functions/Set-DbaCmConnection.ps1

function Set-DbaCmConnection {
    <#
    .SYNOPSIS
    Configures a connection object for use in remote computer management.
 
    .DESCRIPTION
    Configures a connection object for use in remote computer management.
    This function will either create new records for computers that have no connection registered so far, or it will configure existing connections if already present.
 
    As such it can be handy in making bulk-edits on connections or manually adjusting some settings.
 
    .PARAMETER ComputerName
    The computer to build the connection object for.
 
    .PARAMETER Credential
    The credential to register.
 
    .PARAMETER UseWindowsCredentials
    Whether using the default windows credentials is legit.
    Not setting this will not exclude using windows credentials, but only not pre-confirm them as working.
 
    .PARAMETER OverrideExplicitCredential
    Setting this will enable the credential override.
    The override will cause the system to ignore explicitly specified credentials, so long as known, good credentials are available.
 
    .PARAMETER DisabledConnectionTypes
    Exlicitly disable connection types.
    These types will then not be used for connecting to the computer.
 
    .PARAMETER DisableBadCredentialCache
    Will prevent the caching of credentials if set to true.
 
    .PARAMETER DisableCimPersistence
    Will prevent Cim-Sessions to be reused.
 
    .PARAMETER DisableCredentialAutoRegister
    Will prevent working credentials from being automatically cached
 
    .PARAMETER EnableCredentialFailover
    Will enable automatic failing over to known to work credentials, when using bad credentials.
    By default, passing bad credentials will cause the Computer Management functions to interrupt with a warning (Or exception if in silent mode).
 
    .PARAMETER WindowsCredentialsAreBad
    Will prevent the windows credentials of the currently logged on user from being used for the remote connection.
 
    .PARAMETER CimWinRMOptions
    Specify a set of options to use when connecting to the target computer using CIM over WinRM.
    Use 'New-CimSessionOption' to create such an object.
 
    .PARAMETER CimDCOMOptions
    Specify a set of options to use when connecting to the target computer using CIM over DCOM.
    Use 'New-CimSessionOption' to create such an object.
 
    .PARAMETER AddBadCredential
    Adds credentials to the bad credential cache.
    These credentials will not be used when connecting to the target remote computer.
 
    .PARAMETER RemoveBadCredential
    Removes credentials from the bad credential cache.
 
    .PARAMETER ClearBadCredential
    Clears the cache of credentials that didn't worked.
    Will be applied before adding entries to the credential cache.
 
    .PARAMETER ClearCredential
    Clears the cache of credentials that worked.
    Will be applied before adding entries to the credential cache.
 
    .PARAMETER ResetCredential
    Resets all credential-related caches:
    - Clears bad credential cache
    - Removes last working credential
    - Un-Confirms the windows credentials as working
    - Un-Confirms the windows credentials as not working
 
    Automatically implies the parameters -ClearCredential and -ClearBadCredential. Using them together is redundant.
    Will be applied before adding entries to the credential cache.
 
    .PARAMETER ResetConnectionStatus
    Restores all connection stati to default, as if no connection protocol had ever been tested.
 
    .PARAMETER ResetConfiguration
    Restores the configuration back to system default.
    Configuration elements are the basic behavior controlling settings, such as whether to cache bad credentials, etc.
    These can be configured globally using the dbatools configuration system and overridden locally on a per-connection basis.
    For a list of all available settings, use "Get-DbaConfig -Module ComputerManagement".
 
    Note: Does not apply to globally overridden protocols to connect over.
 
    .PARAMETER Silent
    Replaces user friendly yellow warnings with bloody red exceptions of doom!
    Use this if you want the function to throw terminating errors you want to catch.
 
    .EXAMPLE
    Get-DbaCmConnection sql2014 | Set-DbaCmConnection -ClearBadCredential -UseWindowsCredentials
 
    Retrieves the already existing connection to sql2014, removes the list of not working credentials and configures it to default to the credentials of the logged on user.
 
    .EXAMPLE
    Get-DbaCmConnection | Set-DbaCmConnection -RemoveBadCredential $cred
    Removes the credentials stored in $cred from all connections' list of "known to not work" credentials.
    Handy to update changes in privilege.
 
    .EXAMPLE
    Get-DbaCmConnection | Export-Clixml .\connections.xml
    Import-Clixml .\connections.xml | Set-DbaCmConnection -ResetConfiguration
 
    At first, the current cached connections are stored in an xml file. At a later time - possibly in the profile when starting the console again - those connections are imported again and applied again to the connection cache.
 
    In this example, the configuration settings will also be reset, since after reimport those will be set to explicit, rather than deriving them from the global settings.
    In many cases, using the default settings is desirable. For specific settings, use New-DbaCmConnection as part of the profile in order to explicitly configure a connection.
    #>

    [CmdletBinding(DefaultParameterSetName = 'Credential')]
    param (
        [Parameter(ValueFromPipeline = $true)]
        [Sqlcollaborative.Dbatools.Parameter.DbaCmConnectionParameter[]]
        $ComputerName = $env:COMPUTERNAME,

        [Parameter(ParameterSetName = "Credential")]
        [PSCredential]
        $Credential,

        [Parameter(ParameterSetName = "Windows")]
        [switch]
        $UseWindowsCredentials,

        [switch]
        $OverrideExplicitCredential,

        [Sqlcollaborative.Dbatools.Connection.ManagementConnectionType]
        $DisabledConnectionTypes = 'None',

