SqlServerDsc icon indicating copy to clipboard operation
SqlServerDsc copied to clipboard

Published 20 hours ago verified publisher icon dsccommunity

SqlSecureConnection: Should support the property HideInstance

Open johlju opened this issue 4 years ago • 1 comments

The HideInstance is not supported in any resource yet, suggest adding it to either SqlServerSecureConnection or a another more suitable resource.

HideInstance is a property in the DB instances network properties and found via SQL Server Configuration Manager, see sample code:


##  apply surface area configuration control 2.12
$WmiObject = @{
    ComputerName = $SQLServer.NetName
    Namespace    = "root\Microsoft\SqlServer\ComputerManagement$($SQLServer.VersionMajor)"
    Class        = "ServerSettingsGeneralFlag"
    Filter       = "FlagName = 'HideInstance'"
}
$HideInstance = Get-WmiObject @WmiObject

if ($HideInstance.FlagValue -eq $false) {
    Write-Verbose "Setting HideInstance to True."
    $HideInstance.SetValue($true) | Out-Null
    Write-Verbose "HideInstance set to True"
}

##  apply surface area configuration control 8.2
$WmiObject = @{
    ComputerName = $SQLServer.NetName
    Namespace    = "root\Microsoft\SqlServer\ComputerManagement$($SQLServer.VersionMajor)"
    Class        = "ServerSettingsGeneralFlag"
    Filter       = "FlagName = 'ForceEncryption'"
}
$ForceEncryption = Get-WmiObject @WmiObject

if ($ForceEncryption.FlagValue -eq $false) {
    Write-Verbose "Setting ForceEncryption to True."
    $ForceEncryption.SetValue($true) | Out-Null
    Write-Verbose "ForceEncryption set to True"
}

Note $SQLServer is the SMO object

However this would only be half a solution as some client may wish to apply the certificate with this option.

Originally posted by @SQLHorizons in https://github.com/dsccommunity/SqlServerDsc/issues/1161#issuecomment-423769834

johlju avatar May 03 '20 09:05 johlju

Agree this should be added to SqlServerDsc. In the meantime If you want to do this with DSC you can use Registry / xRegistry to achieve it.

xRegistry 'SqlSetHideInstance' {
    Key       = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\$($Node.SqlMajorVersion).$($Node.SqlInstanceName)\MSSQLServer\SuperSocketNetLib"
    ValueName = 'HideInstance'
    ValueType = 'DWord'
    ValueData = '1'
    Force     = $true
}

whereisaaron avatar Oct 21 '22 11:10 whereisaaron