Tests/Integration/MSFT_xExchActiveSyncVirtualDirectory.Integration.Tests.ps1
<#
.SYNOPSIS Automated integration test for MSFT_xExchActiveSyncVirtualDirectory DSC Resource. This test module requires use of credentials. The first run through of the tests will prompt for credentials from the logged on user. #> #region HEADER [System.String]$script:moduleRoot = Split-Path -Parent (Split-Path -Parent $PSScriptRoot) [System.String]$script:DSCModuleName = 'xExchange' [System.String]$script:DSCResourceFriendlyName = 'xExchActiveSyncVirtualDirectory' [System.String]$script:DSCResourceName = "MSFT_$($script:DSCResourceFriendlyName)" Import-Module -Name (Join-Path -Path $script:moduleRoot -ChildPath (Join-Path -Path 'Tests' -ChildPath (Join-Path -Path 'TestHelpers' -ChildPath 'xExchangeTestHelper.psm1'))) -Force Import-Module -Name (Join-Path -Path $script:moduleRoot -ChildPath (Join-Path -Path 'Modules' -ChildPath 'xExchangeHelper.psm1')) -Force Import-Module -Name (Join-Path -Path $script:moduleRoot -ChildPath (Join-Path -Path 'DSCResources' -ChildPath (Join-Path -Path "$($script:DSCResourceName)" -ChildPath "$($script:DSCResourceName).psm1"))) #Check if Exchange is installed on this machine. If not, we can't run tests [System.Boolean]$exchangeInstalled = IsSetupComplete #endregion HEADER if ($exchangeInstalled) { #Get required credentials to use for the test if ($null -eq $Global:ShellCredentials) { [PSCredential]$Global:ShellCredentials = Get-Credential -Message 'Enter credentials for connecting a Remote PowerShell session to Exchange' } #Get the Server FQDN for using in URL's if ($null -eq $Global:ServerFqdn) { $Global:ServerFqdn = [System.Net.Dns]::GetHostByName($env:COMPUTERNAME).HostName } if ($null -eq $Global:WebCertAuthInstalled) { $webCertAuth = Get-WindowsFeature -Name Web-Cert-Auth if ($webCertAuth.InstallState -ne 'Installed') { $Global:WebCertAuthInstalled = $false Write-Verbose -Message 'Web-Cert-Auth is not installed. Skipping certificate based authentication tests.' } else { $Global:WebCertAuthInstalled = $true } } if ($Global:WebCertAuthInstalled -eq $true) { #Get the thumbprint to use for ActiveSync Cert Based Auth if ($null -eq $Global:CBACertThumbprint) { $Global:CBACertThumbprint = Read-Host -Prompt 'Enter the thumbprint of an Exchange certificate to use when enabling Certificate Based Authentication' } } Describe 'Test Setting Properties with xExchActiveSyncVirtualDirectory' { $testParams = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" Credential = $Global:ShellCredentials AutoCertBasedAuth = $false AutoCertBasedAuthThumbprint = '' BadItemReportingEnabled = $false BasicAuthEnabled = $true ClientCertAuth = 'Ignore' CompressionEnabled = $true ExtendedProtectionFlags = @('AllowDotlessspn','NoServicenameCheck') ExtendedProtectionSPNList = @('http/mail.fabrikam.com','http/mail.fabrikam.local','http/wxweqc') ExtendedProtectionTokenChecking = 'Allow' ExternalAuthenticationMethods = @('Basic','Kerberos') ExternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" InstallIsapiFilter = $true InternalAuthenticationMethods = @('Basic','Kerberos') InternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" MobileClientCertificateAuthorityURL = 'http://whatever.com/CA' MobileClientCertificateProvisioningEnabled = $true MobileClientCertTemplateName = 'MyTemplateforEAS' #Name = "$($Node.NodeName) EAS Site" RemoteDocumentsActionForUnknownServers = 'Block' RemoteDocumentsAllowedServers = @('AllowedA','AllowedB') RemoteDocumentsBlockedServers = @('BlockedA','BlockedB') RemoteDocumentsInternalDomainSuffixList = @('InternalA','InternalB') SendWatsonReport = $false WindowsAuthEnabled = $false } $expectedGetResults = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" BadItemReportingEnabled = $false BasicAuthEnabled = $true ClientCertAuth = 'Ignore' CompressionEnabled = $true ExtendedProtectionTokenChecking = 'Allow' ExternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" InternalAuthenticationMethods = @('Basic','Kerberos') InternalUrl = "https://$($Global:ServerFqdn)/Microsoft-Server-ActiveSync" MobileClientCertificateAuthorityURL = 'http://whatever.com/CA' MobileClientCertificateProvisioningEnabled = $true MobileClientCertTemplateName = 'MyTemplateforEAS' #Name = "$($Node.NodeName) EAS Site" RemoteDocumentsActionForUnknownServers = 'Block' SendWatsonReport = $false WindowsAuthEnabled = $false } Test-TargetResourceFunctionality -Params $testParams ` -ContextLabel 'Set standard parameters' ` -ExpectedGetResults $expectedGetResults Test-ArrayContentsEqual -TestParams $testParams ` -DesiredArrayContents $testParams.ExtendedProtectionFlags ` -GetResultParameterName 'ExtendedProtectionFlags' ` -ContextLabel 'Verify ExtendedProtectionFlags' ` -ItLabel 'ExtendedProtectionSPNList should contain three values' Test-ArrayContentsEqual -TestParams $testParams ` -DesiredArrayContents $testParams.ExtendedProtectionSPNList ` -GetResultParameterName 'ExtendedProtectionSPNList' ` -ContextLabel 'Verify ExtendedProtectionSPNList' ` -ItLabel 'ExtendedProtectionSPNList should contain three values' Test-ArrayContentsEqual -TestParams $testParams ` -DesiredArrayContents $testParams.ExternalAuthenticationMethods ` -GetResultParameterName 'ExternalAuthenticationMethods' ` -ContextLabel 'Verify ExternalAuthenticationMethods' ` -ItLabel 'ExternalAuthenticationMethods should contain two values' Test-ArrayContentsEqual -TestParams $testParams ` -DesiredArrayContents $testParams.InternalAuthenticationMethods ` -GetResultParameterName 'InternalAuthenticationMethods' ` -ContextLabel 'Verify InternalAuthenticationMethods' ` -ItLabel 'InternalAuthenticationMethods should contain two values' Test-ArrayContentsEqual -TestParams $testParams ` -DesiredArrayContents $testParams.RemoteDocumentsAllowedServers ` -GetResultParameterName 'RemoteDocumentsAllowedServers' ` -ContextLabel 'Verify RemoteDocumentsAllowedServers' ` -ItLabel 'RemoteDocumentsAllowedServers should contain two values' Test-ArrayContentsEqual -TestParams $testParams ` -DesiredArrayContents $testParams.RemoteDocumentsBlockedServers ` -GetResultParameterName 'RemoteDocumentsBlockedServers' ` -ContextLabel 'Verify RemoteDocumentsBlockedServers' ` -ItLabel 'RemoteDocumentsBlockedServers should contain two values' Test-ArrayContentsEqual -TestParams $testParams ` -DesiredArrayContents $testParams.RemoteDocumentsInternalDomainSuffixList ` -GetResultParameterName 'RemoteDocumentsInternalDomainSuffixList' ` -ContextLabel 'Verify RemoteDocumentsInternalDomainSuffixList' ` -ItLabel 'RemoteDocumentsInternalDomainSuffixList should contain two values' $testParams.ExternalUrl = '' $testParams.InternalUrl = '' $expectedGetResults.ExternalUrl = $null $expectedGetResults.InternalUrl = $null Test-TargetResourceFunctionality -Params $testParams ` -ContextLabel 'Try with empty URLs' ` -ExpectedGetResults $expectedGetResults if ($Global:WebCertAuthInstalled -eq $true) { $testParams.AutoCertBasedAuth = $true $testParams.AutoCertBasedAuthThumbprint = $Global:CBACertThumbprint $testParams.ClientCertAuth = 'Required' $expectedGetResults.ClientCertAuth = 'Required' Test-TargetResourceFunctionality -Params $testParams ` -ContextLabel 'Try