dsccommunity
diff --git a/‎DSCPullServerSetup/PublishModulesAndMofsToPullServer.psm1‎
Lines changed: 147 additions & 0 deletions b/‎DSCPullServerSetup/PublishModulesAndMofsToPullServer.psm1‎
Lines changed: 147 additions & 0 deletions
diff --git a/‎DSCPullServerSetup/README.md‎
334 Bytes b/‎DSCPullServerSetup/README.md‎
334 Bytes
diff --git a/‎DSCResources/MSFT_xDSCWebService/MSFT_xDSCWebService.Schema.mof‎
Lines changed: 0 additions & 1 deletion b/‎DSCResources/MSFT_xDSCWebService/MSFT_xDSCWebService.Schema.mof‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎DSCResources/MSFT_xDSCWebService/MSFT_xDSCWebService.psm1‎
Lines changed: 51 additions & 95 deletions b/‎DSCResources/MSFT_xDSCWebService/MSFT_xDSCWebService.psm1‎
Lines changed: 51 additions & 95 deletions
@@ -0,0 +1,147 @@
+<#
+.Synopsis
+   Package DSC modules and mof configuration document and publish them on enterprise DSC pull server in the required format
+.DESCRIPTION
+   Uses Publish-DSCModulesAndMofs cmdlet to package DSC modules into zip files with the version info. If 
+   Publishes the zip modules on "$env:ProgramFiles\WindowsPowerShell\DscService\Modules"
+   Publishes all mof configuration documents that present in $Source folder on "$env:ProgramFiles\WindowsPowerShell\DscService\Configuration"
+   Use $Force to overwrite the version of the module that exists in powershell module path with the version from $source folder
+   Use $ModuleNameList to specify the names of the modules to be published if the modules do not exist in $Source folder
+   
+.EXAMPLE
+    $moduleList = @("xWebAdministration", "xPhp")
+    Publish-DSCModuleAndMof -Source C:\LocalDepot -ModuleNameList $moduleList
+.EXAMPLE
+    Publish-DSCModuleAndMof -Source C:\LocalDepot -Force
+
+#>
+
+# Tools to use to package DSC modules and mof configuration document and publish them on enterprise DSC pull server in the required format
+
+function Publish-DSCModuleAndMof
+{
+param(
+
+[Parameter(Mandatory=$True)]
+[string]$Source = $pwd, # The folder that contains the configuration mof documents and modules to be published on pull server. Everything in this folder will be packaged and published.
+[switch]$Force, #switch to overwrite the module in PSModulePath with the version provided in $Sources
+[string[]]$ModuleNameList # Package and publish the modules listed in $ModuleNameList based on powershell module path content
+
+)
+
+#Create a working directory
+$tempFolder = "$pwd\temp"
+New-Item -Path $tempFolder -ItemType Directory -Force -ErrorAction SilentlyContinue
+
+#Copy the mof documents from the $Source to working dir
+Copy-Item -Path "$Source\*.mof" -Destination $tempFolder -Force -Verbose
+
+#Start Deployment!
+Write-Host "Start deployment"
+CreateZipFromPSModulePath -listModuleNames $ModuleNameList -destination $tempFolder
+CreateZipFromSource -source $Source -destination $tempFolder
+# Generate the checkSum file for all the zip and mof files.
+New-DSCCheckSum $tempFolder -Force
+# Publish mof and modules to pull server repositories
+PublishModulesAndChecksum -source $tempFolder
+PublishMofDocuments -source $tempFolder
+#Deployment is complete!
+Remove-Item -Path $tempFolder -Recurse -Force -ErrorAction SilentlyContinue
+Write-Host "End deployment"
+
+}
+
+#Package the modules using powershell module path
+function CreateZipFromPSModulePath
+{
+   param($listModuleNames, $destination)
+    # Move all required  modules from powershell module path to a temp folder and package them
+    if(($listModuleNames -eq $null) -or ($listModuleNames.Count -eq 0))
+    {
+        Write-Host "No additional modules are specified to be packaged."
+    }
+    foreach ($module in $listModuleNames)
+    {
+        $allVersions = Get-Module -Name $module -ListAvailable -Verbose        
+        #package all versions of the module
+        foreach($moduleVersion in $allVersions)
+        {
+            $name = $moduleVersion.Name
+            $source = "$destination\$name"
+            #Create package zip
+            $path  = $moduleVersion.ModuleBase
+            Compress-Archive -Path "$path\*" -DestinationPath "$source.zip" -Verbose -Force 
+            $version = $moduleVersion.Version.ToString()
+            $newName = "$destination\$name" + "_" + "$version" + ".zip"
+            # Rename the module folder to contain the version info.
+            if(Test-Path($newName))
+            {
+                Remove-Item $newName -Recurse -Force 
+            }
+            Rename-Item -Path "$source.zip" -NewName $newName -Force
+            
+          } 
+    }   
+
+}
+#Function to package modules using a given folder after installing to ps module path.
+function CreateZipFromSource
+{
+   param($source, $destination)
+   # for each module under $Source folder create a zip package that has the same name as the folder. 
+    $allModulesInSource = Get-ChildItem $source -Directory
+    $modules = @()
+   
+    foreach ($item in $allModulesInSource)
+    {
+        $name = $item.Name
+        $alreadyExists = Get-Module -Name $name -ListAvailable -Verbose
+        if(($alreadyExists -eq $null) -or ($Force))
+        {
+            #install the modules into powershell module path and overwrite the content 
+            Copy-Item $item.FullName -Recurse -Force -Destination "$env:ProgramFiles\WindowsPowerShell\Modules" -Verbose            
+        }              
+        else
+        {
+            Write-Host "Skipping module overwrite. Module with the name $name already exists. Please specify -Force to overwrite the module with the local version of the module located in $source or list names of the modules in ModuleNameList parameter to be packaged from powershell module pat instead and remove them from $source folder" -Fore Red
+        }
+        $modules+= @("$name")
+    }
+    #Package the module in $destination
+    CreateZipFromPSModulePath -listModuleNames $modules -destination $destination
+}
+
+
+# Deploy modules to the pullsever repository.
+function PublishModulesAndChecksum
+{
+    param($source)
+    # Check if the current machine is a server sku.
+    $moduleRepository = "$env:ProgramFiles\WindowsPowerShell\DscService\Modules"
+    if( (Get-Module ServerManager -ListAvailable) -and (Test-Path ($moduleRepository)))
+    {
+        Copy "$source\*.zip*" $moduleRepository -Force -Verbose
+    }
+    else
+    {
+        Write-Host "Copying modules to pullserver module repository skipped because the machine is not a server sku or Pull server endpoint is not deployed." -Fore Yellow
+    }   
+    
+}
+
+# function deploy configuratoin and thier checksum.
+function PublishMofDocuments
+{
+   param($source)
+    # Check if the current machine is a server sku.
+    $mofRepository = "$env:ProgramFiles\WindowsPowerShell\DscService\Configuration"
+    if( (Get-Module ServerManager -ListAvailable) -and (Test-Path ($mofRepository)) )    
+    {
+        Copy-Item "$source\*.mof*" $mofRepository -Force -Verbose
+    }
+    else
+    {
+        Write-Host "Copying configuration(s) to pullserver configuration repository skipped because the machine is not a server sku or Pull server endpoint is not deployed." -Fore Yellow
+    } 
+}
+Export-ModuleMember -Function Publish-DSCModuleAndMof
@@ -9,7 +9,6 @@ class MSFT_xDSCWebService : OMI_BaseResource
   [write,ValueMap{"Started","Stopped"},Values{"Started", "Stopped"}] string State;
   [write] string ModulePath;
   [write] string ConfigurationPath;
-  [write] boolean IsComplianceServer;
   [read] string DSCServerUrl;  
   [write] string RegistrationKeyPath;
   [write] boolean AcceptSelfSignedCertificates;
 
