Merge pull request #1309 from ykuijs/SPService

CHANGELOG.md

@@ -4,11 +4,13 @@ The format is based on and uses the types of changes according to [Keep a Change
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
-- SPSecurityTokenServiceConfig
-  - Added support for LogonTokenCacheExpirationWindow, WindowsTokenLifetime and FormsTokenLifetime settings
 
 ### Added
 
+- SPSecurityTokenServiceConfig
+  - Added support for LogonTokenCacheExpirationWindow, WindowsTokenLifetime and FormsTokenLifetime settings
+- SPService
+  - New resource
 - SPUsageDefinition
   - New resource
 
@@ -20,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [4.6.0] - 2021-04-02
 
 ### Added
+
 - SharePointDsc
   - Export-SPDscDiagnosticData cmdlet to create a diagnostic package which can
     easily be shared for troubleshooting

SharePointDsc/DSCResources/MSFT_SPSecurityTokenServiceConfig/MSFT_SPSecurityTokenServiceConfig.psm1

@@ -282,7 +282,7 @@ function Set-TargetResource
                     -Source $MyInvocation.MyCommand.Source
                 throw $message
             }
-            
+
             $config.LogonTokenCacheExpirationWindow = (New-TimeSpan -Minutes $params.LogonTokenCacheExpirationWindow)
         }
 

