cEPRSWebProperties.psm1
|
enum Ensure { Present Absent } [DSCResource()] class cEPRSISAPIRestrictions { [DscProperty(Key)] [String] $ISAPIPath #[DscProperty(Key)] [Ensure] $Ensure [DscProperty(Key)] [String] $Description [cEPRSISAPIRestrictions] Get() { $config = @{FarmName = $this.FarmName; } return $config } [bool] Test() { if (!(Test-Path $this.ISAPIPath)) { Write-Warning "$($this.ISAPIPath) doesn't exists, please provide a valid path" return $true } else { return $false } } [void] Set() { Write-Verbose "set function execution starts......." Import-Module WebAdministration $checkifenabled=Get-WebConfiguration system.webServer/security/isapiCgiRestriction/* 'IIS:\' | where {$_.path -eq "$ISAPIPath"} if($checkifenabled) { if((Test-path $checkifenabled.path) -and ($checkifenabled.allowed -eq $true)) { write-verbose "$($this.ISAPIPath) already exists in ISAPI CGI Restrictions" } elseif((Test-path $checkifenabled.path) -and ($checkifenabled.allowed -eq $false)) { Write-Verbose "Enabling $($this.ISAPIPath) for ISAPI and CGI properties" set-webconfiguration "/system.webServer/security/isapiCgiRestriction/add[@path='$($this.ISAPIPath)']/@allowed" -value "True" -PSPath:IIS:\ } } else { Write-Verbose "Enabling $($this.ISAPIPath) for ISAPI and CGI properties" Add-WebConfiguration /system.webServer/security/isapiCgiRestriction "IIS:\" -Value @{path="$($this.ISAPIPath)"} set-webconfiguration "/system.webServer/security/isapiCgiRestriction/add[@path='$($this.ISAPIPath)']/@allowed" -value "True" -PSPath:IIS:\ set-webconfiguration "/system.webServer/security/isapiCgiRestriction/add[@path='$($this.ISAPIPath)']/@groupid" -value "$($this.Description)" -PSPath:IIS:\ set-webconfiguration "/system.webServer/security/isapiCgiRestriction/add[@path='$($this.ISAPIPath)']/@description" -value "$($this.Description)" -PSPath:IIS:\ } Write-Verbose "set function execution ends......." } } [DSCResource()] class cEPRSExtendedProtection { [DscProperty(Key)] [String] $Website #[DscProperty(Key)] [Ensure] $Ensure [DscProperty(Key)] [String] $Vdir [cEPRSExtendedProtection] Get() { $config = @{Website = $this.Website; } return $config } [bool] Test() { Import-Module WebAdministration $checkifenabled=Get-WebConfiguration system.webServer/security/authentication/windowsAuthentication if ($checkifenabled.extendedProtection.tokenChecking -ne "Allow") { return $false } else { return $true } } [void] Set() { Write-Verbose "set function execution starts......." write-Verbose "Configuring IIS for extended protection..." #Setting extended protection property to website & $env:WinDir\system32\inetsrv\appcmd.exe set config "$($this.WebSite)" -section:system.webServer/security/authentication/windowsAuthentication /extendedProtection.tokenChecking:"Allow" /extendedProtection.flags:"None" /commit:apphost #Setting extended protection property to virtual directory & $env:WinDir\system32\inetsrv\appcmd.exe set config "$($this.WebSite)/$($this.Vdir)" -section:system.webServer/security/authentication/windowsAuthentication /extendedProtection.tokenChecking:"Allow" /extendedProtection.flags:"None" /commit:apphost write-Verbose "Configuring IIS for extended protection completed..." Write-Verbose "set function execution ends......." } } [DSCResource()] class cEPRSAutoStart { [DscProperty(Key)] [String] $AutoStartEnabled #[DscProperty(Key)] [Ensure] $Ensure [DscProperty(Key)] [String] $Website [cEPRSAutoStart] Get() { $config = @{AutoStartEnabled = $this.AutoStartEnabled; } return $config } [bool] Test() { Import-Module WebAdministration $Websitestate = Get-WebsiteState -Name "$this.Website" if($Websitestate -eq "Started") { return $true } else { return $false } } [void] Set() { Write-Verbose "set function execution starts......." write-Verbose "Setting property AutoStartEnabled..." -Verbose & $env:WinDir\system32\inetsrv\appcmd.exe set site "$($this.WebSite)" /serverAutoStart:$($this.AutoStartEnabled) Write-Verbose "set function execution ends......." -Verbose } } |