diff --git a/Enums/Enum.Constants.ps1 b/Enums/Enum.Constants.ps1 index ba663a7..669f2db 100644 --- a/Enums/Enum.Constants.ps1 +++ b/Enums/Enum.Constants.ps1 @@ -50,9 +50,9 @@ # Standard header used on each function on the Begin section Header = @' - ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ - ┃ EguibarIT module ┃ - ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛ + ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ + ┃ EguibarIT module ┃ + ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛ Date: {0} Starting: {1} @@ -63,7 +63,7 @@ # Standard footer used on each function on the Begin section Footer = @' - Function {0} finished {1}" + Function {0} finished {1}" ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫ diff --git a/Private/Get-ADCSTemplate.ps1 b/Private/Get-ADCSTemplate.ps1 index b943a61..fcfcd61 100644 --- a/Private/Get-ADCSTemplate.ps1 +++ b/Private/Get-ADCSTemplate.ps1 @@ -25,7 +25,9 @@ Function Get-ADCSTemplate { .NOTES https://www.powershellgallery.com/packages/ADCSTemplate/1.0.1.0/Content/ADCSTemplate.psm1 #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([Microsoft.ActiveDirectory.Management.ADEntity])] + param( [Parameter(Mandatory = $false, ValueFromPipeline = $true, @@ -43,6 +45,7 @@ Function Get-ADCSTemplate { [string] $Server ) + Begin { $txt = ($constants.Header -f (Get-Date).ToShortDateString(), @@ -54,11 +57,11 @@ Function Get-ADCSTemplate { ############################## # Module imports - - ############################## # Variables Definition + [hashtable]$Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + if (-not $Server) { $Server = (Get-ADDomainController -Discover -ForceDiscover -Writable).HostName[0] } @@ -69,24 +72,35 @@ Function Get-ADCSTemplate { $LDAPFilter = '(objectClass=pKICertificateTemplate)' } #end If } #end Begin + Process { - $ConfigNC = $((Get-ADRootDSE -Server $Server).configurationNamingContext) - $TemplatePath = ('CN=Certificate Templates,CN=Public Key Services,CN=Services,{0}' -f $ConfigNC) + $TemplatePath = 'CN=Certificate Templates,CN=Public Key Services,CN=Services,{0}' -f $Variables.configurationNamingContext - $result = Get-ADObject -SearchScope Subtree -SearchBase $TemplatePath -LDAPFilter $LDAPFilter -Properties * -Server $Server + $Splat = @{ + SearchScope = 'Subtree' + SearchBase = $TemplatePath + LDAPFilter = $LDAPFilter + Properties = '*' + Server = $Server + } + $result = Get-ADObject @Splat # Output verbose information foreach ($item in $result) { Write-Verbose -Message ('Template Name: {0}' -f $item.Name) Write-Verbose -Message ('Created: {0}, Modified: {1}' -f $item.Created, $item.Modified) } #end ForEach + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'getting Cert Template.' + ) + Write-Verbose -Message $txt + return $result } #end End + } #end Function diff --git a/Private/Get-AdObjectType.ps1 b/Private/Get-AdObjectType.ps1 index 913f6f3..a2bd238 100644 --- a/Private/Get-AdObjectType.ps1 +++ b/Private/Get-AdObjectType.ps1 @@ -174,10 +174,10 @@ } # End Process Section End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished getting AD object type." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'getting AD object type.' + ) + Write-Verbose -Message $txt if ($null -ne $ReturnValue) { Write-Output $ReturnValue diff --git a/Private/Get-CurrentErrorToDisplay.ps1 b/Private/Get-CurrentErrorToDisplay.ps1 index 76b0123..940c6d0 100644 --- a/Private/Get-CurrentErrorToDisplay.ps1 +++ b/Private/Get-CurrentErrorToDisplay.ps1 @@ -27,6 +27,7 @@ function Get-CurrentErrorToDisplay { #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([System.String])] + Param ( [Parameter(Mandatory = $false, ValueFromPipeline = $true, @@ -143,10 +144,13 @@ function Get-CurrentErrorToDisplay { $result = $OutputError.ToString() Write-Verbose -Message 'Cleaning the $error variable' $error.Clear() - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'getting Displaying current error.' + ) + Write-Verbose -Message $txt + return $result } # End END section + } # End Function diff --git a/Private/Get-IniContent.ps1 b/Private/Get-IniContent.ps1 index 677ec32..0e3c0d8 100644 --- a/Private/Get-IniContent.ps1 +++ b/Private/Get-IniContent.ps1 @@ -1,5 +1,5 @@ function Get-IniContent { - <# + <# .Synopsis Gets the content of an INI file @@ -49,69 +49,74 @@ function Get-IniContent { Out-IniFile #> - [CmdletBinding(ConfirmImpact = 'Medium')] - [OutputType([System.Collections.Hashtable])] - Param( - [ValidateNotNullOrEmpty()] - [Parameter(ValueFromPipeline = $true, HelpMessage = 'Path and Filename to the ini file to be read', Mandatory = $true)] - [string]$FilePath - ) + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([System.Collections.Hashtable])] - Begin { - $txt = ($constants.Header -f + Param( + [ValidateNotNullOrEmpty()] + [Parameter(ValueFromPipeline = $true, HelpMessage = 'Path and Filename to the ini file to be read', Mandatory = $true)] + [string]$FilePath + ) + + Begin { + $txt = ($constants.Header -f (Get-Date).ToShortDateString(), - $MyInvocation.Mycommand, + $MyInvocation.Mycommand, (Get-FunctionDisplay $PsBoundParameters -Verbose:$False) - ) - Write-Verbose -Message $txt - - ############################## - # Variables Definition - } #end Begin - - Process { - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Processing file: $PSBoundParameters['FilePath']" - - Try { - $ini = @{} - switch -regex -file $PSBoundParameters['FilePath'] { - '^\[(.+)\]$' { # Section - $section = $matches[1] - $ini[$section] = @{} - $CommentCount = 0 - } - '^(;.*)$' { # Comment - if (!($section)) { - $section = 'No-Section' - $ini[$section] = @{} - } - $value = $matches[1] - $CommentCount = $CommentCount + 1 - $name = 'Comment' + $CommentCount - $ini[$section][$name] = $value - } - '(.+?)\s*=\s*(.*)' { # Key - if (!($section)) { - $section = 'No-Section' - $ini[$section] = @{} - } - $name, $value = $matches[1..2] - $ini[$section][$name] = $value - } - } #end Switch - } catch { - Write-Error -Message "An error occurred while processing the file: $_" - throw - } #end Try-Catch - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Finished Processing file: $PSBoundParameters['FilePath']" - - } # End Process - - End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished reading content from $PSBoundParameters['FilePath'] file." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - Return $ini - } #end End -} + ) + Write-Verbose -Message $txt + + ############################## + # Variables Definition + } #end Begin + + Process { + Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Processing file: $PSBoundParameters['FilePath']" + + Try { + $ini = @{} + switch -regex -file $PSBoundParameters['FilePath'] { + '^\[(.+)\]$' { + # Section + $section = $matches[1] + $ini[$section] = @{} + $CommentCount = 0 + } + '^(;.*)$' { + # Comment + if (!($section)) { + $section = 'No-Section' + $ini[$section] = @{} + } + $value = $matches[1] + $CommentCount = $CommentCount + 1 + $name = 'Comment' + $CommentCount + $ini[$section][$name] = $value + } + '(.+?)\s*=\s*(.*)' { + # Key + if (!($section)) { + $section = 'No-Section' + $ini[$section] = @{} + } + $name, $value = $matches[1..2] + $ini[$section][$name] = $value + } + } #end Switch + } catch { + Write-Error -Message "An error occurred while processing the file: $_" + throw + } #end Try-Catch + Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Finished Processing file: $PSBoundParameters['FilePath']" + + } # End Process + + End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + ('reading content from {0} file.' -f $PSBoundParameters['FilePath']) + ) + Write-Verbose -Message $txt + + Return $ini + } #end End +} #end Function diff --git a/Private/Get-RandomHex.ps1 b/Private/Get-RandomHex.ps1 index 0c01e5b..e4403cf 100644 --- a/Private/Get-RandomHex.ps1 +++ b/Private/Get-RandomHex.ps1 @@ -28,7 +28,9 @@ Function Get-RandomHex { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(SupportsShouldProcess = $False)] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([string])] + param ( [parameter(Mandatory = $true, HelpMessage = 'Specify the length of the hexadecimal string.')] @@ -36,24 +38,50 @@ Function Get-RandomHex { [int]$Length ) - try { + Begin { + $txt = ($constants.Header -f + (Get-Date).ToShortDateString(), + $MyInvocation.Mycommand, + (Get-FunctionDisplay $PsBoundParameters -Verbose:$False) + ) + Write-Verbose -Message $txt + + ############################## + # Module imports + + ############################## + # Variables Definition + # Generating random hexadecimal string $Hex = '0123456789ABCDEF' [string]$Return = $null - for ($i = 1; $i -le $Length; $i++) { - $Return += $Hex.Substring((Get-Random -Minimum 0 -Maximum 16), 1) - } + } #end Begin - # Displaying verbose output - Write-Verbose "Generated random hexadecimal string: $Return" + Process { + try { + for ($i = 1; $i -le $Length; $i++) { + $Return += $Hex.Substring((Get-Random -Minimum 0 -Maximum 16), 1) + } #end For + + # Displaying verbose output + Write-Verbose -Message ('Generated random hexadecimal string: {0}' -f $Return) + + } catch { + # Handling exceptions + ###Get-CurrentErrorToDisplay -CurrentError $error[0] + throw + } #end Try + } #end Process + + End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'generating random hexadecimal string.' + ) + Write-Verbose -Message $txt # Returning the generated string $Return - } - catch { - # Handling exceptions - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw - } #end Try + } #end End + } #end Function diff --git a/Private/Initialize-ModuleVariable.ps1 b/Private/Initialize-ModuleVariable.ps1 index 6718048..dbae19a 100644 --- a/Private/Initialize-ModuleVariable.ps1 +++ b/Private/Initialize-ModuleVariable.ps1 @@ -146,9 +146,10 @@ } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished initializing Variables." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'initializing Variables.' + ) + Write-Verbose -Message $txt } #end End -} + +} #end Function diff --git a/Private/New-Template.ps1 b/Private/New-Template.ps1 index 3c9a649..4da9d86 100644 --- a/Private/New-Template.ps1 +++ b/Private/New-Template.ps1 @@ -36,6 +36,8 @@ Function New-Template { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([void])] + Param( [Parameter(Mandatory = $true, ValueFromPipeline = $true, @@ -129,9 +131,10 @@ Function New-Template { } # End PROCESS section End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) adding new PKI template." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' - } # End PROCESS section + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'adding new PKI template.' + ) + Write-Verbose -Message $txt + } #end End section + } # End Function New-Template diff --git a/Private/New-TemplateOID.ps1 b/Private/New-TemplateOID.ps1 index 7a950c7..87bfda6 100644 --- a/Private/New-TemplateOID.ps1 +++ b/Private/New-TemplateOID.ps1 @@ -35,7 +35,7 @@ Function New-TemplateOID { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([System.Collections.Hashtable])] Param( @@ -103,17 +103,17 @@ Function New-TemplateOID { } # End PROCESS Section End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating new Template OID.' + ) + Write-Verbose -Message $txt + $result = @{ TemplateOID = $msPKICertTemplateOID TemplateName = $Name } - - Write-Verbose -Message "Function $($MyInvocation.InvocationName) adding members to the group." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' - Return $result } # End END Section + } # End Function New-TemplateOID diff --git a/Private/Out-IniFile.ps1 b/Private/Out-IniFile.ps1 index 041192c..e16baed 100644 --- a/Private/Out-IniFile.ps1 +++ b/Private/Out-IniFile.ps1 @@ -1,5 +1,5 @@ Function Out-IniFile { - <# + <# .Synopsis Write hash content to INI file @@ -77,78 +77,93 @@ .Link Get-IniContent #> - [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] - Param( - [switch]$Append, - - [ValidateSet('Unicode', 'UTF7', 'UTF8', 'UTF32', 'ASCII', 'BigEndianUnicode', 'Default', 'OEM', ignorecase = $false)] - [string]$Encoding = 'Unicode', - - [ValidateNotNullOrEmpty()] - [Parameter(Mandatory = $true, HelpMessage = 'Path and Filename to write the file to.')] - [string]$FilePath, - - [switch]$Force, - - [ValidateNotNullOrEmpty()] - [Parameter(ValueFromPipeline = $true, HelpMessage = 'The HashTable object name to create the file from', Mandatory = $true)] - [Hashtable]$InputObject, - - [switch]$Passthru - ) - - Begin { - Write-Verbose -Message '|=> ************************************************************************ <=|' - Write-Verbose -Message (Get-Date).ToShortDateString() - Write-Verbose -Message (' Starting: {0}' -f $MyInvocation.Mycommand) - Write-Verbose -Message ('Parameters used by the function... {0}' -f (Get-FunctionDisplay $PsBoundParameters -Verbose:$False)) - - ############################## - # Variables Definition - } - - Process { - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing to file: $PSBoundParameters['FilePath']" - - if ($PSBoundParameters['Append']) { - $outfile = Get-Item -Path $PSBoundParameters['FilePath'] - } else { - $outfile = New-Item -ItemType file -Path $PSBoundParameters['FilePath'] -Force:$PSBoundParameters['Force'] - } - if (!($outfile)) { - Throw 'Could not create File' - } - foreach ($i in $InputObject.keys) { - if (!($($InputObject[$i].GetType().Name) -eq 'Hashtable')) { - #No Sections - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing key: $i" - Add-Content -Path $outfile -Value "$i=$($InputObject[$i])" -Encoding $PSBoundParameters['Encoding'] - } else { - #Sections - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing Section: [$i]" - Add-Content -Path $outfile -Value "[$i]" -Encoding $PSBoundParameters['Encoding'] - Foreach ($j in $($InputObject[$i].keys | Sort-Object)) { - if ($j -match '^Comment[\d]+') { - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing comment: $j" - Add-Content -Path $outfile -Value "$($InputObject[$i][$j])" -Encoding $PSBoundParameters['Encoding'] - } else { - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing key: $j" - Add-Content -Path $outfile -Value "$j=$($InputObject[$i][$j])" -Encoding $PSBoundParameters['Encoding'] - } + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([void])] + + Param( + [switch]$Append, + + [ValidateSet('Unicode', 'UTF7', 'UTF8', 'UTF32', 'ASCII', 'BigEndianUnicode', 'Default', 'OEM', ignorecase = $false)] + [PSDefaultValue(Help = 'Default Value is "Unicode"')] + [string]$Encoding = 'Unicode', + + [ValidateNotNullOrEmpty()] + [Parameter(Mandatory = $true, HelpMessage = 'Path and Filename to write the file to.')] + [string]$FilePath, + + [switch]$Force, + + [ValidateNotNullOrEmpty()] + [Parameter(ValueFromPipeline = $true, + HelpMessage = 'The HashTable object name to create the file from', + Mandatory = $true)] + [Hashtable]$InputObject, + + [switch]$Passthru + ) + + Begin { + $txt = ($constants.Header -f + (Get-Date).ToShortDateString(), + $MyInvocation.Mycommand, + (Get-FunctionDisplay $PsBoundParameters -Verbose:$False) + ) + Write-Verbose -Message $txt + + ############################## + # Variables Definition + + } #end Begin + + Process { + + if ($PSBoundParameters['Append']) { + $outfile = Get-Item -Path $PSBoundParameters['FilePath'] + } else { + $outfile = New-Item -ItemType file -Path $PSBoundParameters['FilePath'] -Force:$PSBoundParameters['Force'] + } #end If-Else + + if (!($outfile)) { + Throw 'Could not create File' + } #end If + + foreach ($i in $InputObject.keys) { + + if (!($($InputObject[$i].GetType().Name) -eq 'Hashtable')) { + #No Sections + Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing key: $i" + Add-Content -Path $outfile -Value "$i=$($InputObject[$i])" -Encoding $PSBoundParameters['Encoding'] + } else { + #Sections + Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing Section: [$i]" + Add-Content -Path $outfile -Value "[$i]" -Encoding $PSBoundParameters['Encoding'] + + Foreach ($j in $($InputObject[$i].keys | Sort-Object)) { + + if ($j -match '^Comment[\d]+') { + Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing comment: $j" + Add-Content -Path $outfile -Value "$($InputObject[$i][$j])" -Encoding $PSBoundParameters['Encoding'] + } else { + Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Writing key: $j" + Add-Content -Path $outfile -Value "$j=$($InputObject[$i][$j])" -Encoding $PSBoundParameters['Encoding'] + } #end If-Else + + } #end Foreach + + Add-Content -Path $outfile -Value '' -Encoding $PSBoundParameters['Encoding'] + } #end If-Else + } #end Foreach + + if ($PSBoundParameters['Passthru']) { + Return $outfile } - Add-Content -Path $outfile -Value '' -Encoding $PSBoundParameters['Encoding'] - } - } - Write-Verbose -Message "$($myInvocation.MyCommand.Name):: Finished Writing to file: $path" - if ($PSBoundParameters['Passthru']) { - Return $outfile - } - } - - End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished writing to $PSBoundParameters['FilePath'] INI file." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + } #end Process + + End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'writing to INI file.' + ) + Write-Verbose -Message $txt + } #end End + +} #end Function diff --git a/Private/Publish-CertificateTemplate.ps1 b/Private/Publish-CertificateTemplate.ps1 index e8e13c0..34f0e15 100644 --- a/Private/Publish-CertificateTemplate.ps1 +++ b/Private/Publish-CertificateTemplate.ps1 @@ -20,7 +20,9 @@ Function Publish-CertificateTemplate { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(SupportsShouldProcess = $true)] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([void])] + Param ( [Parameter(Mandatory = $true)] [string]$CertDisplayName @@ -36,11 +38,11 @@ Function Publish-CertificateTemplate { ###################### # Initialize variables + $Server = (Get-ADDomainController -Discover -ForceDiscover -Writable).HostName[0] - $ConfigNC = (Get-ADRootDSE -Server $Server).configurationNamingContext - $EnrollmentPath = "CN=Enrollment Services,CN=Public Key Services,CN=Services,$ConfigNC" + $EnrollmentPath = 'CN=Enrollment Services,CN=Public Key Services,CN=Services,{0}' -f $variables.configurationNamingContext $CAs = Get-ADObject -SearchBase $EnrollmentPath -SearchScope OneLevel -Filter * -Server $Server - } + } #end Begin process { foreach ($CA in $CAs) { @@ -59,6 +61,9 @@ Function Publish-CertificateTemplate { } #end Process end { - + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'publishing Cert Template.' + ) + Write-Verbose -Message $txt } #end End } #end Function diff --git a/Private/Test-IsUniqueOID.ps1 b/Private/Test-IsUniqueOID.ps1 index a6e18f1..42be4f5 100644 --- a/Private/Test-IsUniqueOID.ps1 +++ b/Private/Test-IsUniqueOID.ps1 @@ -21,7 +21,7 @@ Function Test-IsUniqueOID { Test-IsUniqueOID -cn "MyTemplate" -TemplateOID "1.2.3.4" -Server "ADServer01" -ConfigNC "DC=example,DC=com" Checks if the Certificate Template with the specified OID is unique in the given context. #> - [CmdletBinding(ConfirmImpact = 'low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([System.Boolean])] param ( @@ -73,8 +73,6 @@ Function Test-IsUniqueOID { ############################## # Module imports - - ############################## # Variables Definition @@ -119,9 +117,10 @@ Function Test-IsUniqueOID { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished checking the Certificate Template OID uniqueness." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'checking the Certificate Template OID uniqueness.' + ) + Write-Verbose -Message $txt } #end End + } #end Function diff --git a/Private/Test-IsValidDN.ps1 b/Private/Test-IsValidDN.ps1 index 34b2a92..6de1c57 100644 --- a/Private/Test-IsValidDN.ps1 +++ b/Private/Test-IsValidDN.ps1 @@ -33,7 +33,10 @@ function Test-IsValidDN { param ( - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'String to ve validated as DistinguishedName', Position = 0)] [ValidateNotNullOrEmpty()] @@ -53,8 +56,6 @@ function Test-IsValidDN { ############################## # Module imports - - # Initialize a boolean variable to store validation result [bool]$isValid = $false @@ -84,12 +85,12 @@ function Test-IsValidDN { } #end Process end { - - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished checking DistinguishedName." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'testing DistinguishedName (DN).' + ) + Write-Verbose -Message $txt return $isValid } #end End + } #end Function diff --git a/Private/Test-IsValidGUID.ps1 b/Private/Test-IsValidGUID.ps1 index c9e45bd..7213d48 100644 --- a/Private/Test-IsValidGUID.ps1 +++ b/Private/Test-IsValidGUID.ps1 @@ -55,8 +55,6 @@ ############################## # Module imports - - $isValid = $false Write-Verbose 'Begin block: Regex pattern for GUID validation initialized.' @@ -85,11 +83,10 @@ } #end Process end { - - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished checking Global Unique Identifier (GUID)." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'testing Global Unique Identifier (GUID).' + ) + Write-Verbose -Message $txt return $isValid } #end End diff --git a/Private/Test-IsValidSID.ps1 b/Private/Test-IsValidSID.ps1 index 2485a10..05ad78b 100644 --- a/Private/Test-IsValidSID.ps1 +++ b/Private/Test-IsValidSID.ps1 @@ -41,6 +41,18 @@ function Test-IsValidSID { ) Begin { + $txt = ($constants.Header -f + (Get-Date).ToShortDateString(), + $MyInvocation.Mycommand, + (Get-FunctionDisplay $PsBoundParameters -Verbose:$False) + ) + Write-Verbose -Message $txt + + ############################## + # Module imports + + ############################## + # Variables Definition # Ensure only account is used (remove anything before \ if exist) $ObjectSID = ($PSBoundParameters['ObjectSID']).Split('\')[1] @@ -72,7 +84,7 @@ function Test-IsValidSID { # Provide verbose output if ($PSCmdlet.MyInvocation.BoundParameters['Verbose']) { - Write-Verbose -Message ('[WARNING] The SID {0} is NOT valid!.' -f $ObjectSID) + Write-Warning -Message ('[WARNING] The SID {0} is NOT valid!.' -f $ObjectSID) } #end If $isValid = $false } #end If-Else @@ -102,6 +114,11 @@ function Test-IsValidSID { } #end Process end { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'testing SecurityIdentifier (SID).' + ) + Write-Verbose -Message $txt + return $isValid } #end End diff --git a/Public/Add-AdGroupNesting.ps1 b/Public/Add-AdGroupNesting.ps1 index c33efd2..5f66105 100644 --- a/Public/Add-AdGroupNesting.ps1 +++ b/Public/Add-AdGroupNesting.ps1 @@ -18,6 +18,7 @@ function Add-AdGroupNesting { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] Param ( # Param1 Group which membership is to be changed @@ -57,10 +58,9 @@ function Add-AdGroupNesting { ############################## # Variables Definition - # Define array lists $CurrentMembers = [System.Collections.ArrayList]::new() - $Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + [hashtable]$Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) # Check if Identity is a group. Retrieve the object if not Microsoft.ActiveDirectory.Management.AdGroup. $Identity = Get-AdObjectType -Identity $Identity @@ -116,9 +116,10 @@ function Add-AdGroupNesting { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) adding members to the group." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'adding members to the group.' + ) + Write-Verbose -Message $txt } #end End + } #end Function diff --git a/Public/ConvertTo-IPv4Integer.ps1 b/Public/ConvertTo-IPv4Integer.ps1 index f9fead6..e631373 100644 --- a/Public/ConvertTo-IPv4Integer.ps1 +++ b/Public/ConvertTo-IPv4Integer.ps1 @@ -18,8 +18,9 @@ function ConvertTo-IPv4Integer { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([System.UInt32])] + Param ( [Parameter(Mandatory = $true, @@ -42,13 +43,12 @@ function ConvertTo-IPv4Integer { ############################## # Module imports - - ############################## # Variables Definition - } + } #end Begin Process { + Try { $ipAddress = [IPAddress]::Parse($IPv4Address) @@ -60,13 +60,15 @@ function ConvertTo-IPv4Integer { } Catch { Write-Error -Exception $_.Exception -Category $_.CategoryInfo.Category - } - } + } #end Try-Catch + + } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'converting IPv4 to Integer.' + ) + Write-Verbose -Message $txt + } #end End + +} #end Function diff --git a/Public/ConvertTo-IPv4MaskBit.ps1 b/Public/ConvertTo-IPv4MaskBit.ps1 index ed3bf68..0010e63 100644 --- a/Public/ConvertTo-IPv4MaskBit.ps1 +++ b/Public/ConvertTo-IPv4MaskBit.ps1 @@ -18,8 +18,9 @@ function ConvertTo-IPv4MaskBit { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([System.Int32])] + Param ( [Parameter(Mandatory = $true, @@ -31,6 +32,7 @@ function ConvertTo-IPv4MaskBit { [String] $MaskString ) + Begin { $txt = ($constants.Header -f (Get-Date).ToShortDateString(), @@ -42,22 +44,22 @@ function ConvertTo-IPv4MaskBit { ############################## # Module imports - - ############################## # Variables Definition - } + } #end Begin + Process { $mask = ([IPAddress] $MaskString).Address for ( $bitCount = 0; $mask -ne 0; $bitCount++ ) { $mask = $mask -band ($mask - 1) } $bitCount - } + } #end Process + End { - Write-Verbose -Message ('Function {0} finished.' -f $MyInvocation.InvocationName) - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'returning the bits in a bitmask IPv4.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/ConvertTo-IPv4MaskString.ps1 b/Public/ConvertTo-IPv4MaskString.ps1 index cd81079..2cb74f2 100644 --- a/Public/ConvertTo-IPv4MaskString.ps1 +++ b/Public/ConvertTo-IPv4MaskString.ps1 @@ -18,7 +18,9 @@ function ConvertTo-IPv4MaskString { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([string])] + Param ( [Parameter(Mandatory = $true, @@ -30,6 +32,7 @@ function ConvertTo-IPv4MaskString { [System.Int32] $MaskBits ) + Begin { $txt = ($constants.Header -f (Get-Date).ToShortDateString(), @@ -41,21 +44,22 @@ function ConvertTo-IPv4MaskString { ############################## # Module imports - - ############################## # Variables Definition - } + } #end Begin + Process { $mask = ([Math]::Pow(2, $MaskBits) - 1) * [Math]::Pow(2, (32 - $MaskBits)) $bytes = [BitConverter]::GetBytes([UInt32] $mask) (($bytes.Count - 1)..0 | ForEach-Object { [String] $bytes[$_] }) -join '.' - } + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'converting bits to a networkmask string.' + ) + Write-Verbose -Message $txt + } #end End + +} #end Function diff --git a/Public/ConvertTo-IPv4NetworkAddress.ps1 b/Public/ConvertTo-IPv4NetworkAddress.ps1 index 720f997..454f7b5 100644 --- a/Public/ConvertTo-IPv4NetworkAddress.ps1 +++ b/Public/ConvertTo-IPv4NetworkAddress.ps1 @@ -34,7 +34,7 @@ Function ConvertTo-IPv4NetworkAddress { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([System.Net.IpAddress])] Param ( @@ -86,7 +86,8 @@ Function ConvertTo-IPv4NetworkAddress { $IntegerIPv4SubnetMask = 0 $IntegerNetworkAddress = 0 [IpAddress]$NetworkAddress - } + } #end Begin + Process { # Get IPv4 address as an Integer $IntegerIPv4Address = ConvertTo-IPv4Integer -Ipv4Address $IPv4Address @@ -107,14 +108,14 @@ Function ConvertTo-IPv4NetworkAddress { # Convert Integer to Network Address $NetworkAddress = ConvertTo-IntegerIPv4 -Integer $IntegerNetworkAddress Write-Verbose -Message ('Network Address {0} to Integer: {1}' -f $NetworkAddress, $IntegerNetworkAddress) - } + } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'finding network address based on IP Address and Subnet Mask.' + ) + Write-Verbose -Message $txt return $NetworkAddress - } -} + } #end End +} #end Function diff --git a/Public/ConvertTo-IntegerIPv4.ps1 b/Public/ConvertTo-IntegerIPv4.ps1 index 8dffeb3..9c497f7 100644 --- a/Public/ConvertTo-IntegerIPv4.ps1 +++ b/Public/ConvertTo-IntegerIPv4.ps1 @@ -18,8 +18,9 @@ function ConvertTo-IntegerIPv4 { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([System.Net.IpAddress])] + Param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, @@ -41,10 +42,9 @@ function ConvertTo-IntegerIPv4 { ############################## # Module imports - - ############################## # Variables Definition + } #end Begin Process { @@ -62,9 +62,10 @@ function ConvertTo-IntegerIPv4 { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'converting Integer to IPv4.' + ) + Write-Verbose -Message $txt } #end End + } #end Function diff --git a/Public/ConvertTo-WmiFilter.ps1 b/Public/ConvertTo-WmiFilter.ps1 index 06f0ee1..d3216d8 100644 --- a/Public/ConvertTo-WmiFilter.ps1 +++ b/Public/ConvertTo-WmiFilter.ps1 @@ -29,6 +29,7 @@ function ConvertTo-WmiFilter { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] Param ( [Microsoft.ActiveDirectory.Management.ADObject[]] $ADObject @@ -102,9 +103,9 @@ function ConvertTo-WmiFilter { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished converting the WMI filter." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'converting the WMI filter.' + ) + Write-Verbose -Message $txt } #end Function -} +} #end Function diff --git a/Public/Get-AdSite.ps1 b/Public/Get-AdSite.ps1 index 0d89231..fa461b2 100644 --- a/Public/Get-AdSite.ps1 +++ b/Public/Get-AdSite.ps1 @@ -16,8 +16,9 @@ function Get-AdSite { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] [OutputType([array])] + Param () Begin { @@ -36,19 +37,19 @@ function Get-AdSite { ############################## # Variables Definition - } + } #end Begin Process { Write-Verbose -Message "Get AD Site List `r" [array] $ADSites = [DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest().Sites - } + } #end Process End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'getting AD Sites.' + ) + Write-Verbose -Message $txt Return $ADSites - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished getting AD Sites." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + } #end End +} #end Function diff --git a/Public/Get-AllAdSiteLink.ps1 b/Public/Get-AllAdSiteLink.ps1 index be29fa7..7c10cd5 100644 --- a/Public/Get-AllAdSiteLink.ps1 +++ b/Public/Get-AllAdSiteLink.ps1 @@ -16,8 +16,9 @@ function Get-AllAdSiteLink { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] [OutputType([array])] + Param () Begin { @@ -37,10 +38,10 @@ function Get-AllAdSiteLink { ############################## # Variables Definition - $ADSiteDN = 'CN=Sites,{0}' -f ([ADSI]'LDAP://RootDSE').configurationNamingContext.ToString() + $ADSiteDN = 'CN=Sites,{0}' -f $Variables.configurationNamingContext #$SubnetsDN = 'CN=Subnets,{0}' -f $ADSiteDN #$ADSiteLinksDN = 'CN=IP,CN=Inter-Site Transports,{0}' -f $ADSiteDN - } + } #end Begin Process { Write-Verbose -Message "Get List of AD Site Links `r" @@ -50,14 +51,14 @@ function Get-AllAdSiteLink { $ADSiteLinksCount = $ADSiteLinks.Count Write-Output -InputObject ("There are {0} AD Site Links in {1} `r" -f $ADSiteLinksCount, $env:USERDNSDOMAIN) - } + } #end Process End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'getting SiteLinks.' + ) + Write-Verbose -Message $txt Return $ADSiteLinks - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished getting SiteLinks." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + } #end End +} #end Function diff --git a/Public/Get-AllAdSubnet.ps1 b/Public/Get-AllAdSubnet.ps1 index 5037aeb..c7f1a57 100644 --- a/Public/Get-AllAdSubnet.ps1 +++ b/Public/Get-AllAdSubnet.ps1 @@ -16,8 +16,9 @@ function Get-AllAdSubnet { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] [OutputType([array])] + Param () Begin { @@ -37,7 +38,8 @@ function Get-AllAdSubnet { ############################## # Variables Definition - } + } #end Begin + Process { #Get a reference to the RootDSE of the current domain $ADConfigurationNamingContext = ([ADSI]'LDAP://RootDSE').configurationNamingContext @@ -45,13 +47,14 @@ function Get-AllAdSubnet { [array] $ADSubnets = Get-ADObject -Filter { objectclass -eq 'subnet' } -SearchBase $ADConfigurationNamingContext -Properties * - } + } #end Process + End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'getting AD Subnets.' + ) + Write-Verbose -Message $txt Return $ADSubnets - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished getting AD Subnets." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + } #end End +} #end Function diff --git a/Public/Grant-NTFSPermission.ps1 b/Public/Grant-NTFSPermission.ps1 index 9386493..d451102 100644 --- a/Public/Grant-NTFSPermission.ps1 +++ b/Public/Grant-NTFSPermission.ps1 @@ -20,10 +20,15 @@ function Grant-NTFSPermission { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # Param1 path to the resource|folder - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Absolute path to the object', Position = 0)] [ValidateNotNull()] @@ -32,7 +37,10 @@ function Grant-NTFSPermission { $path, # Param2 object or SecurityPrincipal - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Name of the Identity getting the permission.', Position = 1)] [ValidateNotNull()] @@ -41,7 +49,10 @@ function Grant-NTFSPermission { $object, # Param3 permission - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Permission of the object', Position = 2)] [ValidateNotNull()] @@ -49,6 +60,7 @@ function Grant-NTFSPermission { [string] $permission ) + Begin { $error.Clear() @@ -62,12 +74,9 @@ function Grant-NTFSPermission { ############################## # Module imports - - ############################## # Variables Definition - # Possible values for FileSystemRights are: # ReadAndExecute, AppendData, CreateFiles, read, write, Modify, FullControl $FileSystemRights = [Security.AccessControl.FileSystemRights]$PSBoundParameters['permission'] @@ -75,7 +84,8 @@ function Grant-NTFSPermission { $InheritanceFlag = [Security.AccessControl.InheritanceFlags]'ContainerInherit, ObjectInherit' $PropagationFlag = [Security.AccessControl.PropagationFlags]::None $AccessControlType = [Security.AccessControl.AccessControlType]::Allow - } + } #end Begin + Process { Try { $Account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList $PSBoundParameters['object'] @@ -90,12 +100,14 @@ function Grant-NTFSPermission { } catch { Write-Error -Message 'Error granting NTFS permissions' throw - } - } + } #end Try-Catch + } #end Process + End { - Write-Verbose -Message ('The User/Group {0} was given {1} to folder {2}.' -f $PSBoundParameters['object'], $PSBoundParameters['permission'], $PSBoundParameters['path']) - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'changing NTFS permissions.' + ) + Write-Verbose -Message $txt + } #end End + +} #end Function diff --git a/Public/Import-MyModule.ps1 b/Public/Import-MyModule.ps1 index 8aca609..39b7645 100644 --- a/Public/Import-MyModule.ps1 +++ b/Public/Import-MyModule.ps1 @@ -26,6 +26,7 @@ Function Import-MyModule { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $false, ConfirmImpact = 'Medium')] + [OutputType([void])] Param ( @@ -41,6 +42,11 @@ Function Import-MyModule { $name, # Indicates whether to force the import of the module + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, + Position = 1)] [switch] $Force ) @@ -56,8 +62,6 @@ Function Import-MyModule { ############################## # Module imports - - ############################## # Variables Definition @@ -99,9 +103,9 @@ Function Import-MyModule { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished importing module." