Module/STIG/Functions.DomainName.ps1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 |
# Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. # Header #region Get-DomainName <# .SYNOPSIS Enforces the behavior of getting the domain name. If a domain name is provided, it will be used. If a domain name is not provided, the domain name of the generating system will be used. .PARAMETER DomainName The FQDN of the domain the configuration will be running on. .PARAMETER ForestName The FQDN of the forest the configuration will be running on. .PARAMETER Format Determines the format in which to convert the FQDN provided into and return back .OUTPUTS string .EXAMPLE Get-DomainName -DomainName "contoso.com" -Format FQDN Returns "contoso.com" .EXAMPLE Get-DomainName -DomainName "contoso.com" -Format NetbiosName Returns "contoso" .EXAMPLE Get-DomainName -ForestName "contoso.com" -Format DistinguishedName Returns "DC=contoso,DC=com" #> Function Get-DomainName { [CmdletBinding()] [OutputType([string])] param ( [Parameter(Mandatory = $true, ParameterSetName = 'DomainName')] [AllowNull()] [AllowEmptyString()] [string] $DomainName, [Parameter(Mandatory = $true, ParameterSetName = 'ForestName')] [AllowNull()] [AllowEmptyString()] [string] $ForestName, [Parameter(ParameterSetName = 'DomainName')] [Parameter(ParameterSetName = 'ForestName')] [ValidateSet('FQDN', 'NetbiosName', 'DistinguishedName')] [string] $Format = 'FQDN' ) $fqdn = [string]::Empty if ($PSCmdlet.ParameterSetName -eq 'DomainName') { if ( [string]::IsNullOrEmpty( $DomainName ) ) { $fqdn = Get-DomainFQDN } else { $fqdn = $DomainName } } else { if ( [string]::IsNullOrEmpty( $ForestName ) ) { $fqdn = Get-ForestFQDN } else { $fqdn = $ForestName } } if ([string]::IsNullOrEmpty($fqdn)) { Write-Warning "$($PSCmdlet.ParameterSetName) was not found." } switch ($format) { 'FQDN' { return $fqdn } 'NetbiosName' { return Get-NetbiosName -FQDN $fqdn } 'DistinguishedName' { return Get-DistinguishedName -FQDN $fqdn } } } <# .SYNOPSIS Returns $env:USERDNSDOMAIN to support mocking in unit tests #> Function Get-DomainFQDN { [CmdletBinding()] [OutputType([string])] param ( ) return $env:USERDNSDOMAIN } <# .SYNOPSIS Calls ADSI to discover the forest root (DN) and converts it to an FQDN. #> Function Get-ForestFQDN { [CmdletBinding()] [OutputType([string])] param ( ) $forestRoot = [ADSI]"LDAP://RootDSE" return $forestRoot.rootDomainNamingContext -replace '^DC=', '' -replace '.DC=', '.' } Function Get-NetbiosName { [CmdletBinding()] [OutputType([string])] param ( [Parameter(Mandatory = $true)] [string] $FQDN ) $parts = Get-DomainParts -FQDN $FQDN if ($parts.Count -gt 1) { return $parts[0] } else { return $parts } } Function Get-DistinguishedName { [CmdletBinding()] [OutputType([string])] param ( [Parameter()] [string] $FQDN ) $parts = Get-DomainParts -FQDN $FQDN return Format-DistinguishedName -Parts $parts } Function Format-DistinguishedName { [CmdletBinding()] [OutputType([string])] param ( [Parameter()] [string[]] $Parts ) $distinguishedName = "" $lastIndex = $Parts.Count - 1 foreach ($part in $Parts) { if ($part -eq $Parts[$lastIndex]) { $distinguishedName += 'DC=' + $part.ToString() } else { $distinguishedName += 'DC=' + $part.ToString() + ',' } } return $distinguishedName.ToString() } Function Get-DomainParts { [CmdletBinding()] [OutputType([string[]])] param ( [Parameter(Mandatory = $true)] [string] $FQDN ) return $FQDN.Split('{.}') } #endregion <# .SYNOPSIS Returns an array of available STIGs with the associated Technology, TechnologyVersion, TechnologyRole, and StigVersion. This function is a wrapper for the STIG class. The return of this function call will provide you with the values needed to generate the STIG ruleset. .PARAMETER Technology The STIG technology target .PARAMETER ListAvailable A switch that returns all of the STIG's in the module. .EXAMPLE Get-Stig -ListAvailable .EXAMPLE Get-Stig -Technology WindowsServer #> Function Get-Stig { [CmdletBinding()] [OutputType([PSObject[]])] param ( [Parameter(ParameterSetName = 'All')] [switch] $ListAvailable ) dynamicparam { $parameterName = 'Technology' $attributes = new-object System.Management.Automation.ParameterAttribute $attributes.ParameterSetName = "__Technology" $attributes.Mandatory = $false $attributeCollection = new-object -Type System.Collections.ObjectModel.Collection[System.Attribute] $attributeCollection.Add($attributes) $values = [Stig]::ListAvailable($null) | Select-Object -Unique Technology -ExpandProperty Technology $ValidateSet = new-object System.Management.Automation.ValidateSetAttribute($values) $attributeCollection.Add($ValidateSet) $Technology = new-object -Type System.Management.Automation.RuntimeDefinedParameter($parameterName, [string], $attributeCollection) $paramDictionary = new-object -Type System.Management.Automation.RuntimeDefinedParameterDictionary $paramDictionary.Add($parameterName, $Technology) return $paramDictionary } process { <# The ListAvailable switch is only used to prevent the $Technology parameter from being entered, so that the List available method is passed a null filter. #> return [STIG]::ListAvailable($Technology.Value) } } |