MVA_DSC_2015_DAY2

0.0.0.2

Scripts/Reskit9/All Resources/xAzurePack/DSCResources/MSFT_xAzurePackIdentityProvider/MSFT_xAzurePackIdentityProvider.psm1

                                function Get-TargetResource

{

    [CmdletBinding()]

    [OutputType([System.Collections.Hashtable])]

    param

    (

        [parameter(Mandatory = $true)]

        [ValidateSet("Membership","Windows")]

        [System.String]

        $Target,

        [parameter(Mandatory = $true)]

        [System.String]

        $FullyQualifiedDomainName,

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.Management.Automation.PSCredential]

        $AzurePackAdminCredential,

        [parameter(Mandatory = $true)]

        [System.String]

        $SQLServer,

        [System.String]

        $SQLInstance = "MSSQLSERVER"

    )

    if($SQLInstance -eq "MSSQLSERVER")

    {

        $ConnectionString = "Data Source=$SQLServer;Initial Catalog=Microsoft.MgmtSvc.PortalConfigStore;Integrated Security=True";

    }

    else

    {

        $ConnectionString = "Data Source=$SQLServer\$SQLInstance;Initial Catalog=Microsoft.MgmtSvc.PortalConfigStore;Integrated Security=True";

    }

    $FQDN = Invoke-Command -ComputerName . -Credential $AzurePackAdminCredential -Authentication Credssp {

        $Target = $args[0]

        $ConnectionString = $args[1]

        switch($Target)

        {

            "Membership"

            {

                $Namespace = "AuthSite"

            }

            "Windows"

            {

                $Namespace = "WindowsAuthSite"

            }

        }

        ((ConvertFrom-Json (Get-MgmtSvcDatabaseSetting -Namespace $Namespace -Name Authentication.RelyingParty.Primary -ConnectionString $ConnectionString).Value).ReplyTo).Split("/")[2]

    } -ArgumentList @($Target,$ConnectionString)

    $returnValue = @{

        Target = $Target

        FullyQualifiedDomainName = $FQDN.Split(":")[0]

        Port = $FQDN.Split(":")[1]

        SQLServer = $SQLServer

        SQLInstance = $SQLInstance

    }

    $returnValue

}

function Set-TargetResource

{

    [CmdletBinding()]

    param

    (

        [parameter(Mandatory = $true)]

        [ValidateSet("Membership","Windows")]

        [System.String]

        $Target,

        [parameter(Mandatory = $true)]

        [System.String]

        $FullyQualifiedDomainName,

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.Management.Automation.PSCredential]

        $AzurePackAdminCredential,

        [parameter(Mandatory = $true)]

        [System.String]

        $SQLServer,

        [System.String]

        $SQLInstance = "MSSQLSERVER"

    )

    if($Port -eq 0)

    {

        Switch($Target)

        {

            "Windows"

            {

                $Port = 30091

            }

            "Membership"

            {

                $Port = 30081

            }

        }

    }

    if($SQLInstance -eq "MSSQLSERVER")

    {

        $PortalConnectionString = "Data Source=$SQLServer;Initial Catalog=Microsoft.MgmtSvc.PortalConfigStore;Integrated Security=True";

        $ManagementConnectionString = "Data Source=$SQLServer;Initial Catalog=Microsoft.MgmtSvc.Store;Integrated Security=True";

    }

    else

    {

        $PortalConnectionString = "Data Source=$SQLServer\$SQLInstance;Initial Catalog=Microsoft.MgmtSvc.PortalConfigStore;Integrated Security=True";

        $ManagementConnectionString = "Data Source=$SQLServer\$SQLInstance;Initial Catalog=Microsoft.MgmtSvc.Store;Integrated Security=True";

    }

    Invoke-Command -ComputerName . -Credential $AzurePackAdminCredential -Authentication Credssp {

        $Target = $args[0]

        $FullyQualifiedDomainName = $args[1]

        $Port = $args[2]

        $PortalConnectionString = $args[3]

        $ManagementConnectionString = $args[4]

        Set-MgmtSvcIdentityProviderSettings -Target $Target -MetadataEndpoint "https://$FullyQualifiedDomainName`:$Port/FederationMetadata/2007-06/FederationMetadata.xml" -PortalConnectionString $PortalConnectionString -ManagementConnectionString $ManagementConnectionString -DisableCertificateValidation;

    } -ArgumentList @($Target,$FullyQualifiedDomainName,$Port,$PortalConnectionString,$ManagementConnectionString)

    if(!(Test-TargetResource @PSBoundParameters))

    {

        throw "Set-TargetResouce failed"

    }

}

function Test-TargetResource

{

    [CmdletBinding()]

    [OutputType([System.Boolean])]

    param

    (

        [parameter(Mandatory = $true)]

        [ValidateSet("Membership","Windows")]

        [System.String]

        $Target,

        [parameter(Mandatory = $true)]

        [System.String]

        $FullyQualifiedDomainName,

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.Management.Automation.PSCredential]

        $AzurePackAdminCredential,

        [parameter(Mandatory = $true)]

        [System.String]

        $SQLServer,

        [System.String]

        $SQLInstance = "MSSQLSERVER"

    )

    if($Port -eq 0)

    {

        Switch($Target)

        {

            "Windows"

            {

                $Port = 30091

            }

            "Membership"

            {

                $Port = 30081

            }

        }

    }

    $FQDN = Get-TargetResource @PSBoundParameters

    $result = (($FQDN.FullyQualifiedDomainName -eq $FullyQualifiedDomainName) -and ($FQDN.Port -eq $Port))

    $result

}

Export-ModuleMember -Function *-TargetResource