@@ -94,7 +94,7 @@ function Set-TargetResource
         [string]$EndpointName,
 
         # Port number of the DSC Pull Server IIS Endpoint
-        [Uint32]$Port = $( if ($IsComplianceServer) { 7070 } else { 8080 } ),
+        [Uint32]$Port = 8080,
 
         # Physical path for the IIS Endpoint on the machine (usually under inetpub)                            
         [string]$PhysicalPath = "$env:SystemDrive\inetpub\$EndpointName",
@@ -116,14 +116,11 @@ function Set-TargetResource
         # Location on the disk where the Configuration is stored                    
         [string]$ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration",
 
-        # Is the endpoint for a DSC Compliance Server
-        [boolean]$IsComplianceServer,
-
         # Location on the disk where the RegistrationKeys file is stored                    
         [string]$RegistrationKeyPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService",
 
         # Add the IISSelfSignedCertModule native module to prevent self-signed certs being rejected.
-        [boolean]$AcceptSelfSignedCertificates
+        [boolean]$AcceptSelfSignedCertificates = $true
     )
 
     # Initialize with default values     
@@ -150,41 +147,18 @@ function Set-TargetResource
         $IsBlue = $true;
     }
 
+    $isDownlevelOfBlue = $false;
+    if($os.Major -eq 6 -and $os.Minor -lt 3)
+    {
+        $isDownlevelOfBlue= $true;
+    }
+
     # Use Pull Server values for defaults
     $webConfigFileName = "$pathPullServer\PSDSCPullServer.config"
     $svcFileName = "$pathPullServer\PSDSCPullServer.svc"
     $pswsMofFileName = "$pathPullServer\PSDSCPullServer.mof"
     $pswsDispatchFileName = "$pathPullServer\PSDSCPullServer.xml"
 