SharePointDsc/DSCResources/MSFT_SPService/MSFT_SPService.psm1

@@ -0,0 +1,256 @@
+$script:SPDscUtilModulePath = Join-Path -Path $PSScriptRoot -ChildPath '..\..\Modules\SharePointDsc.Util'
+Import-Module -Name $script:SPDscUtilModulePath
+
+function Get-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Collections.Hashtable])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Name,
+
+        [Parameter()]
+        [ValidateSet("Present", "Absent")]
+        [System.String]
+        $Ensure = "Present",
+
+        [Parameter()]
+        [System.Management.Automation.PSCredential]
+        $InstallAccount
+    )
+
+    Write-Verbose -Message "Getting status for service '$Name'"
+
+    if ((Get-SPDscInstalledProductVersion).FileMajorPart -eq 15)
+    {
+        $message = ("This resource is only supported on SharePoint 2016 and later. " + `
+                "SharePoint 2013 does not support MinRole.")
+        Add-SPDscEvent -Message $message `
+            -EntryType 'Error' `
+            -EventID 100 `
+            -Source $MyInvocation.MyCommand.Source
+        throw $message
+    }
+
+    $result = Invoke-SPDscCommand -Credential $InstallAccount `
+        -Arguments @($PSBoundParameters) `
+        -ScriptBlock {
+        $params = $args[0]
+
+        $service = Get-SPService -Identity $params.Name -ErrorAction 'SilentlyContinue'
+
+        if ($null -eq $service)
+        {
+            return @{
+                Name   = $params.Name
+                Ensure = "Absent"
+            }
+        }
+
+        if ($service.AutoProvision -eq $true)
+        {
+            $localEnsure = "Present"
+        }
+        else
+        {
+            $localEnsure = "Absent"
+        }
+
+        return @{
+            Name   = $params.Name
+            Ensure = $localEnsure
+        }
+    }
+    return $result
+}
+
+function Set-TargetResource
+{
+    [CmdletBinding()]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Name,
+
+        [Parameter()]
+        [ValidateSet("Present", "Absent")]
+        [System.String]
+        $Ensure = "Present",
+
+        [Parameter()]
+        [System.Management.Automation.PSCredential]
+        $InstallAccount
+    )
+
+    Write-Verbose -Message "Setting status for service '$Name'"
+
+    if ((Get-SPDscInstalledProductVersion).FileMajorPart -eq 15)
+    {
+        $message = ("This resource is only supported on SharePoint 2016 and later. " + `
+                "SharePoint 2013 does not support MinRole.")
+        Add-SPDscEvent -Message $message `
+            -EntryType 'Error' `
+            -EventID 100 `
+            -Source $MyInvocation.MyCommand.Source
+        throw $message
+    }
+
+    $invokeArgs = @{
+        Credential = $InstallAccount
+        Arguments  = @($PSBoundParameters, $MyInvocation.MyCommand.Source)
+    }
+
+    if ($Ensure -eq "Present")
+    {
+        Write-Verbose -Message "Provisioning service '$Name'"
+
+        Invoke-SPDscCommand @invokeArgs -ScriptBlock {
+            $params = $args[0]
+            $eventSource = $args[1]
+
+            $service = Get-SPService -Identity $params.Name -ErrorAction 'SilentlyContinue'
+
+            if ($null -eq $service)
+            {
+                $message = "Specified service does not exist '$($params.Name)'"
+                Add-SPDscEvent -Message $message `
+                    -EntryType 'Error' `
+                    -EventID 100 `
+                    -Source $eventSource
+                throw $message
+            }
+
+            Start-SPService -Identity $params.Name | Out-Null
+
+            # Waiting for the service to start before continuing (max 30 minutes)
+            $serviceCheck = Get-SPService -Identity $params.Name
+
+            $count = 0
+            $maxCount = 60
+
+            while (($count -lt $maxCount) -and ($serviceCheck.CompliantWithMinRole -ne $true))
+            {
+                Write-Verbose -Message ("$([DateTime]::Now.ToShortTimeString()) - Waiting " + `
+                        "for services to start on all servers. Current status: $($serviceCheck.Status) " + `
+                        "(waited $count of $maxCount)")
+                Start-Sleep -Seconds 30
+                $serviceCheck = Get-SPService -Identity $params.Name
+                $count++
+            }
+        }
+    }
+    else
+    {
+        Write-Verbose -Message "Deprovisioning service '$Name'"
+
+        Invoke-SPDscCommand @invokeArgs -ScriptBlock {
+            $params = $args[0]
+            $eventSource = $args[1]
+
+            $service = Get-SPService -Identity $params.Name -ErrorAction 'SilentlyContinue'
+
+            if ($null -eq $service)
+            {
+                $message = "Specified service does not exist '$($params.Name)'"
+                Add-SPDscEvent -Message $message `
+                    -EntryType 'Error' `
+                    -EventID 100 `
+                    -Source $eventSource
+                throw $message
+            }
+
+            Stop-SPService -Identity $params.Name -Confirm:$false | Out-Null
+
+            # Waiting for the service to stop before continuing (max 30 minutes)
+            $serviceCheck = Get-SPService -Identity $params.Name
+
+            $count = 0
+            $maxCount = 60
+
+            while (($count -lt $maxCount) -and ($serviceCheck.AutoProvision -ne $false))
+            {
+                Write-Verbose -Message ("$([DateTime]::Now.ToShortTimeString()) - Waiting " + `
+                        "for service to stop on all servers. Current status: $($serviceCheck.Status) " + `
+                        "(waited $count of $maxCount)")
+                Start-Sleep -Seconds 30
+                $serviceCheck = Get-SPService -Identity $params.Name
+                $count++
+            }
+        }
+    }
+}
+
+function Test-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Boolean])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Name,
+
+        [Parameter()]
+        [ValidateSet("Present", "Absent")]
+        [System.String]
+        $Ensure = "Present",
+
+        [Parameter()]
+        [System.Management.Automation.PSCredential]
+        $InstallAccount
+    )
+
+    Write-Verbose -Message "Testing status for service '$Name'"
+
+    $PSBoundParameters.Ensure = $Ensure
+
+    $CurrentValues = Get-TargetResource @PSBoundParameters
+
+    Write-Verbose -Message "Current Values: $(Convert-SPDscHashtableToString -Hashtable $CurrentValues)"
+    Write-Verbose -Message "Target Values: $(Convert-SPDscHashtableToString -Hashtable $PSBoundParameters)"
+
+    $result = Test-SPDscParameterState -CurrentValues $CurrentValues `
+        -Source $($MyInvocation.MyCommand.Source) `
+        -DesiredValues $PSBoundParameters `
+        -ValuesToCheck @("Name", "Ensure")
+
+    Write-Verbose -Message "Test-TargetResource returned $result"
+
+    return $result
+}
+
+function Export-TargetResource
+{
+    $VerbosePreference = "SilentlyContinue"
+    $ParentModuleBase = Get-Module "SharePointDsc" -ListAvailable | Select-Object -ExpandProperty Modulebase
+    $module = Join-Path -Path $ParentModuleBase -ChildPath "\DSCResources\MSFT_SPService\MSFT_SPService.psm1" -Resolve
+
+    $Content = ''
+    $params = Get-DSCFakeParameters -ModulePath $module
+
+    $services = Get-SPService
+    foreach ($service in $services)
+    {
+        $PartialContent = "        SPService Service_" + $($service.TypeName -replace " ", '') + "`r`n"
+        $PartialContent += "        {`r`n"
+        $params.Name = $service.TypeName
+        $params.Ensure = "Present"
+        $results = Get-TargetResource @params
+
+        $results = Repair-Credentials -results $results
+
+        $currentBlock = Get-DSCBlock -Params $results -ModulePath $module
+        $currentBlock = Convert-DSCStringParamToVariable -DSCBlock $currentBlock -ParameterName "PsDscRunAsCredential"
+
+        $PartialContent += $currentBlock
+        $PartialContent += "        }`r`n"
+        $Content += $PartialContent
+    }
+
+    return $Content
+}
+
+Export-ModuleMember -Function *-TargetResource

