
    Add's ACLs to a folder.
    Adds the acl to the specified folder - will also attempt to repair cannonical ordering issue
    .PARAMETER FolderPath
    Folder to set ACLs on.
    User to grant permission to.
    .PARAMETER Permission
    Permission to add
    Add-AclFolder -Folder ".\test" -User "hqcatalyst\dev.test" -Permission "Read"

function Add-AclFolder {
            if (!(Test-Path $_ -PathType Container)) {
                Write-DosMessage -Level "Fatal" -Message "FolderPath either $_ does not exist or is not a folder. Please enter valid folder path."
            else {
        [string] $FolderPath,
        [string] $User,
        [ValidateSet("Read", "Write")]
        [string] $Permission

    Write-DosMessage -Level "Verbose" -Message "Adding ACL to give $Permission to $User on folder $FolderPath"
    $directoryAcl = (Get-Item $FolderPath).GetAccessControl("Access")
    $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($User, $Permission, "ContainerInherit,ObjectInherit", "None", "Allow")

    catch [System.InvalidOperationException]{
        Write-DosMessage -Level "Warning" -Message "Error attempting to add ACL to list on $FolderPath, attempting to repair"
        Repair-AclCanonicalOrder -Acl $directoryAcl -Path $FolderPath

        Write-DosMessage -Level "Verbose" -Message "Adding ACL to give $Permission to $User on folder $FolderPath"
        Set-Acl -Path $FolderPath $directoryAcl
    catch [System.InvalidOperationException]{
        Write-DosMessage -Level "Warning" -Message "Error attempting to add ACL to $FolderPath, attempting to repair"
        Repair-AclCanonicalOrder -Acl $directoryAcl -Path $FolderPath
        Set-Acl -Path $FolderPath $directoryAcl


function Assert-DependencySemVerRequirementsMet {
    param (

    $allDependenciesMet = $true

    foreach ($dependency in $CurrentDependencies ) {
        $installedDependencyBuildNumber = ($DiscoveryServiceEntries | Where-Object { $_.ServiceName -eq $dependency.serviceName }).BuildNumber

        $s1 = [SemVer]::New($installedDependencyBuildNumber)
        $s2 = [SemVer]::New($dependency.serviceBuildVersion)

        $dependencyMet = Assert-SatisfiesSemVer -SemVer1 $s1 -SemVer2 $s2
        if (!$dependencyMet) {
            Write-DosMessage -Level "Warning" -Message "$($dependency.serviceName) dependency not met. Expected $($dependency.serviceBuildVersion), existing $($installedDependencyBuildNumber)"
            $allDependenciesMet = $false
        else {
            Write-DosMessage -Level "Information" -Message "$($dependency.serviceName) dependency met. Expected $($dependency.serviceBuildVersion), existing $($installedDependencyBuildNumber)"

    return $allDependenciesMet

function Get-PossibleConstraints {
    return @('~', '^', '=', 'v', '>', '<', '>=', '<=')

function Compare-Numbers {
    param (

    if ([int]$A -eq [int]$B) { return 0 }
    elseif ([int]$A -lt [int]$B) { return -1 }
    else { return 1 }

enum VersionIdentifier {

class SemVer {

    ) {

    [void]Parse([string]$Version) {
        $possibleOperators = Get-PossibleConstraints
        $splitVersion = @()

        if ($Version[0] -in $possibleOperators) {
            $versionSubstring = ""
            if (($Version[0] -eq '<') -or ($Version[0] -eq '>') -and ($Version[1] -eq '=')) {
                $this.Constraint = "$($Version[0])$($Version[1])"
                $versionSubstring = $Version.Substring(2, $Version.length - 2)
            else {
                $this.Constraint = $Version[0]
                $versionSubstring = $Version.Substring(1, $Version.length - 1)

            $splitVersion = $versionSubstring.split('.')
        else {
            $splitVersion = $Version.split('.')
        if ($null -ne $splitVersion[0]) {
            $this.Major = "$($splitVersion[0])"
        if ($null -ne $splitVersion[1]) {
            $this.Minor = "$($splitVersion[1])"
        if ($null -ne $splitVersion[2]) {
            $this.Patch = "$($splitVersion[2])"

    [int]Compare([SemVer] $other) {
        if (Compare-Numbers -A $this.Major -B $other.Major) {
            return Compare-Numbers -A $this.Major -B $other.Major
        elseif (Compare-Numbers -A $this.Minor -B $other.Minor) {
            return Compare-Numbers -A $this.Minor -B $other.Minor
        else {
            return Compare-Numbers -A $this.Patch -B $other.Patch

    [string]ToString() {
        return "$($this.Major).$($this.Minor).$($this.Patch)"

    [void]Increment([VersionIdentifier] $Identifier) {
        switch ($Identifier) {
            Major {
                # 1.2.3 -> 2.0.0
                $this.Major = (+$this.Major + 1).ToString()
                $this.Minor = "0"
                $this.Patch = "0"
            Minor {
                # 1.2.3 -> 1.3.0
                $this.Minor = (+$this.Minor + 1).ToString()
                $this.Patch = "0"
            Patch {
                # 1.2.3 -> 1.2.4
                $this.Patch = (+$this.Patch + 1).ToString()

function Assert-Equal {
    param (

    # $SemVer2
    # 1 >=1.0.0 <2.0.0
    # 1.0 >=1.0.0 <1.1.0.
    # 1.0.0 1.0.0 exact

    $lessThanSemVer = [SemVer]::new($SemVer2.ToString())

    if ($SemVer2.Patch) {
        return $SemVer1.Compare($SemVer2) -eq 0 
    elseif ($SemVer2.Minor) {
    else {

    return (Assert-GreaterThanEqual $SemVer1 $SemVer2) -and (Assert-LessThan $SemVer1 $lessThanSemVer)

function Assert-LessThan {
    param (

    return $SemVer1.Compare($SemVer2) -lt 0

function Assert-LessThanEqual {
    param (

    $lteSemVer = [SemVer]::new($SemVer2.ToString())

    if ($SemVer2.Patch) {
        return $SemVer1.Compare($SemVer2) -le 0
    elseif ($SemVer2.Minor) {
    else {

    return $SemVer1.Compare($lteSemVer) -lt 0

function Assert-GreaterThan {
    param (

    $gtSemVer = [SemVer]::new($SemVer2.ToString())

    if ($SemVer2.Patch) {
        return $SemVer1.Compare($SemVer2) -gt 0
    elseif ($SemVer2.Minor) {
    else {

    return $SemVer1.Compare($gtSemVer) -ge 0

function Assert-GreaterThanEqual {
    param (

    return $SemVer1.Compare($SemVer2) -ge 0

function Assert-TildeConstraint {
    param (

    # $SemVer2
    # ~1: >=1.0.0 <2.0.0.
    # ~1.1: >=1.1.0 <1.2.0.
    # ~1.1.1: >=1.1.1 <1.2.0.

    $lessThanSemVer = [SemVer]::new($SemVer2.ToString())

    if ($SemVer2.Patch -or $SemVer2.Minor) {
        # ~1.1.1: >=1.1.1 <1.2.0.
        # ~1.1: >=1.1.0 <1.2.0.
    else {
        # ~1: >=1.0.0 <2.0.0.

    return (Assert-GreaterThanEqual $SemVer1 $SemVer2) -and (Assert-LessThan $SemVer1 $lessThanSemVer)

function Assert-CaretConstraint {
    param (

    # $SemVer2
    # ^1 >=1.0.0 <2.0.0
    # ^1.1 >=1.1.0 <2.0.0
    # ^1.1.1 >=1.1.1 <2.0.0

    # ^0 >=0.0.0 <1.0.0
    # ^0.0 >=0.0.0 <0.1.0
    # ^0.0.0 >=0.0.0 <0.0.1

    $lessThanSemVer = [SemVer]::new($SemVer2.ToString())

    if (($SemVer2.Patch -eq 0) -and ($SemVer2.Minor -eq 0) -and ($SemVer2.Major -eq 0)) {
        # ^0.0.0 >=0.0.0 <0.0.1
    elseif (($SemVer2.Minor -eq 0) -and ($SemVer2.Major -eq 0)) {
        # ^0.0 >=0.0.0 <0.1.0
    else {
        # ^1 >=1.0.0 <2.0.0
        # ^0 >=0.0.0 <1.0.0

    return (Assert-GreaterThanEqual $SemVer1 $SemVer2) -and (Assert-LessThan $SemVer1 $lessThanSemVer)

function Assert-XRangeConstraint {
    param (

    # $SemVer2
    # * any
    # 1.* >=1.0.0 <2.0.0
    # 1.1.* >=1.1.0 <1.2.0

    $lessThanSemVer = [SemVer]::new($SemVer2.ToString())
    $semVer2ReplaceStar = [SemVer]::new($SemVer2.ToString())

    if ($SemVer2.Patch -eq '*') {
        # 1.1.* >=1.1.0 <1.2.0
        $semVer2ReplaceStar.Patch = "0"
    elseif ($SemVer2.Minor -eq '*') {
        # 1.* >=1.0.0 <2.0.0
        $semVer2ReplaceStar.Patch = "0"
        $semVer2ReplaceStar.Minor = "0"
    else {
        # *
        return $true

    return (Assert-GreaterThanEqual $SemVer1 $semVer2ReplaceStar) -and (Assert-LessThan $SemVer1 $lessThanSemVer)

function Assert-SatisfiesSemVer {
    param (

    if ($SemVer2.Constraint) {
        Switch ($SemVer2.Constraint) {
            '=' {
                return Assert-Equal -SemVer1 $SemVer1 -SemVer2 $SemVer2
            'v' {
                return Assert-Equal -SemVer1 $SemVer1 -SemVer2 $SemVer2
            '<' {
                return Assert-LessThan -SemVer1 $SemVer1 -SemVer2 $SemVer2
            '<=' {
                return Assert-LessThanEqual -SemVer1 $SemVer1 -SemVer2 $SemVer2
            '>' {
                return Assert-GreaterThan -SemVer1 $SemVer1 -SemVer2 $SemVer2
            '>=' {
                return Assert-GreaterThanEqual -SemVer1 $SemVer1 -SemVer2 $SemVer2
            '~' {
                return Assert-TildeConstraint -SemVer1 $SemVer1 -SemVer2 $SemVer2
            '^' {
                return Assert-CaretConstraint -SemVer1 $SemVer1 -SemVer2 $SemVer2

    if (($SemVer2.Major -eq '*') -or ($SemVer2.Minor -eq '*') -or ($SemVer2.Patch -eq '*')) {
        return Assert-XRangeConstraint -SemVer1 $SemVer1 -SemVer2 $SemVer2

    return Assert-Equal -SemVer1 $SemVer1 -SemVer2 $SemVer2

    Validates ConfigStore object to be sure configuration values will be returned accuratelly and appropriately.
    Checks if config store object properties are provided with valid values.
    .PARAMETER ConfigStore
    Accepts a powershell hashtable or dictionary with key value pairs following the example, $configStore = @{Type = "File"; Format = "XML"; Path = "C:\Path\To\File"}.
    Confirm-ConfigStore -ConfigStore $configHashtable

function Confirm-ConfigStore {
        [hashtable] $ConfigStore

    Write-DosMessage -Level "Debug" -Message "Validating Config Store object."

    $isValid = $true

    $isValid = Confirm-GenericConfigStore -ConfigStore $ConfigStore

    if ($ConfigStore.Type -eq "File") {
        $isValid = Confirm-FileConfigStore -ConfigStore $ConfigStore

    if ($ConfigStore.Type -eq "External") {
        $isValid = Confirm-ExternalConfigStore -ConfigStore $ConfigStore

    if ($isValid -eq $true) {
        Write-DosMessage -Level "Debug" -Message "Config Store is valid."
    return $isValid

function Confirm-GenericConfigStore {
    param (

    $isValid = $true

    $validConfigTypes = @("File", "External")

    if (!($validConfigTypes -contains $ConfigStore.Type)){
        Write-DosMessage -Level "Warning" -Message "$($ConfigStore.Type) is not a supported configuration type. Supported types include, $validConfigTypes"
        $isValid = $false

    $validConfigFormats = @("XML", "AzureTable")

    if (!($validConfigFormats -contains $ConfigStore.Format)){
        Write-DosMessage -Level "Warning" -Message "$($ConfigStore.Format) is not a supported configuration format. Supported formats include, $validConfigFormats"
        $isValid = $false

    if ([string]::IsNullOrEmpty($ConfigStore.Type)){
        Write-DosMessage -Level "Warning" -Message "ConfigStore 'Type' attribute is missing. Please provide a valid value."
        $isValid = $false

    if ([string]::IsNullOrEmpty($ConfigStore.Format)){
        Write-DosMessage -Level "Warning" -Message "ConfigStore 'Format' attribute is missing. Please provide a valid value."
        $isValid = $false

    return $isValid

function Confirm-FileConfigStore {
    param (

    $isValid = $true
    $validFileConfigFormats = @("XML")

    if (!($validFileConfigFormats -contains $ConfigStore.Format)){
        Write-DosMessage -Level "Warning" -Message "$($ConfigStore.Format) is not a supported 'File' type configuration format. Supported formats include, $validFileConfigFormats"
        $isValid = $false

    if ([string]::IsNullOrEmpty($ConfigStore.Path)){
        Write-DosMessage -Level "Warning" -Message "ConfigStore 'Path' attribute cannot be empty when ConfigStore type is 'File'. Please provide an appropriate path."
        $isValid = $false

    if (![string]::IsNullOrEmpty($ConfigStore.Path) -and !(Test-Path $ConfigStore.Path)){
        Write-DosMessage -Level "Warning" -Message "Path $($ConfigStore.Path) does not exist or user does not have access. Please enter a valid path in the ConfigStore object."
        $isValid = $false

    if (![string]::IsNullOrEmpty($ConfigStore.Path) -and !(Test-Path $ConfigStore.Path -PathType Leaf)){
        Write-DosMessage -Level "Warning" -Message "Path $($ConfigStore.Path) is not a file. Please enter a valid path in the ConfigStore object."
        $isValid = $false

    return $isValid

function Confirm-ExternalConfigStore {
    param (

    $isValid = $true
    $validExternalConfigFormats = @("AzureTable")

    if (!($validExternalConfigFormats -contains $ConfigStore.Format)){
        Write-DosMessage -Level "Warning" -Message "$($ConfigStore.Format) is not a supported 'External' type configuration format. Supported formats include, $validFileConfigFormats"
        $isValid = $false

    if ([string]::IsNullOrEmpty($ConfigStore.Uri)){
        Write-DosMessage -Level "Warning" -Message "ConfigStore 'Uri' attribute cannot be empty when ConfigStore type is 'External'. Please provide an appropriate Uri."
        $isValid = $false

    return $isValid

function Confirm-IsBoolean {
    param (
        [Parameter(Mandatory = $true)]
        [string] $name,
        [Parameter(Mandatory = $true)]
        [string] $type,
    $result = @{check = "IsBoolean"; name = $name; type = $type; value = $value }

    if ($value -isnot [boolean]) {
        $result.Add("errorFlag", 1)
        $result.Add("level", "Fatal")
        $result.Add("message", "You must specify a valid boolean value (ex: `$true or `$false) for the ""$name"" configuration.")
    else {
        $result.Add("errorFlag", 0)
    return (New-CheckResult @result)

function Confirm-IsNotNull {
    param (
        [Parameter(Mandatory = $true)]
        [string] $name,
        [Parameter(Mandatory = $true)]
        [string] $type,
    $result = @{check = "IsNotNull"; name = $name; type = $type; value = $value}

    if ([string]::IsNullOrEmpty($value)) {
        $result.Add("errorFlag", 1)
        $result.Add("level", "Fatal")
        $result.Add("message", "A null or empty ""$name"" value was found as a configuration.")
    else {
        $result.Add("errorFlag", 0)
    return (New-CheckResult @result)

function Confirm-IsValidConnection {
    param (
        [Parameter(Mandatory = $true)]
        [string] $name,
        [Parameter(Mandatory = $true)]
        [string] $type,
    $result = @{check = "IsValidConnection"; name = $name; type = $type; value = $value}

    if ($value -is [Hashtable] -and $value.ContainsKey("sqlConnection") -and $value.ContainsKey("sqlTestCommand")) {
        # confirm string is a valid
        try {
            $connection = New-Object System.Data.SqlClient.SQLConnection($value.sqlConnection)
            # confirm access to connection
            try {
                try {
                    $command = New-Object System.Data.SqlClient.SqlCommand($value.sqlTestCommand, $connection)
                    $out = $command.ExecuteReader()
                    if (($out | Measure-Object).Count -eq 0) {
                    $result.Add("errorFlag", 0)
                catch {
                    $result.Add("errorFlag", 1)
                    $result.Add("level", "Fatal")
                    $result.Add("message", "Test sql command failed '$($value.sqlTestCommand)' please check database connection settings.")
            catch {
                $result.Add("errorFlag", 1)
                $result.Add("level", "Fatal")
                $result.Add("message", "Could not connect to '$($value.sqlConnection)' please check database connection settings.")
            finally {
        catch {
            $result.Add("errorFlag", 1)
            $result.Add("level", "Fatal")
            $result.Add("message", "Invalid connection string '$($value.sqlConnection)'.")
    else {
        $result.Add("errorFlag", 1)
        $result.Add("level", "Fatal")
        $result.Add("message", "Valid connection string requires a hashtable with both sqlConnection and sqlTestCommand keys (example: connection = @{sqlConnection=""Data Source=<server>;Initial Catalog=<database>;Integrated Security=True;"";sqlTestCommand=""SELECT <test> FROM <schema><table>""}")
    return (New-CheckResult @result)

function Confirm-IsValidDir {
    param (
        [Parameter(Mandatory = $true)]
        [string] $name,
        [Parameter(Mandatory = $true)]
        [string] $type,
        [string] $value
    $result = @{check = "IsValidDir"; name = $name; type = $type; value = $value }

    if (!(Test-Path (Split-Path $value -Parent))) {
        $result.Add("errorFlag", 1)
        $result.Add("level", "Fatal")
        $result.Add("message", """$value"" does not have a valid directory. Please specify a valid directory for the ""$name"" configuration")
    else {
        $result.Add("errorFlag", 0)
    return (New-CheckResult @result)

function Confirm-IsValidEndpoint {
    param (
        [Parameter(Mandatory = $true)]
        [string] $name,
        [Parameter(Mandatory = $true)]
        [string] $type,
    $result = @{check = "IsValidEndpoint"; name = $name; type = $type; value = $value }

    try {
        Invoke-WebRequest -Uri $value -Method GET -UseDefaultCredentials -UseBasicParsing
        $result.Add("errorFlag", 0)
    catch [System.Net.WebException] {
        $result.Add("errorFlag", 1)
        $result.Add("level", "Fatal")
        $result.Add("message", "There was an error communicating with the configured $name endpoint. Request: $value. Status Code: $($_.Exception.Response.StatusCode.value__). Message: $($_.Exception.Response.StatusDescription)")
    return (New-CheckResult @result)

function Confirm-IsValidPath {
    param (
        [Parameter(Mandatory = $true)]
        [string] $name,
        [Parameter(Mandatory = $true)]
        [string] $type,
        [string] $value
    $result = @{check = "IsValidPath"; name = $name; type = $type; value = $value }

    if (!(Test-Path $value)) {
        $result.Add("errorFlag", 1)
        $result.Add("level", "Fatal")
        $result.Add("message", """$value"" is not a valid path. Please specify a valid path for the ""$name"" configuration")
    else {
        $result.Add("errorFlag", 0)
    return (New-CheckResult @result)

function Confirm-IsValidValue {
    param (
        [Parameter(Mandatory = $true)]
        [string[]] $validateSet,
        [Parameter(Mandatory = $true)]
        [string] $name,
        [Parameter(Mandatory = $true)]
        [string] $type,
        [string] $value
    $result = @{check = "IsValidValue"; name = $name; type = $type; value = $value }

    if ($validateSet -notcontains $value) {
        $result.Add("errorFlag", 1)
        $result.Add("level", "Fatal")
        $result.Add("message", """$value"" is not a valid value. Please specify one of these valid configuration values ""$($validateSet -join ", ")""")
    else {
        $result.Add("errorFlag", 0)
    return (New-CheckResult @result)

function Get-AzureTableStorageInputsFromUri {
    param (

    $uriString = [System.Uri]$storageUri
    # Host returns "<stroage_account>"
    $storageAccountName = $uriString.Host.Substring(0,$uriString.Host.IndexOf("."))
    Write-DosMessage -Level "Information" -Message "Extracting storage account name from storage URI. Storage Account Name: $storageAccountName"

    # AbsolutePath returns "/<table_name>"
    $tableName = $uriString.AbsolutePath.Substring(1)
    Write-DosMessage -Level "Information" -Message "Extracting table name from storage URI. Table Name: $tableName"

    # Query returns everyting after "?" in the url
    $sasToken = $uriString.Query
    Write-DosMessage -Level "Information" -Message "Extracting SAS token from storage URI."

    return @{ storageSas = $sasToken; tableName = $tableName; storageAccountName = $storageAccountName }

    Checks Registry for .net core
    Checks the array of .net core versions

function Get-DotNetCoreVersion {
    param (
        [PSCustomObject] $Value,
        [PSCustomObject] $Registry
    if($Registry) {
        $item = $null
        ForEach ($item in $Registry) {
            if($item.DisplayVersion -like "$($Value.softwareVersion)*") {
                Write-Host "Registry:"$item.DisplayVersion, " Manifest:"$Value.softwareVersion
        It "dependent software $($Value.softwareName) $($Value.softwareVersion) version check" {
            $item.DisplayVersion | Should -BeLike "$($Value.softwareVersion)*"

function Get-DotNetVersion {
    param (
        [PSCustomObject] $Value
    $netVersion = @{
        378389 = [version]'4.5'
        378675 = [version]'4.5.1'
        378758 = [version]'4.5.1'
        379893 = [version]'4.5.2'
        393295 = [version]'4.6'
        393297 = [version]'4.6'
        394254 = [version]'4.6.1'
        394271 = [version]'4.6.1'
        394802 = [version]'4.6.2'
        394806 = [version]'4.6.2'
        460798 = [version]'4.7'
        460805 = [version]'4.7'
        461308 = [version]'4.7.1'
        461310 = [version]'4.7.1'
        461808 = [version]'4.7.2'
        461814 = [version]'4.7.2'
        528040 = [version]'4.8'
        528049 = [version]'4.8'
    $netVersionArray = @()
    foreach ($item in $netVersion.GetEnumerator()) {
        #If the variable software i.e '4.6.2' is equal to the Value of '4.6.2' in the Hash table then set the
        #variable softwareConverted to the value of the Key or i.e '394806''
        if($Value.softwareVersion -eq $item.Value) {
            #Append to array as there are multiple DWORDs for each Value of our Table
            $netVersionArray += $item.Key
        } else {
            #Do Nothing (currently looping through entire Hash Table to make sure we dont miss anything)
    #This looks directly into the registry and compares against our netVersionArray to make sure the requested .NET version matches the DWORD inside our Windows registry
    $itemProperty = Get-ItemProperty -Path "HKLM:\Software\Microsoft\NET Framework Setup\NDP\v4\full\*" | 
        Where-Object { $_.Release -ige $netVersionArray[0] -Or $_.Release -ige $netVersionArray[1] } | 
        Select-Object Release
    $releaseProperty = [string]$itemProperty
    $dword = $releaseProperty.Replace("@{Release=", "").Replace("}", "")
    Write-Host "Registry:"$dword, " Manifest:"$Value.softwareVersion
    $versionNumber = $null
    foreach ($item in $netVersion.GetEnumerator()) {
            if($dword -eq $item.Key) {
                    $versionNumber = $item.Value
    It ".net dependent software version check" {
        $versionNumber| Should -Not -BeNullOrEmpty
        $versionNumber | Should -BeGreaterOrEqual $Value.softwareVersion

function Get-ExternalConfigValues {
    param (

    $filter = ""
    if ($Scope) {
        # parse requested scope to be returned
        Write-DosMessage -Level "Information" -Message "Adding $Scope scope filter"
        $filter = "`$filter=(PartitionKey eq '$Scope')"

    $header = @{
        Accept = 'application/json;odata=nometadata'

    try {
        $result = Invoke-WebRequest -Method GET -Uri "$($ConfigStore.Uri)&$filter" -Headers $header -UseBasicParsing
    catch {
        Write-DosMessage -Level "Fatal" -Message "Failed to retrieve configuration values from $($configStore.Type) configstore. Excetion $($_.Exception)."
    $configValues = ($result.Content | ConvertFrom-Json).value
    return $configValues

    Returns scoped configuration values in a new object of key value pairs.
    Retrieves content from an XML path. Searches XML content for values nested within the scoped provided. If nodes within the configuration contain values, it will return those values in a new object.
    .PARAMETER ConfigSection
    The configuration values you wish to return. Passing in an application specific scope will return values within the configuration that are nested in that application scope.
    Additionally, users can pass in a "common" scope to return values nested in the common scope.
    .PARAMETER InstallConfigPath
    The path to the desired configuration file. Will test if file exists. InstallConfigPath must be passed in as a string.
    Set-DosTelemetry -TelemetryKey "testkey" -TelemetryOptOut

function Get-InstallationSettings
        [string] $ConfigSection,
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Fatal" -Message "Path $_ does not exist. Please enter valid path to the install.config."
            if (!(Test-Path $_ -PathType Leaf)) {
                Write-DosMessage -Level "Fatal" -Message "Path $_ is not a file. Please enter a valid path to the install.config."
            return $true
        [string] $InstallConfigPath = "install.config"

    Write-DosMessage -Level "Verbose" -Message "Attempting to parse XML content from $installConfigPath."
    try {
        $installConfigXml = [xml](Get-Content $installConfigPath)
    catch {
        Write-DosMessage -Level "Warning" -Message "Error parsing XML content from $installConfigPath. Exception: $($_.Exception)"
        return $null
    Write-DosMessage -Level "Verbose" -Message "Searching XML content for $configSection scoped values."
    $sectionSettings = $installConfigXml.installation.settings.scope | Where-Object {$ -eq $configSection}

    if($null -eq $sectionSettings){
        Write-DosMessage -Level "Warning" -Message "The '$ConfigSection' scope doesn't exist in '$installConfigPath'."
        return $null

    $installationSettings = @{}

    Write-DosMessage -Level "Verbose" -Message "Reading scoped values if they are not null or empty."
    foreach($variable in $sectionSettings.variable){
            $installationSettings.Add($, $variable.value)

    if ($installationSettings.Count -eq 0){
        Write-DosMessage -Level "Warning" -Message "There were no configuration values provided in '$ConfigSection' scope."

    return $installationSettings

    Retrieves a list of applications from the windows registry.
    Scans the windows registry for installed applications and returns a list of summary objects.
    $x = Get-InstalledApps ()
    Returns an array of registered applications. Each item in the array contains the application's DisplayName, Publisher, InstallDate, DisplayVersion and UninstallString
    32 Bit NOTE: IF this function is called from a 32 bit process, the apps returned may differ from the list when called fomr a 64 bit process!
        This is becuase microsfot redirects 32 bit apps in the registry.

function Get-InstalledApps
    if (![Environment]::Is64BitProcess) {
        $regpath = 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*'
    else {
        $regpath = @(
    Get-ItemProperty $regpath | .{process{if($_.DisplayName -and $_.UninstallString) { $_ } }} | Select DisplayName, Publisher, InstallDate, DisplayVersion, UninstallString |Sort DisplayName