enabling certificate based authentication' ` -ExpectedGetResults $expectedGetResults } Context 'Test missing ExtendedProtectionFlags for ExtendedProtectionSPNList' { $caughtException = $false $testParams.ExtendedProtectionFlags = @('NoServicenameCheck') try { $SetResults = Set-TargetResource @testParams } catch { $caughtException = $true } It 'Should hit exception for missing ExtendedProtectionFlags AllowDotlessSPN' { $caughtException | Should Be $true } It 'Test results should be true after adding missing ExtendedProtectionFlags' { $testParams.ExtendedProtectionFlags = @('AllowDotlessSPN') Set-TargetResource @testParams $testResults = Test-TargetResource @testParams $testResults | Should Be $true } } Context 'Test invalid combination in ExtendedProtectionFlags' { $caughtException = $false $testParams.ExtendedProtectionFlags = @('NoServicenameCheck','None') try { $SetResults = Set-TargetResource @testParams } catch { $caughtException = $true } It 'Should hit exception for invalid combination ExtendedProtectionFlags' { $caughtException | Should Be $true } It 'Test results should be true after correction of ExtendedProtectionFlags' { $testParams.ExtendedProtectionFlags = @('AllowDotlessSPN') Set-TargetResource @testParams $testResults = Test-TargetResource @testParams $testResults | Should Be $true } } $testParams.ActiveSyncServer = "https://eas.$($env:USERDNSDOMAIN)/Microsoft-Server-ActiveSync" $testParams.Remove('ExternalUrl') $expectedGetResults.ActiveSyncServer = "https://eas.$($env:USERDNSDOMAIN)/Microsoft-Server-ActiveSync" $expectedGetResults.ExternalUrl = "https://eas.$($env:USERDNSDOMAIN)/Microsoft-Server-ActiveSync" Test-TargetResourceFunctionality -Params $testParams ` -ContextLabel 'Try by setting External URL via ActiveSyncServer' ` -ExpectedGetResults $expectedGetResults #Set values back to default $testParams = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" Credential = $Global:ShellCredentials BadItemReportingEnabled = $true BasicAuthEnabled = $false ClientCertAuth = 'Ignore' CompressionEnabled = $false ExtendedProtectionFlags = 'None' ExtendedProtectionSPNList = $null ExtendedProtectionTokenChecking = 'None' ExternalAuthenticationMethods = $null InternalAuthenticationMethods = $null MobileClientCertificateAuthorityURL = $null MobileClientCertificateProvisioningEnabled = $false MobileClientCertTemplateName = $null RemoteDocumentsActionForUnknownServers = 'Allow' RemoteDocumentsAllowedServers = $null RemoteDocumentsBlockedServers = $null RemoteDocumentsInternalDomainSuffixList = $null SendWatsonReport = $true WindowsAuthEnabled = $true } $expectedGetResults = @{ Identity = "$($env:COMPUTERNAME)\Microsoft-Server-ActiveSync (Default Web Site)" BadItemReportingEnabled = $true BasicAuthEnabled = $false ClientCertAuth = 'Ignore' CompressionEnabled = $false ExtendedProtectionTokenChecking = 'None' ExtendedProtectionFlags = $null ExtendedProtectionSPNList = $null ExternalAuthenticationMethods = $null InternalAuthenticationMethods = $null MobileClientCertificateAuthorityURL = '' MobileClientCertificateProvisioningEnabled = $false MobileClientCertTemplateName = '' RemoteDocumentsActionForUnknownServers = 'Allow' RemoteDocumentsAllowedServers = $null RemoteDocumentsBlockedServers = $null RemoteDocumentsInternalDomainSuffixList = $null SendWatsonReport = $true WindowsAuthEnabled = $true } Test-TargetResourceFunctionality -Params $testParams ` -ContextLabel 'Reset values to default' ` -ExpectedGetResults $expectedGetResults } } else { Write-Verbose -Message 'Tests in this file require that Exchange is installed to be run.' } |