Examples/Resources/AdfsFarm/2-AdfsFarm_gMSA-WID_Config.ps1
|
<#PSScriptInfo
.VERSION 1.0.0 .GUID e5ff26fc-ec8f-45b4-babc-532a39074e83 .AUTHOR Microsoft Corporation .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration .LICENSEURI https://github.com/X-Guardian/AdfsDsc/blob/master/LICENSE .PROJECTURI https://github.com/X-Guardian/AdfsDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS .EXTERNALSCRIPTDEPENDENCIES .RELEASENOTES First version. .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> #Requires -module AdfsDsc <# .DESCRIPTION This configuration will create the first node in an Active Directory Federation Services (AD FS) server farm using the Windows Internal Database (WID) on the local server computer. The certificate with the specified thumbprint will be used as the SSL certificate and the service communications certificate. Automatically generated, self-signed certificates will be used for the token signing and token decryption certificates. The group Managed Service Account specified in the GroupServiceAccountIdentifier parameter will be used for the service account. #> Configuration AdfsFarm_gMSA-WID_Config { Param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] $DomainAdminCredential ) Import-DscResource -ModuleName PSDesiredStateConfiguration Import-DscResource -ModuleName AdfsDsc Node localhost { WindowsFeature InstallAdfs { Name = 'ADFS-Federation' } AdfsFarm Contoso { FederationServiceName = 'fs.corp.contoso.com' FederationServiceDisplayName = 'Contoso ADFS Service' CertificateThumbprint = '8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed' GroupServiceAccountIdentifier = 'contoso\adfsgmsa$' Credential = $DomainAdminCredential } } } |