Creates a new IntegrationServices object
Instantiates an IntegrationServices object using a specified connection string
.PARAMETER ConnectionString
Connection string to target Integration Services
None. You cannot pipe objects to Get-IntegrationServices.
Integration Services object
PS> Get-IntegrationServices

function Get-IntegrationServices {
    param([parameter(Mandatory=$false)][string]$ConnectionString = 'Data Source=localhost;Initial Catalog=EDWAdmin;Integrated Security=True')

    $connection = New-Object Data.SqlClient.SqlConnection $ConnectionString

    if ($pscmdlet.ShouldProcess($CatalogName, "Provisioning SSIS catalog")) {
        $integrationServices = New-Object "Microsoft.SqlServer.Management.IntegrationServices.IntegrationServices" $connection  

    return $integrationServices

function Get-SqlServerVersion {
    $sqlVersionDict = @{
        13 = 2016
        11 = 2012
    $sqlVersion = Get-ItemProperty HKLM:\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\CurrentVersion | Select-Object -ExpandProperty "CurrentVersion"
    $sqlVersion = [int]$sqlVersion.split('.')[0]

    $currentSqlVersion = $sqlVersionDict[$sqlVersion]

    if ($null -eq $currentSqlVersion) {
        Write-DosMessage -Level 'Error' -Message 'SQL Server Version not in Dictionary'

    return $currentSqlVersion

function Invoke-DependentSoftwareCheck {
    param (
        [array] $Data
    Describe "DependentSoftwareCheck" {
        ForEach ($value in $Data) {
            # Continue if sqlVersion is not specified or is different than sqlVersion of machine or if the $value is $null
            if ($null -eq $value -or ($value.PSObject.Properties['sqlVersion'] -and $value.sqlVersion -ne $(Get-SqlServerVersion))) {
            $w64 = Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | where-Object DisplayName -like "*$($value.softwareName)*"
            $w32 = Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*  | where-Object DisplayName -like "*$($value.softwareName)*"
            if ($value.softwareName -like "*.net framework*") {
                Get-DotNetVersion $value
            }  elseif ($value.softwareName -like "*.net core*" -and $w64){
                Get-DotNetCoreVersion $value $w64
            } elseif ($value.softwareName -like "*.net core*" -and $w32) {
                Get-DotNetCoreVersion $value $w32
            } else {  
                if($w64) {
                    Get-RegistryAndLocationCheck $w64 $value
                } elseif ($w32) {
                    Get-RegistryAndLocationCheck $w32 $value
                } else {
                    Write-Host "Software not found in Registry - Manifest Path: $($value.softwareLocation)"
                    It "Dependent software $($value.softwareName) $($value.softwareVersion) location exists" {
                        $value.softwareLocation | Should exist 

function Get-RegistryAndLocationCheck {
    param (
        [PSCustomObject] $Registry,
        [PSCustomObject] $Value
    if ($Registry) {
        Write-Host "Registry:"$Registry.DisplayName," Manifest:"$Value.softwareName
        It "Dependent software $($Value.softwareName) $($Value.softwareVersion) exists in registry" {
            $Registry.DisplayName | Should -Match "$($Value.softwareName)*"
        if ($Value.versionCheckType -eq 'exact') {
            Write-Host "Registry:"$Registry.DisplayVersion, " Manifest:"$Value.softwareVersion
            It "Dependent software $($Value.softwareName) $($Value.softwareVersion) version check" {
                $Registry.DisplayVersion  | Should -BeExactly $Value.softwareVersion
        } elseif ($Value.versionCheckType -eq 'min') {
            Write-Host "Registry:"$Registry.DisplayVersion, " Manifest:"$Value.softwareVersion
            It "Dependent software $($Value.softwareName) $($Value.softwareVersion) version check" {
                $Registry.DisplayVersion  | Should -BeGreaterOrEqual $Value.softwareVersion

    Checks whether the OS Version from a manifest json file is equal to that on the machine this is being ran on
    Accepts an array of OS Version checktype objects that have been converted from JSON

function Invoke-OsVersionCheck {
    param (
        [array] $AllowedVersions

    $currentOsVersion = (Get-ComputerInfo -Property osname).osname
    Describe "Os Version Check" {
        $matchedOSVersion = $null

        ForEach ($value in $AllowedVersions) {
            if ($currentOsVersion -like "*$value*") {
                $matchedOSVersion = $value

        It "'$currentOsVersion' is an allowed OS" {
            $matchedOSVersion | Should -Not -BeNullOrEmpty
            $currentOsVersion | Should -BeLike "*$matchedOSVersion*"

    Checks whether the Powershell Version from a manifest json file is equal to that on the machine this is being ran on
    Accepts an array of powershell objects that have been converted from JSON

function Invoke-PowershellVersionCheck {
    param (
        [array] $Data
    $currentVersion = "$($psversiontable.psversion.major).$($psversiontable.psversion.minor)"
    Write-Host "Powershell version is $currentVersion)"
    Describe "PowershellVersionCheck" {
        ForEach ($value in $Data) {
            if ($null -eq $value) {
            #process check
            if ($value.versionCheckType -eq 'min'){
                It "Version of powershell minimum version $($value.powershellVersion)" {
                    $currentVersion | Should -BeGreaterOrEqual $value.powershellVersion
            } elseif ($value.versionCheckType -eq 'exact') {
                It "Version of powershell exactly $($value.powershellVersion)" {
                    $currentVersion | Should -BeExactly $value.powershellVersion

    Checks whether the Windows Features from a manifest json file are installed and enabled on the executing environmnet
    Accepts an array of powershell objects that have been converted from JSON

function Invoke-WindowsFeatureCheck {
    param (
        [array] $Data

    $currentOsVersion = (Get-ComputerInfo -Property osname).osname
    $amIAServer = $currentOsVersion.StartsWith("Microsoft Windows Server")
    $amIWindowsTen = $currentOsVersion.StartsWith("Microsoft Windows 10")

    Describe "Windows Feature Check" {
        ForEach ($value in $Data) {
            if ($amIAServer) {
                if ($value.os -like "*Server*") {
                    ForEach ($feature in $value.featureList) {
                        It "'$feature' windows feature is installed & enabled" {
                            Get-WindowsFeature -Name $feature | Should -Not -BeNullOrEmpty
                            (Get-WindowsFeature -Name $feature)."InstallState" | Should -Be "Installed"
                else {
                    Write-Warning "Check designed for $($value.os) does not match the Current OS: $currentOsVersion. Skipping Test"
            } elseif ($amIWindowsTen) {
                if ($value.os -like "*10*") {
                    ForEach ($feature in $value.featureList) {
                        It "'$feature' windows feature is installed & enabled" {
                            Get-WindowsOptionalFeature -Online -FeatureName $feature | Should -Not -BeNullOrEmpty
                            (Get-WindowsOptionalFeature -Online -FeatureName $feature).State | Should -Be "Enabled"
                else {
                    Write-Warning "Check designed for $($value.os) does not match the Current OS: $currentOsVersion. Skipping Test"
            else {
                Write-Warning "Unrecognized OS: $currentOsVersion"

    Creates an IIS Application Pool with the specified options.
    Uses the WebAdministration powershell module to create IIS app pools.
    Name of App Pool to create.
    .PARAMETER IdentityCredential
    PSCredential with a username and password.
    .PARAMETER RuntimeDotNetVersion
    Runtime version to be used in app pool creation. Defaults to 'v4.0'
    New-AppPool -IISAppPoolName "CatalystAppPool" -IdentityCredential $psCredential

function New-AppPool {
            if ($_ -match '[^a-zA-Z0-9]') {
                Write-DosMessage -Level "Error" -Message "$_ must only contain alphanumeric values. Please remove special characters."
            else {
        [string] $IISAppPoolName,
        [PSCredential] $IdentityCredential,
        [string] $RuntimeDotNetVersion = "v4.0"

    # Tests if current session has elevated permissions required to create IIS App Pool

    # TODO: Validate bitness for powershell session. Import-Module WebAdministration most likely requires 64 bit

    Import-Module WebAdministration

    if ($IdentityCredential) {
        Write-DosMessage -Level "Information" -Message "Attempting to validate credential"
        if (!((Confirm-DosCredential -Credential $IdentityCredential).isValid)) {
            Write-DosMessage -Level "Fatal" -Message "Username or password is not valid"

    if(!(Test-Path "IIS:\AppPools\$IISAppPoolName" -PathType Container))
        Write-DosMessage -Level "Information" -Message "Creating AppPool $IISAppPoolName."
        $appPool = New-WebAppPool $IISAppPoolName
        $appPool | Set-ItemProperty -Name "managedRuntimeVersion" -Value "$RuntimeDotNetVersion"
        Set-AppPoolSettings -IISAppPoolName $IISAppPoolName -IdentityCredential $IdentityCredential
        Write-DosMessage -Level "Error" -Message "AppPool: $IISAppPoolName already exists."

function New-CheckResult {
    param (
    $result = New-Object PSObject
    $result | Add-Member -Type NoteProperty -Name name -Value $name
    $result | Add-Member -Type NoteProperty -Name type -Value $type
    $result | Add-Member -Type NoteProperty -Name value -Value $value
    $result | Add-Member -Type NoteProperty -Name check -Value $check
    $result | Add-Member -Type NoteProperty -Name errorFlag -Value $errorFlag
    $result | Add-Member -Type NoteProperty -Name level -Value $level
    $result | Add-Member -Type NoteProperty -Name message -Value $message    
    return $result

Creates a new SSIS catalog
Adds a new SSIS catalog with specified name and encryption key
.PARAMETER IntegrationServices
IntegrationServices object where catalog should be created
.PARAMETER CatalogEncryptionKey
Key to use for encrypting catalog, if it must be created
.PARAMETER CatalogName
Name of SSIS catalog to contain project
None. You cannot pipe objects to New-SsisCatalog
Created SSIS catalog
PS> New-SsisCatalog -IntegrationServices $integrationServices -CatalogEncryptionKey 'password'

function New-SsisCatalog {
        [parameter(Mandatory=$false)][string]$CatalogName = 'SSISDB')

    if ($pscmdlet.ShouldProcess($CatalogName, "Provisioning SSIS catalog")) {
        $catalog = New-Object "Microsoft.SqlServer.Management.IntegrationServices.Catalog" ($IntegrationServices, $CatalogName, $CatalogEncryptionKey)  

    return $catalog

Creates a new SSIS folder
Adds a new SSIS folder with specified name
.PARAMETER SsisCatalog
IntegrationServices Catalog object where folder should be created
Name of folder to create
None. You cannot pipe objects to New-SsisFolder
Created SSIS folder
PS> New-SsisFolder -SsisCatalog $catalog -FolderName 'Catalyst'

function New-SsisFolder {

    if ($pscmdlet.ShouldProcess($FolderName, "Creating SSIS folder")) {
        $folder = New-Object "Microsoft.SqlServer.Management.IntegrationServices.CatalogFolder" ($SsisCatalog, $FolderName, "Folder to contain SSIS projects")

    return $folder

Creates a new SSIS project
Deploys an ISPAC into an existing SSIS catalog and folder
IntegrationServices Folder object where project should be created
.PARAMETER ProjectName
Name of project to create
Path to ISPAC to deploy to initialize project
None. You cannot pipe objects to New-SsisProject
PS> New-SsisProject -SsisFolder $folder -ProjectName 'CatalystLoader' -IspacPath "C:\a\place"

function New-SsisProject {

    if ($pscmdlet.ShouldProcess($ProjectName, "Deploying SSIS project")) {
        [byte[]] $projectFile = [System.IO.File]::ReadAllBytes($IspacPath)
        $SsisFolder.DeployProject($ProjectName, $projectFile)

    Publishes a .net core web applications.
    Creates the necessary folder and expands the archive containing the .net core web app to the folder. Also creates the appropriate IIS Site and associates the specified App Pool with the site.
    .PARAMETER WebApplicationPackagePath
    Path to the zip file containing the .net core web applications
    .PARAMETER AppPoolName
    Application pool to associate with the web application. This must already exist
    IIS Site to install the application to. Defaults to "Default Web Site" if not specified
    .PARAMETER AppName
    Application name - used for both the site AND the folder created underneath the IISWebSite root
    .PARAMETER PathsToPreserve
    Array of paths to preserve during a deployment, such as logs, relative to the install directory in IIS, so they are not removed during the upgrade of an application. Ignored for new installs.
    Publish-DotNetCoreWebApp -WebApplicationPackagePath $WebAppPackagePath -AppPoolCredentials $AppPoolCredential -AppName $AppName -IISWebSite $IISWebSite -AppPoolName $AppPoolName -PathsToPreserve @("logs")

function Publish-DotNetCoreWebApp{
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Fatal" -Message "WebApplicationPackagePath $_ does not exist. Please enter valid path."
            else {
        [string] $WebApplicationPackagePath,
            if ($_ -match '[^a-zA-Z0-9]') {
                Write-DosMessage -Level "Fatal" -Message "$_ must only contain alphanumeric values. Please remove special characters."
            else {
        [string] $AppPoolName,
        [string] $IISWebSite = "Default Web Site",
        [string] $AppName,
        [string[]] $PathsToPreserve

    # Tests if current session has elevated permissions required to create IIS App Pool

    Import-Module WebAdministration

    #Stop app pool if it's running (upgrade scenario)
    [string] $appPoolUser = $null
    if(Test-Path "IIS:\AppPools\$AppPoolName" -PathType Container){
        $currentState = Get-WebAppPoolState -Name $AppPoolName
        if($currentState.Value -ne "Stopped"){
            Write-DosMessage -Level "Information" -Message "App pool $AppPoolName not stopped, current state $currentState"
            Stop-WebAppPool -Name $AppPoolName
            Wait-AppPoolState -AppPoolName $AppPoolName -AppPoolState "Stopped"

        $appPool = Get-Item "IIS:\AppPools\$AppPoolName"

        $appPoolUser = $appPool.processModel.userName
        Write-DosMessage -Level "Error" -Message "No app pool found named $AppPoolName"

    #Get/Create folder

    $physicalWebPath = Join-Path (Get-IISWebSitePath -WebSiteName $IISWebSite) $AppName

    if(!(Test-Path $physicalWebPath)){
        Write-DosMessage -Level "Information" -Message "Creating directory $physicalWebPath"
        New-Item -Path $physicalWebPath -ItemType Directory | Out-Null
    else {
        Write-DosMessage -Level "Information" -Message "Directory $physicalWebPath exists, removing previous installation files"

        if ($PathsToPreserve) {
            Get-ChildItem -Path "$physicalWebPath\*" -Exclude $PathsToPreserve | Remove-Item -Recurse -Force
        else {
            Remove-Item -Path "$physicalWebPath\*" -Recurse -Force

    #Folder ACL ops
    if (!([string]::IsNullOrEmpty($appPoolUser))) {
        Write-DosMessage -Level "Information" -Message "Adding read and write to $physicalWebPath for $appPoolUser"
        Add-AclFolder -FolderPath $physicalWebPath -User $appPoolUser -Permission "Read"

        Add-AclFolder -FolderPath $physicalWebPath -User $appPoolUser -Permission "Write"

    #Extract zip file

    Write-DosMessage -Level "Information" -Message "Extracting $WebApplicationPackagePath to $physicalWebPath"
    Expand-DosArchive -ArchiveFile $WebApplicationPackagePath -DestinationPath $physicalWebPath -Overwrite

    Write-DosMessage -Level "Information" -Message "Creating web site $AppName on site $IISWebSite using application pool $AppPoolName"
    New-WebApplication -Name $AppName -Site $IISWebSite -PhysicalPath $physicalWebPath -ApplicationPool $AppPoolName -Force | Out-Null

    Start-WebAppPool -Name $AppPoolName


[string] $script:WebDeployExecutableName = "msdeploy.exe"

# alternatively the directory is located in registry: HKLM\SOFTWARE\Microsoft\IIS Extensions\MSDeploy
[Array] $script:MsdeployLocations = @([System.IO.Path]::Combine(([System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::ProgramFilesX86)), "IIS", "Microsoft Web Deploy V3"))

    Publishes the target Web Deploy Web application.
    Uses WebDeploy to deploy specified web application with specified parameters
    .PARAMETER WebDeployPackageFilePath
    File path to web deploy zip file to publish to server. Mandatory
    .PARAMETER WebDeployParameterFilePath
    File path to the set parameter XML file that contains transforms for the web.config file (connection strings, etc)
    .PARAMETER WebParameters
    Arraylist object to the set parameters for the web.config file (connection strings, etc)
    Publish-DosWebApp -WebDeployPackageFilePath ".\" -WebDeployParameterFilePath ".\test.params.xml"

function Publish-WebDeployWebApp {
        [string] $WebDeployPackageFilePath,
        [string] $WebDeployParameterFilePath,
        [System.Collections.ArrayList] $WebParameters,
        [string] $AppName,
        [string] $IISWebSite = "Default Web Site",
        [string] $AppPoolName,
        [string[]] $PathsToPreserve

    Write-DosMessage -Level "Verbose" -Message "Confirming process is running with elevated permissions."

    if(!(Test-Path $WebDeployPackageFilePath)){
        Write-DosMessage -Level "Error" -Message "Unable to locate $WebDeployPackageFilePath"
    Write-DosMessage -Level "Verbose" -Message "Generating WebDeploy arguments with '$WebDeployPackageFilePath' file path."
    # --% escapes out the rest of the line. otherwise we would need to add a tick(`) for semi-colons, apostrophes, and quotes.
    [string] $webDeployArguments = "--%"`
                               +" -source:package='$WebDeployPackageFilePath'"`
                               +" -dest:auto,includeAcls=""False"""`
                               +" -verb:sync"`
                               +" -disableLink:AppPoolExtension"`
                               +" -disableLink:ContentExtension"`
                               +" -disableLink:CertificateExtension"

    Write-DosMessage -Level "Verbose" -Message "Ensuring that WebDeploy parameter file path exists."
        if ((Test-Path $WebDeployParameterFilePath) -and $WebParameters){
            Write-DosMessage -Level "Error" -Message "It is not supported to provide both an XML settings file and deploy arg objects. Provide only one."

        if(!(Test-Path $WebDeployParameterFilePath)){
            Write-DosMessage -Level "Error" -Message "Unable to locate $WebDeployParameterFilePath"
            $webDeployArguments = $webDeployArguments + " -setParamFile:""$WebDeployParameterFilePath"""
        foreach ($param in $WebParameters)
            $webDeployArguments = $webDeployArguments + $(" -setParam:name='{0}',value='{1}'" -f $param.Name, $param.Value)

    Write-DosMessage -Level "Information" -Message "Attempting to retrieve WebDeploy executable path."
    [string] $webDeployExecutablePath = Resolve-FilePath -PathsToSearch $script:MsdeployLocations -FilePattern $script:WebDeployExecutableName

        Write-DosMessage -Level "Error" -Message "Unable to locate web deploy, unable to publish DOS application"

    if ($PathsToPreserve) {
        foreach ($path in $PathsToPreserve) {
            $webDeployArguments += " -skip:skipaction='Delete',objectName='dirPath',absolutepath='$path$'"
            $webDeployArguments += " -skip:skipaction='Delete',objectName='filePath',absolutepath='$path\\.*$'"

    Write-DosMessage -Level "Verbose" -Message "Running: $webDeployExecutablePath $webDeployArguments"
    $output = Start-CommandAndReturnOutput -Command  "& ""$webDeployExecutablePath"" $webDeployArguments | Out-String"

    if ([string]::IsNullOrEmpty($output)) {
        Write-DosMessage -Level "Fatal" -Message "Web Deploy output returned empty or null. Please validate Web Deploy 3.5 is correctly installed."

    $physicalWebPath = Join-Path (Get-IISWebSitePath -WebSiteName $IISWebSite) $AppName
    $appPool = Get-Item "IIS:\AppPools\$AppPoolName"
    $appPoolUser = $appPool.processModel.userName

    Write-DosMessage -Level "Information" -Message "Adding read and write to $physicalWebPath for $appPoolUser"
    if (!([string]::IsNullOrEmpty($appPoolUser))) {
        Add-AclFolder -FolderPath $physicalWebPath -User $appPoolUser -Permission "Read"
        Add-AclFolder -FolderPath $physicalWebPath -User $appPoolUser -Permission "Write"

    Write-DosMessage -Level "Verbose" -Message $output

function Remove-ExternalConfigValue {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (

    Write-DosMessage -Level "Information" -Message "Attempting to remove $configSection.$configSetting from $($configStore.Type) configstore."

    $tableStorageInputs = Get-AzureTableStorageInputsFromUri -storageUri "$($configStore.Uri)"

    $resource = "$($tableStorageInputs.tableName)(PartitionKey='$configSection',RowKey='$configSetting')"
    $deleteUri = "https://$($tableStorageInputs.storageAccountName)$resource$($tableStorageInputs.storageSas)"

    $header = @{
        Accept         = "application/json;odata=nometadata"
        'If-Match'     = "*"
    $responseObject = $null

    try {
        $responseObject = Invoke-WebRequest -Method DELETE -Uri "$deleteUri" -Headers $header -UseBasicParsing
    catch {
        Write-DosMessage -Level "Fatal" -Message "Failed to remove $($configValue.PartitionKey).$($configValue.RowKey) configuration from $($configStore.Type) config store. Exception: $($_.Exception)"

    if ($responseObject.StatusCode -eq 204) {
        Write-DosMessage -Level "Information" -Message "Successfully removed $configSection.$configSetting from $($configStore.Type) configstore."

    return $responseObject

    Looks for the v1/v2/v3/vN in the URL and removes it.
    There are various times when we want the version number removed from the URL, thus we have this helper function to make it
    easy to remove the version number.
    Name the URL
    Remove-VersionFromLocalPath -Url '

function Remove-VersionFromLocalPath {
    param (
        [Parameter(Mandatory = $true, Position = 0)]
        [string] $Url

    $uri = [System.Uri]$Url

    $uriLocalPath = $($uri.LocalPath) -replace "/v(\d+)([/]?)", "/"
    $uriLocalPath = $uriLocalPath -replace "//","/"

    if($($uri.LocalPath).EndsWith("/") -and -not($uriLocalPath.endswith("/"))){
        #the original ended with a slash, and the new one doesn't, add a slash
        $uriLocalPath = "$uriLocalPath/"

    if(-not($($uri.LocalPath).EndsWith("/")) -and $uriLocalPath.endswith("/")){
        #the original didn't end with a slash, but the new one does.
        #removing trailing slashes, remove it.
        $uriLocalPath = $uriLocalPath.substring(0,$uriLocalPath.Length-1)

    $newUrl = "$($uri.Scheme)://$($uri.Host)$uriLocalPath$($uri.Query)"

    #This was the original code, but it didn't handle all the cases that I wanted it to handle.
    # So the following line was replaced by all the code above.
    #$NewUrl = $Url -replace "/v(\d+)([/]?)", "/"
    if ($Url -ne $NewUrl) {
        Write-DosMessage -Level "Debug" -Message "Removed version from url. From: $Url To: $NewUrl"
    return $newUrl

    Repairs non-cannonical ACLs
    Attempts to reorder ACEs in the specified ACL.
    ACL needing repair
    Path to the item needing ACL repairs - needed because sometimes the ACL passed in doesn't have an associated path.
    Repair-AclCanonicalOrder -Acl $x

function Repair-AclCanonicalOrder {
        [Parameter(Mandatory = $true)]
        [System.Security.AccessControl.DirectorySecurity] $Acl,
        [string] $Path
    if ($Acl.AreAccessRulesCanonical) {
        Write-DosMessage -Level "Debug" -Message "Acls are canonical"

    Write-DosMessage -Level "Debug" -Message "Acls are not canonnical, attempting to fix Acls"

    # Convert ACL to a raw security descriptor:
    $RawSD = New-Object System.Security.AccessControl.RawSecurityDescriptor($Acl.Sddl)

    # Create a new, empty DACL
    $NewDacl = New-Object System.Security.AccessControl.RawAcl(
        $RawSD.DiscretionaryAcl.Count  # Capacity of ACL

    # Put in reverse canonical order and insert each ACE (I originally had a different method that
    # preserved the order as much as it could, but that order isn't preserved later when we put this
    # back into a DirectorySecurity object, so I went with this shorter command)
    $RawSD.DiscretionaryAcl | Sort-Object @{E={$_.IsInherited}; Descending=$true}, AceQualifier | ForEach-Object {
        $NewDacl.InsertAce(0, $_)

    # Replace the DACL with the re-ordered one
    $RawSD.DiscretionaryAcl = $NewDacl

    # Commit those changes back to the original SD object (but not to disk yet):

    # Commit changes
    $Acl | Set-Acl -Path $Path

#List of common locations for assemblies
[System.Collections.ArrayList] $script:commonFilePaths = @("$PSScriptRoot\..\assemblies","C:\Program Files (x86)\Microsoft SQL Server")

    Attempts to resolve the the assembly file name specified to a fully qualified path.
    Looks through the commonAssemblyFilePaths for files matching the specified file name.
    .PARAMETER FileName
    Assembly file name. Ex. "Microsoft.Test.dll"
    Resolve-AssemblyFilePath -AssemblyFileName ".\test.dll"
    $null if no file found, otherwise the fully qualitifed path to the file.

function Resolve-CommonFilePath{
        [string] $AssemblyFileName

    return Resolve-FilePath -PathsToSearch $script:commonFilePaths -FilePattern $AssemblyFileName

    Attempts to resolve the the assembly file name specified to a fully qualified path.
    Looks through the commonAssemblyFilePaths for files matching the specified file name.
    .PARAMETER AssemblyFileName
    Assembly file name. Ex. "Microsoft.Test.dll"
    Resolve-FilePath -PathsToSearch "C:\Path\To\Search" -FilePatter "Executable.exe"
    $null if no file found, otherwise the fully qualitifed path to the file.

function Resolve-FilePath{
        [Array] $PathsToSearch,
        [string] $FilePattern

    Write-DosMessage -Level "Verbose" -Message "Attempting to retrieve file path that matches '$FilePattern'."

    foreach($filePath in $PathsToSearch){
        try {
            Write-DosMessage -Level "Verbose" -Message "Searching in '$filePath'"
            $files = Get-ChildItem -Path $filePath -Filter $FilePattern -Recurse | Where-Object { $_.PSIsContainer -ne $true }
        catch {
            Write-DosMessage -Level "Error" -Message "Error retrieving path that matches pattern '$FilePattern'. Exception: $($_.Exception)."
        if(($files -ne $null) -and ($files.Length -gt 0)){
            Write-DosMessage -Level "Verbose" -Message "Found $($files.Length) files under $assemblyFilePath for $AssemblyFileName"
            return $files[0].FullName

    Write-DosMessage -Level "Verbose" -Message "Unable to find path that matches pattern '$FilePattern'. Returning null."
    return $null


    Adds to the common search paths used when attempting to resolve an assembly file location.
    Adds a path to the list of paths to search.
    Add-CommonPath -Path "C:\Windows"

function Add-CommonPath{
        [string] $Path



    Clears the common search paths.
    Clears the search path variable.

function Clear-CommonPath{
    $script:commonFilePaths = @()

    Configure an IIS Application Pool with the specified settings.
    Uses the WebAdministration powershell module to create IIS app pools.
    Name of App Pool to configure.
    .PARAMETER IdentityCredential
    PSCredential with a username and password.
    Set-AppPoolSettings -IISAppPoolName "CatalystAppPool" -IdentityCredential $psCredential

function Set-AppPoolSettings {
        [Parameter(Mandatory = $true)]
        [ValidateLength(1, 64)]
        [ValidateScript( {
                if ($_ -match '[^a-zA-Z0-9]') {
                    Write-DosMessage -Level "Error" -Message "$_ must only contain alphanumeric values. Please remove special characters."
                else {
        [string] $IISAppPoolName,
        [PSCredential] $IdentityCredential,
        [switch] $NoCredential

