DSCResources/XD7LabAdministrator/XD7LabAdministrator.schema.psm1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
configuration XD7LabAdministrator {
     param (
        ## Citrix XenDesktop 7 built-in admin role
        [Parameter(Mandatory)]
        [ValidateSet('Full','DeliveryGroup','HelpDesk','Host','MachineCatalog','ReadOnly')]
        [System.String] $Role,

        ## Users/groups to add to the Citrix XenDesktop 7.x admin role
        [Parameter(Mandatory)]
        [System.String[]] $Administrator,

        ## Domain FQDN
        [Parameter(Mandatory)]
        [System.String] $DomainName,

        [Parameter()]
        [ValidateNotNull()]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.CredentialAttribute()]
        $Credential
    )

    Import-DscResource -ModuleName XenDesktop7;

    $netBIOSDomainName = $DomainName.Split('.')[0];
    $netBIOSDomainAdministrators = @(); ## Full Administrators with domain qualifier
    $domainCredential = $Credential;    ## Credential with domain qualifier

    if (($PSBoundParameters.ContainsKey('Credential')) -and
        (-not $Credential.UserName.Contains('\')) -and
        (-not $Credential.UserName.Contains('@'))) {

            ## Create DOMAIN\UserName credential
            $netBIOSUsername = '{0}\{1}' -f $netBIOSDomainName, $Credential.UserName;
            $domainCredential = New-Object System.Management.Automation.PSCredential($netBIOSUsername, $Credential.Password);
        }
    }

    foreach ($admin in $Administrator) {

        $resourceId = $administrator.Replace('\','_').Replace('@','_');
        $netBIOSAdministrator = $admin;
        if ((-not $admin.UserName.Contains('\')) -and (-not $admin.UserName.Contains('@'))) {

            ## Ensure we have DOMAIN\UserOrGroup
            $netBIOSAdministrator = '{0}\{1}' -f $netBIOSDomainName, $admin;
        }

        if ($PSBoundParameters.ContainsKey('Credential')) {

            XD7Administrator $resourceId {
                Name = $netBIOSAdministrator;
                Credential = $Credential;
            }
        }
        else {

            XD7Administrator $resourceId {
                Name = $netBIOSAdministrator;
            }
        }

        $netBIOSDomainAdministrators += $netBIOSAdministrator;

    } #end foreach Administrator

    $resourceId = '{0}Administrator' -f $Role;
    switch ($Role) {

        'DeliveryGroup' { $roleName = 'Delivery Group Administrator'; }
        'Full' { $roleName = 'Full Administrator'; }
        'HelpDesk' { $roleName = 'Help Desk Administrator'; }
        'Host' { $roleName = 'Host Administrator'; }
        'MachineCatalog' { $roleName = 'Machine Catalog Administrator'; }
        'ReadOnly' { $roleName = 'Read Only Administrator'; }
    }

    if ($PSBoundParameters.ContainsKey('Credential')) {

        XD7Role $resourceId {
            Name = $roleName;
            Members = $netBIOSDomainAdministrators;
            Credential = $Credential;
        }
    }
    else {

        XD7Role $resourceId {
            Name = $roleName;
            Members = $netBIOSDomainAdministrators;
        }
    }

} #end configuration XD7LabAdministrator