functions/Get-DbaPolicy.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
Function Get-DbaPolicy {
<#
 .SYNOPSIS
 Returns polices from policy based management from an instance.
 
 .DESCRIPTION
 Returns details of policies with the option to filter on Category and SystemObjects.
 
 .PARAMETER SqlInstance
 SQL Server name or SMO object representing the SQL Server to connect to. This can be a collection and receive pipeline input to allow the function to be executed against multiple SQL Server instances.
  
 .PARAMETER SqlCredential
 SqlCredential object to connect as. If not specified, current Windows login will be used.
 
 .PARAMETER Policy
 Filters results to only show specific policy
 
 .PARAMETER Category
 Filters results to only show policies in the category selected
  
 .PARAMETER IncludeSystemObject
 By default system objects are filtered out. Use this parameter to INCLUDE them .
 
 .PARAMETER Silent
 If this switch is enabled, the internal messaging functions will be silenced.
 
 .NOTES
 Author: Stephen Bennett (https://sqlnotesfromtheunderground.wordpress.com/)
 Tags: Policy, PoilcyBasedManagement
 
 Website: https://dbatools.io
 Copyright: (C) Chrissy LeMaire, clemaire@gmail.com
 License: GNU GPL v3 https://opensource.org/licenses/GPL-3.0
 
 .LINK
 https://dbatools.io/Get-DbaPolicy
 
 .EXAMPLE
 Get-DbaPolicy -SqlInstance sql2016
 
 Returns all policies from sql2016 server
 
 .EXAMPLE
 Get-DbaPolicy -SqlInstance sql2016 -SqlCredential $cred
 
 Uses a credential $cred to connect and return all policies from sql2016 instance
 
 .EXAMPLE
 Get-DbaPolicy -SqlInstance sql2016 -Category MorningCheck
 
 Returns all policies from sql2016 server that part of the PolicyCategory MorningCheck
#>

    [CmdletBinding()]
    param (
        [parameter(Position = 0, Mandatory = $true, ValueFromPipeline = $True)]
        [Alias("ServerInstance", "SqlServer")]
        [DbaInstanceParameter[]]$SqlInstance,
        [Alias("Credential")]
        [PSCredential][System.Management.Automation.CredentialAttribute()]
        $SqlCredential,
        [string[]]$Policy,
        [string[]]$Category,
        [switch]$IncludeSystemObject,
        [switch]$Silent
    )
    
    process {
        foreach ($instance in $SqlInstance) {
            Write-Message -Level Verbose -Message "Attempting to connect to $instance"
            
            try {
                $server = Connect-SqlInstance -SqlInstance $instance -SqlCredential $SqlCredential -MinimumVersion 10
            }
            catch {
                Stop-Function -Message "Failure" -Category ConnectionError -ErrorRecord $_ -Target $instance -Continue
            }
            
            try {
                $sqlStoreConnection = New-Object Microsoft.SqlServer.Management.Sdk.Sfc.SqlStoreConnection $server.ConnectionContext.SqlConnectionObject
                # DMF is the Declarative Management Framework, Policy Based Management's old name
                $store = New-Object Microsoft.SqlServer.Management.DMF.PolicyStore $sqlStoreConnection
            }
            catch {
                Stop-Function -Message "Failure" -Category ConnectionError -ErrorRecord $_ -Target $server -Continue
            }
            
            $allpolicies = $store.Policies
            
            if (-not $IncludeSystemObject) {
                $allpolicies = $allpolicies | Where-Object { $_.IsSystemObject -eq 0 }
            }
            
            if ($Category) {
                $allpolicies = $allpolicies | Where-Object { $_.PolicyCategory -in $Category }
            }
            
            if ($Policy) {
                $allpolicies = $allpolicies | Where-Object { $_.Name -in $Policy }
            }
            
            foreach ($currentpolicy in $allpolicies) {
                Write-Message -Level Verbose -Message "Processing $currentpolicy"
                Add-Member -Force -InputObject $currentpolicy -MemberType NoteProperty ComputerName -value $server.NetName
                Add-Member -Force -InputObject $currentpolicy -MemberType NoteProperty InstanceName -value $server.ServiceName
                Add-Member -Force -InputObject $currentpolicy -MemberType NoteProperty SqlInstance -value $server.DomainInstanceName
                
                Select-DefaultView -InputObject $currentpolicy -ExcludeProperty HelpText, HelpLink, Urn, Properties, Metadata, Parent, IdentityKey, HasScript, PolicyEvaluationStarted, ConnectionProcessingStarted, TargetProcessed, ConnectionProcessingFinished, PolicyEvaluationFinished, PropertyMetadataChanged, PropertyChanged
            }
        }
    }
}