    $poolpath = "IIS:\AppPools\$IISAppPoolName"
    try {
        $appPool = Get-Item -Path $poolpath -ErrorAction Stop
    } Catch {
        Write-DosMessage -Level "Fatal" -Message "Failed to get application pool. Exception: $($_.Exception)"

    Write-DosMessage -Level "Information" -Message "Configuring AppPool $IISAppPoolName."

    if ($IdentityCredential) {
        if (!((Confirm-DosCredential -Credential $IdentityCredential).isValid)) {
            Write-DosMessage -Level "Fatal" -Message "Username or password is not valid"

        if (![string]::IsNullOrEmpty($IdentityCredential.UserName) -and $IdentityCredential.GetNetworkCredential().Password -ne $null) {
            Write-DosMessage -Level "Information" -Message "Configuring '$IISAppPoolName' app pool's identity with the credentials provided."
            $appPool.processModel.userName = $IdentityCredential.UserName
            $appPool.processModel.password = $IdentityCredential.GetNetworkCredential().Password

        # IdentityType 3 references 'SpecificUser'
        if (!($appPool.processModel.identityType -eq "SpecificUser")) {
            Write-DosMessage -Level "Information" -Message "Identity Type was not set to SpecificUser, setting to 3"
            $appPool.processModel.identityType = 3
    else {
        Write-DosMessage -Level "Information" -Message "No identity credential was provided. '$IISAppPoolName' identity configuration will not be altered."

    if ($NoCredential.IsPresent) {
        Write-DosMessage -Level "Information" -Message "NoCredential parameter was provided. Attempting to configure '$IISAppPoolName' identity type."
        if (!($appPool.processModel.identityType -eq "ApplicationPoolIdentity")) {
            Write-DosMessage -Level "Information" -Message "Identity Type was not set to ApplicationPoolIdentity, setting to 4"
            $appPool.processModel.identityType = 4
        Write-DosMessage -Level "Information" -Message "'$IISAppPoolName' identity type successfully set to 'ApplicationPoolIdentity'"
    if ($appPool.processModel.loaduserprofile -eq $false) {   
        Write-DosMessage -Level "Verbose" -Message "loaduserprofile was not set to true, setting to true" 
        $appPool.processModel.loaduserprofile = $true
    if (!($appPool.startMode -eq "alwaysrunning")) {
        Write-DosMessage -Level "Verbose" -Message "startmode was not set to alwaysrunning, setting to alwaysrunning"
        $appPool.startMode = "alwaysrunning"
    if (!($appPool.processmodel.idletimeout -eq [TimeSpan]::FromMinutes(0))) {
        $appPool.processmodel.idletimeout = [TimeSpan]::FromMinutes(0)
    if (!($appPool.processmodel.idletimeoutaction -eq "suspend")) {
        Write-DosMessage -Level "Verbose" -Message "idletimeoutaction was not set to suspend, setting to suspend"
        $appPool.processmodel.idletimeoutaction = "suspend"
    if (!($appPool.cpu.action -eq "ThrottleUnderLoad")) {
        Write-DosMessage -Level "Verbose" -Message "cpu limit action was not set, setting ThrottleUnderLoad to 10%"
        $appPool.cpu.action = "ThrottleUnderLoad"
        $appPool.cpu.limit = 10000
    try {
        $appPool | Set-Item -Verbose -ErrorAction Stop
    } catch {
        Write-DosMessage -Level "Fatal" -Message "Failed to set application pool settings. Exception: $($_.Exception)"

    Alters IIS authentication type based off parameter values provided by user.
    Pull current web.config values, unlocking the configurations, and altering based of provided values.
    .PARAMETER AuthenticationType
    Array of strings allowing for either 'Windows', 'Anonymous' or both.
    .PARAMETER SiteName
    Name of IIS website being used.
    .PARAMETER ApplicationName
    Name of IIS application being altered.
    Set-IISAuthentication -AuthenticationType 'Windows' -SiteName 'Default Web Site' -ApplicationName 'HCApp'

function Set-IISAuthentication {
        [ValidateSet("Windows", "Anonymous")]
        [string[]] $AuthenticationType,
        [string] $SiteName,
        [string] $ApplicationName

    Add-Assembly -Assemblies "$env:systemroot\system32\inetsrv\Microsoft.Web.Administration.dll"
    $manager = New-Object Microsoft.Web.Administration.ServerManager      

    if ($AuthenticationType.Contains("Anonymous")){
        Edit-AuthenticationType -AuthenticationType "Anonymous" -SiteName $SiteName -AppName $ApplicationName -ApplicationHostManager $manager -Enable
    else {
        Edit-AuthenticationType -AuthenticationType "Anonymous" -SiteName $SiteName -AppName $ApplicationName -ApplicationHostManager $manager
    if ($AuthenticationType.Contains("Windows")){
        Edit-AuthenticationType -AuthenticationType "Windows" -SiteName $SiteName -AppName $ApplicationName -ApplicationHostManager $manager -Enable
    else {
        Edit-AuthenticationType -AuthenticationType "Windows" -SiteName $SiteName -AppName $ApplicationName -ApplicationHostManager $manager


    Used to alter authentication type of an IIS web site/application
    .PARAMETER AuthenticationType
    Authentication Mode that will be altered
    .PARAMETER SiteName
    Name of the IIS Website
    .PARAMETER AppName
    Name of the IIS application
    .PARAMETER Enable
    Switch toggling whether the specified Authentication will be enabled or disabled
    Alter-AuthenticationType -AuthenticationType "Windows" -SiteName "TestSite" -AppName "TestApp" -ApplicationConfiguration $config -Enable

function Edit-AuthenticationType {
        [ValidateSet("Windows", "Anonymous")]
        [string] $AuthenticationType,
        [string] $SiteName,
        [string] $AppName,
        [Microsoft.Web.Administration.ServerManager] $ApplicationHostManager,
        [switch] $Enable

    if ($AuthenticationType -eq  "Windows") {
        $authenticationString = "windowsAuthentication"
    else {
        $authenticationString = "anonymousAuthentication"

    $config = $ApplicationHostManager.GetApplicationHostConfiguration()
    $section = $config.GetSection("system.webServer/security/authentication/$authenticationString")
    $section.OverrideMode = "Allow"  
    # When Invoke-Pester is called on the Publish-DosWebApplication Integration tests there seems to be inconsistent behavior when ran in and out of a debug session.
    Start-Sleep -s 3
    Write-DosMessage -Level "Information" -Message "Unlocked system.webServer/security/authentication/$authenticationString for configuration"

    Set-WebConfigurationProperty -Filter "/system.webServer/security/authentication/$authenticationString" -Name Enabled -Value $Enable.IsPresent -PSPath "IIS:\Sites\$SiteName\$AppName"
    if ($Enable.IsPresent){
        Write-DosMessage -Level "Information" -Message "Enabled $AuthenticationType Authentication on $SiteName/$AppName"
    else {
        Write-DosMessage -Level "Information" -Message "Disabled $AuthenticationType Authentication on $SiteName/$AppName"

function Start-CommandAndReturnOutput {
        [string] $Command

    Write-DosMessage -Level "Verbose" -Message "Running: $Command"

    $output = Invoke-Expression "$Command"

    return $output

    NON-PUBLIC Validates if the assembly is loaded into the current PSSession
    Checkes if the specified DLL is already loaded.
    .PARAMETER AssemblyFile
    DLL file to check if it is loaded
    .PARAMETER ExactVersion
    Specifies if we require an exact version match. If not, we will return true if a higher level version is loaded than the specified version
    Test-AssemblyLoaded -assemblyFile "C:\Sql\Microsoft.Sql.Smo.Dll"
    True if the assembly or higher version is loaded (if exactVersion = $false). Throws an exception if a down level version is found to be loaded (this can cause issues)

function Test-AssemblyLoaded{
        [string] $AssemblyFile,
        [bool] $ExactVersion = $false


    if(!(Test-Path $AssemblyFile)){
        Write-DosMessage -Level "Error" -Message "Can't find $AssemblyFile"

    [System.Reflection.AssemblyName] $targetName = [System.Reflection.AssemblyName]::GetAssemblyName($AssemblyFile)

    Write-DosMessage -Level "Verbose" -Message "Assembly info $targetName for $AssemblyFile"

    [Array] $loadedAssemblies = [AppDomain]::CurrentDomain.GetAssemblies()

    foreach($loadedAssembly in $loadedAssemblies){
        [System.Reflection.AssemblyName] $loadedName = $loadedAssembly.GetName()
        #Have to do deep comparison - Equals and -eq just compare references
        if(($loadedName.Name -eq $targetName.Name) -and ($loadedName.Version -eq $targetName.Version)){
            Write-DosMessage -Level "Verbose" -Message "Exact assembly $($loadedName.Name) already loaded"
            return $true

            if($loadedName.Name -eq $targetName.Name){
                if($loadedName.Version -ge $targetName.Version){
                    Write-DosMessage -Level "Verbose" -Message "Found assembly $($loadedName.Name) with version $($loadedName.Version) which is greater or equal to targeted version $($targetName.Version)"
                    return $true
                    Write-DosMessage -Level "Error" -Message "Older assembly version loaded than $($targetName.Name) with specified version $($targetName.Version)"

    return $false

    Tests if the powershell session is running with elevated permissions.
    Tests if the powershell session is running with elevated permissions.

function Test-ElevatedPermission {
    $elevated = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
    if (-not $elevated ) {
        Write-DosMessage -Level "Fatal" -Message "This procedure requires elevated permissions."

    Checks for a specific version of an installed application.
    Checks the windows registry for an installed application has the exact version specified.
    .PARAMETER appName
    Application name pattern. The function uses "like" to match against the DisplayName in the registry.
    .PARAMETER supportedVersion
    The specific version to check. This is a string paramreter and should match the registered version exactly.
    Test-PrerequisiteExact -appName "Dot Net Runtime" -supportedVersion ""
    boolean. Ture if and only if the the application us installed at the exact version. A newer dersion will return false.

function Test-PrerequisiteExact {
    param (
    $installedAppResults = Get-InstalledApps | Where-Object {$_.DisplayName -like $appName}
    if($null -eq $installedAppResults){
        return $false;

    if($null -eq $supportedVersion)
        return $true;

    $supportedVersionAsSystemVersion = [System.Version]$supportedVersion

    Foreach($version in $installedAppResults)
        $installedVersion = [System.Version]$version.DisplayVersion
        if($installedVersion -eq $supportedVersionAsSystemVersion)
            return $true;
    return $false;

    Waits for the application pool to enter the specified state
    Waits for the application pool to enter the specified state. Needed to allow files to be overwritten during upgrade
    .PARAMETER AppPoolName
    App pool to wait for state change on
    .PARAMETER AppPoolState
    State to wait for the app pool to enter. Current allowed values of "Started" and "Stopped"
    .PARAMETER TimeOut
    Amount of time to wait before throwing an error. Default is 2 minutes (240 seconds)
    Wait-AppPoolStateChange -AppPoolName "Identity" -AppPoolState "Started"

function Wait-AppPoolState{
            if ($_ -match '[^a-zA-Z0-9]') {
                Write-DosMessage -Level "Fatal" -Message "$_ must only contain alphanumeric values. Please remove special characters."
            else {
        [string] $AppPoolName,
        [ValidateSet("Started", "Stopped")]
        [string] $AppPoolState,
        [int] $TimeOut = 240


    Import-Module WebAdministration

    $currentState = Get-WebAppPoolState -Name $AppPoolName
    Write-DosMessage -Level "Information" -Message "Waiting for app pool '$AppPoolName' to enter the '$AppPoolState' state"
    $loopTimes = 0
    while($currentState.Value -ne $AppPoolState) {
        Write-DosMessage -Level "Debug" -Message "Waiting 1 second"
        Start-Sleep 1
        $currentState = Get-WebAppPoolState -Name $AppPoolName
        if($loopTimes -ge $TimeOut) {
            Write-DosMessage -Level "Error" -Message "Timed out waiting for $AppPoolName to enter state $AppPoolState - timeout $TimeOut seconds"

    Write-DosMessage -Level "Information" -Message "App Pool $AppPoolName successfully entered state $AppPoolState"

    Adds the target assembly - essentially loads the assembly
    Attempts to load the specified DLL files (assemblies). Will attempt to resolve from a couple of common paths during an attempt to load
    .PARAMETER Assemblies
    DLL files to attempt to load
    $true if the specified assemblies are already loaded, $false if the assemblies aren't loaded due to not being found or other issues.
    Add-Assembly -Assemblies "Microsoft.Sql.Smo.Dll"

function Add-Assembly {
        [Object[]] $Assemblies,
        [string] $AssemblyFilter = "*.dll"

    if(($null -eq $Assemblies) -or ([String]::IsNullOrEmpty($Assemblies[0]))){
        Write-DosMessage -Level "Error" -Message "Must specify one or more assemblies to load"
        return $false

    foreach($assemblyFilePath in $Assemblies){

        Write-DosMessage -Level "Verbose" -Message "Attempting to load assembly $assemblyFilePath"
            Write-DosMessage -Level "Error" -Message "Specified assembly file path is null or empty"
            return $false

        [string] $targetAssemblyFilePath = $assemblyFilePath
        if(!(Test-Path -Path $targetAssemblyFilePath)){
            Write-DosMessage -Level "Verbose" -Message "Unable to resolve $assemblyFilePath, searching common folder"
            $targetAssemblyFilePath = Resolve-CommonFilePath -AssemblyFileName $targetAssemblyFilePath

            Write-DosMessage -Level "Error" -Message "Unable to find specified assembly $assemblyFilePath"
            return $false

        Write-DosMessage -Level "Verbose" -Message "Found $targetAssemblyFilePath for specified file $assemblyFilePath"
        if(!(Test-AssemblyLoaded -assemblyFile $targetAssemblyFilePath)){

                Write-DosMessage -Level "Verbose" -Message "Attempting to load $targetAssemblyFilePath"
                Add-Type -Path $targetAssemblyFilePath
                Write-DosMessage -Level "Error" -Message "Unable to load. Exception: $($_.Exception)"

    Write-DosTelemetry -Message "Add-Assembly called."

Adds a SQL login to a database role
Adds a SQL user to a database role
.PARAMETER InstanceName
Full instance name of SQL server
.PARAMETER ConnectionString
Connection string to a SQL instnace
.PARAMETER SqlConnection
SQL connection to target SQL Server
.PARAMETER DatabaseName
Database in which the role exists
The full name of the user to add to the role
The full name of the database role
Will force the addition of the user to the database role even if it is not needed.
PS> Add-DosSqlDatabaseRoleMembership ...

function Add-DosSqlDatabaseRoleMembership {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSShouldProcess", "", Justification="Passing through the -WhatIf and -Confirm to the Invoke-DosSqlQuery - this is a supported scenario")]
        [switch] $force

    #remove this from the parameters
    $PSBoundParameters.Remove('ErrorAction') | Out-Null

        #query for all roles first:
        $roleQuery = "SELECT AS DatabaseRoleName,
            isnull (, 'No members') AS DatabaseUserName
            FROM sys.database_role_members AS DRM
            RIGHT OUTER JOIN sys.database_principals AS DP1
                ON DRM.role_principal_id = DP1.principal_id
            LEFT OUTER JOIN sys.database_principals AS DP2
                ON DRM.member_principal_id = DP2.principal_id
            WHERE DP1.type = 'R'
            ORDER BY; "

        $queryResult = Invoke-DosSqlQuery @PSBoundParameters -Query $roleQuery

    foreach($role in $RoleName){
        $userExistsInRole = $queryResult | where-object -property 'DatabaseRoleName' -eq $role | where-object -property 'DatabaseUserName' -eq $UserName
        if(!$userExistsInRole -or $force.IsPresent){
            $query += "ALTER ROLE [$role] ADD MEMBER [$UserName]"
        } else {
            Write-DosMessage -Level 'Information' -Message "User '$UserName' already has role '$role' in database."

        #if ($pscmdlet.ShouldProcess($Query, "Executing SQL Query")){
            Write-DosMessage -Level 'Information' -Message "Executing ALTER ROLE Query: $query"
            Invoke-DosSqlQuery @PSBoundParameters -Query $query -NonQuery | Out-Null

function Add-IISUrlRewriteRule {
        Add URL rewrite rule
        Adds a given URL rewrite rule to IIS with a Redirect action. The IIS URL Rewrite extension must be installed in
        order to use this function.
        .PARAMETER IISWebSite
        The IIS site from which to remove the application. Defaults to "Default Web Site"
        .PARAMETER RuleName
        A unique name for the rule.
        .PARAMETER MatchUrl
        A regular expression that specifies the URL match pattern.
        .PARAMETER RedirectUrl
        The URL in which to redirect on a match.
        .PARAMETER UseRewrite
        Use a Rewrite action instead of a Redirect. Defaults to $false.
        .PARAMETER StopProcessing
        Enable the StopProcessing flag. When the rule action is performed (i.e. the rule matched) and the StopProcessing flag is turned on,
        it means that no more subsequent rules will be processed and the request will be passed to the IIS request pipeline.
        Defaults to $true.
        Add-IISUrlRewriteRule -RuleName "Atlas4-Atlas-Redirect" -MatchUrl "^Atlas4(.*)" -RedirectUrl "/Atlas" -UseRewrite $false -StopProcessing $true -IISWebSite "Default Web Site"
        Rules are always appended to the list of existing rules, which are evaluated in order by IIS.
        Rules may be viewed from within the "URL Rewrite" feature within IIS Manager.
        Refer to the "URL Rewrite Module Configuration Reference" at
        for further details.

    Param (
        [string] $RuleName,
        [string] $MatchUrl,
        [string] $RedirectUrl,
        [bool] $UseRewrite = $false,
        [bool] $StopProcessing = $true,
        [string] $IISWebSite = "Default Web Site"
    Import-Module WebAdministration -Force
    $iisPath = "IIS:\Sites\$($IISWebSite)"
    $ruleFilter = "/system.webserver/rewrite/rules/rule[@name='$RuleName']"
    $rulesXPath = "/system.webserver/rewrite/rules"

    $exists = Get-WebConfigurationProperty -PSPath $iisPath -Filter $ruleFilter -Name *
    if ($exists) {
        Write-DosMessage -Level "Information" -Message "Removing existing URL Rewrite rule '$ruleFilter'."
        Clear-WebConfiguration -PSPath $iisPath -Filter $ruleFilter

    $actionType = "Redirect"
    if ($UseRewrite) {
        $actionType = "Rewrite"

    Write-DosMessage -Level "Information" -Message "Adding URL Rewrite rule '$RuleName'."
    Add-WebConfigurationProperty -PSPath $iisPath -Filter $rulesXPath -Name "." -value @{ name = $RuleName; patternSyntax = "ECMAScript"; stopProcessing = $StopProcessing }
    Set-WebConfigurationProperty -PSPath $iisPath -Filter "$ruleFilter" -Name "match" -value @{ url = $MatchUrl }
    Set-WebConfigurationProperty -PSPath $iisPath -Filter "$ruleFilter" -Name "action" -value @{ type = $actionType; url = $RedirectUrl; appendQueryString = "false"; }

    Asserts if an application install meets upgrade version and dependency version requirements.
    Returns true if application upgrade version is greater than the currently installed version and all dependencies meet SemVer requirements. Returns false otherwise.
.PARAMETER DiscoveryServiceUrl
    The parameter DiscoveryServiceUrl is used to define the Discovery Service URL.
.PARAMETER DependencyManifestPath
    The parameter DependencyManifestPath is used to define the location of the dependency manifest file for the service/app being installed.
    dependency.manifest example
        "$schema": "./InstallReadinessTool.schema.json",
        "manifestName": "Analytics Manifest",
        "operationMode": "validate",
        "readinessChecks": [
                "name": "Authorization Service Dependency",
                "checkType": "dependentService",
                "serviceName": "AuthorizationService",
                "serviceVersion": "1",
                "serviceBuildVersion": "^1.7"
                "name": "Identity Service Dependency",
                "checkType": "dependentService",
                "serviceName": "IdentityService",
                "serviceVersion": "1",
                "serviceBuildVersion": "^1.7"
.PARAMETER ServiceName
    The parameter ServiceName is used to define the service name to lookup in Discovery Service.
.PARAMETER ServiceVersion
    The parameter ServiceVersion is used to define the service version to lookup in Discovery Service.
.PARAMETER InstallBuildNumber
    The parameter InstallBuildNumber is used to define the installer build number.
    $vars = @{
        DiscoveryServiceUrl = "https://test/DiscoveryService/v1"
        DependencyManifestPath = "."
        ServiceName = "TestService"
        ServiceVersion = "1"
        InstallBuildNumber = "1.2.3"
    Assert-DosValidUpgrade @vars
    Assert-DosValidUpgrade -DiscoveryServiceUrl "https://test/DiscoveryService/v1" -DependencyManifestPath "." -ServiceName "TestService" -ServiceVersion "1" -InstallBuildNumber "1.2.3"

function Assert-DosValidUpgrade {
    param (
        [ValidateScript({Test-Path $_})]

    $currentDependencies = Get-CurrentDependencyList -Path $DependencyManifestPath

    $service = Get-DosService -DiscoveryServiceUrl $DiscoveryServiceUrl -ServiceName $ServiceName -ServiceVersion $ServiceVersion -Exists

    if ($service.Exists) {
        $currentBuildNumber = $service.BuildNumber
        if (!(Assert-BuildNumberGreater -CurrentBuildNumber $currentBuildNumber -InstallBuildNumber $InstallBuildNumber)) {
            Write-DosMessage -Level "Warning" -Message "Installer version of $($ServiceName) $($InstallBuildNumber) is not greater than current version $($currentBuildNumber)"
            return $false
    else {
        Write-DosMessage -Level "Warning" -Message "$($ServiceName) not found in Discovery Service. Assuming this is a new install and proceeding with dependency checks."

    $discoveryServiceEntries = Get-ServiceList -CurrentDependencies $currentDependencies.readinessChecks -DiscoveryServiceUrl $DiscoveryServiceUrl

    if (!(Assert-DependencySemVerRequirementsMet -ServiceName $ServiceName -DiscoveryServiceEntries $discoveryServiceEntries -CurrentDependencies $currentDependencies.readinessChecks)) {
        return $false

    return $true 

function Assert-BuildNumberGreater {
    param (

    Write-DosMessage -Level "Information" -Message "Checking if upgrade build number is greater than currently installed package"

    return ($InstallBuildNumber.split('.') -join '') -gt ($CurrentBuildNumber.split('.') -join '')

function Get-CurrentDependencyList {
    param (

    return Get-Content -Path $Path | ConvertFrom-Json

function Get-ServiceList {
    param (
    $discoveryResponses = @()
    foreach ($dependency in $CurrentDependencies) {
        $discoveryResponse = Get-DosService -DiscoveryServiceUrl $DiscoveryServiceUrl -ServiceName $dependency.serviceName -ServiceVersion $dependency.serviceVersion
        $discoveryResponses += $discoveryResponse
    return $discoveryResponses

function Confirm-DosConfiguration {
    param (
        [Parameter(Mandatory = $true)]
        [Hashtable] $config,
        [Parameter(Mandatory = $true)]
        [Hashtable] $checkList
    begin {
        $results = @();
        function Invoke-Check {
            param (
                [Parameter(Position = 0, Mandatory = $true)]
                [string] $name,
                [Parameter(Position = 1)]
                [object[]] $checkList
            $result = @();
            $splat = @{
                name  = $name
                type  = $config["_type_"][$name]
                value = $config[$name]
            switch -Wildcard ($checkList) {
                "isNotNull" { $result += Confirm-IsNotNull @splat }
                "isValidPath" { $result += Confirm-IsValidPath @splat }
                "isValidDir" { $result += Confirm-IsValidDir @splat }
                "isBoolean" { $result += Confirm-IsBoolean @splat }
                "isValidConnection" { $result += Confirm-IsValidConnection @splat }                
                "isValidEndpoint" { $result += Confirm-IsValidEndpoint @splat }
                "isValidValue=(*)" {
                    $list = $checkList.Split("'*',", [System.StringSplitOptions]::RemoveEmptyEntries)
                    [string[]]$list = $list[(1..($list.Length - 2))]
                    $splat.Add('validateSet', $list)
                    $result += Confirm-IsValidValue @splat

            return $result
    process {
        foreach ($item in $checkList.Keys) {
            if ($config.ContainsKey($item)) {
                $results += Invoke-Check $item $checkList[$item]
            else {
                Write-DosMessage -Level "Warning" -Message "Unable to find $item as a configuration. Please remove from checklist."
    end {
        $errors = $results | Where-Object errorFlag -eq 1
        $warnings = $results | Where-Object errorFlag -eq -1
        $success = $results | Where-Object errorFlag -eq 0

        $errorsCnt = ($errors | Measure-Object).Count
        $warningsCnt = ($warnings | Measure-Object).Count
        $successCnt = ($success | Measure-Object).Count

        if ($warnings) {
            $msg = ($warnings | Sort-Object type, name | Format-Table name, type, check, @{Label = "result"; Expression = {"warning"}}, message -Wrap)
            Write-DosMessage -Level "Warning" -Message "WARNINGS: $warningsCnt >>>`n$(($msg | Out-String).trim())"
        if ($errors) {
            if ($errors | Where-Object type -eq "store") {
                $msg = ($errors | Where-Object type -eq "store" | Sort-Object type, name | Format-Table name, type, check, @{Label = "result"; Expression = {"failed"}}, message -Wrap)
                $errorsCnt = ($errors | Where-Object type -eq "store" | Measure-Object).Count
            else {
                $msg = ($errors | Sort-Object type, name | Format-Table name, type, check, @{Label = "result"; Expression = {"failed"}}, message -Wrap)
            Write-DosMessage -Level "Fatal" -Message "ERRORS: $errorsCnt >>>`n$(($msg | Out-String).trim())"

        Write-DosMessage -Level "Information" -Message "Configuration checks summary - Success: $successCnt, Warnings: $warningsCnt, Errors: $errorsCnt"

    Checks if the credential provided is valid
    Checks that the provided credential (username/password pairing) is valid and returns you and object with the validity response ($returnObject.isValid) and the validated credential ($returnObject.credential).
    Note: If the isValid property of the return object is $false, the credential property will be invalid and should be handled accordingly.
    .PARAMETER Credential
    Credential object used to check if the username and password combination are correct
    .PARAMETER promptOnInvalid
    Switch - If provided and credential is invalid, will prompt for the correct password.
    $validationResponse = (Confirm-DosCredential -Credential $credential).isValid
    $returnedCredential = (Confirm-DosCredential -Credential $credential -PromptOnInvalid).credential

function Confirm-DosCredential {
        [PSCredential] $Credential,
        [switch] $PromptOnInvalid
    $iisUser = $Credential.UserName
    $isValid = Assert-DosCredential($Credential)
        if ($PromptOnInvalid) {
            Write-DosMessage -Level "Warning" -Message "Incorrect credentials for $iisUser"
            Write-DosMessage -Level "Verbose" -Message "PromptOnInvalid parameter provided. Please input appropriate credential information."
            $count = 0
            do {
                $Credential = Read-DosCredential -UserName $Credential.UserName
                $isValid = Assert-DosCredential($Credential)
                    Write-DosMessage -Level "Warning" -Message "Credential you provide is incorrect for user: $iisUser. Please try again."
            }until ($isValid -or ($count -ge 3))
            if (!$isValid) {
                Write-DosMessage -Level "Error" -Message "Maximum number of credential validation attempts reached for user: $iisUser"
                Write-DosMessage -Level "Verbose" -Message "Credential is invalid for $iisUser. Returning false."
        }else {
            Write-DosMessage -Level "Error" -Message "Incorrect credentials provided for user: $iisUser"
    $credentialValidationResult = @{ isValid = $isValid; credential = $Credential }

    return $credentialValidationResult

    Helper Function: Checks if the credential provided is valid
    Uses System.DirectoryServices.AccountManagement.ContextType to check that the credential provided is valid
    .PARAMETER Credential
    Credential object used to check if the username and password combination are correct
    Assert-DosCredential -Credential $credential

function Assert-DosCredential {
        [PSCredential] $Credential
    Write-DosMessage -Level "Information" -Message "Checking credential validity."

