Update-SecureMfaThreatDetectionModuleConfig.ps1
<#
.SYNOPSIS Update SecureMfaThreatDetection Module Configuration for ADFS server. .DESCRIPTION Updates SecureMfaThreatDetectionModule with a new SecureMfaThreatDetectionModule.json setting without restarting ADFS service. New settings are activated immediately on ADFS server. You need to run it on all ADFS nodes (not web application proxy servers). This command must be executed using an elevated PowerShell command window on your federation server(s) If you are using a federation server farm that uses Windows Internal Database, you must execute commands on the primary federation server first .PARAMETER Force Force parameter suspends prompt message. .NOTES Version: 2.0.0.4 Author: SecureMfa.com Creation Date: 02/08/2021 Purpose/Change: Incorporated into PS module .EXAMPLE C:\PS> Update-SecureMfaThreatDetectionModuleConfig This command will update SecureMfaThreatDetectionModule configuration for a ADFS node. .EXAMPLE C:\PS> Update-SecureMfaThreatDetectionModuleConfig -Force This command will update SecureMfaThreatDetectionModule configuration from a ADFS node without any prompts. #> $configpath = (Join-Path -Path $PSScriptRoot -ChildPath SecureMfaThreatDetectionModule.json) #Check if windows events source for application log exist, if not create one. if ([System.Diagnostics.EventLog]::SourceExists("Secure MFA TDM") -eq $False) {New-EventLog -LogName "Application" -Source "Secure MFA TDM"; Write-Host "Secure MFA TDM Log Source Created."} #Check if ADFS service is available if((Get-Service adfssrv -ErrorAction SilentlyContinue).Status -eq "Stopped") {Start-Service adfssrv ; write-host "Starting ADFS Service on $env:COMPUTERNAME" -ForegroundColor Yellow;} Function Update-SecureMfaThreatDetectionModuleConfig { Param ( [Parameter(Mandatory=$false, ParameterSetName="Default")] [Switch]$Force ) #Confirm unisntall $message = "Do you want to update SecureMfaThreatDetectionModule using $configpath on $env:computername ?" $question = 'Please confirm?' $choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription] $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Yes')) $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&No')) if(!($force)) {$decision_option = $Host.UI.PromptForChoice($message, $question, $choices, 0)} if ($decision_option -eq 0 -or $Force) { try { $Error.Clear() if (!(Test-Path $configpath -Type Leaf) ) { throw "The config $configpath does not exist" } Write-Host "Updating SecureMfaThreatDetectionModule configuration on $env:computername" -ForegroundColor Yellow #Unregister SecureMfaThreatDetectionModule from ADFS Import-AdfsThreatDetectionModuleConfiguration -Name "SecureMfaThreatDetectionModule" -ConfigurationFilePath $configpath #Remove SecureMfaThreatDetectionModule DLL from GAC assembly Write-Host "Update completed using $configpath" -ForegroundColor yellow; Get-Content $configpath } catch { Write-Host "$($MyInvocation.InvocationName): $_" -ForegroundColor red } } else {Write-Host "Skiping SecureMfaThreatDetectionModule unistall from $env:computername" -ForegroundColor Yellow } } |