DSCResources/DSC_CMClientPushSettings/DSC_CMClientPushSettings.psm1

$script:dscResourceCommonPath = Join-Path (Join-Path -Path (Split-Path -Parent -Path (Split-Path -Parent -Path $PsScriptRoot)) -ChildPath Modules) -ChildPath DscResource.Common
$script:configMgrResourcehelper = Join-Path (Join-Path -Path (Split-Path -Parent -Path (Split-Path -Parent -Path $PsScriptRoot)) -ChildPath Modules) -ChildPath ConfigMgrCBDsc.ResourceHelper

Import-Module -Name $script:dscResourceCommonPath
Import-Module -Name $script:configMgrResourcehelper

$script:localizedData = Get-LocalizedData -DefaultUICulture 'en-US'

<#
    .SYNOPSIS
        This will return a hashtable of results.
 
    .PARAMETER SiteCode
        Specifies the SiteCode for the Configuration Manager site.
#>

function Get-TargetResource
{
    [CmdletBinding()]
    [OutputType([System.Collections.Hashtable])]
    param
    (
        [Parameter(Mandatory = $true)]
        [String]
        $SiteCode
    )

    Write-Verbose -Message $script:localizedData.RetrieveSettingValue
    Import-ConfigMgrPowerShellModule -SiteCode $SiteCode
    Set-Location -Path "$($SiteCode):\"

    $deployTo = (Get-CMSiteComponent -SiteCode $SiteCode | Where-Object -FilterScript {$_.ComponentName -eq 'SMS_Discovery_Data_Manager'}).Props

    switch (($deployTo | Where-Object -FilterScript {$_.PropertyName -eq 'Settings'}).Value1)
    {
        'Inactive' { $clientPushStatus = $false }
        'Active'   { $clientPushStatus = $true }
    }

    switch (($deployTo | Where-Object -FilterScript {$_.PropertyName -eq 'Filters'}).Value)
    {
        0 {
            $dcDeploy = $true
            $wkDeploy = $true
            $svDeploy = $true
          }
        1 {
            $dcDeploy = $true
            $wkDeploy = $false
            $svDeploy = $true
          }
        2 {
            $dcDeploy = $false
            $wkDeploy = $true
            $svDeploy = $true
          }
        3 {
            $dcDeploy = $false
            $wkDeploy = $false
            $svDeploy = $true
          }
        4 {
            $dcDeploy = $true
            $wkDeploy = $true
            $svDeploy = $false
          }
        5 {
            $dcDeploy = $true
            $wkDeploy = $false
            $svDeploy = $false
          }
        6 {
            $dcDeploy = $false
            $wkDeploy = $true
            $svDeploy = $false
          }
        7 {
            $dcDeploy = $false
            $wkDeploy = $false
            $svDeploy = $false
          }
    }

    $installProp = ((Get-CMClientPushInstallation -SiteCode $SiteCode).Props | Where-Object -FilterScript {$_.PropertyName -eq 'Advanced Client Command Line'}).Value1

    switch (($deployTo | Where-Object -FilterScript {$_.PropertyName -eq 'AutoInstallSiteSystem'}).Value)
    {
        0 { $siteSystemsDeploy = $false }
        1 { $siteSystemsDeploy = $true }
    }

    [array]$accountsList = (Get-CMClientPushInstallation -SiteCode $SiteCode).PropLists.Values

    return @{
        SiteCode                              = $SiteCode
        EnableAutomaticClientPushInstallation = $clientPushStatus
        EnableSystemTypeConfigurationManager  = $siteSystemsDeploy
        EnableSystemTypeServer                = $svDeploy
        EnableSystemTypeWorkstation           = $wkDeploy
        InstallClientToDomainController       = $dcDeploy
        InstallationProperty                  = $installProp
        Accounts                              = $accountsList
    }
}

<#
    .SYNOPSIS
        This will set the desired state.
 
    .PARAMETER SiteCode
        Specifies the SiteCode for the Configuration Manager site.
 
    .PARAMETER EnableAutomaticClientPushInstallation
        Specifies whether Configuration Manager automatically uses client push for discovered computers.
 
    .PARAMETER EnableSystemTypeConfigurationManager
        Specifies whether Configuration Manager pushes the client software to Configuration Manager site system servers.
 
    .PARAMETER EnableSystemTypeServer
        Specifies whether Configuration Manager pushes the client software to servers.
 
    .PARAMETER EnableSystemTypeWorkstation
        Specifies whether Configuration Manager pushes the client software to workstations.
 
    .PARAMETER InstallClientToDomainController
        Specifies whether to use automatic site-wide client push installation to install the Configuration Manager
        client software on domain controllers.
 
    .PARAMETER InstallationProperty
        Specifies any installation properties to use when installing the Configuration Manager client.
 
    .PARAMETER Accounts
       Specifies an array of accounts to exactly match for use with client push.
 
        If specifying an account the account must already exist in
        Configuration Manager. This can be achieved by using the CMAccounts Resource.
 