    $principalContext = "domain"
    $contextName = $Credential.GetNetworkCredential().Domain
    [System.Reflection.Assembly]::LoadWithPartialName("System.DirectoryServices.AccountManagement") | Out-Null
    $pc = New-Object System.DirectoryServices.AccountManagement.PrincipalContext($principalContext, $contextName)

    $isValid = $pc.ValidateCredentials($Credential.GetNetworkCredential().UserName, $Credential.GetNetworkCredential().Password, [System.DirectoryServices.AccountManagement.ContextOptions]::Negotiate)
    return $isValid

    Helper Function: Prompts for username and password for a credential object
    Prompts for username and password and returns a credential object
    .PARAMETER Credential
    Credential object used to check if the username and password combination are correct
    Prompt-DosCredential -UserName 'testaccount' -Password 'password'

function Read-DosCredential {
    param (
        [string] $UserName,
        [securestring] $UserPassword 

    if (!$UserName){
        $UserName = Read-Host "Enter the domain\username to use for the credential"
    if (!$UserPassword) {
        $UserPassword = Read-Host "Enter the password for $UserName" -AsSecureString

    Write-DosMessage -Level "Information" -Message "Creating credential from inputs provided."

    $Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $UserName, $UserPassword
    return $Credential

    Extracts the target zip file to the target directory.
    Either uses Expand-Archive in PS 5.0+ or [System.IO.Compression.ZipFile] and associated calls in PS 4.0
    .PARAMETER ArchiveFile
    Target zip file to extract
    .PARAMETER DestinationPath
    Destination directory to extract the zip file into.
    .PARAMETER OverWrite
    Forces overwriting existing files. If not specified and similar files already exists in the target directory, errors will be displayed for each file NOT overwritten
    Expand-DosArchive -ArchiveFile "" -DestinationPath "c:\inetpub\wwwroot\x" -OverWrite

function Expand-DosArchive{
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Error" -Message "ArchiveFile $_ does not exist. Please enter valid path."
            else {
        [string] $ArchiveFile,
        [string] $DestinationPath,
        [switch] $OverWrite

    Expand-Archive -Path $ArchiveFile -DestinationPath $DestinationPath -Force:$OverWrite.IsPresent
    Write-DosTelemetry -Message "Expand-DosArchive called."

    Obtains the path to the root of the install directory.
    Traverses up the path until it finds the root of the install directory. E.g. C:\install\DosInstaller2016_20.2.2019.11\DosInstaller2016

#replaces get-baseinstallerpath

function Get-DosBaseInstallerPath {
    $parentPath = Get-Location
    $installerPath = $parentPath
    $rootDrivePath = (Split-Path -Path $installerPath -Qualifier) + "\"

    do {
        if(Get-ChildItem $installerPath | Where-Object {$_.Name -eq "CatalystSetup.exe"})
        } else
            $installerPath = Split-Path -Path $installerPath -Parent
        if($installerPath -eq $rootDrivePath) {
            Write-DosMessage -Level "Error" -Message "Could not resolve the base path to the installer starting from $parentPath."
    until ($installerPath -eq $rootDrivePath) 

    return $installerPath

        Fixes default PowerShell url dispatch decoding
        PowerShell by default has a url parser setting which decodes a backslash before the request dispatch.
        This has caused problems when attempting to send web requests with urls that contain backslashes in them.
        This function fixes that issue and returns a url that can be passed to Invoke-WebRequest or Invoke-RestMethod.
    .PARAMETER url
        The URL string of a given web request.
        PS C:\> Get-DosCleanUri -url "http://localhost/DOMAIN\My User"
        This function was created by following a helpful article found on Stack Overflow
        Topic: "Percent-encoded slash (“/”) is decoded before the request dispatch"

function Get-DosCleanUri {
        [Parameter(Mandatory = $true,
            Position = 0)]
    try {
        $escapedUrl = Format-UriString -Url $url
        $escapedUrl.PathAndQuery | Out-Null
        $m_Flags = Get-MFlagsFieldDotNet
        [uint64]$flags = Get-MFlagsValue -Url $escapedUrl -mFlags $m_Flags
        Set-MFlagsValue -Url $escapedUrl -mFlags $m_Flags -Flags $flags
        Write-DosMessage -Level "Information" -Message "Url cleaned to prevent decoding on dispatch ($($escapedUrl.OriginalString))."
    catch {
        Write-DosMessage -Level "Error" -Message "An error occurred while attempting to clean the url ($($escapedUrl.OriginalString)). Exception: $($_.Exception)."

    return $escapedUrl

function Format-UriString {
    param (

    [Uri]$escapedUrl = [System.Uri]::EscapeUriString($Url)

    return $escapedUrl

function Get-MFlagsFieldDotNet {
    $m_Flags = [Uri].GetField("m_Flags", $([Reflection.BindingFlags]::Instance -bor [Reflection.BindingFlags]::NonPublic))
    return $m_Flags

function Get-MFlagsValue {
    param (
    [uint64]$flags = $mFlags.GetValue($Url)
    return $flags

function Set-MFlagsValue {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (
    $mFlags.SetValue($Url, $($Flags -bxor 0x30))

    Gets configuration values from a configuration store of a certain type and format.
    Given a user has a valid Configuration Store object, when the user asks for all values for a particular scope, values are returned in a hash table.
    If user provides an invalid Configuration Store object, warning messages will be displayed & logged, and Get-DosConfigValues will return $null.
    .PARAMETER ConfigStore
    Accepts a powershell hashtable or dictionary with key value pairs following the example, $configStore = @{Type = "File"; Format = "XML"; Path = "C:\Path\To\File"}.
    .PARAMETER Scope
    The configuration values you wish to return. Passing in an application specific scope will return values within the configuration that are contained in that application scope.
    Additionally, users can pass in a "common" scope to return values contained in the common scope.
    Get-DosConfigScopeValues -ConfigStore $configHashtable -Scope "common"
    Get-DosConfigScopeValues -ConfigStore $configHashtable -Scope "terminology"

function Get-DosConfigValues {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseSingularNouns", "", Justification="Values should be plural.")]
        [hashtable] $ConfigStore,
        [Alias("ConfigSection", "ConfigScope")]
        [string] $Scope

    $validConfigStore = Confirm-ConfigStore -ConfigStore $ConfigStore

    if (!$validConfigStore) {
        Write-DosMessage -Level "Warning" -Message "ConfigStore object is invalid. No configuration values will be returned."
        return $null

    Write-DosMessage -Level "Verbose" -Message "ConfigStore object is valid."

    $configValues = $null

    if ($ConfigStore.Type -eq "External") {
        Write-DosMessage -Level "Debug" -Message "Attempting to retrieve configuration values from external config store using external uri"
        $configValues = Get-ExternalConfigValues -ConfigStore $ConfigStore -Scope $Scope 

    if ($ConfigStore.Type -eq "File") {
        if ([string]::IsNullOrEmpty($Scope)) {
            Write-DosMessage -Level "Fatal" -Message "The required paramter 'Scope' was not provided. Please provide the required parameter and try agian."
        Write-DosMessage -Level "Debug" -Message "Retrieving '$Scope' scoped configuration values from '$($ConfigStore.Path)'"
        $configValues = Get-InstallationSettings -ConfigSection $Scope -InstallConfigPath $ConfigStore.Path

    Write-DosTelemetry -Message "Get-DosConfigValues called with the following parameters. Scope: $Scope. ConfigStore: $($ConfigStore | Out-String)"

    return $configValues

    Returns a service url from Discovery Service.
    Given a valid Discovery Service url and valid service name, Get-DosServiceUrl will return a service url string.
    If a valid service version is provided, Get-DosServiceUrl will reutrn the service url string for the specified version.
    If a valid credential is provided, Get-DosServiceUrl will query Discovery Service with the credential provided, else it will use the local powershell session user.
    .PARAMETER DiscoveryServiceUrl
    Accepts a valid (not null or empty) Discovery Service Url string.
    .PARAMETER ServiceName
    Accepts a valid (not null or empty) service name that will be used to query Discovery Service
    .PARAMETER ServiceVersion
    Accepts a valid (not null or empty) service name that will be used to query Discovery Service
    .PARAMETER Credential
    Accepts a valid (not null or empty) service name that will be used to query Discovery Service
    .PARAMETER Exists
    Switch - If provided, appends an 'Exists' property to the output object and does not write a fatal message if the ServiceName is not found.
    Get-DosService -DiscoveryServiceUrl "https://server/DiscoveryService/v1" -ServiceName "AnalyticsService" -ServiceVersion 1
    $credential = Get-Credential
    Get-DosService -DiscoveryServiceUrl "https://server/DiscoveryService/v1" -ServiceName "AnalyticsService" -ServiceVersion 1 -Credential $credential
    Get-DosService -DiscoveryServiceUrl "https://server/DiscoveryService/v1" -ServiceName "AnalyticsService" -ServiceVersion 1 -Exists

function Get-DosService {
    param (
        [Parameter(Mandatory = $true)]
        [string] $DiscoveryServiceUrl,
        [Parameter(Mandatory = $true)]
        [string] $ServiceName,
        [int] $ServiceVersion,
        [pscredential] $Credential,

    if ($ServiceVersion) {
        Write-DosMessage -Level "Verbose" -Message "Service Version provided. Request formed with specified version."
        $discoveryRequest = "$DiscoveryServiceUrl/Services(ServiceName='$ServiceName',Version=$ServiceVersion)"
    else {
        Write-DosMessage -Level "Verbose" -Message "Service Version was not provided. Request formed without specified version."
        $discoveryRequest = "$DiscoveryServiceUrl/Services?`$filter=ServiceName eq $ServiceName"
    $discoveryResponse = @{ }

    if ($null -ne $Credential) {
        try {
            Write-DosMessage -Level "Information" -Message "Attempting to retrieve Discovery Service object from Discovery Service at '$discoveryRequest' using '$($Credential.UserName)' credential."
            $discoveryResponse = Invoke-RestMethod -Method Get -Uri $discoveryRequest -Credential $Credential
            Write-DosMessage -Level "Information" -Message "Successfully retrieved Discovery Service object from Discovery Service."
        catch {
            $statusCode = $_.Exception.Response.StatusCode.value__
            if ($statusCode -eq "400" -and $Exists.IsPresent) {
                $discoveryResponse.Exists = $false
                return $discoveryResponse
            Write-DosMessage -Level "Fatal" -Message "Error retrieving service registration with '$($Credential.UserName)' for '$ServiceName'. Please confirm Discovery Service installation and/or credential permissions. Exception: $($_.Exception)."
    else {
        try {
            Write-DosMessage -Level "Information" -Message "Attempting to retrieve Discovery Service object from Discovery Service at '$discoveryRequest' using '$env:UserName' credential."
            $discoveryResponse = Invoke-RestMethod -Method Get -Uri $discoveryRequest -UseDefaultCredentials
            Write-DosMessage -Level "Information" -Message "Successfully retrieved Discovery Service object from Discovery Service."
        catch {
            $statusCode = $_.Exception.Response.StatusCode.value__
            if ($statusCode -eq "400" -and $Exists.IsPresent) {
                $discoveryResponse.Exists = $false
                return $discoveryResponse
            Write-DosMessage -Level "Fatal" -Message "Error retrieving service registration with '$($Credential.UserName)' for '$ServiceName'. Please confirm Discovery Service installation and/or credential permissions. Exception: $($_.Exception)."

    if ($Exists.IsPresent) {
        $discoveryResponse | Add-Member -NotePropertyName "Exists" -NotePropertyValue $true
    return $discoveryResponse

function Get-DosServiceUrl {
    param (
        [Parameter(Mandatory = $true)]
        [string] $DiscoveryServiceUrl,
        [Parameter(Mandatory = $true)]
        [string] $ServiceName,
        [Parameter(Mandatory = $true)]
        [int] $ServiceVersion,
        [pscredential] $Credential

    if ($Credential) {
        $discoveryResponse = Get-DosService -DiscoveryServiceUrl $DiscoveryServiceUrl -ServiceName $ServiceName -ServiceVersion $ServiceVersion -Credential $Credential
    else {
        $discoveryResponse = Get-DosService -DiscoveryServiceUrl $DiscoveryServiceUrl -ServiceName $ServiceName -ServiceVersion $ServiceVersion

    Write-DosMessage -Level "Verbose" -Message "Pulling 'ServiceUrl' from the Discovery Service response."
    $serviceUrl = Get-ServiceUrlString -DiscoveryServiceResponse $discoveryResponse

    Write-DosMessage -Level "Information" -Message "Checking if a value was returned for '$ServiceName version $ServiceVersion'."
    if ([string]::IsNullOrWhiteSpace($serviceUrl)) {
        Write-DosMessage -Level "Fatal" -Message "The service $ServiceName is not registered with the Discovery service. Make sure that '$ServiceName $ServiceVersion' is registered with Discovery Service. Exception: $($_.Exception)"

    Write-DosMessage -Level "Information" -Message "Returning url '$serviceUrl' for '$ServiceName' service."

    return $serviceUrl

function Get-ServiceUrlString {
    param (

    $serviceUrl = $DiscoveryServiceResponse.ServiceUrl

    return $serviceUrl

    Returns the physical root of the specified web site
    Uses the WebAdministration powershell module to locate the web site's physical root
    .PARAMETER WebSiteName
    Name of the IIS site - defaults to "Defautl Web Site"
    Get-IISWebSitePath -WebSiteName $IISWebSite

function Get-IISWebSitePath{
        [string] $WebSiteName = "Default Web Site"

    Import-Module WebAdministration


        [Microsoft.IIs.PowerShell.Framework.ConfigurationElement] $webSite = Get-Item "IIS:\Sites\$WebSiteName"
        return [System.Environment]::ExpandEnvironmentVariables($webSite.PhysicalPath)
        Write-DosMessage -Level Error -Message "Unable to get inforomation for $WebSiteName : error $($_.Exception)"

    Downloads the specified Uri using a WebRequest to the specified OutFile
    Wraps the PowerShell native Invoke-WebRequest and performs the request without the default progress bar behavior.
    Specifies the Uniform Resource Identifier (URI) of the Internet resource to which the web request is sent. Enter a URI.
    This parameter supports HTTP, HTTPS, FTP, and FILE values.
    This parameter is required.
    .PARAMETER OutFile
    Specifies the output file for which this cmdlet saves the response body. Enter a path and file name. If you omit the path,
    the default is the current location.
    .PARAMETER NoCache
    When supplied will provide the "Cache-Control" header set to "no-cache" to the underlying WebRequest.
    Download-WebRequest -Uri http://some.valid.uri/file -OutFile theFile.txt

function Get-WebRequestDownload {
        [string] $Uri,

        [string] $OutFile,

        [switch] $NoCache = $false

    $originalProgressPreference = $progressPreference
    try {
        $headers = @{}
        if ($NoCache) {
            $headers.Add("Cache-Control", "no-cache")
        $progressPreference = 'silentlyContinue'
        Invoke-WebRequest -Uri $Uri -Headers $headers -OutFile $OutFile -UseBasicParsing
    } finally {
        $progressPreference = $originalProgressPreference

Installs SSIS project
Ensures SSIS catalog and folder exist, and installs SSIS project from specified ISPAC
.PARAMETER ProjectName
Name to deploy project under
Path to ISPAC to deploy
.PARAMETER CatalogEncryptionKey
Key to use for encrypting catalog, if it must be created
.PARAMETER CatalogName
Name of SSIS catalog to contain project
Name of SSIS catalog folder to contain project
.PARAMETER ConnectionString
Connection string for connecting to SQL Server instance with Integration Services
None. You cannot pipe objects to Install-DosIspac.
PS> Install-DosIspac -ProjectName 'CatalystLoader' -IspacPath 'SetupContent/SSISLoader2016.ispac'

function Install-DosIspac {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSShouldProcess", "", Justification="Passing through the -WhatIf and -Confirm to the private functions - this is a supported scenario")]
        [parameter(Mandatory=$false)][string]$CatalogName = 'SSISDB',
        [parameter(Mandatory=$false)][string]$FolderName = 'Catalyst',
        [parameter(Mandatory=$false)][string]$ConnectionString = 'Data Source=localhost;Initial Catalog=EDWAdmin;Integrated Security=True')

    $integrationServices = Get-IntegrationServices -ConnectionString $ConnectionString

    Write-DosMessage -Level Debug -Message "Testing whether catalog $CatalogName exists"
    if ($integrationServices.Catalogs.Contains($CatalogName)) {
        Write-DosMessage -Level Information -Message "SSIS catalog already exists, skipping"
        $catalog = $integrationServices.Catalogs[$CatalogName]
    else {
        Write-DosMessage -Level Information -Message "SSIS catalog does not exist, creating"

        if ([string]::IsNullOrEmpty($CatalogEncryptionKey)) {
            Write-DosMessage -Level Error -Message "Please provide a catalog encryption key using the CatalogEncryptionKey parameter so that a new catalog can be created." -ErrorAction Stop

        $catalog = New-SsisCatalog -IntegrationServices $integrationServices -CatalogEncryptionKey $CatalogEncryptionKey -CatalogName $CatalogName -WhatIf:$PSBoundParameters.ContainsKey('WhatIf') -Confirm:$PSBoundParameters.ContainsKey('Confirm') 
        Write-DosMessage -Level Debug -Message "SSIS catalog created successfully"

    Write-DosMessage -Level Debug -Message "Testing whether folder $FolderName exists"
    if ($catalog.Folders.Contains($FolderName)) {
        Write-DosMessage -Level Information -Message "SSIS catalog folder already exists"
        $folder = $catalog.Folders[$FolderName]
    else {
        Write-DosMessage -Level Information -Message "SSIS catalog folder does not exist, creating"
        $folder = New-SsisFolder -SsisCatalog $catalog -FolderName $FolderName -WhatIf:$PSBoundParameters.ContainsKey('WhatIf') -Confirm:$PSBoundParameters.ContainsKey('Confirm')
        Write-DosMessage -Level Debug -Message "SSIS catalog folder created successfully"

    Write-DosMessage -Level Information -Message "Deploying SSIS project $ProjectName from $IspacPath"
    New-SsisProject -SsisFolder $folder -ProjectName $ProjectName -IspacPath $IspacPath -WhatIf:$PSBoundParameters.ContainsKey('WhatIf') -Confirm:$PSBoundParameters.ContainsKey('Confirm')
    Write-DosMessage -Level Debug -Message "SSIS project $ProjectName deployed successfully"

    If needed, Installs the correct version of Dot Net Core
    Checks for a specific version of Dot Net Core. If the version is not installed,download and install it.
    .PARAMETER version
    The string representation of the version. This should match the DisplayVersion for the object as installed in the windows registry.
    .PARAMETER downloadUrl
    The complete download URL for the exe installer that corresponds to the given version.
    Install-DotNetCoreIfNeeded -version "" -downloadUrl ""

function Install-DotNetCoreIfNeeded {
        [Parameter(Mandatory = $true)]
        [string] $version,

        [Parameter(Mandatory = $true)]
        [string] $downloadUrl,

        [string] $filePattern = "*.NET Core*Windows Server Hosting*" 

    if (Test-PrerequisiteExact $filePattern $version) {
        Write-DosMessage -Level "Information" -Message  ".NET Core Windows Server Hosting Bundle (v$version) installed and meets expectations."

    try {
        Write-DosMessage -Level "Information" -Message "Windows Server Hosting Bundle version $version not installed...installing version $version"        
        Get-WebRequestDownload -Uri $downloadUrl -OutFile $env:Temp\bundle.exe
        Start-Process $env:Temp\bundle.exe -Wait -ArgumentList '/quiet /install /norestart'
        net stop was /y
        net start w3svc
    catch {
        Write-DosMessage -Level "Fatal" -Message "Could not install .NET Windows Server Hosting bundle. Please install the hosting bundle before proceeding. $downloadUrl"
    if (Test-PrerequisiteExact $filePattern $version) {
        Write-DosMessage -Level "Information" -Message "Windows Server Hosting Bundle installed version $version"        
    else {
        Write-DosMessage -Level "Fatal" -Message "Error executing .NET Windows Server Hosting bundle. Please install the hosting bundle before proceeding. $downloadUrl"

    try {
        Remove-Item $env:Temp\bundle.exe
    catch {
        $e = $_.Exception
        Write-DosMessage -Level "Warning" -Message "Unable to remove temporary download file for server hosting bundle exe" 
        Write-DosMessage -Level "Warning" -Message  $e.Message


    Imports/Installs a module required to run this module/function
    Attempts to load a local module first - if the module isn't available it will attempt to download/install from PSGallery.
    .PARAMETER ModuleName
    Name of the module to install
    .PARAMETER Scope
    Scope used to install the module - default is CurrentUser
    Install-RequiredModule -ModuleName dbatools

function Install-RequiredModule{
        [string] $ModuleName,
        [string] $Scope = "CurrentUser",
        [version] $RequiredVersion

    Write-DosTelemetry -Message "Install-RequiredModule start"
    # Adding PSModule path becuse in some cases the path to user directory was not in the module system path
    $currentUserPSModulePath = "$home\Documents\WindowsPowerShell\Modules"
    $replaceCurrentUserModulePath = Add-ToPSModulePath -Path $currentUserPSModulePath

    #First scenario - required version of the module is already loaded
    $importedModule = Get-ModuleWorkAround -Name $ModuleName

    if($null -ne $importedModule){
        Write-DosMessage -Level "Information" -Message "Module '$ModuleName' already imported."
        if ($RequiredVersion) {
            Write-DosMessage -Level "Verbose" -Message "Checking if imported module '$ModuleName' matches required version '$RequiredVersion'."
            if ((Compare-ModuleVersion -ModuleToCompare $importedModule -RequiredVersion $RequiredVersion)) {
                Write-DosMessage -Level "Information" -Message "Confirming '$ModuleName' with version '$RequiredVersion' is loaded into session."
                if ($importedModule.Count -gt 1) {
                    Write-DosMessage -Level "Information" -Message "Multiple '$ModuleName' modules loaded in session. This should never happen?"
                    Remove-Module -Name $ModuleName
                    try {
                        Import-Module -Name $ModuleName -RequiredVersion $RequiredVersion -Global -ErrorAction Stop
                    catch [System.Management.Automation.RuntimeException]{
                        Write-DosMessage -Level "Warning" -Message "'$ModuleName' was previously loaded during this session. If you encounter weird issues with DosInstallUtilities, please restart PowerShell and resolve conflicts with '$ModuleName' imports." 
                    Write-DosMessage -Level "Information" -Message "Successfully imported '$ModuleName' with version '$RequiredVersion' into session."
                    Write-DosTelemetry -Message "Multiple modules found in session. Removed all and successfully imported '$ModuleName' with version '$RequiredVersion' into session."
                else {
                    Write-DosMessage -Level "Information" -Message "Using '$ModuleName' that is currently loaded in the session."
                    Write-DosTelemetry -Message "Using '$ModuleName' that is currently loaded in the session."

                # Removing user path from ps module to cover cases in it is not included in system path
                if ($replaceCurrentUserModulePath) {
                    Remove-FromPSModulePath -Path $currentUserPSModulePath
            else {
                Write-DosMessage -Level "Information" -Message "Removing '$ModuleName' that does not match required version '$RequiredVersion'."
                Remove-Module -Name $ModuleName
        else {
            # Removing user path from ps module to cover cases in it is not included in system path
            if ($replaceCurrentUserModulePath) {
                Remove-FromPSModulePath -Path $currentUserPSModulePath

    Write-DosMessage -Level "Information" -Message "Did not find module '$ModuleName' loaded in session."
    # Second scenario is required version of the module is installed on the system
    Write-DosMessage -Level "Information" -Message "Checking if module '$ModuleName' is already installed."
    $installedModule = Get-ModuleWorkAround -Name $ModuleName -ListAvailable
    if($null -ne $installedModule){
        Write-DosMessage -Level "Information" -Message "Module '$ModuleName' already installed."
        if ($RequiredVersion) {
            Write-DosMessage -Level "Verbose" -Message "Checking if installed module '$ModuleName' matches required version '$RequiredVersion'."
            if ((Compare-ModuleVersion -ModuleToCompare $installedModule -RequiredVersion $RequiredVersion)) {
                Write-DosMessage -Level "Information" -Message "Importing '$ModuleName' with version '$RequiredVersion'."
                try {
                    Import-Module -Name $ModuleName -RequiredVersion $RequiredVersion -Global -ErrorAction Stop
                catch [System.Management.Automation.RuntimeException]{
                    Write-DosMessage -Level "Warning" -Message "'$ModuleName' was previously loaded during this session. If you encounter weird issues with DosInstallUtilities, please restart PowerShell and resolve conflicts with '$ModuleName' imports." 
                Write-DosTelemetry -Message "'$ModuleName' found on the system and successfully imported with version '$RequiredVersion'"

                if ($replaceCurrentUserModulePath) {
                    Remove-FromPSModulePath -Path $currentUserPSModulePath
        else {
            Write-DosMessage -Level "Information" -Message "Module '$ModuleName' is installed on system, attempting to import."
            try {
                Import-Module -Name $ModuleName -Global -ErrorAction Stop
            catch [System.Management.Automation.RuntimeException]{
                Write-DosMessage -Level "Warning" -Message "'$ModuleName' was previously loaded during this session. If you encounter weird issues with DosInstallUtilities, please restart PowerShell and resolve conflicts with '$ModuleName' imports." 
            Write-DosTelemetry -Message "'$ModuleName' found on the system and successfully imported with version"

            if ($replaceCurrentUserModulePath) {
                Remove-FromPSModulePath -Path $currentUserPSModulePath

    Write-DosMessage -Level "Information" -Message "Did not find module '$ModuleName' installed on system."

