Examples/Resources/AdfsFarm/3-AdfsFarm_gMSA-SQL-Integrated_Config.ps1
|
<#PSScriptInfo
.VERSION 1.0.0 .GUID e5ff26fc-ec8f-45b4-babc-532a39074e83 .AUTHOR Microsoft Corporation .COMPANYNAME Microsoft Corporation .COPYRIGHT (c) Microsoft Corporation. All rights reserved. .TAGS DSCConfiguration .LICENSEURI https://github.com/X-Guardian/AdfsDsc/blob/master/LICENSE .PROJECTURI https://github.com/X-Guardian/AdfsDsc .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS .EXTERNALSCRIPTDEPENDENCIES .RELEASENOTES First version. .PRIVATEDATA 2016-Datacenter,2016-Datacenter-Server-Core #> #Requires -module AdfsDsc <# .DESCRIPTION This configuration will create the first node in an Active Directory Federation Services (AD FS) server farm using using a Microsoft SQL Server database on a remote computer named sql01.contoso.com using Windows Authentication. The certificate with the specified thumbprint will be used as the SSL certificate and the service communications certificate. Automatically generated, self-signed certificates will be used for the token signing and token decryption certificates. The group Managed Service Account specified in the GroupServiceAccountIdentifier parameter will be used for the service account. #> Configuration AdfsFarm_gMSA-SQL-Integrated_Config { Param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [System.Management.Automation.PSCredential] $DomainAdminCredential ) Import-DscResource -ModuleName AdfsDsc Node localhost { WindowsFeature InstallAdfs { Name = 'ADFS-Federation' } AdfsFarm Contoso { FederationServiceName = 'fs.corp.contoso.com' FederationServiceDisplayName = 'Contoso ADFS Service' CertificateThumbprint = '8169c52b4ec6e77eb2ae17f028fe5da4e35c0bed' GroupServiceAccountIdentifier = 'contoso\adfsgmsa$' SQLConnectionString = 'Data Source=sql01.contoso.com;Integrated Security=True' Credential = $DomainAdminCredential } } } |