-    # Update only if Compliance Server install is requested
-    if ($IsComplianceServer)
-    {
-        $webConfigFileName = "$pathPullServer\PSDSCComplianceServer.config"
-        $svcFileName = "$pathPullServer\PSDSCComplianceServer.svc"
-        $pswsMofFileName = "$pathPullServer\PSDSCComplianceServer.mof"
-        $pswsDispatchFileName = "$pathPullServer\PSDSCComplianceServer.xml"
-    }
-
-    # check for the existance of Windows authentication, this is needed for the Compliance Server    
-    if(($Ensure -eq "Present"))
-    {
-        Write-Verbose "Check IIS Windows Authentication"
-        # only important if Present, Get-WindowsFeature works under 2008 R2 and newer
-        if ((Get-WindowsFeature -name Web-Windows-Auth | Where Installed).count -eq 0)
-        {
-            # enable the feature     
-            # Checking for Windows Server 2008 R2:
-            if([Environment]::OSVersion.Version.ToString().StartsWith("6.1."))
-            {
-                Add-WindowsFeature -Name Web-Windows-Auth
-            }
-            else
-            {
-                Install-WindowsFeature -Name Web-Windows-Auth
-            }                       
-        }      
-    }
-
     # ============ Absent block to remove existing site =========
     if(($Ensure -eq "Absent"))
     {
@@ -200,7 +174,6 @@ function Set-TargetResource
          return 
     }
     # ===========================================================
-
 
     Write-Verbose "Create the IIS endpoint"    
     PSWSIISEndpoint\New-PSWSEndpoint -site $EndpointName `
@@ -223,68 +196,67 @@ function Set-TargetResource
     Update-LocationTagInApplicationHostConfigForAuthentication -WebSite $EndpointName -Authentication "basic"
     Update-LocationTagInApplicationHostConfigForAuthentication -WebSite $EndpointName -Authentication "windows"
 
-
     if ($IsBlue)
     {
         Write-Verbose "Set values into the web.config that define the repository for BLUE OS"
-        #PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbprovider" -value $eseprovider
-        #PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbconnectionstr"-value $esedatabase
-        #ESE database is not present in current build
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbprovider" -value $jet4provider
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbconnectionstr" -value $jet4database
+        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbprovider" -value $eseprovider
+        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbconnectionstr"-value $esedatabase
         Set-BindingRedirectSettingInWebConfig -path $PhysicalPath
     }
     else
     {
-        Write-Verbose "Set values into the web.config that define the repository for non-BLUE Downlevel OS"
-        $repository = Join-Path "$rootDataPath" "Devices.mdb"
-        Copy-Item "$pathPullServer\Devices.mdb" $repository -Force
+        if($isDownlevelOfBlue)
+        {
+            Write-Verbose "Set values into the web.config that define the repository for non-BLUE Downlevel OS"
+            $repository = Join-Path "$rootDataPath" "Devices.mdb"
+            Copy-Item "$pathPullServer\Devices.mdb" $repository -Force
 
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbprovider" -value $jet4provider
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbconnectionstr" -value $jet4database
-    }
+            PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbprovider" -value $jet4provider
+            PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbconnectionstr" -value $jet4database
+        }
+        else
+        {
+            Write-Verbose "Set values into the web.config that define the repository later than BLUE OS"
+            Write-Verbose "Only ESENT is supported on Windows Server 2016"
 
-    if ($IsComplianceServer)
-    {    
-        Write-Verbose "Compliance Server: Set values into the web.config that indicate this is the admin endpoint"
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "AdminEndPoint" -value "true"
+            PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbprovider" -value $eseprovider
+            PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "dbconnectionstr"-value $esedatabase
+        }
     }
-    else
-    {
-        Write-Verbose "Pull Server: Set values into the web.config that indicate the location of repository, configuration, modules"
 
-        # Create the application data directory calculated above        
-        $null = New-Item -path $rootDataPath -itemType "directory" -Force
-                
-        $repository = Join-Path $rootDataPath "Devices.mdb"
-        Copy-Item "$pathPullServer\Devices.mdb" $repository -Force
+    Write-Verbose "Pull Server: Set values into the web.config that indicate the location of repository, configuration, modules"
 
-        $null = New-Item -path "$ConfigurationPath" -itemType "directory" -Force
+    # Create the application data directory calculated above
+    $null = New-Item -path $rootDataPath -itemType "directory" -Force
 
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "ConfigurationPath" -value $ConfigurationPath
+    $repository = Join-Path $rootDataPath "Devices.mdb"
+    Copy-Item "$pathPullServer\Devices.mdb" $repository -Force
 