    #third scenario is module is installed from diu\dependencies folder
    Write-DosMessage -Level "Information" -Message "Seeing if '$ModuleName' is in the DosInstallUtilities dependencies folder."
    $dependenciesFolder = "$($MyInvocation.MyCommand.Module.ModuleBase)\dependencies\"

    if(Test-Path -Path $dependenciesFolder){
        #dependencies folder exists, let's look through it.
        #the zip file should be named ( e.g. (where 1.0.115 is the version))
        $foundModuleZip = $false
        $zipFiles = get-childitem -path "$dependenciesFolder" -file -filter '*.zip'
        foreach($zipfile in $zipFiles){
            $moduleZipFileWithoutTheZip = $($'.zip','')
            $moduleZipName = $moduleZipFileWithoutTheZip.split("_")[0]
            $moduleZipVersion = $moduleZipFileWithoutTheZip.split("_")[1]
            if($moduleZipName -eq $ModuleName){
                #we found a zip file, now let's see if it is the right version.
                    #we are looking for an exact version, so let's check.
                    if($RequiredVersion -eq $moduleZipVersion){
                        #yep, this is the exact version.
                        $foundModuleZip = $true
                } else {
                    #we don't need an exact version, so we're good.
                    $foundModuleZip = $true
                    #we found the module we were looking for, let's save it off and break out of this foreach loop
                    $moduleZipFile = $zipfile.PSPath


            Write-DosMessage -Level 'Information' -Message "Found $moduleZipFile in $dependenciesFolder"
            #now, we want to go to the my documents folder
            $finalFolder = [Environment]::GetFolderPath("MyDocuments")
            $finalFolder = "$finalFolder\WindowsPowerShell\Modules\$moduleZipName\$moduleZipVersion"
            if($(Test-Path -Path $finalFolder) -and $(get-childitem $finalFolder -filter "$moduleZipName.psd1")){
                Write-DosMessage -Level 'Information' -Message "$ModuleName already exists in $finalFolder."
            } else {
                Write-DosMessage -Level 'Information' -Message "$ModuleName doesn't exist in $finalFolder. We will place it there."
                if(Test-Path -Path $finalFolder){
                    Write-DosMessage -Level 'Information' -Message "Removing directory $finalFolder"
                    Remove-item -force $finalFolder
                Write-DosMessage -Level 'Information' -Message "Creating directory $finalFolder"
                new-item $finalFolder -itemtype 'directory'
                Write-DosMessage -Level 'Information' -Message "Unzipping $moduleZipFile to $finalFolder"
                Expand-Archive -Path $moduleZipFile -DestinationPath $finalFolder -Force

            $modules = @( Get-ChildItem -Path "$finalFolder\*" -Include "$moduleZipName.psd1" -Recurse -ErrorAction SilentlyContinue )
            if ($modules) { 
                Write-DosMessage -Level 'Information' -Message "Importing $modules"
                Import-Module $modules -Force -Global 
            } else {
                Write-DosMessage -Level 'Fatal' -Message "Unable to import $ModuleName from $finalFolder when we expected to be able to do so."

    Write-DosMessage -Level 'Information' -Message "Did not find a zip file for $ModuleName in $dependenciesFolder."

    #fourth scenario is module is installed from PSGallery
    Write-DosMessage -Level "Information" -Message "Attempting to fetch '$ModuleName'."

    $desiredRepo = "PSGallery"
    $isTrusted = Get-RepositoryTrust -RepositoryName $desiredRepo

    if (!($isTrusted)) {
        Write-DosMessage -Level "Information" -Message "'$desiredRepo' is not trusted. Toggling trust to download '$ModuleName'"
        Set-RepositoryTrust -RepositoryName $desiredRepo -Trust

    #Error check here - also assume that PowerShellGet is loaded/available.
    try {
        if ($RequiredVersion) {
            Write-DosMessage -Level "Information" -Message "Module '$ModuleName' version '$RequiredVersion' being downloaded from PSGallery."
            Install-Module $ModuleName -RequiredVersion $RequiredVersion -Scope $scope
            Write-DosMessage -Level "Information" -Message "Successfully downloaded module '$ModuleName' with version '$RequiredVersion' from PSGallery."
            try {
                    Import-Module -Name $ModuleName -RequiredVersion $RequiredVersion -Global -ErrorAction Stop
                catch [System.Management.Automation.RuntimeException]{
                    Write-DosMessage -Level "Warning" -Message "'$ModuleName' was previously loaded during this session. If you encounter weird issues with DosInstallUtilities, please restart PowerShell and resolve conflicts with '$ModuleName' imports." 
            Write-DosMessage -Level "Information" -Message "Successfully imported module '$ModuleName' with version '$RequiredVersion' from PSGallery."
            Write-DosTelemetry -Message "Successfully imported module '$ModuleName' with version '$RequiredVersion' from PSGallery."
        else {
            Write-DosMessage -Level "Information" -Message "Module '$ModuleName' being downloaded from PSGallery."
            Install-Module $ModuleName -Scope $scope
            Write-DosMessage -Level "Information" -Message "Successfully downloaded module '$ModuleName' from PSGallery."
            try {
                Import-Module -Name $ModuleName -Global -ErrorAction Stop
            catch [System.Management.Automation.RuntimeException]{
                Write-DosMessage -Level "Warning" -Message "'$ModuleName' was previously loaded during this session. If you encounter weird issues with DosInstallUtilities, please restart PowerShell and resolve conflicts with '$ModuleName' imports." 
            Write-DosMessage -Level "Information" -Message "Successfully imported module '$ModuleName' from PSGallery."
            Write-DosTelemetry -Message "Successfully imported module '$ModuleName' from PSGallery."
    catch {
        Write-DosMessage -Level "Error" -Message "Error installing or importing '$ModuleName'. Exception: $($_.Exception)"
        if (!($isTrusted)) {
            Write-DosMessage -Level "Information" -Message "Returning '$desiredRepo' to an untrusted state."
            Set-RepositoryTrust -RepositoryName $desiredRepo

    if (!($isTrusted)) {
        Write-DosMessage -Level "Information" -Message "Returning '$desiredRepo' to an untrusted state."
        Set-RepositoryTrust -RepositoryName $desiredRepo

    if ($replaceCurrentUserModulePath) {
        Remove-FromPSModulePath -Path $currentUserPSModulePath

    Write-DosTelemetry -Message "Install-RequiredModule completed - successfully"

#Work around for pester issue:
function Get-ModuleWorkAround{
        [string] $Name,
        [switch] $ListAvailable

        return Get-Module -Name $Name -ListAvailable
    else {
        return Get-Module -Name $Name

function Get-RepositoryTrust {
    param (
        [string] $RepositoryName

    $repo = Get-PSRepository -Name $RepositoryName
    return $repo.Trusted

function Set-RepositoryTrust {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (
        [string] $RepositoryName,
        [switch] $Trust

    if ($Trust.IsPresent) {
        Set-PSRepository -Name $RepositoryName -InstallationPolicy Trusted
    else {
        Set-PSRepository -Name $RepositoryName -InstallationPolicy Untrusted

function Add-ToPSModulePath {
        [string] $Path

    if (!($env:PSModulePath.split(";") -contains $Path)){
        Write-DosMessage -Level "Information" -Message "Adding '$Path' to PSModulePath"
        $current = $env:PSModulePath
        [Environment]::SetEnvironmentVariable("PSModulePath",$current + ";" + $Path, "Machine")
        $env:PSModulePath = [System.Environment]::GetEnvironmentVariable("PSModulePath","Machine")
        return $true
        Write-DosMessage -Level "Information" -Message "'$Path' is already present in PSModulePath"
        return $false

function Remove-FromPSModulePath{
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
        [string] $Path
    if ($env:PSModulePath.split(";") -contains $Path){
        $newValue = (($env:PSModulePath).Split(";") | Where-Object { $_ -ne $Path }) -join ";"
        [Environment]::SetEnvironmentVariable("PSModulePath", $newValue, "Machine")
        $env:PSModulePath = [System.Environment]::GetEnvironmentVariable("PSModulePath","Machine")
        Write-DosMessage -Level "Information" -Message "$Path removed from PSModulePath." 
        Write-DosMessage -Level "Information" -Message "$Path is not present in $env:PSModulePath"

function Compare-ModuleVersion {
        [object] $ModuleToCompare,
        [version] $RequiredVersion

    $isMatch = $false

    foreach($module in $ModuleToCompare) {
        if ($module.Version.CompareTo($RequiredVersion) -eq 0) {
            Write-DosMessage -Level "Information" -Message "Found Module '$ModuleName' that meets the version requirements."
            $isMatch = $true

    if (!$isMatch) {
        Write-DosMessage -Level "Information" -Message "No module with version '$RequiredVersion' was found for module '$ModuleName'."

    return $isMatch

    Makes a web request to the $ServiceUrl that is passed in and returns the odata results.
    Makes a web request to the $ServiceUrl that is passed in and returns the odata results. If there are not results then it will return an empty object.
    .PARAMETER ServiceUrl
    [string] (Required) The URL to make a request to
    .PARAMETER AccessToken
    [string] (Required) The AccessToken from Identity needed for authentication
    .PARAMETER Headers
    [hashtable] (Optional) Headers to send with the request - by default the code will add: @{Accept = "application/json"; Authorization = "Bearer $AccessToken"} but those can be overwritten
    Note: It will only add the Authorization header if AccessToken is set
    .PARAMETER ContentType
    [string] (Optional) The ContentType of the Body being sent with the request (if a body is required) - by default the code will set it to "application/json" if it is not set
    [string] (Optional) The JSON body to send with Patch, Put, and Post requests - will fail if included with Get or Delete requests
    [switch] Sets GET as the method type
    One of the Get, Patch, Put, Post, or Delete switches MUST be present
    .PARAMETER Patch
    [switch] Sets PATCH as the method type
    One of the Get, Patch, Put, Post, or Delete switches MUST be present
    [switch] Sets PUT as the method type
    One of the Get, Patch, Put, Post, or Delete switches MUST be present
    [switch] Sets POST as the method type
    One of the Get, Patch, Put, Post, or Delete switches MUST be present
    .PARAMETER Delete
    [switch] Sets DELETE as the method type
    One of the Get, Patch, Put, Post, or Delete switches MUST be present
    Invoke-DosOdataRequest -ServiceUrl "https://mymachine.hqcatalyst.local/MetadataService2/v2/DataMarts" -AccessToken $token $Get
    Invoke-DosOdataRequest -ServiceUrl "https://mymachine.hqcatalyst.local/MetadataService2/v2/DataMarts" -AccessToken $token $Post -Body $jsonPayload

function Invoke-DosOdataRequest {
    param (
            if ($null -eq ($_ -as [System.URI]).AbsoluteURI) {
                throw """$_"" is not a valid url"
            return $true
        [string] $ServiceUrl,
        [string] $AccessToken,

        [hashtable] $Headers = @{},

        [string] $ContentType = "application/json",

        [switch] $UseDefaultCredentials,
        # The parameter set will require this parameter only when that same parameter set is on another parameter (Put, Patch, Post)
        # It will fail if it is included when not required (Get, Delete)
        [string] $Body,

        [switch] $Get,

        # Body is a required parameter for Patch
        [switch] $Patch,

        # Body is a required parameter for Put
        [switch] $Put,

        # Body is a required parameter for Post
        [switch] $Post,

        [switch] $Delete


    Write-DosMessage -Level "Debug" -Message "Checking for required headers"
    if (-Not $Headers.ContainsKey("Accept")) {
        Write-DosMessage -Level "Debug" -Message "Adding ""Accept"" header"
        $Headers.Add("Accept", "application/json")
    # Only add the header if AccessToken is not null or empty and the Headers doesn't already contain Authorization
    if (-Not $Headers.ContainsKey("Authorization") -and ![String]::IsNullOrEmpty($AccessToken)) {
        Write-DosMessage -Level "Debug" -Message "Adding ""Authorization"" header"
        $Headers.Add("Authorization", "Bearer $AccessToken")

    Write-DosMessage -Level "Debug" -Message "Checking that Content-Type is set"
    if ([String]::IsNullOrEmpty($ContentType)) {
        Write-DosMessage -Level "Debug" -Message "Setting Content-Type to ""application/json"""
        $ContentType = "application/json"

    Write-DosMessage -Level "Debug" -Message "Determining which request method was selected"
    if ($Get.IsPresent) {
        $method = "GET"
    elseif ($Post.IsPresent) {
        $method = "POST"
    elseif ($Put.IsPresent) {
        $method = "PUT"
    elseif ($Patch.IsPresent) {
        $method = "PATCH"
    elseif ($Delete.IsPresent) {
        $method = "DELETE"
    Write-DosMessage -Level "Information" -Message "Method selected is ""$method"""

    $output = @()
    $url = $ServiceUrl

    try {
        Write-DosMessage -Level "Information" -Message "Invoking ""$method"" request to ""$ServiceUrl"""
        $requestParameters = @{
            Method = $method
            URI = $url
            Headers = $Headers
            ContentType = $ContentType
            UseBasicParsing = $true #required until Powershell 6+

        if ($Body) {
            Write-DosMessage -Level "Debug" -Message "Testing if the body is already Json"
            # When we go to Powershell 7 there is a Test-Json method that can take the place of the next several lines of code
            try {
                ConvertFrom-Json $Body -ErrorAction Stop
                $validJson = $true
            catch {
                $validJson = $false

            if (-Not $validJson) {
                Write-DosMessage -Level "Debug" -Message "Attempting to convert the body to Json"
                $Body = $Body | ConvertTo-Json

            Write-DosMessage -Level "Debug" -Message "Request body is ""$Body"""
            $requestParameters.Add("Body", $Body)

            $requestParameters.Add("UseDefaultCredentials", $true)

        do {
            $response = Invoke-RestMethod @requestParameters

            if ($response.PSOjbect.Properties.Name -contains "value") { 
                $output += $response.value 
            else {
                $output += $response

            $url = $response.'@odata.nextLink';
        while ($url);
    catch [System.Net.WebException] {
        Write-DosMessage -Level "Warning" -Message "A non 200 response was returned from ""$url"". This may be expected.`nRequest: $url`nStatus Code: $($_.Exception.Response.StatusCode.value__)`nMessage: $($_.Exception.Response.StatusDescription)"
        throw $_ # Rethrow error for downstream catching if desired
    catch {
        Write-DosMessage -Level "Fatal" -Message "An error was encountered while making the web request. Exception: $($_.Exception)"

    return $output

function Invoke-DosPingServices {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseSingularNouns", "", Justification="Values should be plural.")]
    param (
        [Parameter(Mandatory = $true)]
        [string] $DiscoveryServiceUrl,
        [string] $AccessToken,
        [Parameter(Mandatory = $true)]
        [hashtable[]] $Services
    begin {
        Write-DosMessage -Level "Information" -Message "PING DISCOVERYSERVICE" -HeaderType H2
        Invoke-DosPingService -ServiceName "DiscoveryService" -Uri "$(Remove-VersionFromLocalPath $DiscoveryServiceUrl)/ping" -Headers @{"Accept" = "application/json" } -UseDefaultCredentials -ErrorLevel Fatal
    process {
        foreach ($Service in $Services) {
            try {
                Write-DosMessage -Level "Information" -Message "PING $($Service.Name.ToUpper())" -HeaderType H2
                $Headers = @{"Accept" = "application/json" }
                if ($Service.RequireAuthToken) {
                    if ($AccessToken) {
                        $Headers.Add("Authorization", "Bearer $AccessToken")
                    else {
                        Write-DosMessage -Level "Fatal" -Message "$($Service.Name) ping header did not provide the required AccessToken"
                    $UriRoot = Remove-VersionFromLocalPath (Get-DosServiceUrl -DiscoveryServiceUrl $DiscoveryServiceUrl -ServiceName $Service.Name -ServiceVersion $Service.Version)
                    #removing trailing slashes, if there are any
                    if ($UriRoot.EndsWith("/")){
                        $UriRoot = $UriRoot.substring(0,$UriRoot.Length-1)
                    $Uri = "$($UriRoot)/$($Service.PingEndpoint)"
                } else {
                    $Uri = $Service.AbsoluteEndpoint
                Write-DosMessage -Level "Information" -Message "Appended ping endpoint to root url --> $Uri"
                $invokePingServiceParams = @{
                    ServiceName           = $Service.Name
                    Uri                   = $Uri
                    Headers               = $Headers
                    ErrorLevel            = $Service.ErrorLevel
                    UseDefaultCredentials = if ($Service.UseDefaultCredentials) { $true } else { $false }
                Invoke-DosPingService @invokePingServiceParams
            catch {
                Write-DosMessage -Level $Service.ErrorLevel -Message "There was an error pinging the service `"$($Service.Name)`". This installation is configured to return a `"$($Service.ErrorLevel.ToUpper())`" message if this occurs."
                if ($Service.ErrorLevel -eq "Fatal") {
                    Write-DosMessage -Level $Service.ErrorLevel -Message "Please check and fix the service `"$($Service.Name)`" before trying this installation again."

function Invoke-DosPingService {
    param (
        [Parameter(Mandatory = $true)]
        [string] $ServiceName,
        [Parameter(Mandatory = $true)]
        [string] $Uri,
        [Parameter(Mandatory = $true)]
        [hashtable] $Headers,
        [string] $Method = "Get",
        [switch] $UseDefaultCredentials,
        [ValidateSet("Error", "Fatal", "Warning")]
        [string] $ErrorLevel = "Error",
        [int] $RetryAttempts = 5,
        [int] $RetrySleepSeconds = 3
    $counter = 0
    $success = $false
    try {
        Write-DosMessage -Level "Information" -Message "Pinging $($ServiceName)...$($Uri)"
        $webRequestParams = @{
            Method  = $Method
            Uri     = $Uri
            Headers = $Headers
        if ($UseDefaultCredentials) {
            $webRequestParams.Add("UseDefaultCredentials", $UseDefaultCredentials)
        while (!$success -and $counter -lt $RetryAttempts) {
            try {
                $response = Invoke-WebRequest @webRequestParams -UseBasicParsing
                Write-DosMessage -Level "Information" -Message "$($ServiceName) ping successful! $($response.StatusCode) ($($response.StatusDescription))"
                $success = $true
            catch {
                Write-DosMessage -Level "Warning" -Message "There was an error pinging the service `"$($ServiceName)`"."
                Write-DosMessage -Level "Information" -Message "Retrying ping - attempt $($counter) of $($RetryAttempts) ..."
                Start-Sleep -Seconds $RetrySleepSeconds
        if (!$success) { throw }
    catch {
        Write-DosMessage -Level $ErrorLevel -Message "There was an error pinging the service `"$($ServiceName)`". This installation is configured to return a `"$($ErrorLevel.ToUpper())`" message if this occurs."
        if ($ErrorLevel -eq "Fatal") {
            Write-DosMessage -Level $ErrorLevel -Message "Please check and fix the service `"$($ServiceName)`" before trying this installation again."

    Reads in json manifest files and invokes the appropriate readiness checks based of the supported check types.
    .PARAMETER ManifestPath
    Accepts an array of valid paths to json manifest files.
    .PARAMETER ResourceToCheck
    Accepts a string of either "dbServer", or "webServer". The environment that the readiness checks will run against.
    Invoke-DosPrerequisiteChecks -ManifestPath @("C:/Exampe/Path/Manifest.json", "C:/Another/Example/Manifest.json") -ResourceToCheck "dbServer" -PathToLogRoot "C:\install"

function Invoke-DosPrerequisiteChecks {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseSingularNouns", "", Justification="Values should be plural.")]
            foreach ($path in $_) {
                if (!(Test-Path $path)) {
                    throw "ManfiestPath $path does not exist. Please enter valid path."
                else {
        [string[]] $ManifestPath,
        [ValidateSet("dbServer", "webServer")]
        [string] $ResourceToCheck,
            foreach ($path in 0) {
                if (!(Test-Path $path)) {
                    throw "PathToLogRoot '$path' does not exist. Please enter valid path."
                else {
        [string] $PathToLogRoot = "C:\install\"

    $fileDate = (Get-Date).tostring("dd-MM-yyyy-hh-mm-ss")
    $logFile =  "InstallReadinessTool_" + $fileDate + ".log"
    $logPath = $PathToLogRoot + $logFile
    try {
        New-Item -ItemType File -Path $PathToLogRoot -Name $logFile -Force -ErrorAction Stop | Out-Null
    catch {
        throw "Error creating file, '$logPath'. Exception: $_"
    Write-Output "Log file generated in '$PathToLogRoot'"

    # Potentially Loop for the manifests provided
    foreach ($manifest in $ManifestPath) {
        # Get-Content json manfiests
        $manifestData = Get-Content -Raw -Path "$manifest" | ConvertFrom-Json

        # Powershell Checktype
        $powershellData = $manifestData.readinessChecks | Where-Object { $_.checkType -eq "powershellVersion" -and $_.resourceToCheck -contains "$ResourceToCheck" }
        $psVersionCheckResult = Invoke-PowershellVersionCheck -Data $powershellData *>&1
        Write-VariableToConsoleAndFile -VariableToParse $psVersionCheckResult -Log $logPath

        # Os Version Checktype
        $allowedOSVersions = @("Server 2012 R2", "Server 2016", "Windows 10")
        $osVersionCheckResult = Invoke-OsVersionCheck -AllowedVersions $allowedOSVersions *>&1
        Write-VariableToConsoleAndFile -VariableToParse $osVersionCheckResult -Log $logPath

        # Dependent Software Checktype
        $dependentSoftwareData = $manifestData.readinessChecks | Where-Object { $_.checkType -eq "dependentSoftware" -and $_.resourceToCheck -contains "$ResourceToCheck" }
        $dependentSoftwareCheckResult = Invoke-DependentSoftwareCheck -Data $dependentSoftwareData *>&1
        Write-VariableToConsoleAndFile -VariableToParse $dependentSoftwareCheckResult -Log $logPath

        # Windows Feature Checktype
        $windowsFeatureData = $manifestData.readinessChecks | Where-Object { $_.checkType -eq "windowsFeature" -and $_.resourceToCheck -contains "$ResourceToCheck" }
        $windowsFeatureCheckResult = Invoke-WindowsFeatureCheck -Data $windowsFeatureData *>&1
        Write-VariableToConsoleAndFile -VariableToParse $windowsFeatureCheckResult -Log $logPath

function Write-VariableToConsoleAndFile {
    param (
        [object[]] $VariableToParse,
        [string] $Log
    ForEach ($line in $($VariableToParse -split "`r`n"))
        if ($line -like '*`[+`]*') {
            Write-Host $line -Foregroundcolor Green
            $line | Out-File -FilePath $Log -Append
        } elseif ($line -like '*`[-`]*') {
            Write-Host $line -Foregroundcolor Red 
            $line | Out-File -FilePath $Log  -Append
        } else {
            Write-Host $line 
            $line | Out-File -FilePath $Log -Append

Executes a query
Executes TSQL against a SQL Server
.PARAMETER SqlConnection
The sql connection to use to execute the query
.PARAMETER ConnectionString
The connection string used to create a new connection.
.PARAMETER InstanceName
Instance name for use in creating an AdHoc connection
.PARAMETER DatabaseName
Database name for use in creating an AdHoc connection
.PARAMETER Credentail
An optional PsCredential object if using sql auth
TSQL to execute
.PARAMETER Parameters
A hashtable of parameters to build a parameterized query
Return results as DataSet, DataTable, or array or DataRows
Executes the query as ExecuteNonQuery()
This will allow you to run the query and then suppress the results output
[System.Data.DataSet], [System.Data.DataTable], [System.Data.DataRow[]]
PSn Invoke-DosSqlQuery ...

function Invoke-DosSqlQuery {
        [parameter(Mandatory=$false)][ValidateSet("DataSet", "DataTable", "Array")][string]$AsResult='Array',

    <# This function is going to be splatted on by other functions $PSBoundParametes as they share
    common parameter sets for connectivity. Non defined parameters lands in $Arguments which
    dont care about nor do we want to pass that only New-SqlConnection. Remove $Arguments from our
    $PSBoundParameters #>

    $PSBoundParameters.Remove('Arguments') | Out-Null
    $PSBoundParameters.Remove('ErrorAction') | Out-Null

        $SqlConnection = New-DosSqlConnection @PSBoundParameters -ErrorAction Stop

    $Cmd = New-Object System.Data.SqlClient.SqlCommand($Query,$SqlConnection)

    if($null -ne $Parameters){
        foreach($key in $Parameters.Keys){
            $cmd.Parameters.AddWithValue($Key,$Parameters[$Key]) | Out-Null

        if ($pscmdlet.ShouldProcess($Query, "Executing non SQL query")){
            Invoke-ExecuteNonQuery -cmd $cmd
        if ($pscmdlet.ShouldProcess($Query, "Executing SQL Query")){
            $results = Invoke-Fill -cmd $cmd -AsResult $AsResult

        if ($pscmdlet.ShouldProcess($ConnectionString, "Closing SQL connection")){
            Invoke-CloseAndDispose -SqlConnection $SqlConnection

    if($NonQuery -eq $false){
        return $results

function Invoke-CloseAndDispose{
    $SqlConnection.Close() | Out-Null
    $SqlConnection.Dispose() | Out-Null

function Invoke-ExecuteNonQuery{
    $cmd.ExecuteNonQuery() | Out-Null

function Invoke-Fill{

    $ds=New-Object system.Data.DataSet
    $da=New-Object system.Data.SqlClient.SqlDataAdapter($cmd)
    $da.Fill($ds) | Out-Null
            $results = $ds
            $results = $ds.Tables[0]
            $results = @()
            $results += $ds.Tables[0].Rows
    return $results


    Merges hashtables together
    When working with DOS configuration values that come from varying places (some common examples may be a config store, pipeline, or static) it is
    nice to be able to merge these configurations into a single $config hashtable.
    Merge-DosHashtable combines all key values pairs creating a single hashtable. This method when used in conjunction with Push-DosConfigType keeps
    a merged "_type_" attribute. See Push-DosConfigType for more information about this.
    Name Value
    ---- -----
    clientName Health Catalyst
    _type_ {clientName}
    Name Value
    ---- -----
    ServiceName Test Service
    _type_ {ServiceName}
    Name Value
    ---- -----
    clientName Health Catalyst
    ServiceName Test Service
    _type_ {clientName, ServiceName}
    $storeConfig = @{ clientName = 'Health Catalyst' } | Push-DosConfigType "store"
    $staticConfig = @{ ServiceName = 'Test Service' } | Push-DosConfigType "static"
    $config = $storeConfig, $staticConfig | Merge-DosHashtable

function Merge-DosHashtable {
    param (
    $output = @{}
    $subHash = @{}
    foreach ($hash in $input) {
        if ($hash -is [Hashtable]) {
            foreach ($key in $hash.Keys) {
                if ($key -ne "_type_") {
                    $output.$key = $hash.$key
                else {
                    foreach ($subKey in $hash[$key].Keys) {
                        $subHash.$subKey = $hash[$key].$subKey
    $output.Add("_type_", $subHash)
    return $output

    Creates a new ConfigStore
    Attempts to create a new config store
    .PARAMETER configStore
    The configstore hashtable that will be created
    $configStore - the $configStore hashtable is returned
    New-DosConfigStore -configStore @{Type = "File"; Format = "XML"; Path = "$PSScriptRoot\nonexistent\nonexistent.config"}
    New-DosConfigStore -configStore $configStore

function New-DosConfigStore {
    [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')]
        [hashtable] $configStore
    Write-DosTelemetry -Message "$($MyInvocation.MyCommand.Name) called."

    if($configStore.Type -eq "File" -and $configStore.Format -eq "XML"){
        return New-DosConfigStoreXml -configStore $configStore
    } else {
        Write-DosMessage -Level 'Fatal' -Message "New-DosConfigStore not implemented yet for type: $($configStore.Type), format: $($configStore.Format)"
        return $null