SharePointDsc/DSCResources/MSFT_SPService/MSFT_SPService.schema.mof

@@ -0,0 +1,7 @@
+[ClassVersion("1.0.0.0"), FriendlyName("SPService")]
+class MSFT_SPService : OMI_BaseResource
+{
+    [Key, Description("The name of the service instance to manage")] string Name;
+    [Write, Description("Present to ensure the service runs in the farm, or absent to ensure it is stopped"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;
+    [Write, Description("POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5"), EmbeddedInstance("MSFT_Credential")] String InstallAccount;
+};

SharePointDsc/DSCResources/MSFT_SPService/readme.md

@@ -0,0 +1,13 @@
+# Description
+
+**Type:** Specific
+**Requires CredSSP:** No
+
+This resource is used to specify if a specific service should be provisioned
+(Ensure = "Present") or deprovisioned (Ensure = "Absent") in the MinRole
+configuration of the farm. The name is the display name of the service as
+shown in the "Services in Farm" page in Central Admin:
+http://[central_admin_url]/_admin/FarmServices.aspx
+
+The default value for the Ensure parameter is Present. When not specifying this
+parameter, the service instance is started.

SharePointDsc/Examples/Resources/SPService/1-StartService.ps1

@@ -0,0 +1,63 @@
+
+<#PSScriptInfo
+
+.VERSION 1.0.0
+
+.GUID 80d306fa-8bd4-4a8d-9f7a-bf40df95e661
+
+.AUTHOR DSC Community
+
+.COMPANYNAME DSC Community
+
+.COPYRIGHT DSC Community contributors. All rights reserved.
+
+.TAGS
+
+.LICENSEURI https://github.com/dsccommunity/SharePointDsc/blob/master/LICENSE
+
+.PROJECTURI https://github.com/dsccommunity/SharePointDsc
+
+.ICONURI https://dsccommunity.org/images/DSC_Logo_300p.png
+
+.EXTERNALMODULEDEPENDENCIES
+
+.REQUIREDSCRIPTS
+
+.EXTERNALSCRIPTDEPENDENCIES
+
+.RELEASENOTES
+Updated author, copyright notice, and URLs.
+
+.PRIVATEDATA
+
+#>
+
+<#
+
+.DESCRIPTION
+ This example shows how to ensure that the Microsoft SharePoint Foundation
+ Sandboxed Code Service is provisioned as a MinRole in the farm.
+
+#>
+
+Configuration Example
+{
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [PSCredential]
+        $SetupAccount
+    )
+
+    Import-DscResource -ModuleName SharePointDsc
+
+    node localhost
+    {
+        SPService 'Microsoft SharePoint Foundation Sandboxed Code Service'
+        {
+            Name                 = 'Microsoft SharePoint Foundation Sandboxed Code Service'
+            Ensure               = 'Present'
+            PsDscRunAsCredential = $SetupAccount
+        }
+    }
+}