CISDSC.psm1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#This resource is used to more accurately reflect the spirit of the CIS benchmarks for services. The recommendations are considered passed if the service is disabled or absent and this is not possible with the standard service resource.
[DscResource()]
class CISService
{
    [DscProperty(Key)]
    [String]$Name

    [DscProperty(NotConfigurable)]
    [String]$StartType

    [DscProperty(NotConfigurable)]
    [String]$Status

    [CISService]Get(){
        $Service = $This.GetService()
        $This.StartType = $Service.StartType
        $This.Status = $Service.Status
        return $This
    }

    [Boolean]Test(){
        $Service = $This.GetService()
        # Is the service absent or disabled? Eiher of these are desired state.
        $Test = ($null -eq $Service -or ($Service.StartType -eq 'Disabled' -and $Service.Status -eq 'Stopped'))
        return $Test
    }

    [Void]Set(){
        Stop-Service -Name $This.Name -Force
        Get-Service -Name $This.Name | Set-Service -StartupType 'Disabled'
    }

    [Object]GetService(){
        if($Service = Get-Service -Name $This.Name -ErrorAction 'SilentlyContinue'){
            $result = $Service
        }
        else{
            $result = $null
        }

        return $result
    }
}