WebAdministrationDsc
WebAdministrationDsc copied to clipboard
IIS Shared Configuration?
Any interest in this? I have a module as part of my own DSC pack I could contribute. It uses the Enable-IisSharedConfig PowerShell cmdlets to set it up and keep it up to date.
Hi wasabii I'm currently working on a project that requires this functionality. Id be extremely interested in seeing this added :)
I would also be interested in seeing this. We recently deployed our first shared config. Pulling this and centralized cert store into the DSC would be pretty cool.
`
[DscResource()] class cIISSharedConfig {
[DscProperty(Key)]
[string]$Name
[DscProperty(Mandatory)]
[Ensure]$Ensure
[DscProperty(Mandatory)]
[string]$PhysicalPath
[DscProperty()]
[PSCredential]$UserCredential
[DscProperty(Mandatory)]
[string]$KeyEncryptionPassword
[DscProperty()]
[bool]$DontCopyRemoteKeys = $false
<#
This method returns a hashtable with the current IIS shared configuration information.
#>
[Hashtable] GetIISSharedConfig()
{
$c = ConvertFrom-StringData ((Get-IISSharedConfig) -join "`r`n").Replace('\', '\\')
return @{
Enabled = $c['Enabled'] -eq 'True'
PhysicalPath = $c['Physical Path']
UserName = $c['UserName']
}
}
<#
Enables the IIS shared configuration.
#>
[Hashtable] EnableIISSharedConfig(
[string]$PhysicalPath,
[PSCredential]$UserCredential,
[SecureString]$KeyEncryptionPassword,
[bool]$DontCopyRemoteKeys)
{
if (!($PhysicalPath)) {
throw 'PhysicalPath required.';
}
if (!($KeyEncryptionPassword)) {
throw 'KeyEncryptionPassword required.';
}
$c = $this.GetIISSharedConfig()
if ($c) {
Write-Verbose 'Enabling IIS Shared Configuration...'
if ($UserCredential) {
Enable-IISSharedConfig `
-PhysicalPath $PhysicalPath `
-UserName $UserCredential.UserName `
-Password (ConvertTo-SecureString -AsPlainText -Force $UserCredential.GetNetworkCredential().Password) `
-KeyEncryptionPassword $KeyEncryptionPassword `
-Force
} else {
Enable-IISSharedConfig `
-PhysicalPath $PhysicalPath `
-KeyEncryptionPassword $KeyEncryptionPassword `
-Force
}
$c = $this.GetIISSharedConfig()
}
return $c
}
<#
Disables the IIS shared configuration.
#>
[Hashtable] DisableIISSharedConfig()
{
$c = $this.GetIISSharedConfig();
if ($c) {
Write-Verbose 'Disabling IIS Shared Configuration...'
Disable-IISSharedConfig
$c = $this.GetIISSharedConfig();
}
return $c
}
[cIISSharedConfig] Get()
{
$c = $this.GetIISSharedConfig();
$this.Ensure = if ($c.Enabled) { [Ensure]::Present } else { [Ensure]::Absent }
$this.PhysicalPath = $c.PhysicalPath
return $this
}
[void] Set()
{
if ($this.Ensure -eq [Ensure]::Present)
{
$c = $this.GetIISSharedConfig()
$cEnabled = $c.Enabled
$cPhysicalPath = $c.PhysicalPath -eq $this.PhysicalPath
$cUserName = if ($this.UserCredential) { $c.UserName -eq $this.UserCredential.UserName } else { [string]::IsNullOrEmpty($c.UserName) }
# check whether any properties are different from current state
if (!$cEnabled -or !$cPhysicalPath -or !$cUserName)
{
$c = $this.EnableIISSharedConfig(
$this.PhysicalPath,
$this.UserCredential,
(ConvertTo-SecureString -AsPlainText -Force $this.KeyEncryptionPassword),
$this.DontCopyRemoteKeys)
if (!$c.Enabled) {
throw "Could not enable IIS Shared Configuration."
}
}
}
if ($this.Ensure -eq [Ensure]::Absent)
{
$c = $this.GetIISSharedConfig()
if ($c.Enabled) {
$c = $this.DisableIISSharedConfig()
if ($c.Enabled) {
throw "Could not disable IIS Shared Configuration."
}
}
}
}
[bool] Test()
{
$c = $this.GetIISSharedConfig()
if ($this.Ensure -eq [Ensure]::Present)
{
if ($c.Enabled -ne $true) {
Write-Verbose "Enabled != True"
return $false
}
if ($c.PhysicalPath -ne $this.PhysicalPath) {
Write-Verbose "PhysicalPath != $($this.PhysicalPath)"
return $false
}
if ($this.UserCredential) {
if ($c.UserName -ne $this.UserCredential.UserName) {
Write-Verbose "UserName != $($this.UserCredential.UserName)"
return $false;
}
}
}
if ($this.Ensure -eq [Ensure]::Absent)
{
if ($c.Enabled -ne $false) {
Write-Verbose "Enabled != False"
return $false;
}
}
return $true
}
} `
So, the above worked. But, I'm going to change it up. I'm using Get-IISSharedConfig, Enable-IISSharedCOnfig, etc. These commands are available only on 2016, apparently.
Any updated on this one?
I labeled this as resource proposal and help wanted so that someone in the community can ran with this.
So how is this one doing?
Hello, any update by chance on this one ? thanks
The community has not sent in a PR that add this functionality.