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'importing module.' + ) + Write-Verbose -Message $txt } #end End -} +} #end Function diff --git a/Public/New-AGPMobject.ps1 b/Public/New-AGPMobject.ps1 index b5bffd2..4b161b0 100644 --- a/Public/New-AGPMobject.ps1 +++ b/Public/New-AGPMobject.ps1 @@ -25,6 +25,8 @@ http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + + Param( # PARAM1 full path to the configuration.xml file [Parameter(Mandatory = $true, @@ -43,6 +45,7 @@ ValueFromRemainingArguments = $false, HelpMessage = 'Path to all the scripts and files needed by this function', Position = 1)] + [PSDefaultValue(Help = 'Default Value is "C:\PsScripts\"')] [string] $DMscripts = 'C:\PsScripts\' ) @@ -112,15 +115,16 @@ # It Admin Rights OU Distinguished Name $ItRightsOuDn = 'OU={0},{1}' -f $ItRightsOu, $ItAdminOuDn - $Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + [hashtable]$Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + + } #end Begin - #endregion Declarations - ################################################################################ - } Process { ############################################################################### #region Creating Service account + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Creating Service account') + # Create the new Temporary Service Account with special values # This TEMP SA will be used for AGMP Server setup. Afterwards will be replaced by a MSA $Splat = @{ @@ -154,8 +158,12 @@ #http://blogs.msdn.com/b/openspecification/archive/2011/05/31/windows-configurations-for-kerberos-supported-encryption-type.aspx # 'msDS-SupportedEncryptionTypes'= Kerberos DES Encryption = 2, Kerberos AES 128 = 8, Kerberos AES 256 = 16 + $Splat = @{ + Identity = ('{0}{1}{2}' -f $NC['sg'], $NC['Delim'], $confXML.n.Admin.GG.Tier0ServiceAccount.Name) + Members = $SA_AGPM + } # Make it member of Tier 0 ServiceAccount groups - Add-AdGroupNesting -Identity ('{0}{1}{2}' -f $NC['sg'], $NC['Delim'], $confXML.n.Admin.GG.Tier0ServiceAccount.Name) -Members $SA_AGPM + Add-AdGroupNesting @Splat # http://blogs.msdn.com/b/muaddib/archive/2013/12/30/how-to-modify-security-inheritance-on-active-directory-objects.aspx @@ -221,6 +229,8 @@ ############################################################################### #region Create AGPM groups + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Create AGPM groups') + # AdminRights group is created by default on CentralItOU procedure. Is the default delegated Admin for OUs #New-ADGroup -Name "SG_AllSiteAdmins" -SamAccountName SG_AllSiteAdmins -GroupCategory Security -GroupScope Global -DisplayName "All Sites Admins" -Path $ItPGOuDn -Description "Members of this group are Site Administrators of all sites" @@ -271,14 +281,21 @@ ############################################################################### # Apply the PSO to the corresponding Groups - Add-ADFineGrainedPasswordPolicySubject -Identity $confXML.n.Admin.PSOs.ItAdminsPSO.Name -Subjects $SL_GpoApproverRight, $SL_GpoEditorRight, $SL_GpoReviewerRight + $Splat = @{ + Identity = $confXML.n.Admin.PSOs.ItAdminsPSO.Name + Subjects = $SL_GpoApproverRight, $SL_GpoEditorRight, $SL_GpoReviewerRight + } + Add-ADFineGrainedPasswordPolicySubject @Splat ############################################################################### # Nest Groups - Security for RODC # Avoid having privileged or semi-privileged groups copy to RODC - - Add-ADGroupMember -Identity 'Denied RODC Password Replication Group' -Members $SL_GpoApproverRight, $SL_GpoEditorRight, $SL_GpoReviewerRight + $Splat = @{ + Identity = 'Denied RODC Password Replication Group' + Members = $SL_GpoApproverRight, $SL_GpoEditorRight, $SL_GpoReviewerRight + } + Add-ADGroupMember @Splat ############################################################################### @@ -306,10 +323,10 @@ } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) created objects and Delegations successfully." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating objects and Delegations.' + ) + Write-Verbose -Message $txt }#end End } #end Function diff --git a/Public/New-AdDelegatedGroup.ps1 b/Public/New-AdDelegatedGroup.ps1 index 0f67555..7dae881 100644 --- a/Public/New-AdDelegatedGroup.ps1 +++ b/Public/New-AdDelegatedGroup.ps1 @@ -322,10 +322,10 @@ } # End Process section End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished creating Delegated Group." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating Delegated Group.' + ) + Write-Verbose -Message $txt #Return the group object. return $newGroup diff --git a/Public/New-AreaShareNTFS.ps1 b/Public/New-AreaShareNTFS.ps1 index 45f4d44..157022e 100644 --- a/Public/New-AreaShareNTFS.ps1 +++ b/Public/New-AreaShareNTFS.ps1 @@ -22,66 +22,81 @@ function New-AreaShareNTFS { #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] [OutputType([String])] + Param ( # Param1 Sharename - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Name of the share to be created', - Position = 0)] - [ValidateNotNull()] + Position = 0)] [ValidateNotNullOrEmpty()] [string] $ShareName, # Param2 Read group - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Name of the group with Read-Only permissions', - Position = 1)] - [ValidateNotNull()] + Position = 1)] [ValidateNotNullOrEmpty()] [string] $readGroup, # Param3 Change Group - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Name of the group with Change permissions', - Position = 2)] - [ValidateNotNull()] + Position = 2)] [ValidateNotNullOrEmpty()] [string] $changeGroup, # Param4 All Site Admins group - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Name of the group with Full permissions', - Position = 3)] - [ValidateNotNull()] + Position = 3)] [ValidateNotNullOrEmpty()] [string] $SG_SiteAdminsGroup, # Param5 Path to the site - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'DistinguishedName where the new Groups will be created.', - Position = 4)] - [ValidateNotNull()] + Position = 4)] [ValidateNotNullOrEmpty()] [string] $sitePath, # Param6 - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Absolute path to the root Share folder (e.g. "C:\Shares\")', - Position = 5)] - [ValidateNotNull()] + Position = 5)] [ValidateNotNullOrEmpty()] [string] $ShareLocation, # Param7 - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'The root share name for general areas.', - Position = 6)] - [ValidateNotNull()] + Position = 6)] [ValidateNotNullOrEmpty()] [string] $AreasName @@ -98,42 +113,40 @@ function New-AreaShareNTFS { ############################## # Module imports - - ############################## # Variables Definition # Create Full Share Name $FullShareName = '{0}\{1}\{2}' -f $PSBoundParameters['ShareLocation'], $PSBoundParameters['AreasName'], $PSBoundParameters['ShareName'] - $Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + $Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) } #end Begin Process { - If(-not(test-path -Path $FullShareName)) { + If (-not(Test-Path -Path $FullShareName)) { # Create the new Directory New-Item -Path $FullShareName -ItemType Directory } #end If # Create the associated READ group $Splat = @{ - Name = $PSBoundParameters['readGroup'] - GroupCategory = 'Security' - GroupScope = 'DomainLocal' - DisplayName = $PSBoundParameters['readGroup'] - Path = $PSBoundParameters['sitePath'] - Description = 'Read Access to Share {0}' -f $PSBoundParameters['ShareName'] + Name = $PSBoundParameters['readGroup'] + GroupCategory = 'Security' + GroupScope = 'DomainLocal' + DisplayName = $PSBoundParameters['readGroup'] + Path = $PSBoundParameters['sitePath'] + Description = 'Read Access to Share {0}' -f $PSBoundParameters['ShareName'] } New-AdDelegatedGroup @Splat # Create the associated Modify group $Splat = @{ - Name = $PSBoundParameters['changeGroup'] - GroupCategory = 'Security' - GroupScope = 'DomainLocal' - DisplayName = $PSBoundParameters['changeGroup'] - Path = $PSBoundParameters['sitePath'] - Description = 'Read Access to Share {0}' -f $PSBoundParameters['ShareName'] + Name = $PSBoundParameters['changeGroup'] + GroupCategory = 'Security' + GroupScope = 'DomainLocal' + DisplayName = $PSBoundParameters['changeGroup'] + Path = $PSBoundParameters['sitePath'] + Description = 'Read Access to Share {0}' -f $PSBoundParameters['ShareName'] } New-AdDelegatedGroup @Splat @@ -153,10 +166,10 @@ function New-AreaShareNTFS { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished creating the share." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating shares.' + ) + Write-Verbose -Message $txt } #end End } #end Function diff --git a/Public/New-CaObject.ps1 b/Public/New-CaObject.ps1 index 3cc4b5f..6e97594 100644 --- a/Public/New-CaObject.ps1 +++ b/Public/New-CaObject.ps1 @@ -18,9 +18,14 @@ http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # PARAM1 full path to the configuration.xml file - [Parameter(Mandatory = $true, ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $True, + ValueFromPipelineByPropertyName = $True, + ValueFromRemainingArguments = $false, HelpMessage = 'Full path to the configuration.xml file', Position = 0)] [string] @@ -46,9 +51,6 @@ #Get the OS Installation Type $OsInstalationType = Get-ItemProperty -Path 'HKLM:Software\Microsoft\Windows NT\CurrentVersion' | Select-Object -ExpandProperty InstallationType - ################################################################################ - #region Declarations - try { # Check if Config.xml file is loaded. If not, proceed to load it. If (-Not (Test-Path -Path variable:confXML)) { @@ -97,7 +99,7 @@ # It Admin Rights OU Distinguished Name $ItRightsOuDn = 'OU={0},{1}' -f $ItRightsOu, $ItAdminOuDn - $Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + [hashtable]$Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) #endregion Declarations ################################################################################ @@ -332,14 +334,22 @@ LoadDefaultTemplates=0 $SL_PkiTemplRight = New-AdDelegatedGroup @Splat # Apply the PSO to the corresponding Groups - Add-ADFineGrainedPasswordPolicySubject -Identity $confXML.n.Admin.PSOs.ItAdminsPSO.Name -Subjects $SG_PkiAdmins, $SG_PkiTemplAdmins, $SL_PkiRight, $SL_PkiTemplRight + $Splat = @{ + Identity = $confXML.n.Admin.PSOs.ItAdminsPSO.Name + Subjects = $SG_PkiAdmins, $SG_PkiTemplAdmins, $SL_PkiRight, $SL_PkiTemplRight + } + Add-ADFineGrainedPasswordPolicySubject @Splat ############################################################################### # Nest Groups - Security for RODC # Avoid having privileged or semi-privileged groups copy to RODC - Add-ADGroupMember -Identity 'Denied RODC Password Replication Group' -Members $SG_PkiAdmins, $SG_PkiTemplAdmins, $SL_PkiRight, $SL_PkiTemplRight + $Splat = @{ + Identity = 'Denied RODC Password Replication Group' + Members = $SG_PkiAdmins, $SG_PkiTemplAdmins, $SL_PkiRight, $SL_PkiTemplRight + } + Add-ADGroupMember @Splat ############################################################################### @@ -576,14 +586,13 @@ Invoke-Command -ComputerName $GatewayServerName -ScriptBlock { #> - } #end Process End { - Write-Verbose -Message ('Function {0} created Certificate Authority objects and Delegations successfully.' -f $MyInvocation.InvocationName) - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating created Certificate Authority objects and Delegations.' + ) + Write-Verbose -Message $txt } #end End } #end Function diff --git a/Public/New-CentralItOU.ps1 b/Public/New-CentralItOU.ps1 index ce6e23d..bd30fb1 100644 --- a/Public/New-CentralItOU.ps1 +++ b/Public/New-CentralItOU.ps1 @@ -558,7 +558,8 @@ #endregion Declarations ################################################################################ - } + } #end Begin + Process { ############################################################################### # Create IT Admin and Sub OUs @@ -3400,11 +3401,15 @@ New-DHCPobject -ConfigXMLFile $ConfXML } - } + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished creating central OU." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating central OU.' + ) + Write-Verbose -Message $txt + + } #end End + +} #end Function diff --git a/Public/New-DelegateAdGpo.ps1 b/Public/New-DelegateAdGpo.ps1 index 5447d9b..5b81f4f 100644 --- a/Public/New-DelegateAdGpo.ps1 +++ b/Public/New-DelegateAdGpo.ps1 @@ -298,10 +298,10 @@ } # End Process Section End { - Write-Verbose -Message ('Function New-DelegateAdGpo Finished creating {0} GPO' -f $gpoName) - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating GPO.' + ) + Write-Verbose -Message $txt return $gpoAlreadyExist } # End END Section diff --git a/Public/New-DelegateAdOU.ps1 b/Public/New-DelegateAdOU.ps1 index ba7ecc7..58f3ba1 100644 --- a/Public/New-DelegateAdOU.ps1 +++ b/Public/New-DelegateAdOU.ps1 @@ -177,7 +177,7 @@ function New-DelegateAdOU { ############################## # Module imports - Import-Module -name 'EguibarIT.DelegationPS' -SkipEditionCheck -Force -Verbose:$false | Out-Null + Import-Module -Name 'EguibarIT.DelegationPS' -SkipEditionCheck -Force -Verbose:$false | Out-Null ############################## @@ -268,11 +268,11 @@ function New-DelegateAdOU { } #end Process End { + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating new delegated OU.' + ) + Write-Verbose -Message $txt - Write-Verbose -Message ('Function New-DelegateAdOU finished {0}' -f $ouNameDN) - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' return $OUexists } #end End } #end Function diff --git a/Public/New-DelegateSiteOU.ps1 b/Public/New-DelegateSiteOU.ps1 index 5947227..72c3e8c 100644 --- a/Public/New-DelegateSiteOU.ps1 +++ b/Public/New-DelegateSiteOU.ps1 @@ -139,11 +139,14 @@ http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] - [OutputType([String])] - Param - ( + [OutputType([void])] + + Param ( # Param1 Site Name - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Name of the OU corresponding to the SITE root', Position = 0)] [ValidateNotNullOrEmpty()] @@ -151,20 +154,29 @@ $ouName, # Param2 OU Description - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'Description of the OU', Position = 1)] [string] $ouDescription, # Param3 OU City - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, Position = 2)] [string] $ouCity, # Param4 OU Country - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, Position = 3)] [ValidatePattern('[a-zA-Z]*')] [ValidateLength(2, 2)] @@ -172,46 +184,67 @@ $ouCountry, # Param5 OU Street Address - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, Position = 4)] [string] $ouStreetAddress, # Param6 OU State - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, Position = 5)] [string] $ouState, # Param7 OU Postal Code - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, Position = 6)] [string] $ouZIPCode, # Param8 Create Exchange Objects - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'If present It will create all needed Exchange objects and containers.', Position = 7)] [switch] $CreateExchange, # Param9 Create LAPS Objects - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, + ValueFromRemainingArguments = $false, HelpMessage = 'If present It will create all needed LAPS objects, containers and delegations.', Position = 8)] [switch] $CreateLAPS, # PARAM10 full path to the configuration.xml file - [Parameter(Mandatory = $false, ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $false, + ValueFromPipeline = $True, + ValueFromPipelineByPropertyName = $True, + ValueFromRemainingArguments = $false, HelpMessage = 'Full path to theGPO backup files', Position = 9)] [string] $GpoBackupPath, # PARAM11 full path to the configuration.xml file - [Parameter(Mandatory = $true, ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True, ValueFromRemainingArguments = $false, + [Parameter(Mandatory = $true, + ValueFromPipeline = $True, + ValueFromPipelineByPropertyName = $True, + ValueFromRemainingArguments = $false, HelpMessage = 'Full path to the configuration.xml file', Position = 10)] [string] @@ -345,12 +378,10 @@ # parameters variable for splatting the CMDlets - $splat = $null + [hashtable]$Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + } #end Begin - # END variables - #------------------------------------------------------------------------------ - } Process { # Checking if the OU exist is done prior calling this function. @@ -381,6 +412,8 @@ ############################################################################### #region Create SITE Sub-OU + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Creating Site sub-OUs') + # --- USER CLASS --- $splat = @{ ouName = $confXML.n.Sites.OUs.OuSiteUser.Name @@ -432,15 +465,17 @@ - Write-Verbose -Message ('Create requiered groups for the site {0}' -f $PSBoundParameters['ouName']) + Write-Verbose -Message ('Create required groups for the site {0}' -f $PSBoundParameters['ouName']) ############################################################################### #region Create the required Right's Local Domain groups + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Creating the required Rights Local Domain groups') + # Iterate through all Site-LocalGroups child nodes Foreach ($node in $confXML.n.Sites.LG.ChildNodes) { Write-Verbose -Message ('Create group {0}' -f ('{0}{1}{2}{1}{3}' -f $NC['sl'], $NC['Delim'], $node.Name, $PSBoundParameters['ouName'])) - $parameters = @{ + $Splat = @{ Name = '{0}{1}{2}{1}{3}' -f $NC['sl'], $NC['Delim'], $node.Name, $PSBoundParameters['ouName'] GroupCategory = 'Security' GroupScope = 'DomainLocal' @@ -453,7 +488,7 @@ RemovePreWin2000 = $True } - New-Variable -Name "$('SL{0}{1}' -f $NC['Delim'], $node.LocalName)" -Value (New-AdDelegatedGroup @parameters) -Force + New-Variable -Name "$('SL{0}{1}' -f $NC['Delim'], $node.LocalName)" -Value (New-AdDelegatedGroup @Splat) -Force } #endregion @@ -462,11 +497,12 @@ ############################################################################### #region Create the required Admin Global groups + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Creating the required Admin Global groups') # Iterate through all Site-GlobalGroups child nodes Foreach ($node in $confXML.n.Sites.GG.ChildNodes) { Write-Verbose -Message ('Create group {0}' -f ('{0}{1}{2}{1}{3}' -f $NC['sg'], $NC['Delim'], $node.Name, $PSBoundParameters['ouName'])) - $parameters = @{ + $Splat = @{ Name = '{0}{1}{2}{1}{3}' -f $NC['sg'], $NC['Delim'], $node.Name, $PSBoundParameters['ouName'] GroupCategory = 'Security' GroupScope = 'Global' @@ -478,7 +514,7 @@ RemoveEveryone = $True RemovePreWin2000 = $True } - New-Variable -Name "$('SG{0}{1}' -f $NC['Delim'], $node.LocalName)" -Value (New-AdDelegatedGroup @parameters) -Force + New-Variable -Name "$('SG{0}{1}' -f $NC['Delim'], $node.LocalName)" -Value (New-AdDelegatedGroup @Splat) -Force } #endregion @@ -491,6 +527,8 @@ ############################################################################### #region Add group membership & nesting + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Adding group membership & nesting') + #region NESTING Global groups into Domain Local Groups -> order Less privileged to more privileged Add-AdGroupNesting -Identity $SL_PwdRight -Members $SG_PwdAdmins, $SG_GALAdmins, $SG_SiteAdmins @@ -541,6 +579,8 @@ ############################################################################### #region Create basic GPO + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Creating basic GPO') + # Create Desktop Baseline $splat = @{ gpoDescription = '{0}-{1}' -f $ouName, $confXML.n.Sites.OUs.OuSiteComputer.Name @@ -575,6 +615,8 @@ ############################################################################### #region Configure GPO + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Configuring GPO') + # Configure Users If ($confXML.n.Sites.OUs.OuSiteUser.backupID) { $splat = @{ @@ -713,6 +755,8 @@ ############################################################################### #region Delegate GPO + Write-Verbose -Message ($Constants.NewRegionMessage -f 'Delegating GPO') + # Give Rights to SG_SiteAdmin_XXXX to $ouName + -Desktop Write-Verbose -Message ('Add Local Admin to new {0}-{1}' -f $PSBoundParameters['ouName'], $confXML.n.Sites.OUs.OuSiteComputer.Name) $splat = @{ @@ -810,13 +854,15 @@ # Local Server LAPS delegation Set-AdAclLaps -ResetGroup $SL_LocalServerRight.SamAccountName -ReadGroup $SL_LocalServerRight.SamAccountName -LDAPpath ('OU={0},{1}' -f $confXML.n.Sites.OUs.OuSiteLocalServer.Name, $ouNameDN) - } - } - } + } #end If + } #end If + } #end Process + End { - Write-Verbose -Message ("Function $($MyInvocation.InvocationName) finished creating creating Site {0}" -f $PSBoundParameters['ouName']) - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating Site OU structure.' + ) + Write-Verbose -Message $txt + } #end End + +} #end Function diff --git a/Public/New-DfsObject.ps1 b/Public/New-DfsObject.ps1 index 1e651e3..39e7fd0 100644 --- a/Public/New-DfsObject.ps1 +++ b/Public/New-DfsObject.ps1 @@ -27,6 +27,8 @@ http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param( # PARAM1 full path to the configuration.xml file [Parameter(Mandatory = $true, @@ -38,6 +40,7 @@ [string] $ConfigXMLFile ) + Begin { $error.Clear() @@ -108,7 +111,8 @@ #endregion Declarations ################################################################################ - } + } #end Begin + Process { # Check if feature is installed, if not then proceed to install it. If (-not((Get-WindowsFeature -Name FS-DFS-Namespace).Installed)) { @@ -172,11 +176,12 @@ # Distributed File System # Full control over DFS-Configuration & DFSR-GlobalSettings Set-AdAclFullControlDFS -Group $SL_DfsRight.SamAccountName - } + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) created DFS objects and Delegations successfully." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating DFS objects and Delegations.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/New-DhcpObject.ps1 b/Public/New-DhcpObject.ps1 index 824d3d8..bdbf1f7 100644 --- a/Public/New-DhcpObject.ps1 +++ b/Public/New-DhcpObject.ps1 @@ -29,6 +29,8 @@ http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # PARAM1 full path to the configuration.xml file @@ -109,11 +111,7 @@ # It Admin Rights OU Distinguished Name $ItRightsOuDn = 'OU={0},{1}' -f $ItRightsOu, $ItAdminOuDn - #endregion Declarations - ################################################################################ - - - } + } #end Begin Process { ############################################################################### @@ -171,12 +169,12 @@ # Dynamic Host Configuration Protocol (DHCP) Set-AdAclFullControlDHCP -Group $SL_DHCPRight.SamAccountName - } + } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) created DHCP objects and Delegations successfully." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating DHCP objects and Delegations.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/New-EitAdSite.ps1 b/Public/New-EitAdSite.ps1 index 6bb894a..41965bd 100644 --- a/Public/New-EitAdSite.ps1 +++ b/Public/New-EitAdSite.ps1 @@ -16,8 +16,9 @@ function New-EitAdSite { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] - [OutputType([string])] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # Param1 New Site name @@ -56,11 +57,12 @@ function New-EitAdSite { $ADConfigurationNamingContext = ([ADSI]'LDAP://RootDSE').configurationNamingContext.ToString() # Get the Sites container - $ADSiteDN = "CN=Sites,$ADConfigurationNamingContext" + $ADSiteDN = 'CN=Sites,{0}' -f $variables.configurationNamingContext Write-Verbose -Message "Set necessary site variables `r " $NewADSiteDN = 'CN={0},{1}' -f $PSBoundParameters['NewSiteName'], $ADSiteDN - } + } #end Begin + Process { If (Test-Path -Path AD:$NewADSiteDN) { Write-Warning -Message ('The site {0} already exist. Please review the name and try again' -f $PSBoundParameters['NewSiteName']) @@ -97,11 +99,12 @@ function New-EitAdSite { } }#end elseIf }#end elseIf - } + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished creating new AD Site." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating new AD Site.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/New-ExchangeObject.ps1 b/Public/New-ExchangeObject.ps1 index 6a0a12f..ae3fec4 100644 --- a/Public/New-ExchangeObject.ps1 +++ b/Public/New-ExchangeObject.ps1 @@ -18,6 +18,7 @@ Function New-ExchangeObject { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] Param( # PARAM1 full path to the configuration.xml file @@ -41,6 +42,7 @@ Function New-ExchangeObject { [string] $DMscripts = 'C:\PsScripts\' ) + Begin { $error.Clear() @@ -184,9 +186,8 @@ Function New-ExchangeObject { # Quarantine OU Distinguished Name $ItQuarantineOuDn = 'OU={0},{1}' -f $ItQuarantineOu, $Variables.AdDn - #endregion Declarations - ################################################################################ - } + } #end Begin + Process { ############################################################################### # Create Sub-OUs for admin @@ -353,11 +354,12 @@ Function New-ExchangeObject { # Configure EDGE GPO #Import-GPO -BackupId $confXML.n.AdminXtra.GPOs.ExEdge.backupID -TargetName ('C-{0}-Baseline' -f $ExEdgeOuDn) -path (Join-Path -Path $DMscripts -ChildPath SecTmpl) - } + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished creating Exchange containers and objects." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating Exchange containers and objects.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/New-LapsObject.ps1 b/Public/New-LapsObject.ps1 index dd6f467..6a8dca8 100644 --- a/Public/New-LapsObject.ps1 +++ b/Public/New-LapsObject.ps1 @@ -30,6 +30,8 @@ Function New-LAPSobject { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # PARAM1 full path to the configuration.xml file @@ -39,9 +41,11 @@ Function New-LAPSobject { ValueFromRemainingArguments = $false, HelpMessage = 'Full path to the configuration.xml file', Position = 0)] + [PSDefaultValue(Help = 'Default Value is "C:\PsScripts\Confix.xml"')] [System.IO.FileInfo] - $ConfigXMLFile + $ConfigXMLFile = 'C:\PsScripts\Config.xml' ) + Begin { $error.Clear() @@ -188,7 +192,6 @@ Function New-LAPSobject { $SitesOuDn = 'OU={0},{1}' -f $SitesOu, $Variables.AdDn #endregion Declarations - ################################################################################ # Check if schema is extended for LAPS. Extend it if not. Try { @@ -221,7 +224,7 @@ Function New-LAPSobject { } Finally { Write-Verbose -Message 'Schema was extended successfully for LAPS.' }#end finally - } + } #end Begin Process { # Make Infrastructure Servers modifications @@ -272,11 +275,12 @@ Function New-LAPSobject { #> } }#end foreach - } + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) created LAPS and Delegations successfully." - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating LAPS and Delegations.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/New-LocalLogonTask.ps1 b/Public/New-LocalLogonTask.ps1 index 322b10c..b06e009 100644 --- a/Public/New-LocalLogonTask.ps1 +++ b/Public/New-LocalLogonTask.ps1 @@ -14,11 +14,14 @@ function New-LocalLogonTask { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # Param1 help description - [Parameter(Mandatory = $true, HelpMessage = 'Add help message for user', + [Parameter(Mandatory = $true, + HelpMessage = 'Add help message for user', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, @@ -28,7 +31,8 @@ function New-LocalLogonTask { $name, # Param2 help description - [Parameter(Mandatory = $true, HelpMessage = 'Add help message for user', + [Parameter(Mandatory = $true, + HelpMessage = 'Add help message for user', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, @@ -38,7 +42,8 @@ function New-LocalLogonTask { $Description, # Param3 help description - [Parameter(Mandatory = $true, HelpMessage = 'Add help message for user', + [Parameter(Mandatory = $true, + HelpMessage = 'Add help message for user', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, @@ -48,7 +53,8 @@ function New-LocalLogonTask { $Author, # Param4 help description - [Parameter(Mandatory = $true, HelpMessage = 'Add help message for user', + [Parameter(Mandatory = $true, + HelpMessage = 'Add help message for user', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, @@ -87,12 +93,11 @@ function New-LocalLogonTask { ############################## # Module imports - - ############################## # Variables Definition - } + } #end Begin + Process { # https://msdn.microsoft.com/en-us/library/windows/desktop/aa383607(v=vs.85).aspx try { @@ -139,11 +144,12 @@ function New-LocalLogonTask { Write-Error -Message 'Error when creating new logon task' throw } - } + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished creating new task." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating new task.' + ) + Write-Verbose -Message $txt + } #end End +} #end Process diff --git a/Public/New-TimePolicyGPO.ps1 b/Public/New-TimePolicyGPO.ps1 index 76116f8..8bacf2c 100644 --- a/Public/New-TimePolicyGPO.ps1 +++ b/Public/New-TimePolicyGPO.ps1 @@ -16,7 +16,9 @@ Function New-TimePolicyGPO { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # Param1 GPO Name @@ -96,18 +98,14 @@ Function New-TimePolicyGPO { ############################## # Module imports - - ############################## # Variables Definition - - $msWMIAuthor = (Get-ADUser -Identity $env:USERNAME).Name # Create WMI Filter $WMIGUID = [string]'{' + ([Guid]::NewGuid()) + '}' - $WMIDN = 'CN=' + $WMIGUID + ',CN=SOM,CN=WMIPolicy,CN=System,{0}' -f ([ADSI]'LDAP://RootDSE').DefaultNamingContext.ToString() + $WMIDN = 'CN={0},CN=SOM,CN=WMIPolicy,CN=System,{1}' -f $WMIGUID, $Variables.defaultNamingContext $WMICN = $WMIGUID $WMIdistinguishedname = $WMIDN $WMIID = $WMIGUID @@ -134,7 +132,7 @@ Function New-TimePolicyGPO { 'msWMI-CreationDate' = $msWMICreationDate } - $WMIPath = ('CN=SOM,CN=WMIPolicy,CN=System,{0}' -f ([ADSI]'LDAP://RootDSE').DefaultNamingContext.ToString()) + $WMIPath = 'CN=SOM,CN=WMIPolicy,CN=System,{0}' -f $Variables.defaultNamingContext $ExistingWMIFilters = Get-ADObject -Filter 'objectClass -eq "msWMI-Som"' -Properties 'msWMI-Name', 'msWMI-Parm1', 'msWMI-Parm2' $array = @() @@ -147,14 +145,14 @@ Function New-TimePolicyGPO { } } Else { $array += 'no filters' - } + } #end If-Else if ($array -notcontains $msWMIName) { Write-Output ('Creating the {0} WMI Filter...' -f $msWMIName) $WMIFilterADObject = New-ADObject -name $WMICN -type 'msWMI-Som' -Path $WMIPath -OtherAttributes $Attr } Else { Write-Warning -Message ('The {0} WMI Filter already exists.' -f $msWMIName) - } + } #end If-Else $WMIFilterADObject = $null @@ -220,14 +218,13 @@ Function New-TimePolicyGPO { Write-Warning -Message ('The {0} Group Policy Object already exists.' -f $PSBoundParameters['gpoName']) Write-Output ('Adding the {0} WMI Filter...' -f $msWMIName) $ExistingGPO.WmiFilter = ConvertTo-WmiFilter $WMIFilterADObject - } - } + } #end If-Else + } #end Process End { - Write-Output "Completed.`n" - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished creating the Time Policy GPO." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating the Time Policy GPO.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/New-WsusObjects.ps1 b/Public/New-WsusObjects.ps1 index edad287..3bb5052 100644 --- a/Public/New-WsusObjects.ps1 +++ b/Public/New-WsusObjects.ps1 @@ -16,7 +16,9 @@ Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Medium')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( ) Begin { @@ -36,8 +38,11 @@ ############################## # Variables Definition + [hashtable]$Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + #Get the OS Installation Type - $OsInstalationType = Get-ItemProperty -Path 'HKLM:Software\Microsoft\Windows NT\CurrentVersion' | Select-Object -ExpandProperty InstallationType + $RegPath = 'HKLM:Software\Microsoft\Windows NT\CurrentVersion' + $OsInstalationType = Get-ItemProperty -Path $RegPath | Select-Object -ExpandProperty InstallationType } # End Begin @@ -80,7 +85,16 @@ # Download Microsoft System CLR Types for SQL Server 2012 $URL = 'http://download.microsoft.com/download/F/E/D/FEDB200F-DE2A-46D8-B661-D019DFE9D470/ENU/x64/SQLSysClrTypes.msi' - Start-BitsTransfer -Source $URL -Destination $env:TEMP -Priority High -TransferType Download -RetryInterval 60 -RetryTimeout 180 -ErrorVariable err + $Splat = @{ + Source = $UR + Destination = $env:TEMP + Priority = 'High' + TransferType = 'Download' + RetryInterval = 60 + RetryTimeout = 180 + ErrorVariable = 'err' + } + Start-BitsTransfer @Splat if ($err) { Write-Error -Message 'Microsoft Microsoft System CLR Types for SQL Server 2014 could not be downloaded!. Please download and install it manually to use WSUS Reports.' } @@ -90,7 +104,7 @@ # Download MICROSOFT� REPORT VIEWER 2012 RUNTIME $URL = 'https://download.microsoft.com/download/F/B/7/FB728406-A1EE-4AB5-9C56-74EB8BDDF2FF/ReportViewer.msi' - Start-BitsTransfer -Source $URL -Destination $env:TEMP -Priority High -TransferType Download -RetryInterval 60 -RetryTimeout 180 -ErrorVariable err + Start-BitsTransfer @Splat if ($err) { Write-Error -Message 'Microsoft REPORT VIEWER 2015 RUNTIME could not be downloaded!. Please download and install it manually to use WSUS Reports.' } @@ -268,6 +282,7 @@ 'Visual Studio 2017', 'Windows 10, version 1809 and later, Upgrade & Servicing Drivers', 'Windows 10', + 'Windows 11', 'Windows Admin Center', 'Windows Defender', 'Windows Dictionary Updates', @@ -349,11 +364,8 @@ } # End Process End { - - Write-Verbose -Message ('Function {0} created Wsus objects and Delegations successfully.' -f $MyInvocation.InvocationName) - Write-Verbose -Message '' - Write-Verbose -Message '--------------------------------------------------------------------------------' - Write-Verbose -Message '' - + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'creating Wsus objects and Delegations.' + ) } # End end } # end function New-WsusObjects diff --git a/Public/Revoke-Inheritance.ps1 b/Public/Revoke-Inheritance.ps1 index b57d91e..a9b1d1e 100644 --- a/Public/Revoke-Inheritance.ps1 +++ b/Public/Revoke-Inheritance.ps1 @@ -78,8 +78,6 @@ ############################## # Module imports - - ############################## # Variables Definition @@ -120,9 +118,9 @@ } #end Process End { - Write-Verbose -Message ('The object {0} was removed inheritance.' -f $PSBoundParameters['LDAPpath']) - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'removing inheritance.' + ) + Write-Verbose -Message $txt } #end End } diff --git a/Public/Revoke-NTFSPermissions.ps1 b/Public/Revoke-NTFSPermissions.ps1 index f4ab26d..fbf5753 100644 --- a/Public/Revoke-NTFSPermissions.ps1 +++ b/Public/Revoke-NTFSPermissions.ps1 @@ -19,10 +19,13 @@ function Revoke-NTFSPermissions { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # Param1 path to the resource|folder - [Parameter(Mandatory = $true, HelpMessage = 'Add help message for user', + [Parameter(Mandatory = $true, + HelpMessage = 'Add help message for user', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, @@ -33,7 +36,8 @@ function Revoke-NTFSPermissions { $path, # Param2 object or SecurityPrincipal - [Parameter(Mandatory = $true, HelpMessage = 'Add help message for user', + [Parameter(Mandatory = $true, + HelpMessage = 'Add help message for user', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, @@ -44,7 +48,8 @@ function Revoke-NTFSPermissions { $object, # Param3 permission - [Parameter(Mandatory = $true, HelpMessage = 'Add help message for user', + [Parameter(Mandatory = $true, + HelpMessage = 'Add help message for user', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ValueFromRemainingArguments = $false, @@ -54,6 +59,7 @@ function Revoke-NTFSPermissions { [string] $permission ) + Begin { $error.Clear() @@ -67,33 +73,32 @@ function Revoke-NTFSPermissions { ############################## # Module imports - - ############################## # Variables Definition - } + $FileSystemRights = [Security.AccessControl.FileSystemRights]$permission + $InheritanceFlag = [Security.AccessControl.InheritanceFlags]'ContainerInherit, ObjectInherit' + $PropagationFlag = [Security.AccessControl.PropagationFlags]'None' + $AccessControlType = [Security.AccessControl.AccessControlType]::Allow + $Account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList ($object) + $FileSystemAccessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList ($Account, $FileSystemRights, $InheritanceFlag, $PropagationFlag, $AccessControlType) + $DirectorySecurity = Get-Acl -Path $path + } #end Begin Process { Try { - $FileSystemRights = [Security.AccessControl.FileSystemRights]$permission - $InheritanceFlag = [Security.AccessControl.InheritanceFlags]'ContainerInherit, ObjectInherit' - $PropagationFlag = [Security.AccessControl.PropagationFlags]'None' - $AccessControlType = [Security.AccessControl.AccessControlType]::Allow - $Account = New-Object -TypeName System.Security.Principal.NTAccount -ArgumentList ($object) - $FileSystemAccessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList ($Account, $FileSystemRights, $InheritanceFlag, $PropagationFlag, $AccessControlType) - $DirectorySecurity = Get-Acl -Path $path $DirectorySecurity.RemoveAccessRuleAll($FileSystemAccessRule) Set-Acl -Path $path -AclObject $DirectorySecurity } Catch { Write-Error -Message 'Error when revoking NTFS permissions' throw - } - } + } #end Try-Catch + } #end Process + End { - Write-Verbose -Message ('The User/Group {0} was removed {1} from folder {2}.' -f $object, $permission, $path) - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'removing User/Group from folder.' + ) + Write-Verbose -Message $txt + } #end End +} #end Function diff --git a/Public/Set-AdAclDelegateComputerAdmin.ps1 b/Public/Set-AdAclDelegateComputerAdmin.ps1 index e18f52e..b60f489 100644 --- a/Public/Set-AdAclDelegateComputerAdmin.ps1 +++ b/Public/Set-AdAclDelegateComputerAdmin.ps1 @@ -48,16 +48,22 @@ function Set-AdAclDelegateComputerAdmin { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # PARAM1 STRING for the Delegated Group Name - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Identity of the group getting the delegation, usually a DomainLocal group.', Position = 0)] [ValidateNotNullOrEmpty()] $Group, # PARAM2 Distinguished Name of the OU where given group can read the computer password - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Distinguished Name of the OU where given group will fully manage a computer object', Position = 1)] [ValidateNotNullOrEmpty()] @@ -67,7 +73,9 @@ function Set-AdAclDelegateComputerAdmin { $LDAPpath, # PARAM3 SWITCH If present, the access rule will be removed. - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'If present, the access rule will be removed.', Position = 2)] [ValidateNotNullOrEmpty()] @@ -75,6 +83,7 @@ function Set-AdAclDelegateComputerAdmin { $RemoveRule ) + begin { $error.Clear() @@ -88,8 +97,6 @@ function Set-AdAclDelegateComputerAdmin { ############################## # Module imports - - ############################## # Variables Definition @@ -103,6 +110,7 @@ function Set-AdAclDelegateComputerAdmin { } } #end Begin + Process { # Check if RemoveRule switch is present. @@ -117,95 +125,87 @@ function Set-AdAclDelegateComputerAdmin { try { Set-AdAclCreateDeleteComputer @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating Create/Delete computer permission' } #end Try-Catch # Reset Computer Password try { Set-AdAclResetComputerPassword @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer password reset permission' } #end Try-Catch # Change Computer Password try { Set-AdAclChangeComputerPassword @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating change computer password permission' } #end Try-Catch # Validated write to DNS host name try { Set-AdAclValidateWriteDnsHostName @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer validate write host DNS permission' } #end Try-Catch # Validated write to SPN try { Set-AdAclValidateWriteSPN @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer validate write SPN permission' } #end Try-Catch # Change Computer Account Restriction try { Set-AdAclComputerAccountRestriction @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer account restriction permission' } #end Try-Catch # Change DNS Hostname Info try { Set-AdAclDnsInfo @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer DNS info permission' } #end Try-Catch # Change MS TerminalServices info try { Set-AdAclMsTsGatewayInfo @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer MS TS gateway permission' } #end Try-Catch # Access to BitLocker & TMP info try { Set-AdAclBitLockerTPM @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer Bitlocker & TPM permission' } #end Try-Catch # Grant the right to delete computers from default container. Move Computers try { Set-DeleteOnlyComputer @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating delete computer permission' } #end Try-Catch # Set LAPS try { Set-AdAclLaps -ResetGroup $CurrentGroup -ReadGroup $CurrentGroup -LDAPpath $PSBoundParameters['LDAPpath'] } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating LAPS reset group permission' } #end Try-Catch } #end If + } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished delegating Computer Admin." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'delegating Computer Admin.' + ) + Write-Verbose -Message $txt } #end End + } #end Function diff --git a/Public/Set-AdAclDelegateGalAdmin.ps1 b/Public/Set-AdAclDelegateGalAdmin.ps1 index fb615e7..bfab6b7 100644 --- a/Public/Set-AdAclDelegateGalAdmin.ps1 +++ b/Public/Set-AdAclDelegateGalAdmin.ps1 @@ -37,16 +37,22 @@ function Set-AdAclDelegateGalAdmin { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # PARAM1 STRING for the Delegated Group Name - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Identity of the group getting the delegation, usually a DomainLocal group.', Position = 0)] [ValidateNotNullOrEmpty()] $Group, # PARAM2 Distinguished Name of the OU where given group will manage a User GAL. - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Distinguished Name of the OU where given group will manage a User GAL.', Position = 1)] [ValidateNotNullOrEmpty()] @@ -55,13 +61,16 @@ function Set-AdAclDelegateGalAdmin { $LDAPpath, # PARAM3 SWITCH If present, the access rule will be removed. - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'If present, the access rule will be removed.', Position = 2)] [ValidateNotNullOrEmpty()] [Switch] $RemoveRule ) + begin { $error.Clear() @@ -90,6 +99,7 @@ function Set-AdAclDelegateGalAdmin { } } #end Begin + Process { try { # Check if RemoveRule switch is present. @@ -118,14 +128,16 @@ function Set-AdAclDelegateGalAdmin { Set-AdAclUserEmailInfo @Splat } #end If } catch { - Write-Error -Message 'Error when cleaning OU' + Write-Error -Message 'Error when delegating GAL amin' throw } } #end Process + End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished delegating GAL Admin." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'delegating GAL Admin.' + ) + Write-Verbose -Message $txt } #end End + } #end Function diff --git a/Public/Set-AdAclDelegateUserAdmin.ps1 b/Public/Set-AdAclDelegateUserAdmin.ps1 index 2abaa1d..89f9085 100644 --- a/Public/Set-AdAclDelegateUserAdmin.ps1 +++ b/Public/Set-AdAclDelegateUserAdmin.ps1 @@ -37,17 +37,23 @@ function Set-AdAclDelegateUserAdmin { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + Param ( # PARAM1 STRING for the Delegated Group Name - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Identity of the group getting the delegation, usually a DomainLocal group.', Position = 0)] [ValidateNotNullOrEmpty()] $Group, # PARAM2 Distinguished Name of the OU where given group can read the User password - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Distinguished Name of the OU where given group will fully manage a User object', Position = 1)] [ValidateNotNullOrEmpty()] @@ -56,13 +62,16 @@ function Set-AdAclDelegateUserAdmin { $LDAPpath, # PARAM3 SWITCH If present, the access rule will be removed. - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'If present, the access rule will be removed.', Position = 2)] [ValidateNotNullOrEmpty()] [Switch] $RemoveRule ) + begin { $error.Clear() @@ -76,8 +85,6 @@ function Set-AdAclDelegateUserAdmin { ############################## # Module imports - - ############################## # Variables Definition @@ -89,7 +96,9 @@ function Set-AdAclDelegateUserAdmin { Group = $CurrentGroup LDAPPath = $PSBoundParameters['LDAPpath'] } + } #end Begin + Process { try { # Check if RemoveRule switch is present. @@ -126,9 +135,10 @@ function Set-AdAclDelegateUserAdmin { } #end Try-Catch } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished delegating User Admin." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'delegating User Admin.' + ) + Write-Verbose -Message $txt } #end End + } #end Function diff --git a/Public/Set-AdAclLaps.ps1 b/Public/Set-AdAclLaps.ps1 index 3709ba1..b4718c1 100644 --- a/Public/Set-AdAclLaps.ps1 +++ b/Public/Set-AdAclLaps.ps1 @@ -41,21 +41,27 @@ function Set-AdAclLaps { [CmdletBinding(ConfirmImpact = 'Low')] Param ( # PARAM1 STRING for the Delegated Group Name - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Identity of the group getting being able to READ the password.', Position = 0)] [ValidateNotNullOrEmpty()] $ReadGroup, # PARAM2 STRING for the Delegated Group Name - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Identity of the group getting being able to RESET the password.', Position = 1)] [ValidateNotNullOrEmpty()] $ResetGroup, # PARAM3 Distinguished Name of the OU where given group can read the computer password - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Distinguished Name of the OU where LAPS will apply to computer object', Position = 2)] [ValidateNotNullOrEmpty()] @@ -65,7 +71,9 @@ function Set-AdAclLaps { $LDAPpath, # PARAM4 SWITCH If present, the access rule will be removed. - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'If present, the access rule will be removed.', Position = 3)] [ValidateNotNullOrEmpty()] @@ -124,10 +132,10 @@ function Set-AdAclLaps { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished delegating LAPS Admin." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'delegating LAPS Admin.' + ) + Write-Verbose -Message $txt } #end End } #end Function diff --git a/Public/Start-AdCleanOU.ps1 b/Public/Start-AdCleanOU.ps1 index 33f9690..1db74da 100644 --- a/Public/Start-AdCleanOU.ps1 +++ b/Public/Start-AdCleanOU.ps1 @@ -48,9 +48,13 @@ function Start-AdCleanOU { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] + [OutputType([void])] + param ( #PARAM1 Distinguished name of the OU to be cleaned - [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $true, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Distinguished name of the OU to be cleaned.', Position = 0)] [ValidateNotNullOrEmpty()] @@ -59,14 +63,18 @@ function Start-AdCleanOU { $LDAPpath, #PARAM2 Remove Authenticated Users - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Remove Authenticated Users.', Position = 1)] [switch] $RemoveAuthenticatedUsers, #PARAM3 Remove Unknown SIDs - [Parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, + [Parameter(Mandatory = $false, + ValueFromPipeline = $true, + ValueFromPipelineByPropertyName = $true, HelpMessage = 'Remove Unknown SIDs.', Position = 2)] [switch] @@ -108,80 +116,70 @@ function Start-AdCleanOU { try { Set-AdAclCreateDeleteUser @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating user Create/Delete cleanup permission' } #end Try-Catch # Remove the Account Operators group from ACL to Create/Delete Computers try { Set-AdAclCreateDeleteComputer @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating computer cleanup permission' } #end Try-Catch # Remove the Account Operators group from ACL to Create/Delete Groups try { Set-AdAclCreateDeleteGroup @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating group cleanup permission' } #end Try-Catch # Remove the Account Operators group from ACL to Create/Delete Contacts try { Set-AdAclCreateDeleteContact @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating contact cleanup permission' } #end Try-Catch # Remove the Account Operators group from ACL to Create/Delete inetOrgPerson try { Set-CreateDeleteInetOrgPerson @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating InetOrg cleanup permission' } #end Try-Catch # Remove the Print Operators group from ACL to Create/Delete PrintQueues try { Set-AdAclCreateDeletePrintQueue @Splat } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating PrintQueue Create/Delete cleanup permission' } #end Try-Catch # Remove Pre-Windows 2000 Compatible Access group from Admin-User try { Remove-PreWin2000 -LDAPPath $PSBoundParameters['LDAPPath'] } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating Pre-Win2000 cleanup permission' } #end Try-Catch # Remove Pre-Windows 2000 Access group from OU try { Remove-PreWin2000FromOU -LDAPPath $PSBoundParameters['LDAPPath'] } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating Pre-Win2000 cleanup from OU permission' } #end Try-Catch # Remove ACCOUNT OPERATORS 2000 Access group from OU try { Remove-AccountOperator -LDAPPath $PSBoundParameters['LDAPPath'] } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating AccountOperators cleanup permission' } #end Try-Catch # Remove PRINT OPERATORS 2000 Access group from OU try { Remove-PrintOperator -LDAPPath $PSBoundParameters['LDAPPath'] } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating PrintOperators cleanup permission' } #end Try-Catch If ($PsBoundParameters['RemoveAuthenticatedUsers']) { @@ -189,8 +187,7 @@ function Start-AdCleanOU { try { Remove-AuthUser -LDAPPath $PSBoundParameters['LDAPPath'] } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when delegating Authenticated Users cleanup permission' } #end Try-Catch Write-Verbose -Message 'Removing Authenticated Users' @@ -201,8 +198,7 @@ function Start-AdCleanOU { try { Remove-UnknownSID -LDAPPath $PSBoundParameters['LDAPPath'] -RemoveSID } catch { - ###Get-CurrentErrorToDisplay -CurrentError $error[0] - throw + Write-Error -Message 'Error when removing Unknown SIDs' } #end Try-Catch Write-Verbose -Message 'Remove Un-Resolvable / Unknown SIDs' @@ -212,10 +208,10 @@ function Start-AdCleanOU { } #end Process end { - Write-Verbose -Message('Builtin groups were removed correctly from object {0}.' -f $PSBoundParameters['LDAPPath']) - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'removing Builtin groups.' + ) + Write-Verbose -Message $txt } #end End } #end Function diff --git a/Public/Start-AdDelegatedSite.ps1 b/Public/Start-AdDelegatedSite.ps1 index 4801eab..2754520 100644 --- a/Public/Start-AdDelegatedSite.ps1 +++ b/Public/Start-AdDelegatedSite.ps1 @@ -64,6 +64,8 @@ function Start-AdDelegateSite { http://www.eguibarit.com #> [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium', DefaultParameterSetName = 'ParamOptions')] + [OutputType([void])] + param ( # PARAM1 full path to the configuration.xml file [Parameter(Mandatory = $true, @@ -111,6 +113,7 @@ function Start-AdDelegateSite { [switch] $CreateExchange ) + begin { $error.Clear() @@ -124,16 +127,12 @@ function Start-AdDelegateSite { ############################## # Module imports - - ############################## # Variables Definition Write-Verbose -Message 'Delegate Rights Site Groups' - ################################################################################ - #region Declarations try { # Check if Config.xml file is loaded. If not, proceed to load it. @@ -164,9 +163,6 @@ function Start-AdDelegateSite { # SG_PAWM_T0 - ############################################################################### - #region Get all newly created Groups and store on variable - # Iterate through all Site-DomainLocalGroups child nodes Foreach ($node in $confXML.n.Sites.LG.ChildNodes) { @@ -177,9 +173,6 @@ function Start-AdDelegateSite { New-Variable -Name "$($TempName)" -Value (Get-ADGroup $TempName) -Force } - #endregion - ############################################################################### - # Sites OU Distinguished Name If (-Not (Test-Path -Path variable:ouNameDN)) { @@ -194,83 +187,86 @@ function Start-AdDelegateSite { $OuSiteDefContact = 'OU={0},{1}' -f $confXML.n.Sites.OUs.OuSiteContact.name, $ouNameDN # parameters variable for splatting CMDlets - $parameters = $null + [hashtable]$Splat = [hashtable]::New([StringComparer]::OrdinalIgnoreCase) + + } #end Begin - #endregion - ############################################################################### - } process { - Write-Verbose -Message 'START USER Site Delegation' + ############################################################################### - #region USER Site Administrator Delegation + # USER Site Administrator Delegation + + Write-Verbose -Message ($Constants.NewRegionMessage -f 'USER Site Delegation') $OuSiteDefUser = 'OU={0},{1}' -f $confXML.n.Sites.OUs.OuSiteUser.name, $ouNameDN - $parameters = @{ + $Splat = @{ Group = $SL_PwdRight.SamAccountName LDAPPath = $OuSiteDefUser } # Reset User Password - Set-AdAclResetUserPassword @parameters + Set-AdAclResetUserPassword @Splat #Set-AdAclResetUserPassword -Group $SL_CreateUserRight.SamAccountName -LDAPPath $OuSiteDefUser # Change User Password - Set-AdAclChangeUserPassword @parameters + Set-AdAclChangeUserPassword @Splat # Unlock user account - Set-AdAclUnlockUser @parameters + Set-AdAclUnlockUser @Splat - $parameters = @{ + $Splat = @{ Group = $SL_CreateUserRight.SamAccountName LDAPPath = $OuSiteDefUser } # Create/Delete Users - Set-AdAclCreateDeleteUser @parameters + Set-AdAclCreateDeleteUser @Splat # Enable and/or Disable user right - Set-AdAclEnableDisableUser @parameters + Set-AdAclEnableDisableUser @Splat # Change User Restrictions - Set-AdAclUserAccountRestriction @parameters + Set-AdAclUserAccountRestriction @Splat # Change User Account Logon Info - Set-AdAclUserLogonInfo @parameters + Set-AdAclUserLogonInfo @Splat #### GAL - $parameters = @{ + $Splat = @{ Group = $SL_GALRight.SamAccountName LDAPPath = $OuSiteDefUser } # Change Group Membership - Set-AdAclUserGroupMembership @parameters + Set-AdAclUserGroupMembership @Splat # Change Personal Information - Set-AdAclUserPersonalInfo @parameters + Set-AdAclUserPersonalInfo @Splat # Change Public Information - Set-AdAclUserPublicInfo @parameters + Set-AdAclUserPublicInfo @Splat # Change General Information - Set-AdAclUserGeneralInfo @parameters + Set-AdAclUserGeneralInfo @Splat # Change Web Info - Set-AdAclUserWebInfo @parameters + Set-AdAclUserWebInfo @Splat # Change Email Info - Set-AdAclUserEmailInfo @parameters + Set-AdAclUserEmailInfo @Splat + + + - #endregion USER Site Delegation - ############################################################################### - Write-Verbose -Message 'START COMPUTER Site Delegation' ############################################################################### - #region COMPUTER Site Admin Delegation + # COMPUTER Site Admin Delegation + + Write-Verbose -Message ($Constants.NewRegionMessage -f 'COMPUTER Site Delegation') # Create/Delete Computers Set-AdAclDelegateComputerAdmin -Group $SL_PcRight.SamAccountName -LDAPpath $OuSiteDefComputer -QuarantineDN $PSBoundParameters['QuarantineDN'] @@ -292,13 +288,10 @@ function Start-AdDelegateSite { - - #endregion COMPUTER Site Delegation ############################################################################### + # GROUP Site Admin Delegation - Write-Verbose -Message 'START GROUP Site Delegation' - ############################################################################### - #region GROUP Site Admin Delegation + Write-Verbose -Message ($Constants.NewRegionMessage -f 'GROUP Site Delegation') # Create/Delete Groups Set-AdAclCreateDeleteGroup -Group $SL_GroupRight.SamAccountName -LDAPPath ('OU={0},{1}' -f $confXML.n.Sites.OUs.OuSiteGroup.name, $ouNameDN) @@ -308,47 +301,42 @@ function Start-AdDelegateSite { # Change Group Properties Set-AdAclChangeGroup -Group $SL_GroupRight.SamAccountName -LDAPPath ('OU={0},{1}' -f $confXML.n.Sites.OUs.OuSiteGroup.name, $ouNameDN) - #endregion GROUP Site Delegation - ############################################################################### + + Write-Verbose -Message 'START PRINTQUEUE Site Admin Delegation' ############################################################################### - #region PRINTQUEUE Site Admin Delegation + # PRINTQUEUE Site Admin Delegation # Create/Delete Print Queue Set-AdAclCreateDeletePrintQueue -Group $SL_SiteRight.SamAccountName -LDAPPath ('OU={0},{1}' -f $confXML.n.Sites.OUs.OuSitePrintQueue.name, $ouNameDN) - #endregion PRINTQUEUE Site Admin Delegation - ############################################################################### + Write-Verbose -Message 'START PRINTQUEUE Site GAL Delegation' ############################################################################### - #region PRINTQUEUE Site GAL Delegation + # PRINTQUEUE Site GAL Delegation Set-AdAclChangePrintQueue -Group $SL_GALRight.SamAccountName -LDAPpath ('OU={0},{1}' -f $confXML.n.Sites.OUs.OuSitePrintQueue.name, $ouNameDN) - #endregion PRINTQUEUE Site GAL Delegation - ############################################################################### Write-Verbose -Message 'START VOLUME Site Admin Delegation' ############################################################################### - #region VOLUME Site Admin Delegation + # VOLUME Site Admin Delegation # Create/Delete Volume Set-AdAclCreateDeleteVolume -Group $SL_SiteRight.SamAccountName -LDAPpath ('OU={0},{1}' -f $confXML.n.Sites.OUs.OuSiteShares.name, $ouNameDN) - #endregion VOLUME Site Admin Delegation - ############################################################################### + Write-Verbose -Message 'START VOLUME Site GAL Delegation' ############################################################################### - #region VOLUME Site GAL Delegation + # VOLUME Site GAL Delegation # Change Volume Properties Set-AdAclChangeVolume -Group $SL_GALRight.SamAccountName -LDAPpath ('OU={0},{1}' -f $confXML.n.Sites.OUs.OuSiteShares.name, $ouNameDN) - #endregion VOLUME Site GAL Delegation - ############################################################################### + Write-Verbose -Message 'START Exchange Related delegation' ############################################################################### @@ -409,11 +397,13 @@ function Start-AdDelegateSite { } #endregion Exchange Related delegation ############################################################################### - } + } #end Process + end { - Write-Verbose -Message ('Site delegation was completed succesfully to {0}' -f $PSBoundParameters['ouName']) - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' - } -} + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'Site delegation.' + ) + Write-Verbose -Message $txt + } #end End + +} #end Function diff --git a/Public/Test-IPv4MaskString.ps1 b/Public/Test-IPv4MaskString.ps1 index ccdf2cd..cf5a061 100644 --- a/Public/Test-IPv4MaskString.ps1 +++ b/Public/Test-IPv4MaskString.ps1 @@ -9,7 +9,10 @@ function Test-IPv4MaskString { .EXAMPLE Test-IPv4MaskString -MaskString "255.255.255.0" #> - [CmdletBinding(ConfirmImpact = 'Medium')] + + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] + [OutputType([bool])] + Param ( [Parameter(Mandatory = $false, ValueFromPipeline = $true, @@ -17,7 +20,8 @@ function Test-IPv4MaskString { ValueFromRemainingArguments = $false, HelpMessage = 'Specifies the IPv4 network mask string (e.g., 255.255.255.0)', Position = 1)] - [String] $MaskString + [String] + $MaskString ) Begin { @@ -31,7 +35,6 @@ function Test-IPv4MaskString { ############################## # Module imports - } #end Begin Process { @@ -44,10 +47,10 @@ function Test-IPv4MaskString { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'testing whether an IPv4 network mask string.' + ) + Write-Verbose -Message $txt } #end End } #end Function diff --git a/Public/Test-RegistryValue.ps1 b/Public/Test-RegistryValue.ps1 index 19359a5..2d4c41b 100644 --- a/Public/Test-RegistryValue.ps1 +++ b/Public/Test-RegistryValue.ps1 @@ -27,7 +27,7 @@ function Test-RegistryValue { Eguibar Information Technology S.L. http://www.eguibarit.com #> - [CmdletBinding(ConfirmImpact = 'Low')] + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Low')] [OutputType([Bool])] Param ( @@ -63,10 +63,9 @@ function Test-RegistryValue { ############################## # Module imports - - ############################## # Variables Definition + } #end Begin Process { @@ -79,10 +78,10 @@ function Test-RegistryValue { } #end Process End { - Write-Verbose -Message "Function $($MyInvocation.InvocationName) finished testing registry." - Write-Verbose -Message '' - Write-Verbose -Message '-------------------------------------------------------------------------------' - Write-Verbose -Message '' + $txt = ($Constants.Footer -f $MyInvocation.InvocationName, + 'testing registry.' + ) + Write-Verbose -Message $txt } #end End } #end Function