-        $null = New-Item -path "$ModulePath" -itemType "directory" -Force
+    $null = New-Item -path "$ConfigurationPath" -itemType "directory" -Force
 
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "ModulePath" -value $ModulePath
+    PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "ConfigurationPath" -value $ConfigurationPath
 
-        $null = New-Item -path "$RegistrationKeyPath" -itemType "directory" -Force
+    $null = New-Item -path "$ModulePath" -itemType "directory" -Force
 
-        PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "RegistrationKeyPath" -value $RegistrationKeyPath
+    PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "ModulePath" -value $ModulePath
 
-        if($AcceptSelfSignedCertificates)
-        {
-            Copy-Item "$pathPullServer\IISSelfSignedCertModule.dll" $env:windir\System32\inetsrv -Force
-            Copy-Item "$env:windir\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\PullServer\IISSelfSignedCertModule.dll" $env:windir\SysWOW64\inetsrv -Force
+    $null = New-Item -path "$RegistrationKeyPath" -itemType "directory" -Force
 
-            & $script:appCmd install module /name:"IISSelfSignedCertModule(32bit)" /image:$env:windir\SysWOW64\inetsrv\IISSelfSignedCertModule.dll /add:false /lock:false
-            & $script:appCmd add module /name:"IISSelfSignedCertModule(32bit)"  /app.name:"PSDSCPullServer/"
-        }
-        else
+    PSWSIISEndpoint\Set-AppSettingsInWebconfig -path $PhysicalPath -key "RegistrationKeyPath" -value $RegistrationKeyPath
+
+    if($AcceptSelfSignedCertificates)
+    {
+        Copy-Item "$pathPullServer\IISSelfSignedCertModule.dll" $env:windir\System32\inetsrv -Force
+        Copy-Item "$env:windir\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\PullServer\IISSelfSignedCertModule.dll" $env:windir\SysWOW64\inetsrv -Force
+
+        & $script:appCmd install module /name:"IISSelfSignedCertModule(32bit)" /image:$env:windir\SysWOW64\inetsrv\IISSelfSignedCertModule.dll /add:false /lock:false
+        & $script:appCmd add module /name:"IISSelfSignedCertModule(32bit)"  /app.name:"PSDSCPullServer/"
+    }
+    else
+    {
+        if($AcceptSelfSignedCertificates -and ($AcceptSelfSignedCertificates -eq $false))
         {
-            if($AcceptSelfSignedCertificates -and ($AcceptSelfSignedCertificates -eq $false))
-            {
-                & $script:appCmd delete module /name:"IISSelfSignedCertModule(32bit)"  /app.name:"PSDSCPullServer/"
-            }
+            & $script:appCmd delete module /name:"IISSelfSignedCertModule(32bit)"  /app.name:"PSDSCPullServer/"
         }
     }
 }
@@ -301,7 +273,7 @@ function Test-TargetResource
         [string]$EndpointName,
 
         # Port number of the DSC Pull Server IIS Endpoint
-        [Uint32]$Port = $( if ($IsComplianceServer) { 7070 } else { 8080 } ),
+        [Uint32]$Port = 8080,
 
         # Physical path for the IIS Endpoint on the machine (usually under inetpub)                            
         [string]$PhysicalPath = "$env:SystemDrive\inetpub\$EndpointName",
@@ -323,13 +295,10 @@ function Test-TargetResource
         # Location on the disk where the Configuration is stored                    
         [string]$ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration",
 
-        # Is the endpoint for a DSC Compliance Server
-        [boolean]$IsComplianceServer,
-
         # Location on the disk where the RegistrationKeys file is stored                    
         [string]$RegistrationKeyPath,
 
-        # Are self-signed certs being accepted for client auth.                    
+        # Are self-signed certs being accepted for client auth.
         [boolean]$AcceptSelfSignedCertificates
     )
 
@@ -361,19 +330,6 @@ function Test-TargetResource
         }
         # the other case is: Ensure and exist, we continue with more checks
 
-        # check for the existance of Windows authentication, this is needed for the Compliance Server        
-        if(($Ensure -eq "Present"))
-        {
-            Write-Verbose "Check IIS Windows Authentication"
-            # only important if Present, Get-WindowsFeature works under 2008 R2 and newer
-            if ((Get-WindowsFeature -name Web-Windows-Auth | Where Installed).count -eq 0)
-            {
-                $DesiredConfigurationMatch = $false
-                Write-Verbose "Required Windows authentication is not installed, does not match the desired state."
-                break                 
-            }      
-        }
-
         Write-Verbose "Check Port"
         $actualPort = $website.bindings.Collection[0].bindingInformation.Split(":")[1]
         if ($Port -ne $actualPort)