    NON PUBLIC - creates the xml file for the XML/File config store
    creates the xml file for the XML/File config store
    .PARAMETER configStore
    The xml object that represents the install.config
    New-DosConfigStoreXml -configStore $configStore
    General notes

function New-DosConfigStoreXml {
    [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')]
        [hashtable] $configStore

    if(Test-Path -Path $configStore.Path){
        Write-DosMessage -Level Warning -Message "$($configStore.Path) already exists. No config store created"
    } else {
        $folder = split-path -path $configStore.Path
        if(-not(Test-Path -Path $folder)){
            Write-DosMessage -Level Information -Message "Creating $folder."
            if($PSCmdlet.ShouldProcess("Create $folder")){
                New-Item -ItemType directory -Path $folder | Out-Null
        if(-not(Test-Path -Path $configStore.Path)){
            Write-DosMessage -Level Information -Message "Creating $($configStore.Path) with template settings."
            $installationConfigTemplate = "<installation>`n`t<settings>`n`t</settings>`n</installation>"
            if($PSCmdlet.ShouldProcess("Create $($configStore.Path))")){
                New-Item -Path $configStore.Path -ItemType "file" -Value $installationConfigTemplate -Force | Out-Null

    return $configStore

function New-DosDacPacPublishFile {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (
        [Parameter(Mandatory = $true)]
        [string] $publishProfilePath,
        [Parameter(Mandatory = $true)]
        [hashtable] $publishProfileValues
    begin {
        Write-DosMessage -Level "Information" -Message "Creating Dacpac Publish Profile $publishProfilePath"
        [xml]$publishProfileXml = @'
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="15.0" xmlns="">

    process {
        try {
            Add-PublishDacPacFile -publishProfileXml $publishProfileXml -publishProfileValues $publishProfileValues -publishProfilePath $publishProfilePath
            Write-DosMessage -Level "Information" -Message "Saving changes to file $publishProfilePath"
        catch {
            $ErrorMessage = $_.Exception.Message
            Write-DosMessage -Level "Fatal" -Message $ErrorMessage    

function Add-PublishDacPacFile {
    param (
        [xml] $publishProfileXml,
        [hashtable] $publishProfileValues,
        [string] $publishProfilePath
    $project = $publishProfileXml.Project            
    $itemGroup = $publishProfileXml.CreateElement("ItemGroup", $project.xmlns)
    foreach ($publishProfileValue in $publishProfileValues.GetEnumerator()) {        
        $sqlCmdVariable = $publishProfileXml.CreateElement("SqlCmdVariable", $project.xmlns)
        $include = $publishProfileXml.CreateAttribute("Include")        
        $include.Value = $publishProfileValue.Name
        $value = $publishProfileXml.CreateElement("Value", $project.xmlns)
        $value.InnerText = $publishProfileValue.Value
        $sqlCmdVariable.AppendChild($value) | Out-Null
        $sqlCmdVariable.Attributes.Append($include) | Out-Null
        $itemGroup.AppendChild($sqlCmdVariable) | Out-Null
        Write-DosMessage -Level "Information" -Message "Added $($publishProfileValue.Name) -> $($publishProfileValue.Value)"
    $project.AppendChild($itemGroup) | Out-Null

Creates a SQL connection
Creates and returns an ***open*** SQL connection.
.PARAMETER InstanceName
The full <ComputerName>/<NamedInstance> instance name of SQL server
.PARAMETER DatabaseName
The database name to connect too
.PARAMETER Credential
A credential containing the SQL auth user and password
.PARAMETER ConnectionString
A SQL connection string to build the connection from
PS> New-DosSqlConnection ...

function New-DosSqlConnection {


            $ConnectionString = "Server={0};Database={1};User ID={2};Password={3};Pooling=false" -f $InstanceName, $DatabaseName, $Credential.UserName, $Credential.GetNetworkCredential().Password
            $ConnectionString = "Server={0};Database={1};Integrated Security=True" -f $InstanceName, $DatabaseName

        if ($pscmdlet.ShouldProcess($ConnectionString, "Creating SQL connection")){
            $connection = New-Object Data.SqlClient.SqlConnection $ConnectionString
        Write-DosMessage -Level 'Fatal' -Message "$_.Exception.Message"

    return $connection

Creates SQL login
Creates an instance level SQL login
.PARAMETER InstanceName
Full instance name of SQL server
.PARAMETER ConnectionString
Connection string to a SQL instnace
.PARAMETER SqlConnection
SQL connection to target SQL Server
The full name of the login to create
.PARAMETER AuthenticationType
Windows or SQL
.PARAMETER Credential
The cred (user/pass) to set for the new login
A switch to only create if login does not exist
PS> New-DosSqlLogin -ConnectionString $connectionString -LoginName 'domain\username' -IfNotExists
Replaces New-SqlLogin

function New-DosSqlLogin {
        [parameter(Mandatory=$false)][ValidateSet("Windows", "SQL")][string]$AuthType='Windows',

    if($AuthType -eq 'SQL' -and $null -eq $Credential){
        throw [System.Management.Automation.ParameterBindingException] "Credential must be provided when using an AuthType of SQL"
    elseif($AuthType -eq 'Windows' -and $null -ne $Credential){
        throw [System.Management.Automation.ParameterBindingException] "Credential cannot be provided when using an AuthType of Windows"
    $query = ""
        $query += "IF NOT EXISTS (SELECT * FROM [sys].[server_principals] WHERE name = '$LoginName')`n"

            $query += "CREATE LOGIN [$LoginName] FROM WINDOWS WITH DEFAULT_DATABASE=[master]"
            $query += "CREATE LOGIN [$LoginName] WITH PASSWORD=N'$($Credential.GetNetworkCredential().Password.Replace("'","''"))', DEFAULT_DATABASE=[master], CHECK_EXPIRATION=ON, CHECK_POLICY=ON"


    $PSBoundParameters.Remove('ErrorAction') | Out-Null
    if($PSCmdlet.ShouldProcess($Query,"Creating login: $LoginName")){
        Invoke-DosSqlQuery @PSBoundParameters -Query $query -NonQuery | Out-Null

Creates SQL database user
Creates an SQL database user in a given database
.PARAMETER InstanceName
Full instance name of SQL server
.PARAMETER ConnectionString
Connection string to a SQL instnace
.PARAMETER SqlConnection
SQL connection to target SQL Server
.PARAMETER DatabaseName
Database name in which to create the user
The full name of the user to create
A switch to only create if user does not exist
PS> New-DosSqlUser -ConnectionString $connectionString -UserName 'domain\username' -IfNotExists
Replaces New-SqlUser

function New-DosSqlUser {

    $query = ""
        $query += "IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name = N'$UserName')`n"

    $query += "CREATE USER [$UserName] FOR LOGIN [$UserName] WITH DEFAULT_SCHEMA=[dbo]"

    $PSBoundParameters.Remove('ErrorAction') | Out-Null
    if($PSCmdlet.ShouldProcess($Query,"Creating user: $UserName")){
        Invoke-DosSqlQuery @PSBoundParameters -Query $query -NonQuery | Out-Null

    Publishes the target DOS dac file to the specified database with the specified options
    Uses Microsoft.SqlServer.Dac.DacServices to install DAC file to specified server.
    .PARAMETER DacPacFilePath
    File path to dacpac file to publish to server
    .PARAMETER TargetSqlInstance
    Sql server connection string supports specifiying non-default sql instance and port if needed
    .PARAMETER TargetDb
    Target database to publish dac pac to.
    .PARAMETER PublishOptionsFilePath
    Path to publish options file - Required - See tests/SampleFiles/DefaultDacDeployOptions.xml for an example
    .PARAMETER ForceMountPointCreation
    Will attempt to create the mount points specified in PublishOptionsFilePath if the folders don't exist. If the specified on an upgrade, a warning will be displayed stating that mount points will be whatever the current DB has set.
    Publish-DosDacPac -DacPacFilePath ".\test.dac" -TargetSqlInstance "localhost" -TargetDb "EDWAdmin" -PublishOptionsFilePath ".\test.publish.xml"
    Publish-DosDacPac -DacPacFilePath ".\test.dac" -TargetSqlInstance "localhost,1433\MSSQLServer" -TargetDb "EDWAdmin" -PublishOptionsFilePath ".\test.publish.xml"

function Publish-DosDacPac {
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Error" -Message "DacPacFilePath $_ does not exist. Please enter valid path." -ErrorAction Stop
            else {
        [string] $DacPacFilePath,
        [string] $TargetSqlInstance,
        [string] $TargetDb,
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Error" -Message "PublishOptionsFilePath $_ does not exist. Please enter valid path." -ErrorAction Stop
            else {
        [string] $PublishOptionsFilePath,
        [switch] $ForceMountPointCreation,
        [string] $MountPointComputerName = $TargetSqlInstance
    Write-DosMessage -Level "Information" -Message "Publish-DosDacPac start"
    Write-DosMessage -Level "Information" -Message "Publishing '$DacPacFilePath' to '$TargetDb'"
    $dbatoolsVersion = New-Object -TypeName System.Version -ArgumentList "1.0.115"

    Write-DosMessage -Level "Information" -Message "Attempting to install dbatools with a version of '$dbatoolsVersion'"
    Write-DosMessage -Level "Information" -Message "Checking for required modules: dbatools '$dbatoolsVersion'"
    Install-RequiredModule -ModuleName dbatools -RequiredVersion $dbatoolsVersion
    Write-DosMessage -Level "Information" -Message "Successfully installed dbatools."

    $previousDataBase = Get-DbaDatabase -SqlInstance $TargetSqlInstance -Database $TargetDb

    $previousRecoveryModel = $null
    [string] $previousDbOwner = $null
    if($null -ne $previousDataBase){
        Write-DosMessage -Level "Information" -Message "Found existing DB $TargetDb on $TargetSqlInstance, will ensure that previous owner and recovery model are preserved across update"
        $previousDbOwner = $previousDataBase.Owner
        $previousRecoveryModel = $previousDataBase.RecoveryModel

            Write-DosMessage -Level "Warning" -Message "Previous database already installed, existing mount points will be used"

        [xml] $parsedPublishOptions = [xml] (Get-Content $PublishOptionsFilePath -ErrorAction Stop)

        $sqlCmdVariable = $parsedPublishOptions.Project.ItemGroup.SqlCmdVariable
        try {
            Write-DosMessage -Level "Information" -Message "Beginning attempt to create database mount points"

            $dataMountPoints = $sqlCmdVariable | Where-Object {$_.Include -like "*Data*MountPoint" -or $_.Include -like "PrimaryMountPoint"}

            if($null -eq $dataMountPoints) {
                Write-DosMessage -Level "Error" -Message "Missing data mount point in $PublishOptionsFilePath"

            foreach($dataMountPoint in $dataMountPoints) {
                Write-DosMessage -Level "Information" -Message "Beginning attempt to create mount point $dataMountPoint"
                Add-MountPoint -Path $dataMountPoint.Value -CreateIfForced $ForceMountPointCreation.IsPresent -MountPointComputerName $MountPointComputerName

            foreach($logMountPoint in $sqlCmdVariable | Where-Object {$_.Include -like "*Log*MountPoint"}) {
                Write-DosMessage -Level "Information" -Message "Beginning attempt to create mount point $logMountPoint"
                Add-MountPoint -Path $logMountPoint.Value -CreateIfForced $ForceMountPointCreation.IsPresent -MountPointComputerName $MountPointComputerName
            foreach($indexMountPoint in $sqlCmdVariable | Where-Object {$_.Include -like "*Index*MountPoint"}) {
                Write-DosMessage -Level "Information" -Message "Beginning attempt to create mount point $indexMountPoint"
                Add-MountPoint -Path $indexMountPoint.Value -CreateIfForced $ForceMountPointCreation.IsPresent -MountPointComputerName $MountPointComputerName
            Write-DosMessage -Level "Information" -Message "Finished attempt to create database mount points - Success"
        catch {
            Write-DosMessage -Level "Fatal" -Message "Error occured while attempting to confirm '$TargetDb' mount points. Validate the connection capabilites of '$MountPointComputerName'. Exception: $($_.Exception)"
            Write-DosMessage -Level "Information" -Message "Finished attempt to create database mount points - Failure"

    try {
        Write-DosMessage -Level Information -Message "Beginning Dacpac deployment"

        $dacpacReport = Publish-DbaDacPackage -SqlInstance $TargetSqlInstance -Database $TargetDb -Path $DacPacFilePath -PublishXml $PublishOptionsFilePath -EnableException
        Write-DosMessage -Level Information -Message "$dacpacReport"
        Write-DosMessage -Level Information -Message "Finished Dacpac deployment"
        $currentDatabase = Get-DbaDatabase -SqlInstance $TargetSqlInstance -Database $TargetDb

        if($null -ne $previousDataBase){
            Write-DosMessage -Level Information -Message "Checking that Recovery Model and DbOwner settings are preserved on the database"
            if($currentDatabase.RecoveryModel -ne $previousRecoveryModel){
                Write-DosMessage -Level "Information" -Message "New recovery model $($currentDatabase.RecoveryModel) doesn't match previous recovery model $previousRecoveryModel, reverting to previous recovery model"
                Set-DbaDbRecoveryModel -RecoveryModel $previousRecoveryModel.ToString() -SqlInstance $TargetSqlInstance -Database $TargetDb -Confirm:$false -EnableException
            if($currentDatabase.Owner -ne $previousDbOwner){
                Write-DosMessage -Level "Information" -Message "New DB owner $($currentDatabase.Owner) doesn't match previous owner, reverting to old owner $previousDbOwner"
                Set-DbaDbOwner -SqlInstance $TargetSqlInstance -Database $TargetDb -TargetLogin $previousDbOwner -Confirm:$false -EnableException
    catch {
        Write-DosMessage -Level "Error" -Message "Unable to deploy $DacPacFilePath to $TargetDb on $TargetSqlInstance. Exception: $($_.Exception)"
        Write-DosMessage -Level "Information" "Finished Dacpac deployment - failure"

    Write-DosMessage -Level "Information" -Message "Publish-DosDacPac complete"
    Write-DosMessage -Level "Information" -Message "Publishing '$DacPacFilePath' to '$TargetDb' completed"

function Add-MountPoint{
        [string] $Path,
        [bool] $CreateIfForced,
        [string] $MountPointComputerName
    $HostcomputerName = hostname

    $scriptBlock = {
        $CreateIfForced = $args[1]
        $Path = $args[0]
            if(!(Test-Path $Path)){
                try {
                    New-Item -ItemType Directory $Path | Out-Null
                    return "Mount point $Path created"
                catch {
                    return "Error creating mount point $Path. Exception: $($_.Exception)"
            if(!(Test-Path $Path)){
                return "Mount point $Path not found use -ForceMountPointCreation to enable creation of necessary folders"

    Write-DosMessage -Level "Information" -Message "Validating $Path Mount Point on $MountPointComputerName"
    $params = @{
        ScriptBlock = $scriptBlock
        ArgumentList = @($Path, $CreateIfForced)

    $MountPointHostname = $MountPointComputerName.split('.')[0]
    if($MountPointHostname -match "^\d+$"){
        #if the $MountPointHostname is a number (e.g. because it is actually an ip address), just use the full computer name
        $MountPointHostname = $MountPointComputerName

    if($MountPointHostname -eq 'localhost' -or $MountPointHostname -eq ''){
        #don't add computer name to the parameters
        Write-DosMessage -Level "Debug" -Message "It appears that '$MountPointComputerName' is localhost, so we run the Invoke-Command locally"
    } elseif($MountPointHostname -eq $HostcomputerName) {
        #don't add computer namme to the parameters
        Write-DosMessage -Level "Debug" -Message "It appears that '$HostcomputerName' is the same as '$MountPointComputerName', so we run the Invoke-Command locally"
    } else {
            $IpAddressMountPointHostname = $(Test-NetConnection -computername $MountPointComputerName -ErrorAction SilentlyContinue -WarningAction SilentlyContinue).RemoteAddress.IPAddressToString
            $IpAddressLocalhost = $(Test-NetConnection -computername $HostcomputerName -ErrorAction SilentlyContinue -WarningAction SilentlyContinue).RemoteAddress.IPAddressToString
            if($IpAddressMountPointHostname -eq $IpAddressLocalhost){
                #don't add computer name to the parameters
                Write-DosMessage -Level "Debug" -Message "It appears that '$IpAddressMountPointHostname' is the same as '$IpAddressLocalhost', so we run the Invoke-Command locally"
            } else {
                Write-DosMessage -Level "Debug" -Message "It appears that '$HostcomputerName' is a different computer than '$MountPointComputerName', so we'll use PS Remoting"
                $params.Add("ComputerName", $MountPointComputerName)
        } catch {
            Write-DosMessage -Level "Debug" -Message "It appears that '$HostcomputerName' is a different computer than '$MountPointComputerName', so we'll use PS Remoting."
            $params.Add("ComputerName", $MountPointComputerName)

    Write-DosMessage -Level "Information" -Message "Running invoke-command"
    $addMountResult = Invoke-Command @params

    if ($addMountResult -like "*use -ForceMountPointCreation*" -or $addMountResult -like "Error creating mount point*") {
        Write-DosMessage -Level "Error" -Message $addMountResult
    if ($addMountResult -eq "Mount point $Path created") {
        Write-DosMessage -Level "Information" -Message $addMountResult

    Publishes the target DOS web application with the specified options
    Publishes the target DOS web application with the specified options. Either uses WebDeploy (for older apps), or internal logic for new .Net Core applicaitons.
    .PARAMETER WebAppPackagePath
    File path to web application zip to publish
    .PARAMETER SettingsXmlPath
    ONLY USED in WebDeploy Applications - File path to xml settings
    .PARAMETER AppPoolName
    IIS Application Pool name
    .PARAMETER AppPoolCredential
    Credential object used to configure the built-in account the IIS Application Pool runs as
    .PARAMETER AuthenticationType
    ONLY USED in WebDeploy Applications - Windows or Anonymous authentication
    .PARAMETER WebDeploy
    A toggle for the web application to be deployed via WebDeploy or by other means
    .PARAMETER AppName
    ONLY USED in NON-Webdeploy applications. Specifies both the application's name AND the folder name where the application will be placed underneath the IIS site's root folder.
    ONLY USED in NON-WebDeploy applications. Specifies the IIS site to publish the application to. Defaults to "Default Web Site"
    .PARAMETER WebDeployParameters
    ONLY USED in WebDeploy Applications - Arraylist object containing site settings
    .PARAMETER PathsToPreserve
    Array of paths to preserve during a deployment, such as logs, relative to the install directory in IIS, so they are not removed during the upgrade of an application. Ignored for new installs.
    Publish-DosWebApplication -WebAppPackagePath "" -SettingsXmlPath "testapp.settings.xml" -AppPoolName "x" -AppPoolCredential $creds -AuthenticationType "Windows" -WebDeploy -WebDeployParameters $webDeployParams -PathsToPreserve @("logs")

function Publish-DosWebApplication {
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Error" -Message "$_ does not exist. Please enter valid path." -ErrorAction Stop
            else {
        [string] $WebAppPackagePath,
        [string] $SettingsXmlPath,
            if ($_ -match '[^a-zA-Z0-9]') {
                Write-DosMessage -Level "Error" -Message "$_ must only contain alphanumeric values. Please remove special characters." -ErrorAction Stop
            else {
        [string] $AppPoolName,
        [PSCredential] $AppPoolCredential,
        [ValidateSet("Windows", "Anonymous")]
        [string[]] $AuthenticationType,
        [switch] $WebDeploy,
        [string] $AppName,
        [string] $IISWebSite = "Default Web Site",
        [System.Collections.ArrayList] $WebDeployParameters,
        [switch] $NoCredential,
        [string[]] $PathsToPreserve = @()

    Import-Module WebAdministration -Force
    if ($PathsToPreserve.Length -gt 0) {
        for ($i = 0; $i -lt $PathsToPreserve.Length; $i++) {
            $PathsToPreserve[$i] = $PathsToPreserve[$i].Trim("\", "/", " ")

    ###Only allow one source of input for webdeploy args

    try {
        if ($NoCredential.IsPresent) {
            Write-DosMessage -Level "Information" -Message "The NoCredential parameter was provided. Proceeding to application pool validation."
            if(!(Test-Path "IIS:\AppPools\$AppPoolName" -PathType Container)){
                New-AppPool -IISAppPoolName $AppPoolName
            else {
                Set-AppPoolSettings -IISAppPoolName $AppPoolName -NoCredential $NoCredential.IsPresent
        else {
            if(!(Test-Path "IIS:\AppPools\$AppPoolName" -PathType Container)){
                if($AppPoolCredential -eq $null){
                    Write-DosMessage -Level "Fatal" -Message "No app pool found named $AppPoolName and no credentials specified. Please specify credentials -AppPoolCredential if you want to create a new application pool"
                New-AppPool -IISAppPoolName $AppPoolName -IdentityCredential $AppPoolCredential
            else {
                $existingAppPool = Get-Item -Path "IIS:\AppPools\$AppPoolName"

                # if app pool exists and credential is passed in / checks if the existing credential is the same / if it differs we fail out
                if ($null -ne $AppPoolCredential) {
                    if ($existingAppPool.processModel.userName -ne $AppPoolCredential.UserName -or $existingAppPool.processModel.password -ne $AppPoolCredential.GetNetworkCredential().Password) {
                        Write-DosMessage -Level "Fatal" -Message "The '$AppPoolName' app pool has an identity configured that differs from the identity credential provided. Halting deployment."

                Set-AppPoolSettings -IISAppPoolName $AppPoolName -IdentityCredential $AppPoolCredential
                Write-DosMessage -Level "Information" -Message "Application Pool: $AppPoolName already exists. Deploying '$WebAppPackagePath' to $AppPoolName"
        $appPool = Get-Item "IIS:\AppPools\$AppPoolName"
    catch {
        Write-DosMessage -Level "Error" -Message "Error occured getting, creating, or updating a IIS application pool. Exception: $($_.Exception)"

    #Deploy Website to IIS
    if ($WebDeploy.IsPresent){

        if([String]::IsNullOrEmpty($SettingsXmlPath) -and ($null -eq $WebDeployParameters)){
            Write-DosMessage -Level "Error" -Message "Must provide parameters through a settings xml file or webdeployparameters when deploying a web deploy application"

        if($SettingsXmlPath) {
            try {
                [xml] $parsedXml = Get-Content $SettingsXmlPath
            catch {
                Write-DosMessage -Level "Error" -Message "Error occured parsing xml settings file. Exception: $($_.Exception)"

        try {
            Write-DosMessage -Level "Information" -Message "Attempting to retrieve the IIS web application information."
            $siteName,$appNameFromSettings = Get-IisWebAppInfo -SettingsXmlPath $SettingsXmlPath -WebDeployParameters $WebDeployParameters -ParsedXml $parsedXml
            Write-DosMessage -Level "Information" -Message "Successfully retrieved the IIS web application information."
            Write-DosMessage -Level "Information" -Message "Deploying '$appNameFromSettings' through WebDeploy."
        catch {
            Write-DosMessage -Level "Error" -Message "Unable to find node containing IIS Web Application Name values"
        Publish-WebDeployWebApp -WebDeployPackageFilePath $WebAppPackagePath -WebDeployParameterFilePath $SettingsXmlPath -WebParameters $WebDeployParameters -AppName $appNameFromSettings -IISWebSite $IISWebSite -AppPoolName $AppPoolName -PathsToPreserve $PathsToPreserve

        Set-ApplicationPool -SiteName $siteName -AppName $appNameFromSettings -AppPoolName $AppPoolName
        Set-AuthenticationType -SiteName $siteName -AppName $appNameFromSettings -AuthenticationType $AuthenticationType

        Write-DosTelemetry -Message "Publish-DosWebApplication called and published using Publish-WebDeployWebApp."
    else {
            Write-DosMessage -Level "Fatal" -Message "AppName must be non-null and non empty"

        Publish-DotNetCoreWebApp -WebApplicationPackagePath $WebAppPackagePath -AppName $AppName -IISWebSite $IISWebSite -AppPoolName $AppPoolName -PathsToPreserve $PathsToPreserve
        Set-ApplicationPool -SiteName $IISWebSite -AppName $AppName -AppPoolName $AppPoolName

        if (-Not ([string]::IsNullOrEmpty($AuthenticationType))) {
            Set-AuthenticationType -SiteName $IISWebSite -AppName $AppName -AuthenticationType $AuthenticationType

        Write-DosTelemetry -Message "Publish-DosWebApplication called and published using Publish-DotNetCoreWebApp."

function Get-IisWebAppInfo {
    param (
        [string] $SettingsXmlPath,
        [System.Collections.ArrayList] $WebDeployParameters,
        [xml] $ParsedXml

        # Parameter childnodes can be different
        $iisParameter = $ParsedXml.parameters.ChildNodes | Where-Object { $ -eq "IIS Web Application Name" }

        # Parameter attribute names differ (eg. defaultValue and value)
        $iisAppPath = $iisParameter.Attributes | Where-Object { $_ -like "*value" }
        $siteName,$appNameFromSettings = $iisAppPath.'#text'.split('/')
        # Parameter attribute names differ (eg. defaultValue and value)
        foreach ($param in $WebDeployParameters)
            if($param.Name -eq "IIS Web Application Name"){
                $iisAppPath = $param.Value
        $siteName,$appNameFromSettings = $iisAppPath.split('/')

    return $siteName,$appNameFromSettings

function Set-ApplicationPool {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (
        [string] $SiteName,
        [string] $AppName,
        [string] $AppPoolName

    try {
        # Set-Application Pool with specific app
        Push-Location -Path IIS:\Sites\$SiteName\
        Set-ItemProperty -Path $AppName -Name applicationPool -Value $AppPoolName
    catch {
        Write-DosMessage -Level "Error" -Message "Error occured associating application to the app pool. Exception: $($_.Exception)"
    finally {

function Set-AuthenticationType {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (
        [string] $SiteName,
        [string] $AppName,
        [string[]] $AuthenticationType

        Push-Location -Path IIS:\Sites\$SiteName\$AppName
        # Set-Authentication and transform the web config
        Set-IISAuthentication -AuthenticationType $AuthenticationType -SiteName $SiteName -ApplicationName $AppName
    catch {
        Write-DosMessage -Level "Error" -Message "Error occured altering authentication types. Exception: $($_.Exception)"
    finally {

function Install-UrlRewrite {
    # Check if URL Rewrite is installed before setting authentication
    $urlRewriteRegistry = "HKLM:\SOFTWARE\Microsoft\IIS Extensions\URL Rewrite"

    if (-Not (Test-Path $urlRewriteRegistry)) {
        Write-DosMessage -Level "Information" -Message "UrlRewrite not installed"

        # Install Web Platform Installer if not present
        if (-Not (Test-Path "$($env:ProgramFiles)\Microsoft\Web Platform Installer")) {
            Write-DosMessage -Level "Information" -Message "Web Platform Installer not found"
            Get-WebRequestDownload "" -OutFile "$PSScriptRoot\Web-Platform-Install.msi"
            Write-DosMessage -Level "Information" -Message "Installing Web Platform Installer"
            Start-Process "$PSScriptRoot\Web-Platform-Install.msi" '/qn' -PassThru | Wait-Process
            Remove-Item "$PSScriptRoot\Web-Platform-Install.msi"

        # Install UrlRewrite using Web Platform Installer
        if (Test-Path "$($env:ProgramFiles)\Microsoft\Web Platform Installer\WebpiCmd.exe") {
            Write-DosMessage -Level "Information" -Message "Installing UrlRewrite"
            Start-Process "$($env:ProgramFiles)\Microsoft\Web Platform Installer\WebpiCmd.exe" "/Install /Products:'UrlRewrite2' /AcceptEULA" -PassThru | Wait-Process

            if (-Not (Test-Path $urlRewriteRegistry)) {
                Write-DosMessage -Level "Warning" -Message "UrlRewrite did not install correctly"
        else {
            Write-DosMessage -Level "Warning" -Message "Unable to install UrlRewrite, WebpiCmd.exe not found at $($env:ProgramFiles)\Microsoft\Web Platform Installer\WebpiCmd.exe"

    Pushes a new "_type_" property to any hashtable, which stores the key name and "type" provided as a parameter
    When working with DOS configuration values that come from varying places (some common examples may be a config store, pipeline, or static) it is
    nice to be able to merge these configurations into a single $config hashtable. However, when we merge hashtables together, we lose the information
    about where they came from or what type of configuration it is.
    Push-DosConfigType allows you to provide a "type" parameter which then stores the key names and type into a new property called "_type_". This "_type_"
    property is then used by the Confirm-DosConfiguration method when generating meaningful messages about issues with configurations, due to
    the added information about what type of configuration encountered a problem.
    Name Value
    ---- -----
    clientName Health Catalyst
    appName Test App
    clientEnvironment Internal
    appPoolName Test App Pool
    _type_ {clientName, appName, clientEnvironment, appPoolName}
    $storeConfig = @{
        clientName = 'Health Catalyst'
        clientEnvironment = 'Internal'
        appName = 'Test App'
        appPoolName = 'Test App Pool'
    } | Push-DosConfigType "store"
    $staticConfig = @{
        ServiceName = 'Test Service'
        PathToDatabaseQuery = 'some path'
    } | Push-DosConfigType "static"

function Push-DosConfigType {
    param (
        [Parameter(ValueFromPipeline = $true, Mandatory = $true)]
        [Hashtable] $hash,
        [Parameter(Position = 0, Mandatory = $true)]
        [String] $type
    $newHash = @{};
    foreach ($key in $hash.keys) {
        $newHash.Add($key, $type)
    $hash._type_ = $newHash
    return $hash

    Removes an installation scope/section from the provided config store
    Removes an installation scope/section from the provided config store
    .PARAMETER configSection
    Config scope that the contains the configSetting that will be removed
    .PARAMETER ConfigStore
    Accepts a powershell hashtable or dictionary with key value pairs following the example, $configStore = @{Type = "File"; Format = "XML"; Path = "C:\Path\To\File"}.
    Current iteration only supports XML Files.
    Remove-DosConfigSection -configSection "common" -configStore $configStore
    General notes

function Remove-DosConfigSection {
    [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')]
    param (
        [String] $configSection,
        [hashtable] $configStore
    if(!(Confirm-ConfigStore -ConfigStore $configStore)) {
        Write-DosMessage -Level Fatal -Message "configStore is invalid (Type: $($configstore.Type); Format: $($configstore.Format); Path: $($configstore.Path)"

    if(-not($configStore.Format -eq 'XML' -and $configStore.Type -eq 'File')){
        Write-DosMessage -Level Fatal -Message "Remove-DosConfigSection is not implemented for this type of configstore (Type: $($configstore.Type); Format: $($configstore.Format); Path: $($configstore.Path)"
    if ($configStore.Type -eq "External") {
        $configObject = Remove-ExternalConfigSection -configStore $configStore -configSection $configSection
    if ($configStore.Type -eq "File") {
        $configObject = Remove-FileConfigSection -configStore $configStore -configSection $configSection
        if($PSCmdlet.ShouldProcess("Delete '$configSection' scope in install config")){
            Write-DosMessage -Level Information -Message "Removing $configSection from $($configStore.Type) configstore."
            Save-DosConfigStore -configStoreObject $configObject -configStore $configStore
    } else {
        Write-DosMessage -Level 'Warning' -Message "No changes made to $($configStore.Type) configstore for the $configSection scope"

function Remove-FileConfigSection {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (

    $installConfigXml = [xml](Get-Content "$($configStore.Path)")

    $sectionSettings = $installConfigXml.installation.settings.scope | Where-Object {$ -eq $configSection}

    if (-not($sectionSettings) -or ($sectionSettings.Count -eq 0)) {
        #if the scope doesn't exist no problem, do nothing
        Write-DosMessage -Level Information -Message "$($configStore.Path) didn't have a $configSection scope. No action taken."

