Common/PowerStigScan.Computer.ps1

<#
Functions:
    Public:
        CM01 - Add-PowerStigComputer
        CM02 - Get-PowerStigComputer
        CM03 - Set-PowerStigComputer
        CM04 - Remove-PowerStigComputer
#>


#region Private

#endregion Private

#region Public

#CM01
<#
.SYNOPSIS
Adds a new computer target to the PowerStig database
 
.DESCRIPTION
Adds a new computer target to the PowerStig database with the roles specified in the switches
 
.PARAMETER ServerName
Name of server to add
 
.PARAMETER OSVersion
Operating System installed on new server. Valid options are 2012R2 and 2016
 
.PARAMETER SqlInstance
SQL instance name that hosts the PowerStig database. If empty, this will use the settings in the ModuleBase\Common\config.ini file.
 
.PARAMETER DatabaseName
Name of the database that hosts the PowerStig tables. If empty, this will use the settings in the ModuleBase\Common\config.ini file.
 
.PARAMETER DomainController
Will flag the server as a domain controller. If member server is also marked, this switch will take precedence.
 
.PARAMETER MemberServer
Will flag the server as a member server. If domain controller is also marked, this switch will not take effect
 
.PARAMETER DNS
Will flag the server as a DNS server.
 
.PARAMETER IE
Will flag the server as having IE installed.
 
.EXAMPLE
Add-PowerStigComputer -ServerName DC2012Test -OSVersion 2012R2 -SqlInstance SQLTest -DatabaseName Master -DomainController -DNS -IE
 
#>

function Add-PowerStigComputer
{
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$true)]
        [ValidateNotNullorEmpty()]
        [String]$ServerName,

        [Parameter(Mandatory=$true)]
        [ValidateSet("2012R2","2016")]
        [String]$OSVersion,

        [Parameter(Mandatory=$true)]
        [ValidateSet("MemberServer","DomainController","DotNet","Firefox","Firewall","IIS","Word","Excel","PowerPoint","Outlook","JRE","Sql","Client","DNS","IE")]
        [String[]]$Role,

        [switch]$DebugScript,

        [Parameter(Mandatory=$false)]
        [String]$SqlInstance,

        [Parameter(Mandatory=$false)]
        [String]$DatabaseName

        #To be used in the future
        #[Parameter]
        #[Switch]$FireWall
    )

    $workingPath = Split-Path $PsCommandPath
    $iniVar = Import-PowerStigConfig -configFilePath $workingPath\Config.ini

    if($null -eq $sqlInstance -or $sqlInstance -eq '')
    {
        $sqlInstance = $iniVar.SqlInstanceName
    }
    if($null -eq $DatabaseName -or $DatabaseName -eq '')
    {
        $DatabaseName = $iniVar.DatabaseName
    }

    #Initialize Values
    $MSOut          = 0
    $DCOut          = 0
    $DNSOut         = 0
    $DotNetOut      = 0
    $FireFoxOut     = 0
    $FWOut          = 0
    $IISOut         = 0
    $WordOut        = 0
    $ExcelOut       = 0
    $PPOut          = 0
    $OutlookOut     = 0
    $JREOut         = 0
    $SqlOut         = 0
    $ClientOut      = 0
    $IEOut          = 0

    Switch($Role)
    {
        "MemberServer"      {$MSOut     =1}
        "DomainController"  {$DCOut     =1}
        "DotNet"            {$DotNetOut =1}
        "Firefox"           {$FireFoxOut=1}
        "Firewall"          {$FWOut     =1}
        "IIS"               {$IISOut    =1}
        "Word"              {$WordOut   =1}
        "Excel"             {$ExcelOut  =1}
        "PowerPoint"        {$PPOut     =1}
        "Outlook"           {$OutlookOut=1}
        "JRE"               {$JREOut    =1}
        "Sql"               {$SqlOut    =1}
        "Client"            {$ClientOut =1}
        "DNS"               {$DNSOut    =1}
        "IE"                {$IEOut     =1}
    }

    $Query = "PowerSTIG.sproc_AddTargetComputer @TargetComputerName = $ServerName,`
                                                @MemberServer = $MSOut,`
                                                @DomainController = $DCOut,`
                                                @DotNet = $DotNetOut,`
                                                @Firefox = $FireFoxOut,`
                                                @Firewall = $FWOut,`
                                                @IIS = $IISOut,`
                                                @Word = $WordOut,`
                                                @Excel = $ExcelOut,`
                                                @PowerPoint = $PPOut,`
                                                @Outlook = $OutlookOut,`
                                                @JRE = $JREOut,`
                                                @Sql = $sqlOut,`
                                                @Client = $ClientOut,`
                                                @DNS = $DNSOut,`
                                                @IE = $IEOut"


    if($DebugScript)
    {
        Write-Host $query
    }
    $Results = Invoke-PowerStigSqlCommand -Query $Query -SqlInstance $SqlInstance -DatabaseName $DatabaseName
    return $Results 


}

#CM02
function Get-PowerStigComputer
{
    [CmdletBinding()]
    param(
        [Parameter(ParameterSetName="ByRole")]
        [ValidateSet("MemberServer","DomainController","DotNet","Firefox","Firewall","IIS","Word","Excel","PowerPoint","Outlook","JRE","Sql","Client","DNS","IE")]
        [String]$Role,

        [Parameter(ParameterSetName="ByName")]
        [ValidateNotNullorEmpty()]
        [String]$ServerName,

