DSCResources/Resources/SqlServer.SqlLogin.ps1

# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License.

$rules = $stig.RuleList | Select-Rule -Type SqlLoginRule

# Creates variable with SQL Server Instance Name.
foreach ($instance in $serverInstance)
{
    if ($instance -notmatch '\\')
    {
        $instanceName      = 'MSSQLSERVER'
        $serverName        = $instance
        $sqlConnectionName = $hostName
    }
        else
        {
            $instanceName      = $instance.Split('{\}')[1]
            $serverName        = $instance.Split('{\}')[0]
            $sqlConnectionName = $instance
        }

    foreach ($rule in $rules)
    {
        # Organizational setting for multiple Sql logins should be comma delimited.
        $loginNameSplit = $rules.Name.Split("{,}")

        foreach ($login in $loginNameSplit)
        {
            $rulePasswordPolicy = $null
            [void][bool]::TryParse($rule.LoginPasswordPolicyEnforced, [ref]$rulePasswordPolicy)
            $rulePasswordExpiration = $null
            [void][bool]::TryParse($rule.LoginPasswordExpirationEnabled, [ref]$rulePasswordExpiration)
            $ruleChangePassword = $null
            [void][bool]::TryParse($rule.LoginMustChangePassword, [ref]$ruleChangePassword)

            # New-Guid was added to be able to create multiple unique instances of this rule.
            SqlLogin ((Get-ResourceTitle -Rule $rule) + (New-Guid)) 
            {
                InstanceName                   = $instanceName
                ServerName                     = $serverName
                LoginType                      = $rule.LoginType
                Name                           = $login.Trim()
                LoginPasswordPolicyEnforced    = $rulePasswordPolicy
                LoginPasswordExpirationEnabled = $rulePasswordExpiration
                LoginMustChangePassword        = $ruleChangePassword
            }
        }
    }
}