subscription
+that will contain storage, network and virtual machines that are configured to be able to begin 
+development. Appropriate development tools are also installed on the SharePoint server.
+
+.PARAMETER ResourceGroupName
+The name of the resource group to create and deploy assets in to. This cannot be an existing
+resource group
+
+.PARAMETER Location
+The Azure location to deploy the assets and resource group to. To discover Azure locations run
+Get-AzureRmLocation | Select-Object -Property Location
+
+.PARAMETER StorageAccountName
+This is the name of the storage account that will be created for the deployment. This will
+contain VHD images, scripts and DSC configurations
+
+.PARAMETER SoftwareStorageAccountName
+This is the name of a storage account that will contain the binaries for SharePoint Server 
+(either 2013 or 2016).
+
+.PARAMETER SoftwareStorageAccountContainer
+This is the name of the container in the software storage account that will contain the
+binaries for the version of SharePoint you wish to deploy. This must be the full set of
+files to install SharePoint (not an ISO or other compressed collection of the files)
+
+.PARAMETER SharePointProductKey
+A valid product key for the version of SharePoint you wish to install
+
+.PARAMETER PublicDNSLabel
+The name of the public DNS label to assign to the public IP address of the SharePoint server.
+This will automatically be suffixed with the Azure location name and azure DNS suffix 
+
+.PARAMETER AdminCredential
+The username and password to use as the local administrator on all machines. The password
+on this account will also be used for all service accounts
+
+.EXAMPLE
+New-SPDscAzureLab -ResourceGroupName "SPDSCTestLab" `
+                  -Location southeastasia `
+                  -StorageAccountName "spdsctestlab1" `
+                  -SoftwareStorageAccountName "spdscsoftware1" `
+                  -SoftwareStorageAccountContainer "sharepoint2016" `
+                  -SharePointProductKey "AAAAA-AAAAA-AAAAA-AAAAA-AAAAA" `
+                  -PublicDNSLabel "spdsctestlab1" `
+                  -AdminCredential (Get-Credential -Message "Enter admin credential")
+
+.NOTES
+This cmdlet requires that the Azure PowerShell cmdlets are already installed, and that you
+have already run Login-AzureRmAccount to log in to Azure
+
+#>
+function New-SPDscAzureLab
+{
+    param(
+        [Parameter(Mandatory = $true)]
+        [string]
+        $ResourceGroupName,
+
+        [Parameter(Mandatory = $true)]
+        [string]
+        $Location,
+
+        [Parameter(Mandatory = $true)]
+        [string]
+        $StorageAccountName,
+
+        [Parameter(Mandatory = $true)]
+        [string]
+        $SoftwareStorageAccountName,
+
+        [Parameter(Mandatory = $true)]
+        [string]
+        $SoftwareStorageAccountContainer,
+
+        [Parameter(Mandatory = $true)]
+        [string]
+        $SharePointProductKey,
+
+        [Parameter(Mandatory = $true)]
+        [string]
+        $PublicDNSLabel,
+
+        [Parameter(Mandatory = $true)]
+        [PSCredential]
+        $AdminCredential
+    )   
+
+    # Create the RG and storage account
+    New-AzureRmResourceGroup -Name $ResourceGroupName -Location $Location
+    $storageAccount = New-AzureRmStorageAccount -ResourceGroupName $ResourceGroupName `
+                                                -Name $StorageAccountName `
+                                                -SkuName Standard_LRS `
+                                                -Location $Location
+
+    # Publish the DSC configurations
+    $dscConfigPath = Join-Path -Path $PSScriptRoot -ChildPath "DscConfigs"
+    Get-ChildItem -Path $dscConfigPath | ForEach-Object -Process {
+        Publish-AzureRmVMDscConfiguration -ConfigurationPath $_.FullName `
+                                          -ResourceGroupName $ResourceGroupName `
+                                          -StorageAccountName $StorageAccountName
+    }
+
+    # Publish the scripts
+    New-AzureStorageContainer -Name "scripts" -Context $storageAccount.Context
+    $scriptsPath = Join-Path -Path $PSScriptRoot -ChildPath "CustomScripts"
+    Get-ChildItem -Path $scriptsPath | ForEach-Object -Process {
+        Set-AzureStorageBlobContent -File $_.FullName `
+                                    -Container "scripts" `
+                                    -Blob $_.Name `
+                                    -Context $storageAccount.Context
+    }
+
+    # Get Sas token for DSC storage
+    $mainKeys = Get-AzureRmStorageAccountKey -ResourceGroupName $ResourceGroupName `
+                                             -Name $StorageAccountName
+    $mainStorageContext = New-AzureStorageContext -StorageAccountName $StorageAccountName `
+                                                  -StorageAccountKey $mainKeys[0].Value
+    $mainSasToken = New-AzureStorageAccountSASToken -Service Blob `
+                                                    -ResourceType Service,Container,Object `
+                                                    -Permission "racwdlup" `
+                                                    -Context $mainStorageContext
+
+    # Get keys for software storage
+    $storageAccount = Find-AzureRmResource -ResourceNameContains $SoftwareStorageAccountName
+    $softwareKeys = Get-AzureRmStorageAccountKey -ResourceGroupName $storageAccount.ResourceGroupName `
+                                                 -Name $SoftwareStorageAccountName
+
+
+    $parameters = @{}
+    $parameters.Add("storageAccountName", $StorageAccountName)
+    $parameters.Add("storageAccountKey", $mainKeys[0].Value)
+    $parameters.Add("softwareStorageAccount", $SoftwareStorageAccountName)
+    $parameters.Add("softwareStorageKey", $softwareKeys[0].Value)
+    $parameters.Add("softwareStorageContainer", $SoftwareStorageAccountContainer)
+    $parameters.Add("spProductKey", $SharePointProductKey)
+    $parameters.Add("adminUserName", $AdminCredential.UserName)
+    $parameters.Add("adminPassword", $AdminCredential.GetNetworkCredential().Password)
+    $parameters.Add("mainStorageToken", $mainSasToken)
+    $parameters.Add("publicDnsLabel", $PublicDNSLabel)
+
+    # Start the ARM deployment
+    $templatePath = Join-Path -Path $PSScriptRoot -ChildPath "template.json"
+    New-AzureRmResourceGroupDeployment -Name "SPDscLab" `
+                                       -TemplateFile $templatePath `
+                                       -ResourceGroupName $ResourceGroupName `
+                                       -TemplateParameterObject $parameters `
+                                       -Verbose
+}
+
+Export-ModuleMember -Function *

Tests/Integration/Azure/CustomScripts/DevSetup.ps1

@@ -0,0 +1,16 @@
+$packageProviderName = "ChocolateyGet"
+Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
+Install-PackageProvider -Name $packageProviderName
+Import-PackageProvider -Name $packageProviderName
+
+$packages = @(
+    "visualstudiocode"
+    "nodejs"
+    "git"
+    "Git-Credential-Manager-for-Windows"
+    "poshgit"
+)
+
+$packages | ForEach-Object -Process {
+    Install-Package -Name $_ -ProviderName $packageProviderName -Confirm:$false -Force
+}