    .PARAMETER AccountsToInclude
        Specifies an array of accounts to add for use with client push.
 
    .PARAMETER AccountsToExclude
        Specifies an array of accounts to remove for use with client push.
#>

function Set-TargetResource
{
    [CmdletBinding()]
    param
    (
        [Parameter(Mandatory = $true)]
        [String]
        $SiteCode,

        [Parameter()]
        [Boolean]
        $EnableAutomaticClientPushInstallation,

        [Parameter()]
        [Boolean]
        $EnableSystemTypeConfigurationManager,

        [Parameter()]
        [Boolean]
        $EnableSystemTypeServer,

        [Parameter()]
        [Boolean]
        $EnableSystemTypeWorkstation,

        [Parameter()]
        [Boolean]
        $InstallClientToDomainController,

        [Parameter()]
        [String]
        $InstallationProperty,

        [Parameter()]
        [String[]]
        $Accounts,

        [Parameter()]
        [String[]]
        $AccountsToInclude,

        [Parameter()]
        [String[]]
        $AccountsToExclude
    )

    Import-ConfigMgrPowerShellModule -SiteCode $SiteCode
    Set-Location -Path "$($SiteCode):\"

    try
    {
        $state = Get-TargetResource -SiteCode $SiteCode

        if (-not $PSBoundParameters.ContainsKey('Accounts') -and
            $PSBoundParameters.ContainsKey('AccountsToInclude') -and
            $PSBoundParameters.ContainsKey('AccountsToExclude'))
        {
            foreach ($item in $AccountsToInclude)
            {
                if ($AccountsToExclude -contains $item)
                {
                    throw ($script:localizedData.AccountsInEx -f $item)
                }
            }
        }

        if ($EnableAutomaticClientPushInstallation -eq $true)
        {
            if ($null -eq (Get-CMManagementPoint -SiteCode $SiteCode))
            {
                throw ($script:localizedData.MissingMP -f $SiteCode)
            }
        }

        if ((($PSBoundParameters.EnableAutomaticClientPushInstallation -eq $false) -or
            ([string]::IsNullOrEmpty($PSBoundParameters.EnableAutomaticClientPushInstallation) -and
            $state.EnableAutomaticClientPushInstallation -eq $false)) -and
            ((-not [string]::IsNullOrEmpty($PSBoundParameters.EnableSystemTypeConfigurationManager)) -or
            (-not [string]::IsNullOrEmpty($PSBoundParameters.EnableSystemTypeServer)) -or
            (-not [string]::IsNullOrEmpty($PSBoundParameters.EnableSystemTypeWorkstation))))
        {
            throw $script:localizedData.DisabledSettings
        }

        $eval = @('EnableAutomaticClientPushInstallation','EnableSystemTypeConfigurationManager','EnableSystemTypeServer','EnableSystemTypeWorkstation',
            'InstallClientToDomainController','InstallationProperty')

        foreach ($param in $PSBoundParameters.GetEnumerator())
        {
            if ($eval -contains $param.Key)
            {
                if ($param.Value -ne $state[$param.Key])
                {
                    Write-Verbose -Message ($script:localizedData.ModifySetting -f $param.Key, $param.Value)

                    $buildingParams += @{
                        $param.Key = $param.Value
                    }
                }
            }
        }

        if ($Accounts -or $AccountsToInclude -or $AccountsToExclude)
        {
            $clientPushArray = @{
                Match        = $Accounts
                Include      = $AccountsToInclude
                Exclude      = $AccountsToExclude
                CurrentState = $state.Accounts
            }

            $clientCompare = Compare-MultipleCompares @clientPushArray

            if ($clientCompare.Missing)
            {
                $missingAccount = @()
                foreach ($item in $clientCompare.Missing)
                {
                    if (Get-CMAccount -UserName $item)
                    {
                        Write-Verbose -Message ($script:localizedData.AddingAccount -f $item)
                        $missingAccount += $item
                    }
                    else
                    {
                        $errorMsg += ($script:localizedData.CMAccountMissing -f $item)
                    }
                }
            }

            if ($missingAccount)
            {
                $buildingParams += @{
                    AddAccount = $missingAccount
                }
            }

            if ($clientCompare.Remove)
            {
                Write-Verbose -Message ($script:localizedData.CMAccountExtra -f ($clientCompare.Remove | Out-String))
                $buildingParams += @{
                    RemoveAccount = $clientCompare.Remove
                }
            }
        }

        if ($buildingParams)
        {
            Set-CMClientPushInstallation -SiteCode $SiteCode @buildingParams
        }

        if ($errorMsg)
        {
            throw ($errorMsg | Out-String)
        }
    }
    catch
    {
        throw $_
    }
    finally
    {
        Set-Location -Path "$env:temp"
    }
}

<#
    .SYNOPSIS
        This will test the desired state.
 
    .PARAMETER SiteCode
        Specifies the SiteCode for the Configuration Manager site.
 
    .PARAMETER EnableAutomaticClientPushInstallation
        Specifies whether Configuration Manager automatically uses client push for discovered computers.
 
