DSCResources/MSFT_ADForestProperties/en-US/about_ADForestProperties.help.txt
|
.NAME
ADForestProperties .DESCRIPTION The ADForestProperties DSC resource will manage forest wide settings within an Active Directory forest. These include User Principal Name (UPN) suffixes, Service Principal Name (SPN) suffixes and the tombstone lifetime. ## Requirements * Target machine must be running Windows Server 2008 R2 or later. .PARAMETER Credential Write - Instance Specifies the user account credentials to use to perform this task. .PARAMETER ForestName Key - String Specifies the target Active Directory forest for the change. .PARAMETER ServicePrincipalNameSuffix Write - StringArray Specifies the Service Principal Name (SPN) Suffix(es) to be explicitly defined in the forest and replace existing Service Principal Names. Cannot be used with ServicePrincipalNameSuffixToAdd or ServicePrincipalNameSuffixToRemove. .PARAMETER ServicePrincipalNameSuffixToAdd Write - StringArray Specifies the Service Principal Name (SPN) Suffix(es) to be added to the forest. Cannot be used with ServicePrincipalNameSuffix. .PARAMETER ServicePrincipalNameSuffixToRemove Write - StringArray Specifies the Service Principal Name (SPN) Suffix(es) to be removed from the forest. Cannot be used with ServicePrincipalNameSuffix. .PARAMETER TombStoneLifetime Write - SInt32 Specifies the AD Tombstone lifetime which determines how long deleted items exist in Active Directory before they are purged. .PARAMETER UserPrincipalNameSuffix Write - StringArray Specifies the User Principal Name (UPN) Suffix(es) to be explicitly defined in the forest and replace existing User Principal Names. Cannot be used with UserPrincipalNameSuffixToAdd or UserPrincipalNameSuffixToRemove. .PARAMETER UserPrincipalNameSuffixToAdd Write - StringArray Specifies the User Principal Name (UPN) Suffix(es) to be added to the forest. Cannot be used with UserPrincipalNameSuffix. .PARAMETER UserPrincipalNameSuffixToRemove Write - StringArray Specifies the User Principal Name (UPN) Suffix(es) to be removed from the forest. Cannot be used with UserPrincipalNameSuffix. .EXAMPLE 1 This configuration will manage the Service and User Principal name suffixes in the forest by replacing any existing suffixes with the ones specified in the configuration. Configuration ADForestProperties_ReplaceForestProperties_Config { Import-DscResource -ModuleName ActiveDirectoryDsc node 'localhost' { ADForestProperties 'contoso.com' { ForestName = 'contoso.com' UserPrincipalNameSuffix = 'fabrikam.com', 'industry.com' ServicePrincipalNameSuffix = 'corporate.com' } } } .EXAMPLE 2 This configuration will manage the Service and User Principal name suffixes in the forest by adding and removing the desired suffixes. This will not overwrite existing suffixes in the forest. Configuration ADForestProperties_AddRemoveForestProperties_Config { Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { ADForestProperties 'ContosoProperties' { ForestName = 'contoso.com' ServicePrincipalNameSuffixToAdd = 'test.net' ServicePrincipalNameSuffixToRemove = 'test.com' UserPrincipalNameSuffixToAdd = 'cloudapp.net', 'fabrikam.com' UserPrincipalNameSuffixToRemove = 'pester.net' } } } .EXAMPLE 3 This configuration will manage the Tombstone Lifetime setting of the Active Directory forest. Configuration ADForestProperties_TombstoneLifetime_Config { Import-DscResource -ModuleName ActiveDirectoryDsc node localhost { ADForestProperties 'ContosoProperties' { ForestName = 'contoso.com' TombstoneLifetime = 200 } } } |