DSCResources/MSFT_xExchAntiMalwareScanning/MSFT_xExchAntiMalwareScanning.psm1
|
function Get-TargetResource { [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")] [CmdletBinding()] [OutputType([System.Collections.Hashtable])] param ( [Parameter(Mandatory = $true)] [System.Boolean] $Enabled, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] [System.Management.Automation.Credential()] $Credential, [Parameter()] [System.Boolean] $AllowServiceRestart = $false ) LogFunctionEntry -Parameters @{"Enabled" = $Enabled} -VerbosePreference $VerbosePreference #Establish remote Powershell session GetRemoteExchangeSession -Credential $Credential -CommandsToLoad 'Get-TransportAgent' -VerbosePreference $VerbosePreference $agent = Get-TransportAgent -Identity "Malware Agent" if ($null -ne $agent) { $returnValue = @{ Enabled = $agent.Enabled } } $returnValue } function Set-TargetResource { [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")] [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [System.Boolean] $Enabled, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] [System.Management.Automation.Credential()] $Credential, [Parameter()] [System.Boolean] $AllowServiceRestart = $false ) LogFunctionEntry -Parameters @{"Enabled" = $Enabled} -VerbosePreference $VerbosePreference $scriptsRoot = Join-Path -Path ((Get-ItemProperty HKLM:\SOFTWARE\Microsoft\ExchangeServer\v15\Setup).MsiInstallPath) -ChildPath "Scripts" if ($Enabled -eq $true) { $scriptPath = Join-Path -Path "$($scriptsRoot)" -ChildPath "Enable-AntimalwareScanning.ps1" } else { $scriptPath = Join-Path -Path "$($scriptsRoot)" -ChildPath "Disable-AntimalwareScanning.ps1" } #Override Write-Host, as it is used by the target scripts, and causes a DSC error since the session is not interactive New-Alias Write-Host Write-Verbose if($AllowServiceRestart -eq $true) { . $scriptPath -ForceRestart } else { . $scriptPath Write-Warning -Message 'The configuration will not take effect until the MSExchangeTransport service is manually restarted.' } Remove-Item Alias:Write-Host } function Test-TargetResource { [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")] [CmdletBinding()] [OutputType([System.Boolean])] param ( [Parameter(Mandatory = $true)] [System.Boolean] $Enabled, [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] [System.Management.Automation.Credential()] $Credential, [Parameter()] [System.Boolean] $AllowServiceRestart = $false ) LogFunctionEntry -Parameters @{"Enabled" = $Enabled} -VerbosePreference $VerbosePreference $agentStatus = Get-TargetResource @PSBoundParameters $testResults = $true if ($null -eq $agentStatus) { Write-Verbose -Message 'Unable to retrieve AntiMalware Agent Status for server' $testResults = $false } else { if (!(VerifySetting -Name "Enabled" -Type "Boolean" -ExpectedValue $Enabled -ActualValue $agentStatus.Enabled -PSBoundParametersIn $PSBoundParameters -VerbosePreference $VerbosePreference)) { $testResults = $false } } return $testResults } Export-ModuleMember -Function *-TargetResource |