    .PARAMETER EnableSystemTypeConfigurationManager
        Specifies whether Configuration Manager pushes the client software to Configuration Manager site system servers.
 
    .PARAMETER EnableSystemTypeServer
        Specifies whether Configuration Manager pushes the client software to servers.
 
    .PARAMETER EnableSystemTypeWorkstation
        Specifies whether Configuration Manager pushes the client software to workstations.
 
    .PARAMETER InstallClientToDomainController
        Specifies whether to use automatic site-wide client push installation to install the Configuration Manager
        client software on domain controllers.
 
    .PARAMETER InstallationProperty
        Specifies any installation properties to use when installing the Configuration Manager client.
 
    .PARAMETER Accounts
        Specifies an array of accounts to exactly match for use with client push.
 
        If specifying an account the account must already exist in
        Configuration Manager. This can be achieved by using the CMAccounts Resource.
 
    .PARAMETER AccountsToInclude
        Specifies an array of accounts to add for use with client push.
 
    .PARAMETER AccountsToExclude
        Specifies an array of accounts to remove for use with client push.
#>

function Test-TargetResource
{
    [CmdletBinding()]
    param
    (
        [Parameter(Mandatory = $true)]
        [String]
        $SiteCode,

        [Parameter()]
        [Boolean]
        $EnableAutomaticClientPushInstallation,

        [Parameter()]
        [Boolean]
        $EnableSystemTypeConfigurationManager,

        [Parameter()]
        [Boolean]
        $EnableSystemTypeServer,

        [Parameter()]
        [Boolean]
        $EnableSystemTypeWorkstation,

        [Parameter()]
        [Boolean]
        $InstallClientToDomainController,

        [Parameter()]
        [String]
        $InstallationProperty,

        [Parameter()]
        [String[]]
        $Accounts,

        [Parameter()]
        [String[]]
        $AccountsToInclude,

        [Parameter()]
        [String[]]
        $AccountsToExclude
    )

    Import-ConfigMgrPowerShellModule -SiteCode $SiteCode
    Set-Location -Path "$($SiteCode):\"
    $state = Get-TargetResource -SiteCode $SiteCode
    $result = $true

    if ($PSBoundParameters.ContainsKey('Accounts'))
    {
        if ($PSBoundParameters.ContainsKey('AccountsToInclude') -or
            $PSBoundParameters.ContainsKey('AccountsToExclude'))
        {
            Write-Warning -Message $script:localizedData.AccountsIgnore
        }
    }
    elseif (-not $PSBoundParameters.ContainsKey('Accounts') -and
        $PSBoundParameters.ContainsKey('AccountsToInclude') -and
        $PSBoundParameters.ContainsKey('AccountsToExclude'))
    {
        foreach ($item in $AccountsToInclude)
        {
            if ($AccountsToExclude -contains $item)
            {
                Write-Warning -Message ($script:localizedData.AccountsInEx -f $item)
                $result = $false
            }
        }
    }

    if ((($PSBoundParameters.EnableAutomaticClientPushInstallation -eq $false) -or
        ([string]::IsNullOrEmpty($PSBoundParameters.EnableAutomaticClientPushInstallation) -and
        $state.EnableAutomaticClientPushInstallation -eq $false)) -and
        ((-not [string]::IsNullOrEmpty($PSBoundParameters.EnableSystemTypeConfigurationManager)) -or
        (-not [string]::IsNullOrEmpty($PSBoundParameters.EnableSystemTypeServer)) -or
        (-not [string]::IsNullOrEmpty($PSBoundParameters.EnableSystemTypeWorkstation))))
    {
        Write-Warning -Message $script:localizedData.DisabledSettings
    }

    $testParams = @{
        CurrentValues = $state
        DesiredValues = $PSBoundParameters
        ValuesToCheck = @('EnableAutomaticClientPushInstallation','EnableSystemTypeConfigurationManager','EnableSystemTypeServer',
            'EnableSystemTypeWorkstation','InstallClientToDomainController','InstallationProperty')
    }

    $result = Test-DscParameterState @testParams -Verbose

    if ($Accounts -or $AccountsToInclude -or $AccountsToExclude)
    {
        $clientPushArray = @{
            Match        = $Accounts
            Include      = $AccountsToInclude
            Exclude      = $AccountsToExclude
            CurrentState = $state.Accounts
        }

        $clientCompare = Compare-MultipleCompares @clientPushArray

        if ($clientCompare.Missing)
        {
            Write-Verbose -Message ($script:localizedData.AccountsMissing -f ($clientCompare.Missing | Out-String))
            $result = $false
        }

        if ($clientCompare.Remove)
        {
            Write-Verbose -Message ($script:localizedData.AccountsExtra -f ($clientCompare.Remove | Out-String))
            $result = $false
        }
    }

    Write-Verbose -Message ($script:localizedData.TestState -f $result)
    Set-Location -Path "$env:temp"
    return $result
}

Export-ModuleMember -Function *-TargetResource