From 2e35e1a8241b15b82adb1899a685eadacd83cc16 Mon Sep 17 00:00:00 2001 From: Mark Key Date: Mon, 20 Apr 2015 11:44:12 -0500 Subject: [PATCH 1/4] commented out line 81 BindingInfo = --- DSCResources/MSFT_msWebsite/MSFT_msWebsite.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DSCResources/MSFT_msWebsite/MSFT_msWebsite.psm1 b/DSCResources/MSFT_msWebsite/MSFT_msWebsite.psm1 index 7d83120..6491e26 100644 --- a/DSCResources/MSFT_msWebsite/MSFT_msWebsite.psm1 +++ b/DSCResources/MSFT_msWebsite/MSFT_msWebsite.psm1 @@ -78,7 +78,7 @@ function Get-TargetResource State = $Website.state; ID = $Website.id; ApplicationPool = $Website.applicationPool; - BindingInfo = $CimBindings; + #BindingInfo = $CimBindings; DefaultPage = $allDefaultPage } From 975b10a695f74d7b4b8018282546a4fd55dbea68 Mon Sep 17 00:00:00 2001 From: Nico Engelen Date: Tue, 26 May 2015 11:52:04 +0100 Subject: [PATCH 2/4] Adding functionality to run AppPool under different Identity --- .../MSFT_msWebAppPool/MSFT_msWebAppPool.psm1 | 87 +++++++++++++++++-- .../MSFT_msWebAppPool.schema.mof | 3 +- 2 files changed, 80 insertions(+), 10 deletions(-) diff --git a/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.psm1 b/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.psm1 index 56f77a6..320e0c4 100644 --- a/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.psm1 +++ b/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.psm1 @@ -24,14 +24,21 @@ function Get-TargetResource if($AppPool -ne $null) { - $Ensure = "Present" - $State = $AppPool.state + $Ensure = "Present" + $State = $AppPool.state + $IdentityType = $AppPool.processModel.identityType + If ($AppPool.processModel.Username -and $AppPool.processModel.Password) + { + $Cred = New-Object System.Management.Automation.PSCredential($AppPool.processModel.Username,(ConvertTo-SecureString -AsPlainText -Force -String $AppPool.processModel.Password)) + } } $returnValue = @{ - Name = $Name - Ensure = $Ensure - State = $State + Name = $Name + Ensure = $Ensure + State = $State + IdentityType = $IdentityType + Credential = $Cred } return $returnValue @@ -53,7 +60,18 @@ function Set-TargetResource [ValidateSet("Started","Stopped")] [System.String] - $State = "Started" + $State = "Started", + + [ValidateSet("SpecificUser","ApplicationPoolIdentity")] + [System.String] + $IdentityType, + + [ValidateScript( + { + $IdentityType -eq "SpecificUser" + })] + [System.Management.Automation.PSCredential] + $Credential ) if($Ensure -eq "Absent") @@ -75,6 +93,34 @@ function Set-TargetResource { ExecuteRequiredState -Name $Name -State $State } + if($IdentityType -and $IdentityType -ne $AppPool.identityType) + { + Write-Verbose "Setting AppPool IdentityType" + $ApplicationPool = Get-Item -Path IIS:\AppPools\* | ? {$_.name -eq $Name} + $ApplicationPool.processModel.identityType = $IdentityType + $ApplicationPool | Set-Item + } + if($Credential) + { + if($Credential.Username -ne $AppPool.Credential.Username -or + [System.Runtime.InteropServices.Marshal]::PtrToStringUni([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Credential.Password)) -ne + [System.Runtime.InteropServices.Marshal]::PtrToStringUni([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AppPool.Credential.Password))) + { + Write-Verbose "Setting Credential" + $ApplicationPool = Get-Item -Path IIS:\AppPools\* | ? {$_.name -eq $Name} + $ApplicationPool.processModel.Username = $Credential.Username + $ApplicationPool.processModel.Password = [System.Runtime.InteropServices.Marshal]::PtrToStringUni([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Credential.Password)) + $ApplicationPool | Set-Item + } + } + else + { + Write-Verbose "Removing Credential information" + $ApplicationPool = Get-Item -Path IIS:\AppPools\* | ? {$_.name -eq $Name} + $ApplicationPool.processModel.Username = "" + $ApplicationPool.processModel.Password = "" + $ApplicationPool | Set-Item + } } } @@ -95,15 +141,36 @@ function Test-TargetResource [ValidateSet("Started","Stopped")] [System.String] - $State = "Started" + $State = "Started", + + [ValidateSet("SpecificUser","ApplicationPoolIdentity")] + [System.String] + $IdentityType, + + [ValidateScript( + { + $IdentityType -eq "SpecificUser" + })] + [System.Management.Automation.PSCredential] + $Credential ) $WebAppPool = Get-TargetResource -Name $Name if($Ensure -eq "Present") { if($WebAppPool.Ensure -eq $Ensure -and $WebAppPool.State -eq $state) + { - return $true + if(-not $Credential) + { + return $true + } + elseif($Credential.Username -eq $WebAppPool.Credential.Username -and + [System.Runtime.InteropServices.Marshal]::PtrToStringUni([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Credential.Password)) -eq + [System.Runtime.InteropServices.Marshal]::PtrToStringUni([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($WebAppPool.Credential.Password))) + { + return $true + } } } elseif($WebAppPool.Ensure -eq $Ensure) @@ -111,6 +178,8 @@ function Test-TargetResource return $true } + + return $false } @@ -129,4 +198,4 @@ function ExecuteRequiredState([string] $Name, [string] $State) } } -Export-ModuleMember -Function *-TargetResource +Export-ModuleMember -Function *-TargetResource \ No newline at end of file diff --git a/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.schema.mof b/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.schema.mof index a9e530d..a255a7e 100644 --- a/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.schema.mof +++ b/DSCResources/MSFT_msWebAppPool/MSFT_msWebAppPool.schema.mof @@ -5,5 +5,6 @@ class MSFT_msWebAppPool : OMI_BaseResource [Key, Description("Name of the Web Application Pool")] String Name; [Write, Description("Web Application Pool Present/Absent"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("State of Web Application Pool"), ValueMap{"Started","Stopped"}, Values{"Started","Stopped"}] String State; + [Write, Description("Identity type to run the AppPool under"), ValueMap{"SpecificUser","ApplicationPoolIdentity"}, Values{"SpecificUser","ApplicationPoolIdentity"}] String IdentityType; + [Write, Description("User/Password to run AppPool under"),EmbeddedInstance("MSFT_Credential")] String Credential; }; - From 1e0cd75bc20ec20e78a68bba1ac45b9127df3901 Mon Sep 17 00:00:00 2001 From: Nico Engelen Date: Tue, 26 May 2015 14:52:21 +0100 Subject: [PATCH 3/4] adding functionality to run Virtual Directories under as a specific user --- .../MSFT_msWebVirtualDirectory.psm1 | 69 ++++++++++++++++--- .../MSFT_msWebVirtualDirectory.schema.mof | 9 +-- 2 files changed, 63 insertions(+), 15 deletions(-) diff --git a/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.psm1 b/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.psm1 index a45f4eb..fa6d98d 100644 --- a/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.psm1 +++ b/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.psm1 @@ -8,9 +8,8 @@ function Get-TargetResource [System.String] $Website, - [parameter(Mandatory = $true)] [System.String] - $WebApplication, + $WebApplication = "/", [parameter(Mandatory = $true)] [System.String] @@ -54,9 +53,8 @@ function Set-TargetResource [System.String] $Website, - [parameter(Mandatory = $true)] [System.String] - $WebApplication, + $WebApplication = "/", [parameter(Mandatory = $true)] [System.String] @@ -66,6 +64,12 @@ function Set-TargetResource [System.String] $PhysicalPath, + [System.Management.Automation.PSCredential] + $Credential, + + [System.Boolean] + $Force = $false, + [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present" @@ -79,12 +83,41 @@ function Set-TargetResource if ($virtualDirectory.count -eq 0) { Write-Verbose "Creating new Web Virtual Directory $Name." - New-WebVirtualDirectory -Site $Website -Application $WebApplication -Name $Name -PhysicalPath $PhysicalPath + if ($WebApplication -eq "/") + { + New-WebVirtualDirectory -Site $Website -Name $Name -PhysicalPath $PhysicalPath -Force:$Force + $WebAppPath = "\" + } + else + { + New-WebVirtualDirectory -Site $Website -Application $WebApplication -Name $Name -PhysicalPath $PhysicalPath -Force:$Force + $WebAppPath = "\WebApplication\" + } + if ($Credential) + { + Set-ItemProperty -Path IIS:\Sites\$Website$WebAppPath$Name -Name userName -Value $Credential.Username + Set-ItemProperty -Path IIS:\Sites\$Website$WebAppPath$Name -Name password -Value $Credential.GetNetworkCredential().Password + } } else { - Write-Verbose "Updating physical path for web virtual directory $Name." - Set-ItemProperty -Path IIS:Sites\$Website\$WebApplication\$Name -Name physicalPath -Value $PhysicalPath + if ($virtualDirectory.physicalPath -ne $PhysicalPath) + { + Write-Verbose "Updating physical path for web virtual directory $Name." + Set-ItemProperty -Path IIS:Sites\$Website$WebAppPath$Name -Name physicalPath -Value $PhysicalPath + } + if ($virtualDirectory.userName -ne $Credential.Username) + { + Write-Verbose "Updating Username for web virtual directory $Name" + Set-ItemProperty -Path IIS:Sites\$Website$WebAppPath$Name -Name userName -Value $Credential.Username + } + if ($virtualDirectory.password -ne $Credential.GetNetworkCredential().Password) + { + Write-Verbose "Updating Password for web virtual directory $Name" + Set-ItemProperty -Path IIS:Sites\$Website$WebAppPath$Name -Name password -Value $Credential.GetNetworkCredential().Password + } + + } } @@ -105,9 +138,8 @@ function Test-TargetResource [System.String] $Website, - [parameter(Mandatory = $true)] [System.String] - $WebApplication, + $WebApplication ="/", [parameter(Mandatory = $true)] [System.String] @@ -117,6 +149,9 @@ function Test-TargetResource [System.String] $PhysicalPath, + [System.Management.Automation.PSCredential] + $Credential, + [ValidateSet("Present","Absent")] [System.String] $Ensure = "Present" @@ -129,7 +164,9 @@ function Test-TargetResource if ($virtualDirectory.count -eq 1 -and $Ensure -eq "Present") { - if ($virtualDirectory.physicalPath -eq $PhysicalPath) + if ($virtualDirectory.physicalPath -eq $PhysicalPath -and + $virtualDirectory.userName -eq $Credential.Username -and + $virtualDirectory.password -eq $Credential.GetNetworkCredential().Password) { Write-Verbose "Web virtual directory is in required state" return $true @@ -198,6 +235,12 @@ function CheckApplicationExists [System.String] $Application ) + + if ($Application -eq "/") + { + return $true + } + $WebApplication = Get-WebApplication -Site $Site -Name $Application if ($WebApplication.count -eq 1) @@ -223,8 +266,12 @@ function GetCompositeVirtualDirectoryName $Application ) + if ($Application -eq "/") + { + return $Name + } + return "$Application/$Name" } Export-ModuleMember -Function *-TargetResource - diff --git a/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof b/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof index c2d1f12..8af090d 100644 --- a/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof +++ b/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof @@ -1,11 +1,12 @@ -[ClassVersion("1.0.0.0"), FriendlyName("msWebVirtualDirectory")] -class MSFT_msWebVirtualDirectory : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("xWebVirtualDirectory")] +class MSFT_xWebVirtualDirectory : OMI_BaseResource { [Key, Description("Name of website with which Web Application is associated")] string Website; - [Key, Description("Web application name for the virtual directory")] string WebApplication; + [Write, Description("Web application name for the virtual directory")] string WebApplication; [Key, Description("Name of virtual directory")] string Name; [Required, Description("Physical path for the virtual directory")] string PhysicalPath; + [Write, Description("The Username/Password to run this Virtual Directory under"),EmbeddedInstance("MSFT_Credential")] String Credential; + [Write] boolean Force; [Write, Description("Whether virtual directory should be present or absent"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; }; - From 01645dd4b0a8409e828a66e123b60c8895623be7 Mon Sep 17 00:00:00 2001 From: Nico Engelen Date: Tue, 26 May 2015 15:51:46 +0100 Subject: [PATCH 4/4] fixing typo from 'migration' work --- .../MSFT_msWebVirtualDirectory.schema.mof | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof b/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof index 8af090d..09a59e9 100644 --- a/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof +++ b/DSCResources/MSFT_msWebVirtualDirectory/MSFT_msWebVirtualDirectory.schema.mof @@ -1,6 +1,6 @@ -[ClassVersion("1.0.0.0"), FriendlyName("xWebVirtualDirectory")] -class MSFT_xWebVirtualDirectory : OMI_BaseResource +[ClassVersion("1.0.0.0"), FriendlyName("msWebVirtualDirectory")] +class MSFT_msWebVirtualDirectory : OMI_BaseResource { [Key, Description("Name of website with which Web Application is associated")] string Website; [Write, Description("Web application name for the virtual directory")] string WebApplication;