DSCResources/MSFT_ADDomainFunctionalLevel/MSFT_ADDomainFunctionalLevel.psm1
$script:resourceModulePath = Split-Path -Path (Split-Path -Path $PSScriptRoot -Parent) -Parent $script:modulesFolderPath = Join-Path -Path $script:resourceModulePath -ChildPath 'Modules' $script:localizationModulePath = Join-Path -Path $script:modulesFolderPath -ChildPath 'ActiveDirectoryDsc.Common' Import-Module -Name (Join-Path -Path $script:localizationModulePath -ChildPath 'ActiveDirectoryDsc.Common.psm1') $script:localizedData = Get-LocalizedData -ResourceName 'MSFT_ADDomainFunctionalLevel' <# .SYNOPSIS Returns the current functional level of the domain. .PARAMETER DomainIdentity Specifies the Active Directory domain to modify. You can identify a domain by its distinguished name, GUID, security identifier, DNS domain name, or NetBIOS domain name. .PARAMETER DomainMode Specifies the functional level for the Active Directory domain. Not used in Get-TargetResource. #> function Get-TargetResource { [CmdletBinding()] [OutputType([System.Collections.Hashtable])] param ( [Parameter(Mandatory = $true)] [System.String] $DomainIdentity, [Parameter(Mandatory = $true)] [ValidateSet('Windows2008R2Domain', 'Windows2012Domain', 'Windows2012R2Domain', 'Windows2016Domain')] [System.String] $DomainMode ) Write-Verbose -Message ( $script:localizedData.RetrievingDomainMode -f $DomainIdentity ) $getTargetResourceReturnValue = @{ DomainIdentity = $DomainIdentity DomainMode = $null } $domainObject = Get-ADDomain -Identity $DomainIdentity -ErrorAction 'Stop' $getTargetResourceReturnValue['DomainMode'] = $domainObject.DomainMode return $getTargetResourceReturnValue } <# .SYNOPSIS Determines if the functional level is in the desired state. .PARAMETER DomainIdentity Specifies the Active Directory domain to modify. You can identify a domain by its distinguished name, GUID, security identifier, DNS domain name, or NetBIOS domain name. .PARAMETER DomainMode Specifies the functional level for the Active Directory domain. #> function Test-TargetResource { [CmdletBinding()] [OutputType([System.Boolean])] param ( [Parameter(Mandatory = $true)] [System.String] $DomainIdentity, [Parameter(Mandatory = $true)] [ValidateSet('Windows2008R2Domain', 'Windows2012Domain', 'Windows2012R2Domain', 'Windows2016Domain')] [System.String] $DomainMode ) Write-Verbose -Message ( $script:localizedData.TestConfiguration -f $DomainIdentity ) $compareTargetResourceStateResult = Compare-TargetResourceState @PSBoundParameters if ($false -in $compareTargetResourceStateResult.InDesiredState) { Write-Verbose -Message $script:localizedData.LevelNotInDesiredState $testTargetResourceReturnValue = $false } else { Write-Verbose -Message $script:localizedData.LevelInDesiredState $testTargetResourceReturnValue = $true } return $testTargetResourceReturnValue } <# .SYNOPSIS Sets the functional level on the Active Directory domain. .PARAMETER DomainIdentity Specifies the Active Directory domain to modify. You can identify a domain by its distinguished name, GUID, security identifier, DNS domain name, or NetBIOS domain name. .PARAMETER DomainMode Specifies the functional level for the Active Directory domain. #> function Set-TargetResource { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [System.String] $DomainIdentity, [Parameter(Mandatory = $true)] [ValidateSet('Windows2008R2Domain', 'Windows2012Domain', 'Windows2012R2Domain', 'Windows2016Domain')] [System.String] $DomainMode ) $compareTargetResourceStateResult = Compare-TargetResourceState @PSBoundParameters # Get all properties that are not in desired state. $propertiesNotInDesiredState = $compareTargetResourceStateResult | Where-Object -FilterScript { -not $_.InDesiredState } $domainModeProperty = $propertiesNotInDesiredState.Where( { $_.ParameterName -eq 'DomainMode' }) if ($domainModeProperty) { Write-Verbose -Message ( $script:localizedData.DomainModeUpdating -f $domainModeProperty.Actual, $DomainMode ) $setADDomainModeParameters = @{ Identity = $DomainIdentity DomainMode = [Microsoft.ActiveDirectory.Management.ADDomainMode]::$DomainMode Confirm = $false } Set-ADDomainMode @setADDomainModeParameters } } <# .SYNOPSIS Compares the properties in the current state with the properties of the desired state and returns a hashtable with the comparison result. .PARAMETER DomainIdentity Specifies the Active Directory domain to modify. You can identify a domain by its distinguished name, GUID, security identifier, DNS domain name, or NetBIOS domain name. .PARAMETER DomainMode Specifies the functional level for the Active Directory domain. #> function Compare-TargetResourceState { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [System.String] $DomainIdentity, [Parameter(Mandatory = $true)] [ValidateSet('Windows2008R2Domain', 'Windows2012Domain', 'Windows2012R2Domain', 'Windows2016Domain')] [System.String] $DomainMode ) $getTargetResourceResult = Get-TargetResource @PSBoundParameters $compareTargetResourceStateParameters = @{ CurrentValues = $getTargetResourceResult DesiredValues = $PSBoundParameters Properties = @('DomainMode') } return Compare-ResourcePropertyState @compareTargetResourceStateParameters } |