    #make the config section lowercase and then get the node to delete (case insensitive)
    $configSection = $configSection.ToLower()
    $nodeToDelete = $installConfigXml.selectnodes("/installation/settings/scope[translate(@name,'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$configSection']")

    if ($nodeToDelete) {
        $nodeToDelete | Foreach-Object{$_.parentnode.removechild($_)} | out-null
    else {
        Write-DosMessage -Level "Warning" -Message "$($configStore.Path) had a $configSection.$configSetting value but we couldn't find it with XPath. No action taken."
        $installConfigXml = $null

    return $installConfigXml

function Remove-ExternalConfigSection {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (

    $configValues = Get-ExternalConfigValues -ConfigStore $configStore -Scope $configSection

    $responseObject = $null

    foreach ($configValue in $configValues) {
        Write-DosMessage -Level "Information" -Message "Attepmting to remove $($configValue.PartitionKey).$($configValue.RowKey)"
        $responseObject = Remove-ExternalConfigValue -ConfigStore $configStore -configSection "$($configValue.PartitionKey)" -configSetting "$($configValue.RowKey)"
        if ($responseObject.StatusCode -eq 204) {
            Write-DosMessage -Level "Information" -Message "Successfully removed $($configValue.PartitionKey).$($configValue.RowKey) from $($configStore.Type) configstore."

    return $responseObject

    Removes an installation variable from the provided config scope
    Removes an installation variable and value from the provided config scope
    .PARAMETER configSection
    Config scope that the contains the configSetting that will be removed
    .PARAMETER configSetting
    Variable that will be removed
    .PARAMETER ConfigStore
    Accepts a powershell hashtable or dictionary with key value pairs following the example, $configStore = @{Type = "File"; Format = "XML"; Path = "C:\Path\To\File"}.
    Current iteration only supports XML Files.
    Remove-DosConfigValue -InstallConfigPath $path -configSection "common" -configSetting "sqlServerAddress"
    General notes

function Remove-DosConfigValue {
    [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')]
    param (
        [Alias("Scope", "ConfigScope")]
        [String] $configSection,
        [String] $configSetting,
        [hashtable] $configStore
    if(!(Confirm-ConfigStore -ConfigStore $configStore)) {
        Write-DosMessage -Level "Fatal" -Message "ConfigStore is invalid"

    if ($configStore.Type -eq "External") {
        $configObject = Remove-ExternalConfigValue -configStore $configStore -configSection $configSection -configSetting $configSetting
    if ($configStore.Type -eq "File") {
        $configObject = Remove-FileConfigValue -configStore $configStore -configSection $configSection -configSetting $configSetting
        if($PSCmdlet.ShouldProcess("Delete $configSection.$configSetting in install config")){
            Write-DosMessage -Level "Debug" -Message "Removing $configSection.$configSetting from $($configStore.Type) configstore."
            Save-DosConfigStore -configStoreObject $configObject -configStore $configStore
    } else {
        Write-DosMessage -Level "Warning" -Message "No changes made to $($configStore.Type) configstore for $configSection.$configSetting."

function Remove-FileConfigValue {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (

    Write-DosMessage -Level "Debug" -Message "Attempting to remove $configSection.$configSetting from $($configStore.Path)."

    $installConfigXml = [xml](Get-Content "$($configStore.Path)")

    $sectionSettings = $installConfigXml.installation.settings.scope | Where-Object {$ -eq $configSection}

    if (-not($sectionSettings) -or ($sectionSettings.Count -eq 0)) {
        #if the scope doesn't exist no problem, do nothing
        Write-DosMessage -Level "Debug" -Message "$($configStore.Path) didn't have a $configSection scope. No action taken."

    $existingSetting = $sectionSettings.variable | Where-Object {$ -eq $configSetting}

        #if the existing variable in the scope doesn't exist, do nothing
        Write-DosMessage -Level "Debug" -Message "$($configStore.Path) didn't have a $configSection.$configSetting value. No action taken."

    $configSection = $configSection.ToLower()
    $configSetting = $configSetting.ToLower()
    $nodeToDelete = $installConfigXml.selectnodes("/installation/settings/scope[translate(@name,'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$configSection']/variable[translate(@name,'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$configSetting']")

    if ($nodeToDelete) {
        $nodeToDelete | Foreach-Object{$_.parentnode.removechild($_)} | out-null
    else {
        Write-DosMessage -Level "Warning" -Message "$($configStore.Path) had a $configSection.$configSetting value but we couldn't find it with XPath. No action taken."
        $installConfigXml = $null
    return $installConfigXml

function Remove-DosWebApplication {
        Remove a DOS web application from IIS
        Removes a given DOS web application, physical directory, and application pool
        if no other applications are associated with it.
        .PARAMETER ApplicationName
        The name of the DOS Web application in IIS.
        .PARAMETER IISWebSite
        Specifies the IIS site from which to remove the application. Defaults to "Default Web Site"
        Remove-DosWebApplication -ApplicationName "Atlas4" -IISWebSite "Default Web Site"

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    Param (
        [string] $ApplicationName,
        [string] $IISWebSite = "Default Web Site"
    Import-Module WebAdministration -Force

    $iisPath = "IIS:\Sites\$($IISWebSite)\$($ApplicationName)"
    $webApp = Get-WebApplication -Name $ApplicationName -Site $IISWebSite

    if ($webApp) {
        $webApplicationFolder = Get-WebFilePath -PSPath $iisPath
        Write-DosMessage -Level "Information" -Message "Removing web application '$iisPath'"
        Remove-WebApplication -Name $ApplicationName -Site $IISWebSite
        Write-DosMessage -Level "Information" -Message "Removing folder '$webApplicationFolder'"
        Remove-Item -Path $webApplicationFolder -Recurse

        # Remove app pool if application count is zero
        $appPoolName = $webApp.applicationPool
        $appCount = (Get-WebConfigurationProperty "/system.applicationHost/sites/site/application[@applicationPool='$appPoolName']" "machine/webroot/apphost" -name path).Count
        if ($appCount -eq 0) {
            Write-DosMessage -Level "Information" -Message "Removing application pool '$appPoolName'"
            Remove-WebAppPool -Name $appPoolName
        else {
            Write-DosMessage -Level "Warning" -Message "Application pool '$appPoolName' was not removed since other applications are currently bound to it."

function Remove-IISUrlRewriteRule {
        Removes URL rewrite rule
        Removes a given URL rewrite rule from IIS.
        .PARAMETER RuleName
        The unique name of the rule to remove.
        .PARAMETER IISWebSite
        The IIS site from which to remove the application. Defaults to "Default Web Site"
        Remove-IISUrlRewriteRule -RuleName "Atlas4-Atlas-Redirect" -IISWebSite "Default Web Site"

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]

    Param (
        [string] $RuleName,
        [string] $IISWebSite = "Default Web Site"
    Import-Module WebAdministration -Force
    $iisPath = "IIS:\Sites\$($IISWebSite)"
    $ruleFilter = "/system.webserver/rewrite/rules/rule[@name='$RuleName']"

    $exists = Get-WebConfigurationProperty -PSPath $iisPath -Filter $ruleFilter -Name *
    if ($exists) {
        Write-DosMessage -Level "Information" -Message "Removing URL Rewrite rule '$RuleName'."
        Clear-WebConfiguration -PSPath $iisPath -Filter $ruleFilter

    Saves the config store
    Saves the config store (currently only works for XML file types)
    .PARAMETER configStoreObject
    The object that represents the configuration settings that need to be saved.
    Save-DosConfigStore -configStoreObject $installConfigXml -configStore @{Type = "File"; Format = "XML"; Path = "install.config"}
    Save-DosConfigStore -configStoreObject $installConfigXml -configStore $configStore
    General notes

function Save-DosConfigStore {
    param (
        [hashtable] $configStore

    if($configStore.Type -eq "File" -and $configStore.Format -eq "XML"){
        Save-DosConfigStoreXml -installConfigXml $configStoreObject -pathToInstallConfig $configStore.Path

    if ($configStore.Type -eq "External") {
        Write-DosMessage -Level "Debug" -Message "External configstores have no execution requirements in Save-DosConfigStore"

    NON PUBLIC - Saves the xml file that represents the install.config
    Saves the xml file that represents the install.config
    .PARAMETER installConfigXml
    The xml object that represents the install.config
    .PARAMETER pathToInstallConfig
    Full file path to the install.config file that will be saved
    Save-DosConfigStoreXml -installConfigXml $installConfigXml -pathToInstallConfig 'C:\Program Files\Health Catalyst\install.config'
    General notes

function Save-DosConfigStoreXml {
    param (

    Adds an installation variable to the provided config scope
    Adds or updates an installation variable and value to the provided config scope
    .PARAMETER configSection
    Config scope that the variable and value will be saved to
    .PARAMETER configSetting
    Variable that will be saved
    .PARAMETER configValue
    Value of the variable to be saved
    .PARAMETER KeepExisting
    Will not overwrite the existing value if present
    .PARAMETER ConfigStore
    Accepts a powershell hashtable or dictionary with key value pairs following the example, $configStore = @{Type = "File"; Format = "XML"; Path = "C:\Path\To\File"}.
    Current iteration only supports XML Files.
    Set-DosConfigValue -PathToInstallConfig $path -configSection "common" -configSetting "sqlServerAddress" -configValue $dbFQN -configstore $configstore
    Set-DosConfigValue -PathToInstallConfig $path -configSection "common" -configSetting "sqlServerAddress" -configValue $dbFQN -configstore $configstore -KeepExisting
    General notes

function Set-DosConfigValue {
    [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')]
    param (
        [Alias("Scope", "ConfigScope")]
        [String] $configSection,
        [String] $configSetting,
        [String] $configValue,
        [Switch] $KeepExisting,
        [hashtable] $configStore
    if(!(Confirm-ConfigStore -ConfigStore $configStore)) {
        Write-DosMessage -Level "Fatal" -Message "ConfigStore is invalid"

    $configObject = $null

    if ($configStore.Type -eq "External") {
        $configObject = Set-ExternalConfigValue -configStore $configStore -configSection $configSection -configSetting $configSetting -configValue $configValue

    if ($configStore.Type -eq "File") {
        $configObject = Set-FileConfigValue -configStore $configStore -configSection $configSection -configSetting $configSetting -configValue $configValue -KeepExisting:$KeepExisting

    # Instead of the condition being on if something changed, will detect if the object is returned at all form the specific configstore set functions
        if($PSCmdlet.ShouldProcess("Save changes to configuration")){
            Save-DosConfigStore -configStoreObject $configObject -configStore $configStore
            Write-DosMessage -Level "Debug" -Message "Successfully added $configSection.$configSetting=$configValue into $($configStore.Type) configstore."
    else {
        Write-DosMessage -Level "Information" -Message "No changes made to $($configStore.Type) configstore for $configSection.$configSetting=$configValue."

function Set-FileConfigValue {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (
    Write-DosMessage -Level "Debug" -Message "Attempting to add $configSection.$configSetting=$configValue with KeepExisting=($KeepExisting) into $($configStore.Path)."

    $somethingChanged = $false

    $installConfigXml = [xml](Get-Content "$($configStore.Path)")
    $sectionSettings = $installConfigXml.installation.settings.scope | Where-Object {$ -eq $configSection}
    if (!$sectionSettings) {
        #if the scope doesn't exist, create it
        Write-DosMessage -Level "Debug" -Message "Scope ""$configSection"" doesn't exist, creating it."
        $sectionSettings = $installConfigXml.CreateElement("scope")
        $nameAttribute = $installConfigXml.CreateAttribute("name")
        $nameAttribute.Value = $configSection

        $sectionSettings.Attributes.Append($nameAttribute) | Out-Null
        $installConfigXml.installation.SelectSingleNode("settings").AppendChild($sectionSettings) | Out-Null
        $somethingChanged = $true

    $existingSetting = $sectionSettings.variable | Where-Object {$ -eq $configSetting}
        #if the existing variable in the scope doesn't exist, create it.
        $setting = $installConfigXml.CreateElement("variable")
        $nameAttribute = $installConfigXml.CreateAttribute("name")
        $nameAttribute.Value = $configSetting
        $setting.Attributes.Append($nameAttribute) | Out-Null

        #now that the existing variable is created, set the value.
        $valueAttribute = $installConfigXml.CreateAttribute("value")
        $valueAttribute.Value = $configValue
        $setting.Attributes.Append($valueAttribute) | Out-Null
        Write-DosMessage -Level "Debug" -Message "Adding setting ""$configSetting"" with value ""$configValue"" to the ""$configSection"" scope"

        $sectionSettings.AppendChild($setting) | Out-Null
        $somethingChanged = $true
    } elseif([string]::IsNullOrEmpty($existingSetting.value)){
        #the current value is null or empty, so we are going to overwrite it, regardless if it says keepexisting or not.
        Write-DosMessage -Level "Debug" -Message "No existing value found for setting ""$configSetting"" in scope ""$configSection"", populating with ""$configValue"""
        $existingSetting.value = $configValue
        $somethingChanged = $true
    } elseif (-not([string]::IsNullOrEmpty($existingSetting.value))) {
        #There is an existing setting
        #That existing setting has a value.

            #Don't change the value and let the user know.
            Write-DosMessage -Level "Debug" -Message "Existing value ""$($existingSetting.value)"" found for setting ""$configSetting"" in scope ""$configSection"" but KeepExisting was passed in, leaving value as-is."
        } else {
            #Do change the value and let the user know.
            Write-DosMessage -Level "Debug" -Message "Existing value ""$($existingSetting.value)"" found for setting ""$configSetting"" in scope ""$configSection"", replacing with ""$configValue"""
            $existingSetting.value = $configValue
            $somethingChanged = $true
    } else {
        Write-DosMessage -Level "Fatal" -Message "You've reached an else block that you shouldn't have been able to reach. The cake is a lie."

    if (!$somethingChanged) {
        $installConfigXml = $null
    return $installConfigXml

function Set-ExternalConfigValue {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="WhatIf support not implemented.")]
    param (

    Write-DosMessage -Level "Debug" -Message "Attempting to add $configSection.$configSetting=$configValue into $($ConfigStore.Format)."

    # Check if value already exists
    $configValues = Get-DosConfigValues -ConfigStore $configStore -Scope $configSection
    $currentValue = $configValues | Where-Object { $_.PartitionKey -eq "$configSection" -and $_.RowKey -eq "$configSetting" }
    $tableStorageInputs = Get-AzureTableStorageInputsFromUri -storageUri $ConfigStore.Uri

    $headers = @{
        Accept = 'application/json;odata=nometadata'

    $entity = @{
        PartitionKey = "$configSection"
        RowKey = "$configSetting"
        Value = "$configValue"

    $body = $entity | ConvertTo-Json
    if ($currentValue.Value -eq $configValue) {
        Write-DosMessage -Level "Debug" -Message "$configSection.$configSetting is already configured with $configValue"
        $responseObject = $null
    elseif ($null -ne $currentValue.Value) {
        Write-DosMessage -Level "Debug" -Message "$configSection.$configSetting is configured with '$($currentValue.Value)'"
        Write-DosMessage -Level "Debug" -Message "Updating $configSection.$configSetting to '$($currentValue.Value)'"
        $resource = "$($tableStorageInputs.tableName)(PartitionKey='$configSection',RowKey='$configSetting')"
        $putUri = "https://$($tableStorageInputs.storageAccountName)$resource$($tableStorageInputs.storageSas)"

        try {
            $responseObject = Invoke-WebRequest -Method PUT -Uri $putUri -Headers $headers -Body $body -ContentType application/json -UseBasicParsing

        catch {
            Write-DosMessage -Level "Fatal" -Message "Failed to set $configSection.$configSetting=$configValue on $($configStore.Type) configStore. Exception: $($_.Exception)"
    else {
        $postUri = "https://$($tableStorageInputs.storageAccountName)$($tableStorageInputs.tableName)$($tableStorageInputs.storageSas)"
        try {
            $responseObject = Invoke-WebRequest -Method POST -Uri $postUri -Headers $headers -Body $body -ContentType application/json -UseBasicParsing

        catch {
            Write-DosMessage -Level "Fatal" -Message "Failed to set $configSection.$configSetting=$configValue on $($configStore.Type) configStore. Exception: $($_.Exception)"
    if ($responseObject.StatusCode -eq 204) {
        Write-DosMessage -Level "Debug" -Message "Successfully set $configSection.$configSetting in $($configStore.Type) configstore."

    return $responseObject

    Sets the the global IIS configuration authentication settings to allow each application to override authentication with it's own configuration settings
    For more reading, see: and

function Set-DosGlobalIISAuthentication {

    BEGIN {
        Add-Assembly -Assemblies "$env:systemroot\system32\inetsrv\Microsoft.Web.Administration.dll"

        Write-DosMessage -Level "Verbose" -Message "Fetching configuration sections"
        $manager = new-object Microsoft.Web.Administration.ServerManager
        $config = $manager.GetApplicationHostConfiguration()
        $section = $config.GetSection("system.webServer/security/authentication/windowsAuthentication")
        $section.OverrideMode = "Allow"

        $section = $config.GetSection("system.webServer/security/authentication/anonymousAuthentication")
        $section.OverrideMode = "Allow" 

        if($PSCmdlet.ShouldProcess("Committing IIS global authentication settings")){
            Write-DosMessage -Level "Verbose" -Message "Committing changes"
        Write-DosTelemetry -Message "Set-DosGlobalIISAuthentication called."

    Configure application logger with specified set of parameters..
    Configures and creates a Serilog logger, capable of logging to the console, a file, or both.
    .PARAMETER LoggingMode
    Logger message output. Valid modes include: Console, File and Both.
    .PARAMETER MinimumLoggingLevel
    The minimum logging level that will be written to the logger (file and console).
    .PARAMETER LogFilePath
    Path to logging file.
    Set-DosMessageConfiguration -LoggingMode "Both" -LogFilePath "C:\Path\To\log.txt"

function Set-DosMessageConfiguration {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="Logging messages will not change system state.")]
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidGlobalVars", "", Justification="We need a global variable to avoid weird scope issues when turning on serilog selflog. It will normally be null")]
        [ValidateSet("File", "Console", "Both")]
        [string] $LoggingMode,
        [ValidateSet("Verbose", "Debug", "Information", "Warning", "Error", "Fatal")]
        [string] $MinimumLoggingLevel,
            if (!(Test-Path $_)) {
                try {
                    New-Item $_ -Type File -Force -ErrorAction Stop
                catch {
                    Write-DosMessage -Level "Error" -Message "$_"
            else {
        [string] $LogFilePath
    # Parameter Validation added because if $LogFilePath isn't provided the [ValidateScript] will not run
    # Test case. If user tries to configure a file logger without providing a logfilepath. Associated unit test in Set-DosMessageConfiguration.tests.ps1 line 51-59
    if (($LoggingMode -eq "File" -or $LoggingMode -eq "Both") -and [string]::IsNullOrEmpty($LogFilePath)) {
        Write-DosMessage -Level "Error" -Message "You cannot configure a file logger without providing a the LogFilePath parameter."

    try {
        [SerilogBridge.SerilogBridge]::CreateDosLogger($LoggingMode, $MinimumLoggingLevel, $LogFilePath, $global:serilogSelfLogEnabled)
    catch {
        Write-DosMessage -Level "Error" -Message "Error creating logger. Exception: $($_.Exception)"

    Write-DosTelemetry -Message "Set-DosMessageConfiguration called."

    Configures the telemetry logger with a specific telemetry key (current defaults to DOS Install Application Insights key).
    Pass in the application insights key and a optional opt out parameter.
    .PARAMETER TelemetryKey
    Currently associate the telemetry logger with an application insights key.
    .PARAMETER TelemetryOptOut
    Switch parameter, if included will opt out of the telemetry logger.
    Set-DosTelemetry -TelemetryKey "testkey" -TelemetryOptOut

function Set-DosTelemetry {
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="Logging messages will not change system state.")]
        [string] $TelemetryKey,
        [switch] $TelemetryOptOut
    # Converts to the appropriate boolean type used for the C# serilogbridge
    Write-DosMessage -Level "Verbose" -Message "Converting Powershell boolean into primitive type to be used in Serilog C# class"
    $telemetryConfirmation = [System.Management.Automation.LanguagePrimitives]::ConvertTo($TelemetryOptOut.IsPresent,[System.Type]::GetType($TelemetryOptOut.IsPresent.GetType().FullName))

    try {
        Write-DosMessage -Level "Information" -Message "Creating Telemetry Logger using '$TelemetryKey' key."
        [SerilogBridge.TelemetryBridge]::CreateDosTelemetryLogger($TelemetryKey, $telemetryConfirmation)
    catch {
        Write-DosMessage -Level "Error" -Message "Error creating telemetry logger. Exception: $($_.Exception)"

    Write-DosTelemetry -Message "Set-DosTelemetry called."

    Given a certificate thumbprint and an encrypted value, Unprotect-DosInstallerSecret will return a decrypted secret value.
    Pass in a certificate thumbprint (generally stored in a configuration file) and the encrypted secret value, and Unprotect-DosInstallerSecret will return the decrypted value in string format.
    .PARAMETER CertificateThumprint
    Certificate Thumbprint of the certificate that will be used for decryption.
    .PARAMETER EncryptedInstallerSecretValue
    Encrypted value that will be unprotected.
    $decryptedValue = Unprotect-DosInstallerSecret -CertificateThumprint $certThumbprint -EncryptedInstallerSecretValue $encryptedSecret

function Unprotect-DosInstallerSecret {
        [Parameter(Mandatory=$true, ParameterSetName = "CertificateSecret")]
        [string] $CertificateThumprint,
        [Parameter(Mandatory=$true, ParameterSetName = "CertificateSecret")]
        [string] $EncryptedInstallerSecretValue

    $secret = ''

    if ($PSCmdlet.ParameterSetName -eq "CertificateSecret") {
            Write-DosMessage -Level "Debug" -Message "Attempting to retrieve encryption certificate using the certificate thumbprint provided."
            $encryptionCertificate = Get-EncryptionCertificate $CertificateThumprint
            Write-DosMessage -Level "Debug" -Message "Successfully retrieved encryption certificate."
        catch {
            Write-DosMessage -Level "Error" -Message "Could not get encryption certificte with thumbprint $CertificateThumprint. Exception: $($_.Exception)"
        try {
            Write-DosMessage -Level "Debug" -Message "Using encryption certificate to decrypt the installer secret provided."