        [switch]
        $DisableBadCredentialCache,

        [switch]
        $DisableCimPersistence,

        [switch]
        $DisableCredentialAutoRegister,

        [switch]
        $EnableCredentialFailover,

        [Parameter(ParameterSetName = "Credential")]
        [switch]
        $WindowsCredentialsAreBad,

        [Microsoft.Management.Infrastructure.Options.WSManSessionOptions]
        $CimWinRMOptions,

        [Microsoft.Management.Infrastructure.Options.DComSessionOptions]
        $CimDCOMOptions,

        [System.Management.Automation.PSCredential[]]
        $AddBadCredential,

        [System.Management.Automation.PSCredential[]]
        $RemoveBadCredential,

        [switch]
        $ClearBadCredential,

        [switch]
        $ClearCredential,

        [switch]
        $ResetCredential,

        [switch]
        $ResetConnectionStatus,

        [switch]
        $ResetConfiguration,

        [switch]
        $Silent
    )

    BEGIN {
        Write-Message -Level InternalComment -Message "Starting execution"
        Write-Message -Level Verbose -Message "Bound parameters: $($PSBoundParameters.Keys -join ", ")"

        $disable_cache = Get-DbaConfigValue -Name 'ComputerManagement.Cache.Disable.All' -Fallback $false
    }
    PROCESS {
        foreach ($connectionObject in $ComputerName) {
            if (-not $connectionObject.Success) { Stop-Function -Message "Failed to interpret computername input: $($connectionObject.InputObject)" -Category InvalidArgument -Target $connectionObject.InputObject -Continue }
            Write-Message -Level VeryVerbose -Message "Processing computer: $($connectionObject.Connection.ComputerName)"

            $connection = $connectionObject.Connection

            if ($ResetConfiguration) {
                Write-Message -Level Verbose -Message "Resetting the configuration to system default"

                $connection.RestoreDefaultConfiguration()
            }

            if ($ResetConnectionStatus) {
                Write-Message -Level Verbose -Message "Resetting the connection status"

                $connection.CimRM = 'Unknown'
                $connection.CimDCOM = 'Unknown'
                $connection.Wmi = 'Unknown'
                $connection.PowerShellRemoting = 'Unknown'

                $connection.LastCimRM = New-Object System.DateTime(0)
                $connection.LastCimDCOM = New-Object System.DateTime(0)
                $connection.LastWmi = New-Object System.DateTime(0)
                $connection.LastPowerShellRemoting = New-Object System.DateTime(0)
            }

            if ($ResetCredential) {
                Write-Message -Level Verbose -Message "Resetting credentials"

                $connection.KnownBadCredentials.Clear()
                $connection.Credentials = $null
                $connection.UseWindowsCredentials = $false
                $connection.WindowsCredentialsAreBad = $false
            }
            else {
                if ($ClearBadCredential) {
                    Write-Message -Level Verbose -Message "Clearing bad credentials"

                    $connection.KnownBadCredentials.Clear()
                    $connection.WindowsCredentialsAreBad = $false
                }

                if ($ClearCredential) {
                    Write-Message -Level Verbose -Message "Clearing credentials"

                    $connection.Credentials = $null
                    $connection.UseWindowsCredentials = $false
                }
            }

            foreach ($badCred in $RemoveBadCredential) {
                $connection.RemoveBadCredential($badCred)
            }

            foreach ($badCred in $AddBadCredential) {
                $connection.AddBadCredential($badCred)
            }

            if (Test-Bound "Credential") { $connection.Credentials = $Credential }
            if ($UseWindowsCredentials) {
                $connection.Credentials = $null
                $connection.UseWindowsCredentials = $UseWindowsCredentials
            }
            if (Test-Bound "OverrideExplicitCredential") { $connection.OverrideExplicitCredential = $OverrideExplicitCredential }
            if (Test-Bound "DisabledConnectionTypes") { $connection.DisabledConnectionTypes = $DisabledConnectionTypes }
            if (Test-Bound "DisableBadCredentialCache") { $connection.DisableBadCredentialCache = $DisableBadCredentialCache }
            if (Test-Bound "DisableCimPersistence") { $connection.DisableCimPersistence = $DisableCimPersistence }
            if (Test-Bound "DisableCredentialAutoRegister") { $connection.DisableCredentialAutoRegister = $DisableCredentialAutoRegister }
            if (Test-Bound "EnableCredentialFailover") { $connection.DisableCredentialAutoRegister = $EnableCredentialFailover }
            if (Test-Bound "WindowsCredentialsAreBad") { $connection.WindowsCredentialsAreBad = $WindowsCredentialsAreBad }
            if (Test-Bound "CimWinRMOptions") { $connection.CimWinRMOptions = $CimWinRMOptions }
            if (Test-Bound "CimDCOMOptions") { $connection.CimDCOMOptions = $CimDCOMOptions }

            if (-not $disable_cache) {
                Write-Message -Level Verbose -Message "Writing connection to cache"
                [Sqlcollaborative.Dbatools.Connection.ConnectionHost]::Connections[$connectionObject.Connection.ComputerName] = $connection
            }
            else { Write-Message -Level Verbose -Message "Skipping writing to cache, since the cache has been disabled!" }
            $connection
        }
    }
    END {
        Write-Message -Level InternalComment -Message "Stopping execution"
    }
}