Test/MSFT_xExchActiveSyncVirtualDirectory.Integration.Tests.ps1
|
###NOTE: This test module requires use of credentials. The first run through of the tests will prompt for credentials from the logged on user. Import-Module $PSScriptRoot\..\DSCResources\MSFT_xExchActiveSyncVirtualDirectory\MSFT_xExchActiveSyncVirtualDirectory.psm1 Import-Module $PSScriptRoot\..\Misc\xExchangeCommon.psm1 -Verbose:0 Import-Module $PSScriptRoot\xExchange.Tests.Common.psm1 -Verbose:0 #Check if Exchange is installed on this machine. If not, we can't run tests [bool]$exchangeInstalled = IsSetupComplete if ($exchangeInstalled) { #Get required credentials to use for the test if ($null -eq $Global:ShellCredentials) { [PSCredential]$Global:ShellCredentials = Get-Credential -Message "Enter credentials for connecting a Remote PowerShell session to Exchange" } #Get the Server FQDN for using in URL's if ($null -eq $Global:ServerFqdn) { $Global:ServerFqdn = [System.Net.Dns]::GetHostByName($env:COMPUTERNAME).HostName } if ($null -eq $Global:WebCertAuthInstalled) { $webCertAuth = Get-WindowsFeature -Name Web-Cert-Auth if ($webCertAuth.InstallState -ne "Installed") { $Global:WebCertAuthInstalled = $false Write-Verbose "Web-Cert-Auth is not installed. Skipping certificate based authentication tests." } else { $Global:WebCertAuthInstalled = $true } } if ($Global:WebCertAuthInstalled -eq $true) { #Get the thumbprint to use for ActiveSync Cert Based Auth if ($null -eq $Global:CBACertThumbprint) { $Global:CBACertThumbprint = Read-Host -Prompt "Enter the thumbprint of an Exchange certificate to use when enabling Certificate Based Authentication" } } Describe "Test Setting Properties with xExchActiveSyncVirtualDirectory" { $testParams = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" Credential = $Global:ShellCredentials AutoCertBasedAuth = $false AutoCertBasedAuthThumbprint = '' BadItemReportingEnabled = $false BasicAuthEnabled = $true ClientCertAuth = 'Ignore' CompressionEnabled = $true ExtendedProtectionFlags = @("AllowDotlessspn","NoServicenameCheck") ExtendedProtectionSPNList = @("http/mail.fabrikam.com","http/mail.fabrikam.local","http/wxweqc") ExtendedProtectionTokenChecking = "Allow" ExternalAuthenticationMethods = @("Basic","Kerberos") ExternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" InstallIsapiFilter = $true InternalAuthenticationMethods = @("Basic","Kerberos") InternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" MobileClientCertificateAuthorityURL = "http://whatever.com/CA" MobileClientCertificateProvisioningEnabled = $true MobileClientCertTemplateName = "MyTemplateforEAS" #Name = "$($Node.NodeName) EAS Site" RemoteDocumentsActionForUnknownServers = "Block" RemoteDocumentsAllowedServers = @("AllowedA","AllowedB") RemoteDocumentsBlockedServers = @("BlockedA","BlockedB") RemoteDocumentsInternalDomainSuffixList = @("InternalA","InternalB") SendWatsonReport = $false WindowsAuthEnabled = $false } $expectedGetResults = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" BadItemReportingEnabled = $false BasicAuthEnabled = $true ClientCertAuth = 'Ignore' CompressionEnabled = $true ExtendedProtectionTokenChecking = "Allow" ExternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" InternalAuthenticationMethods = @("Basic","Kerberos") InternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" MobileClientCertificateAuthorityURL = "http://whatever.com/CA" MobileClientCertificateProvisioningEnabled = $true MobileClientCertTemplateName = "MyTemplateforEAS" #Name = "$($Node.NodeName) EAS Site" RemoteDocumentsActionForUnknownServers = "Block" SendWatsonReport = $false WindowsAuthEnabled = $false } Test-TargetResourceFunctionality -Params $testParams -ContextLabel "Set standard parameters" -ExpectedGetResults $expectedGetResults Test-ArrayContentsEqual -TestParams $testParams -DesiredArrayContents $testParams.ExtendedProtectionFlags -GetResultParameterName "ExtendedProtectionFlags" -ContextLabel "Verify ExtendedProtectionFlags" -ItLabel "ExtendedProtectionSPNList should contain three values" Test-ArrayContentsEqual -TestParams $testParams -DesiredArrayContents $testParams.ExtendedProtectionSPNList -GetResultParameterName "ExtendedProtectionSPNList" -ContextLabel "Verify ExtendedProtectionSPNList" -ItLabel "ExtendedProtectionSPNList should contain three values" Test-ArrayContentsEqual -TestParams $testParams -DesiredArrayContents $testParams.ExternalAuthenticationMethods -GetResultParameterName "ExternalAuthenticationMethods" -ContextLabel "Verify ExternalAuthenticationMethods" -ItLabel "ExternalAuthenticationMethods should contain two values" Test-ArrayContentsEqual -TestParams $testParams -DesiredArrayContents $testParams.InternalAuthenticationMethods -GetResultParameterName "InternalAuthenticationMethods" -ContextLabel "Verify InternalAuthenticationMethods" -ItLabel "InternalAuthenticationMethods should contain two values" Test-ArrayContentsEqual -TestParams $testParams -DesiredArrayContents $testParams.RemoteDocumentsAllowedServers -GetResultParameterName "RemoteDocumentsAllowedServers" -ContextLabel "Verify RemoteDocumentsAllowedServers" -ItLabel "RemoteDocumentsAllowedServers should contain two values" Test-ArrayContentsEqual -TestParams $testParams -DesiredArrayContents $testParams.RemoteDocumentsBlockedServers -GetResultParameterName "RemoteDocumentsBlockedServers" -ContextLabel "Verify RemoteDocumentsBlockedServers" -ItLabel "RemoteDocumentsBlockedServers should contain two values" Test-ArrayContentsEqual -TestParams $testParams -DesiredArrayContents $testParams.RemoteDocumentsInternalDomainSuffixList -GetResultParameterName "RemoteDocumentsInternalDomainSuffixList" -ContextLabel "Verify RemoteDocumentsInternalDomainSuffixList" -ItLabel "RemoteDocumentsInternalDomainSuffixList should contain two values" $testParams.ExternalUrl = '' $testParams.InternalUrl = '' $expectedGetResults.ExternalUrl = $null $expectedGetResults.InternalUrl = $null Test-TargetResourceFunctionality -Params $testParams -ContextLabel "Try with empty URL's" -ExpectedGetResults $expectedGetResults if ($Global:WebCertAuthInstalled -eq $true) { $testParams.AutoCertBasedAuth = $true $testParams.AutoCertBasedAuthThumbprint = $Global:CBACertThumbprint $testParams.ClientCertAuth = 'Required' $expectedGetResults.ClientCertAuth = 'Required' Test-TargetResourceFunctionality -Params $testParams -ContextLabel "Try enabling certificate based authentication" -ExpectedGetResults $expectedGetResults } Context "Test missing ExtendedProtectionFlags for ExtendedProtectionSPNList" { $caughtException = $false $testParams.ExtendedProtectionFlags = @("NoServicenameCheck") try { $SetResults = Set-TargetResource @testParams } catch { $caughtException = $true } It "Should hit exception for missing ExtendedProtectionFlags AllowDotlessSPN" { $caughtException | Should Be $true } It "Test results should be true after adding missing ExtendedProtectionFlags" { $testParams.ExtendedProtectionFlags = @("AllowDotlessSPN") Set-TargetResource @testParams $testResults = Test-TargetResource @testParams $testResults | Should Be $true } } Context "Test invalid combination in ExtendedProtectionFlags" { $caughtException = $false $testParams.ExtendedProtectionFlags = @("NoServicenameCheck","None") try { $SetResults = Set-TargetResource @testParams } catch { $caughtException = $true } It "Should hit exception for invalid combination ExtendedProtectionFlags" { $caughtException | Should Be $true } It "Test results should be true after correction of ExtendedProtectionFlags" { $testParams.ExtendedProtectionFlags = @("AllowDotlessSPN") Set-TargetResource @testParams $testResults = Test-TargetResource @testParams $testResults | Should Be $true } } $testParams.ActiveSyncServer = "https://eas.$($env:USERDNSDOMAIN)/Microsoft-Server-ActiveSync" $testParams.Remove("ExternalUrl") $expectedGetResults.ActiveSyncServer = "https://eas.$($env:USERDNSDOMAIN)/Microsoft-Server-ActiveSync" $expectedGetResults.ExternalUrl = "https://eas.$($env:USERDNSDOMAIN)/Microsoft-Server-ActiveSync" Test-TargetResourceFunctionality -Params $testParams -ContextLabel "Try by setting External URL via ActiveSyncServer" -ExpectedGetResults $expectedGetResults #Set values back to default $testParams = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" Credential = $Global:ShellCredentials BadItemReportingEnabled = $true BasicAuthEnabled = $false ClientCertAuth = 'Ignore' CompressionEnabled = $false ExtendedProtectionFlags = 'None' ExtendedProtectionSPNList = $null ExtendedProtectionTokenChecking = 'None' ExternalAuthenticationMethods = $null InternalAuthenticationMethods = $null MobileClientCertificateAuthorityURL = $null MobileClientCertificateProvisioningEnabled = $false MobileClientCertTemplateName = $null RemoteDocumentsActionForUnknownServers = 'Allow' RemoteDocumentsAllowedServers = $null RemoteDocumentsBlockedServers = $null RemoteDocumentsInternalDomainSuffixList = $null SendWatsonReport = $true WindowsAuthEnabled = $true } $expectedGetResults = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" BadItemReportingEnabled = $true BasicAuthEnabled = $false ClientCertAuth = 'Ignore' CompressionEnabled = $false ExtendedProtectionTokenChecking = 'None' ExtendedProtectionFlags = $null ExtendedProtectionSPNList = $null ExternalAuthenticationMethods = $null InternalAuthenticationMethods = $null MobileClientCertificateAuthorityURL = '' MobileClientCertificateProvisioningEnabled = $false MobileClientCertTemplateName = '' RemoteDocumentsActionForUnknownServers = 'Allow' RemoteDocumentsAllowedServers = $null RemoteDocumentsBlockedServers = $null RemoteDocumentsInternalDomainSuffixList = $null SendWatsonReport = $true WindowsAuthEnabled = $true } Test-TargetResourceFunctionality -Params $testParams -ContextLabel "Reset values to default" -ExpectedGetResults $expectedGetResults } } else { Write-Verbose "Tests in this file require that Exchange is installed to be run." } |