            $encryptedValue = $EncryptedInstallerSecretValue
            if ($encryptedValue.StartsWith("!!enc!!:")) {
                $encryptedValue = $encryptedValue.Replace("!!enc!!:", "")

            $secret = Get-DecryptedString -Certificate $encryptionCertificate -EncryptedValue $encryptedValue
            Write-DosMessage -Level "Debug" -Message "Successfully decrypted the installer secret provided."
        catch {
            Write-DosMessage -Level "Error" -Message "Error attempting to decrypt installer secret. Exception: $($_.Exception)."

    return $secret

function Get-EncryptionCertificate {
    param (
        [string] $CertificateThumprint

    $localCertPath = "Cert:\LocalMachine\My"

    Write-DosMessage -Level "Verbose" -Message "Cleaning certificate thumbprint for any invalid characters."
    $cleanCertificateThumbprint = $CertificateThumprint -replace '[^a-zA-Z0-9]', ''
    try {
        Write-DosMessage -Level "Debug" -Message "Pulling certificate from $localCertPath."
        $certificate = Get-Item "$localCertPath\$cleanCertificateThumbprint" -ErrorAction Stop
        Write-DosMessage -Level "Debug" -Message "Successfully retrieved certificate from $localCertPath."
    catch {
        Write-DosMessage -Level "Error" -Message "Error retrieving certificate from $localCertPath. Confirm that certificate with $cleanCertificateThumbprint exists on the machine. Exception: $($_.Exception)."

    return $certificate

function Get-DecryptedString {
    param (
        [X509Certificate] $Certificate,
        [string] $EncryptedValue
    try {
        Write-DosMessage -Level "Debug" -Message "Decrypting value..."
        $clearTextValue = Get-DecryptedValueDotNet -Certificate $Certificate -EncryptedValue $EncryptedValue
        Write-DosMessage -Level "Debug" -Message "Successfully decrypted installer secret."
    catch {
        Write-DosMessage -Level "Error" -Message "Error decrypting value provided. Please verify that encryption certificate is valid. Exception: $($_.Exception)."
    return $clearTextValue

function Get-DecryptedValueDotNet {
    param (
        [X509Certificate] $Certificate,
        [string] $EncryptedValue

    if ($null -eq $Certificate.PrivateKey) {
        Write-DosMessage -Level "Debug" -Message "CNG certificate detected."
        try {
            Write-DosMessage -Level "Debug" -Message "Pulling RSA private key from certificate with thumbprint provided."
            $privateKey = Get-CNGRSAPrivateKey -Certificate $Certificate
            Write-DosMessage -Level "Debug" -Message "Successfully retrieved RSA private key from certificate."
        catch {
            Write-DosMessage -Level "Error" -Message "Error pulling RSA private key from certificate with thumbprint $($Certificate.Thumbprint). Exception: $($_.Exception)."

        try {
            Write-DosMessage -Level "Debug" -Message "Decrypting value..."
            $clearTextValue = Get-DecryptedValueCNGKey -privateKey $privateKey -EncryptedValue $EncryptedValue
            Write-DosMessage -Level "Debug" -Message "Successfully decrypted value."
        catch {
            Write-DosMessage -Level "Error" -Message "Error decrypting value provided. Please verify that encryption certificate is valid. Exception: $($_.Exception)."
    else {
        Write-DosMessage -Level "Debug" -Message "CSP certificate detected."
        try {
            Write-DosMessage -Level "Debug" -Message "Decrypting value..."
            $clearTextValue = Get-DecryptedValueCSPCertificateKey -Certificate $Certificate -EncryptedValue $EncryptedValue
            Write-DosMessage -Level "Debug" -Message "Successfully decrypted value."
        catch {
            Write-DosMessage -Level "Error" -Message "Error decrypting value provided. Please verify that encryption certificate is valid. Exception: $($_.Exception)."

    return $clearTextValue

function Get-CNGRSAPrivateKey {
    param (
        [X509Certificate] $Certificate

    return [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($Certificate)

function Get-DecryptedValueCNGKey {
    param (
        [System.Security.Cryptography.RSA] $privateKey,
        [string] $EncryptedValue

    return [System.Text.Encoding]::UTF8.GetString($privateKey.Decrypt([System.Convert]::FromBase64String($EncryptedValue), [System.Security.Cryptography.RSAEncryptionPadding]::OaepSHA1))

function Get-DecryptedValueCSPCertificateKey {
    param (
        [X509Certificate] $Certificate,
        [string] $EncryptedValue

    return [System.Text.Encoding]::UTF8.GetString($Certificate.PrivateKey.Decrypt([System.Convert]::FromBase64String($EncryptedValue), $true))

    Formats the given input string by performing a search/replace.
    Formats the given input string by performing a search/replace against each delimited targetpattern and replacing it with the replacement pattern in the same array position
    .PARAMETER TargetPatterns
    Array of strings representing the target patterns to search for and replace. Combines with delimiter to prevent aliasing. Must be equal in length to the replacement array
    .PARAMETER ReplacementPattern
    Array of replacement strings. Must be equal in length to the target array
    .PARAMETER Content
    String representing the content to perform a search/replace on. Must be non-null and not empty
    .PARAMETER Delimiter
    Delimiter to combine with the target replacement patterns to perform search/replace against. May be an empty string if no delimiter is necessary
    $formattedContent = Update-DosConfigContent -TargetPatterns $TargetPatterns -ReplacementPattern $ReplacementPattern -Delimiter $Delimiter -Content $configFileContent

function Update-DosConfigContent{
    [CmdletBinding(SupportsShouldProcess = $true)]
        [Array] $TargetPatterns,
        [Array] $ReplacementPattern,
        [string] $Content,
        [string] $Delimiter = ""
    if($TargetPatterns.Length -ne $ReplacementPattern.Length){
        Write-DosMessage -Level "Error" -Message "Target patterns and replacement pattern length must be equal"

    for($i = 0 ; $i -lt $TargetPatterns.Length; $i++){
        Write-DosMessage -Level "Verbose" -Message "Replacing $($TargetPatterns[$i]) with $($ReplacementPattern[$i])"
        $searchValue = "$Delimiter$($TargetPatterns[$i])$Delimiter"
        if($PSCmdlet.ShouldProcess("Modifying content via search and replace")){
            $Content = $Content.Replace($searchValue, $ReplacementPattern[$i])

    return $Content

    Write-DosTelemetry -Message "Update-DosConfigFile called."

    Formats the given input file by performing a search/replace. Writes the updated content back into the same file
    Formats the given input string by performing a search/replace against each delimited targetpattern and replacing it with the replacement pattern in the same array position
    .PARAMETER TargetPatterns
    Array of strings representing the target patterns to search for and replace. Combines with delimiter to prevent aliasing. Must be equal in length to the replacement array
    .PARAMETER ReplacementPattern
    Array of replacement strings. Must be equal in length to the target array
    .PARAMETER FilePath
    Path to the file to update with the search/replace
    .PARAMETER Delimiter
    Delimiter to combine with the target replacement patterns to perform search/replace against. May be an empty string if no delimiter is necessary
    Update-DosConfigFile -TargetPatterns $targets -ReplacementPattern $replacements -Delimiter $delimiter -FilePath $ConfigFilePath

function Update-DosConfigFile{
    [CmdletBinding(SupportsShouldProcess = $true)]
        [Array] $TargetPatterns,
        [Array] $ReplacementPattern,
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Error" -Message "FilePath $_ does not exist. Please enter valid path." -ErrorAction Stop
            else {
        [string] $FilePath,
        [string] $Delimiter = ""
    Write-DosMessage -Level "Information" -Message "Performing search and replace on $FilePath"

    $configFileContent = Get-Content -Path $FilePath -Raw

    Write-DosMessage -Level "Debug" -Message "Pre-formatted content: $configFileContent"

    $formattedContent = Update-DosConfigContent -TargetPatterns $TargetPatterns -ReplacementPattern $ReplacementPattern -Delimiter $Delimiter -Content $configFileContent

    Write-DosMessage -Level "Debug" -Message "Formatted content: $formattedContent"

    if($PSCmdlet.ShouldProcess("Saving updated content back to file $FilePath")){
        Set-Content -Path $FilePath -Value $formattedContent


    Formats the given input file by performing a search/replace.
    Formats the given input string by performing a search/replace agaist pairs in the specified XML file
    .PARAMETER ConfigFilePath
    Configuration file to update with a search/replacement of patterns in the ReplacementPatternFilePath
    .PARAMETER ReplacementPatternFilePath
    File containing the delimiter and search/replace pairs to use to transform the config file
    Update-DosConfigFileFromInputFile -ConfigFilePath "C:\inetput\wwwroot\testapp\web.config" -ReplacementPatternFilePath ".\testappupdates.xml"

function Update-DosConfigFileFromInputFile {
    [CmdletBinding(SupportsShouldProcess = $true)]
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Error" -Message "ConfigFilePath $_ does not exist. Please enter valid path." -ErrorAction Stop
            else {
        [string] $ConfigFilePath,
            if (!(Test-Path $_)) {
                Write-DosMessage -Level "Error" -Message "ReplacementPatternFilePath $_ does not exist. Please enter valid path." -ErrorAction Stop
            else {
        [string] $ReplacementPatternFilePath

    Write-DosMessage -Level "Verbose" -Message "Reading replacements from $ReplacementPatternFilePath"
        $replacementsXmlFile = [xml] (Get-Content $ReplacementPatternFilePath)
        Write-DosMessage -Level "Error" -Message "Unable to load xml in file $ReplacementPatternFilePath"

    if($null -eq $replacementsXmlFile.replacements) {
        Write-DosMessage -Level "Error" -Message "No replacements root found in specified replacement file $ReplacementPatternFilePath"
    if ($null -eq $replacementsXmlFile.replacements.pairs){
        Write-DosMessage -Level "Error" -Message "No replacements pairs found in specified replacement file $ReplacementPatternFilePath"

    $targets = $replacementsXmlFile.replacements.pairs.ChildNodes | ForEach-Object {$}

    $replacements = $replacementsXmlFile.replacements.pairs.ChildNodes | ForEach-Object {$_.replacement}

    $delimiter = ""
    if($null -eq  $replacementsXmlFile.replacements.delimiter){
        Write-DosMessage -Level "Warning" -Message "No delimiter specified in replacement file $ReplacementPatternFilePath, assuming no delimiter"   
        $delimiter = $replacementsXmlFile.replacements.delimiter

    Write-DosMessage -Level "Debug" -Message "Have $($targets.Count) replacements and the delimiter is $delimiter"

    if($PSCmdlet.ShouldProcess("Updating config file $ConfigFilePath")){
        Update-DosConfigFile -TargetPatterns $targets -ReplacementPattern $replacements -Delimiter $delimiter -FilePath $ConfigFilePath


    Updates the target DOS dac publish file to the specified database mount points
    Take the passed in mount points and update the DOS dac publish xml file
    .PARAMETER PublishOptionsFilePath
    Path to publish options file - Required - See tests/SampleFiles/DefaultDacDeployOptions.xml for an example
    .PARAMETER dataMountPointFolder
    Path to the base data mount point folder
    .PARAMETER indexMountPointFolder
    Path to the base index mount point folder
    .PARAMETER logMountPointFolder
    Path to the base log mount point folder
    Update-DosMountPoint -PublishOptionsFilePath ".\test.publish.xml" -dataMountPointFolder "C:\SQLData" -indexMountPointFolder "C:\SQLData" -logMountPointFolder "C:\SQLData"

function Update-DosMountPoint {
    param (
    [xml] $parsedPublishOptions = [xml] (Get-Content $PublishOptionsFilePath -ErrorAction Stop)
    # Mount Points are stored in the SqlCmdVariables
    $sqlCmdVariables = $parsedPublishOptions.Project.ItemGroup.SqlCmdVariable

    Write-DosMessage -Level "Verbose" -Message "Validating that data mount point folder exists at $dataMountPointFolder"
    if(!(Test-Path "$dataMountPointFolder")){
        try {
            Write-DosMessage -Level "Information" -Message "Data mount point folder does not exist, creating folder at $dataMountPointFolder"
            New-Item -ItemType directory -Path "$dataMountPointFolder"
            Write-DosMessage -Level "Verbose" -Message "Created data mount point folder at $dataMountPointFolder for $PublishOptionsFilePath"
        catch {
            Write-DosMessage -Level "Error" -Message "Could not create data mount point folder at $dataMountPointFolder for $PublishOptionsFilePath. Exception: $($_.Exception)"
    else {
        Write-DosMessage -Level "Information" -Message "Data mount point folder already exists at $dataMountPointFolder"
    foreach ($dataMountPoint in $sqlCmdVariables | Where-Object {$_.Include -like "*Data*MountPoint"}) {
        $dataMountPoint.Value = $dataMountPointFolder
    foreach ($dataMountPoint in $sqlCmdVariables | Where-Object {$_.Include -like "PrimaryMountPoint"}) {
        $dataMountPoint.Value = $dataMountPointFolder

    Write-DosMessage -Level "Verbose" -Message "Validating that log mount point folder exists at $logMountPointFolder"
    if(!(Test-Path "$logMountPointFolder")){
        try {
            Write-DosMessage -Level "Information" -Message "Log mount point folder does not exist, creating folder at $logMountPointFolder"
            New-Item -ItemType directory -Path "$logMountPointFolder"
            Write-DosMessage -Level "Verbose" -Message "Created log mount point folder at $logMountPointFolder for $PublishOptionsFilePath"
        catch {
            Write-DosMessage -Level "Error" -Message "Could not create log mount point folder at $logMountPointFolder for $PublishOptionsFilePath. Exception: $($_.Exception)"
    else {
        Write-DosMessage -Level "Information" -Message "Log mount point folder already exists at $logMountPointFolder"
    foreach ($logMountPoint in $sqlCmdVariables | Where-Object {$_.Include -like "*Log*MountPoint"}) {
        $logMountPoint.Value = $logMountPointFolder

        Write-DosMessage -Level "Verbose" -Message "Validating that index mount point folder exists at $indexMountPointFolder"
        if(!(Test-Path "$indexMountPointFolder")){
            try {
                Write-DosMessage -Level "Information" -Message "Index mount point folder does not exist, creating folder at $indexMountPointFolder"
                New-Item -ItemType directory -Path "$indexMountPointFolder"
                Write-DosMessage -Level "Verbose" -Message "Created index mount point folder at $indexMountPointFolder for $PublishOptionsFilePath"
            catch {
                Write-DosMessage -Level "Error" -Message "Could not create index mount point folder at $indexMountPointFolder for $PublishOptionsFilePath. Exception: $($_.Exception)"
        else {
            Write-DosMessage -Level "Information" -Message "Index mount point folder already exists at $indexMountPointFolder"
        foreach ($indexMountPoint in $sqlCmdVariables | Where-Object {$_.Include -like "*Index*MountPoint"}) {
            $indexMountPoint.Value = $indexMountPointFolder

    try {
        Write-DosMessage -Level "Information" -Message "Saving publish profile mount point settings"
        if ($pscmdlet.ShouldProcess($PublishOptionsFilePath,"Saving modifications to profile mount point settings")){
    catch {
        Write-DosMessage -Level "Fatal" -Message "Error occured while attempting to save mount point settings. Error $($_.Exception)"
        Write-DosTelemetry -Message "Finished attempt to update database mount point settings"


    Write a logging message with a given severity to either a file, the console, or both.
    Uses current logger configuration to log application messages based on severity.
    .PARAMETER Level
    Logger message level. Valid levels include: Verbose, Debug, Information, Warning, Error, and Fatal.
    .PARAMETER Message
    Message to be written in the log.
    .PARAMETER HeaderType
    Optional Header type that can be used to create dividers in a log file. Valid header types include: H1 and H2.
    Write-DosMessage -Level "Information" -Message "***[BEGIN]***" -HeaderType H2
    Write-DosMessage -Level "Information" -Message "Main Header" -HeaderType H1 # typically used at the beginning of a script
    Write-DosMessage -Level "Information" -Message "Step1 Header" -HeaderType H2 # typically used in the middle of script
    Write-DosMessage -Level "Information" -Message "Regular log message1."
    Write-DosMessage -Level "Information" -Message "Regular log message2."
    Write-DosMessage -Level "Information" -Message "Step2 Header" -HeaderType H2 # typically used in the middle of script
    Write-DosMessage -Level "Information" -Message "Regular log message3."
    Write-DosMessage -Level "Information" -Message "Regular log message4."
    Write-DosMessage -Level "Information" -Message "***[END]***" -HeaderType H2
    Write-DosMessage -Level "Fatal" -Message "Fatal Error Occured."

function Write-DosMessage {
        [Parameter(Mandatory = $true)]
        [ValidateSet("Verbose", "Debug", "Information", "Warning", "Error", "Fatal")]
        [string] $Level,
        [Parameter(Mandatory = $true)]
        [string] $Message,
        [Parameter(Mandatory = $false)]
        [ValidateSet("H1", "H2")]
        [string] $HeaderType
    $errorAction = $ErrorActionPreference

    # Used for mocking/testing
    if ($HeaderType) {
        $Width = 60;
        $Margin = 5;
        $Spacer = "-";
        $Message = "$($Spacer*$Margin)$Message$($Spacer*$Margin)";
        if ($Message.Length -gt ($Width - ($Margin * 2))) {
            $Width = $Message.Length + ($Margin * 2);
        switch ($HeaderType) {
            "H1" { $Padding = 2 }
            "H2" { $Padding = 0 }
            default { $Padding = 0 }
        LoadSerilog -Level "Information" -Message " "
        if ($Padding) {1..$Padding | ForEach-Object { LoadSerilog -Level $Level -Message ($Spacer * $Width)}}
        LoadSerilog -Level $Level -Message "$($Message)$($Spacer * ($Width - $Message.Length))"
        if ($Padding) {1..$Padding | ForEach-Object { LoadSerilog -Level $Level -Message ($Spacer * $Width)}}
    else {
        LoadSerilog -Level $Level -Message $Message
    # Silenty Continue do nothing
    # Default Throws on Fatal
    if ($errorAction -eq "Continue" -and $Level -eq "Fatal") {
        Throw $Message
    # Stop throws on Error and Fatal Levels
    if ($errorAction -eq "Stop" -and ($Level -eq "Error" -or $Level -eq "Fatal")) {
        Throw $Message

function LoadSerilog {
        [Parameter(Mandatory = $true)]
        [ValidateSet("Verbose", "Debug", "Information", "Warning", "Error", "Fatal")]
        [string] $Level,
        [Parameter(Mandatory = $true)]
        [string] $Message
    [SerilogBridge.SerilogBridge]::WriteDosMessage($Level, $Message)

    Write a telemetry logging message with a severity to application insights.
    Uses Information severity level by default. Requires a message to be passed in as well.
    .PARAMETER Message
    Message to be written in the telemetry log.
    Write-DosTelemetry -Message "Telemetry Message Here."

function Write-DosTelemetry {
        [string] $Message

    try {
        # Seperate function call for mocking/testing
        LoadTelemetryBridge -Message $Message
    catch {
        Write-DosMessage -Level "Error" -Message "Error writing telemetry message. Exception: $($_.Exception)"

function LoadTelemetryBridge {
        [string] $Message
# SIG # Begin signature block
# EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNV
# qJ3bMtdx6nadBS63j/qSQ8Cl+YnUNxnXtqrwnIal2CWsDnkoOn7p0WfTxvspJ8fT
# eyOU5JEjlpB3gvmhhCNmElQzUHSxKCa7JGnCwlLyFGeKiUXULaGj6YgsIJWuHEqH
# CN8M9eJNYBi+qsSyrnAxZjNxPqxwoqvOf+l8y5Kh5TsxHM/q8grkV7tKtel05iv+
# bMt+dDk2DZDv5LVOpKnqagqrhPOsZ061xPeM0SAlI+sIZD5SlsHyDxL0xY4PwaLo
# LFH3c7y9hbFig3NBggfkOItqcyDQD2RzPJ6fpjOp/RnfJZPRAgMBAAGjggHNMIIB
# Y3NwLmRpZ2ljZXJ0LmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL2NhY2VydHMuZGln
# eDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJl
# ZElEUm9vdENBLmNybDA6oDigNoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0Rp
# AgQwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAK
# BghghkgBhv1sAzAdBgNVHQ4EFgQUWsS5eyoKo6XqcQPAYPkt9mV1DlgwHwYDVR0j
# DVoks/Mi0RXILHwlKXaoHV0cLToaxO8wYdd+C2D9wz0PxK+L/e8q3yBVN7Dh9tGS
# dQ9RtG6ljlriXiSBThCk7j9xjmMOE0ut119EefM2FAaK95xGTlz/kLEbBw6RFfu6
# r7VRwo0kriTGxycqoSkoGjpxKAI8LpGjwCUR4pwUR6F6aGivm6dcIFzZcbEMj7uo
# +MUSaJ/PQMtARKUT8OZkDCUIQjKyNookAv4vcn4c10lFluhZHen6dGRrsutmQ9qz
# sIzV6Q3d9gEgzpkxYz0IGhizgZtPxpMQBvwHgfqL2vmCSfdibqFT+hKUGIUukpHq
# aGxEMrJmoecYpJpkUe8wggVrMIIEU6ADAgECAhAMMCpTLsjxo9FR9hag8ePUMA0G
# nuZ1mENMgvixlrtC/KXgBRXlcWH7ajIOKljKnWCSAZwlZy4nFGbMagKmMzohXUXg
# xo94u5nCdiBa/kgPazNGpL0AyGgX2VARMbcpm8Gdy+/uH3Kc7L91lcoGZVVBnVIt
# 1oj5iXURqmhL83TrMyYqyj3XOH0So8Y10FVLPSukocMzMqBIRgvn/7EP0iWtOjXx
# +o1wB5Ql+z9G3NCqF6CKE/Pn355XYbbmjF7BPzKoOjocHO6VU2uEflJWq1ZFb0QY
# /tAosyyLYi9kFfO1damtJfRbbsVqavwg2UeQkzhg9CpB6eSsmBXPlFHudQIDAQAB
# DDAKBggrBgEFBQcDAzB3BgNVHR8EcDBuMDWgM6Axhi9odHRwOi8vY3JsMy5kaWdp
# Y2VydC5jb20vc2hhMi1hc3N1cmVkLWNzLWcxLmNybDA1oDOgMYYvaHR0cDovL2Ny
# bDQuZGlnaWNlcnQuY29tL3NoYTItYXNzdXJlZC1jcy1nMS5jcmwwTAYDVR0gBEUw
# QzA3BglghkgBhv1sAwEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl
# AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tME4GCCsGAQUFBzAChkJodHRwOi8v
# Y2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyQXNzdXJlZElEQ29kZVNp
# 9yJAQi+9cJPZpJvOEV6iHaOBGv8898wNJCc4eB5g8WPziEY70GZVeqEdx3z0wS8U
# QQIr19Hkju2NFZjDtzB9z1jAc/9EgqFGoCZbPijv1EYAa2oOVAp1BPbLjqBSdXqu
# 2mzqo14CJ30oNom9ep9F6LGZ5zEoPsMrJejSbJGr4EacrksX8C8qeFklc7FzwiGk
# GX7IQxidrrhOm2fOvGGAAxnvNYAR0FqJK0LiWWPSt5R/j63H/6HQtqD2sLevI3+O
# bRP74TPchDobFmWlSogX9oB63E7fsbDAqecY0cRPQ6tVWK53Ke2sB514nahFjZDa
# VQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xMTAv
# llyH2tDDzn7ktcKNkXpnWMm3Kg7r9Yak0zf/eKGHoh7ppO5nooiYNItCpJHkLsWV
# adsOVyZJuUP6r/QWYF5TKV32sXZdE6HTdyRO5SJO6lbuCxi8rayFjX406VL5af5v
# w8pVfplWoKQv8jxhzHFzJ+Ako/X882Ib+8MH0/T1vkiuSsgVQlvfzxeFsd8hE3ON
# 0vqhIH5K7Gg+22mPk25Fk4lL/1iOtETu7desnTuyBoIC53fTsmRhIApaRsk06MYJ
# bSnDZpQ8SUDc3lTRN4psQpltMcCwoUPzgwXZ92T4KOyWrPi7t9TlbY3MtHEZKI0L
# d3d3LmRpZ2ljZXJ0LmNvbTExMC8GA1UEAxMoRGlnaUNlcnQgU0hBMiBBc3N1cmVk
# KFCvBzHiXQkYwvaJjGkIBCPgdy2dFeW46KFqjv/UrtJ6Fu/4QbUdOXXBzy+nrEV+
# lG2sAwGZPGI+fnr9RZcxtPq32UI+p1Wb31pPWAKoMmkiE76Lgi3GmKtrm7TJ8mUR
# DHQNsvAIlnTE6LJIoqEUpfj64YlwRDuN7/uk9MO5vRQs6wwoJyWAqxBLFhJgC2ki
# jE7NxtWyZVkh4HwsEo1wDo+KyuDT17M5d1DQQiwues6cZ3o4d1RA/0+VBCDU68jO
# hxQI/h2A3dDnK3jqvx9wxu5CFlM2RZtTGUlinXoCm5UUowIDAQABo4IDODCCAzQw
# BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwggFkBggrBgEFBQcC
# ajBoMDKgMKAuhixodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1hc3N1cmVk
# LXRzLmNybDAyoDCgLoYsaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItYXNz
# dXJlZC10cy5jcmwwgYUGCCsGAQUFBwEBBHkwdzAkBggrBgEFBQcwAYYYaHR0cDov
# L29jc3AuZGlnaWNlcnQuY29tME8GCCsGAQUFBzAChkNodHRwOi8vY2FjZXJ0cy5k
# aWdpY2VydC5jb20vRGlnaUNlcnRTSEEyQXNzdXJlZElEVGltZXN0YW1waW5nQ0Eu
# oeZGHEovbno8Y243F6Mav1gjskOclINOOQmwLOjH4eLM7ct5a87eIwFH7ZVUgeCA
# exKxrwKGqTpzav74n8GN0SGM5CmCw4oLYAACnR9HxJ+0CmhTf1oQpvgi5vhTkjFf
# 2IKDLW0TQq6DwRBOpCT0R5zeDyJyd1x/T+k5mCtXkkTX726T2UPHBDNjUTdWnkcE
# EcOjWFQh2OKOVtdJP1f8Cp8jXnv0lI3dnRq733oqptJFplUMj/ZMivKWz4lG3DGy
# kZCjXzMwYFX1/GswrKHt5EdOM55naii1TcLtW5eC+MupCGxTCbT3MIIFMTCCBBmg
# cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcN
# A1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMTEw
# 9y4eO+7MpvYyWf5fZT/gm+vjRkcGGlV+Cyd+wKL1oODeIj8O/36V+/OjuiI+GKwR
# 5PCZA207hXwJ0+5dyJoLVOOoCXFr4M8iEA91z3FyTgqt30A6XLdR4aF5FMZNJCMw
# XbzsPGBqrC8HzP3w6kfZiFBe/WZuVmEnKYmEUeaC50ZQ/ZQqLKfkdT66mA+Ef58x
# FNat1fJky3seBdCEGXIX8RcG7z3N1k3vBkL9olMqT4UdxB08r8/arBD13ays6Vb/
# BwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEMG
# CCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRB
# c3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8vY3Js
# NC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3JsMDqgOKA2
# hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290
# dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAsGCWCGSAGG/WwHATANBgkqhkiG
# 9w0BAQsFAAOCAQEAcZUS6VGHVmnN793afKpjerN4zwY3QITvS4S/ys8DAv3Fp8MO
# IEIsr3fzKx8MIVoqtwU0HWqumfgnoma/Capg33akOpMP+LLR2HwZYuhegiUexLoc
# eywh4tZbLBQ1QwRostt1AuByx5jWPGTlH0gQGF+JOGFNYkYkh2OMkVIsrymJ5Xgf
# 1gsUpYDXEkdws3XVk4WTfraSZ/tTYYmo9WuWwPRYaQ18yAGxuSh1t5ljhSKMYcp5
# lH5Z/IwP42+1ASa2bKXuh1Eh5Fhgm7oMLSttosR+u8QlK0cCCHxJrhO24XxCQijG
# kMdmi3YUGYKTOzANBgkqhkiG9w0BAQEFAASCAQC9JzcGaxNiizNntgSCzm8+Lr8g
# qckODhLQEjvUBe71pssBPxmdr3s9EsbCFRZs7PUPGLmgShxowQvvIrzVMjbUrTR0
# YbcgFZd/N6N3cpHKGnN5/ZGqx/vEZ7B68upVB5GXSVugFpeQLTZUYuXtJX4wO0uV
# 9oNhun9AO41XEwoQg+chSuJ3LR0UuO6eIpjdJqO1P6PyzI5B46FYEQitk8duDLlk
# hoPoSHoFnMPaJz8zv5MpWZQ9Qgty3nuyMKN7s1TtlOR+1prBVKZ5N/rIRTKpw5e4
# xa+ru857pAv+QHZecqHAsesCgpWZoeh3n+p80GQibqyUFPCY9MjqwU981AeS
# SIG # End signature block