        [Parameter(ParameterSetName="GetAll")]
        [Switch]$All,

        [switch]$DebugScript,

        [Parameter()]
        [String]$SqlInstance,
        
        [Parameter()]
        [String]$DatabaseName
        
    )

    $workingPath = Split-Path $PsCommandPath
    $iniVar = Import-PowerStigConfig -configFilePath $workingPath\Config.ini

    if($null -eq $SqlInstance -or $SqlInstance -eq '')
    {
        $SqlInstance = $iniVar.SqlInstanceName
    }
    if($null -eq $DatabaseName -or $DatabaseName -eq '')
    {
        $DatabaseName = $iniVar.DatabaseName
    }

   
     Switch($PSCmdlet.ParameterSetName)
    {
        "ByName" {
            $GetComputerName = "EXEC PowerSTIG.sproc_GetRolesPerServer @TargetComputer = $ServerName"
            if($DebugScript)
            {
                Write-Host $GetComputerName
            }
            $RunGetComputerName = (Invoke-PowerStigSqlCommand -SqlInstance $SqlInstance -DatabaseName $DatabaseName -Query $GetComputerName )
            $Output = $RunGetComputerName
        }
        "ByRole" {
            $GetRoleData = "EXEC PowerSTIG.sproc_GetActiveRoles @ComplianceType = $Role"
            if($DebugScript)
            {
                Write-Host $GetRoleData
            }
            $RunGetRoleData = (Invoke-PowerStigSqlCommand -SqlInstance $SqlInstance -DatabaseName $DatabaseName -Query $GetRoleData )
            $Output = $RunGetRoleData
        }
        "GetAll" {
            $GetAllServers = "EXEC PowerSTIG.sproc_GetActiveServers"
            if($DebugScript)
            {
                Write-Host $GetAllServers
            }
            $RunGetAllServers = (Invoke-PowerStigSqlCommand -SqlInstance $SqlInstance -DatabaseName $DatabaseName -Query $GetAllServers)
            $Output = $RunGetAllServers
        }
    }
    Return $OutPut
}

#CM03
function Set-PowerStigComputer
{
    [cmdletBinding()]
    param(
        [Parameter(Mandatory=$true)]
        [String]$ServerName,

        [Parameter(Mandatory=$true)]
        [ValidateSet("MemberServer","DomainController","DotNet","Firefox","Firewall","IIS","Word","Excel","PowerPoint","Outlook","JRE","Sql","Client","DNS","IE")]
        [String[]]$Role,

        [Parameter(Mandatory=$true)]
        [boolean]$Enable,

        [switch]$DebugScript,

        [Parameter()]
        [String]$SqlInstance,

        [Parameter()]
        [String]$DatabaseName
    )

    $workingPath = Split-Path $PsCommandPath
    $iniVar = Import-PowerStigConfig -configFilePath $workingPath\Config.ini

    if($null -eq $SqlInstance -or $SqlInstance -eq '')
    {
        $SqlInstance = $iniVar.SqlInstanceName
    }
    if($null -eq $DatabaseName -or $DatabaseName -eq '')
    {
        $DatabaseName = $iniVar.DatabaseName
    }


    if($Enable -eq $true)
    {
        $UpdateAction = '1'
    }
    else {
        $UpdateAction = '0'
    }
    
    foreach ($r in $Role)
    {
        
        $UpdateComputer = "EXEC PowerSTIG.sproc_UpdateServerRoles @TargetComputer = $ServerName,@ComplianceType = $r,@UpdateAction=$UpdateAction"
        if($DebugScript)
        {
            Write-Host $UpdateComputer
        }
        Invoke-PowerStigSqlCommand -SqlInstance $SqlInstance -DatabaseName $DatabaseName -Query $UpdateComputer 
    }
}

#CM04
function Remove-PowerStigComputer
{
    [cmdletBinding()]
    param(
        [Parameter(Mandatory=$true)]
        [String]$ServerName,

        [Parameter()]
        [Switch]$Force,

        [switch]$DebugScript,

        [Parameter()]
        [String]$SqlInstance,

        [Parameter()]
        [String]$DatabaseName
    )

    $workingPath = Split-Path $PsCommandPath
    $iniVar = Import-PowerStigConfig -configFilePath $workingPath\Config.ini

    if($null -eq $SqlInstance -or $SqlInstance -eq '')
    {
        $SqlInstance = $iniVar.SqlInstanceName
    }
    if($null -eq $DatabaseName -or $DatabaseName -eq '')
    {
        $DatabaseName = $iniVar.DatabaseName
    }

    if(!($Force))
    {
        
        $readIn = Read-Host "This will remove $ServerName and all data related to the computer from the database. Continue?(Y/N)"
        do{
            if($readIn -eq "N")
            {
                Write-Host "Cancelling"
                Return
            }
            elseif($readIn -eq "Y")
            {
                $proceed = $true
            }
            else
            {
                $readIn = Read-Host "Invalid response. Do you want to remove $ServerName? (Y/N)"
            }
        }While($proceed -eq $false)
    }
    

    $deleteComputer = "EXEC PowerSTIG.sproc_DeleteTargetComputerAndData @TargetComputer = $ServerName"
    if($DebugScript)
    {
        Write-Host $deleteComputer
    }
    Invoke-PowerStigSqlCommand -SqlInstance $SqlInstance -DatabaseName $DatabaseName -Query $deleteComputer 

}


#endregion Public