functions/Set-DbaNetworkConfiguration.ps1
|
function Set-DbaNetworkConfiguration { <# .SYNOPSIS Sets the network configuration of a SQL Server instance. .DESCRIPTION Sets the network configuration of a SQL Server instance. Parameters are available for typical tasks like enabling or disabling a protocol or switching between dynamic and static ports. The object returned by Get-DbaNetworkConfiguration can be used to adjust settings of the properties and then passed to this command via pipeline or -InputObject parameter. A change to the network configuration with SQL Server requires a restart to take effect, support for this can be done via the RestartService parameter. Remote SQL WMI is used by default, with PS Remoting used as a fallback. For a detailed explanation of the different properties see the documentation at: https://docs.microsoft.com/en-us/sql/tools/configuration-manager/sql-server-network-configuration .PARAMETER SqlInstance The target SQL Server instance or instances. .PARAMETER Credential Credential object used to connect to the Computer as a different user. .PARAMETER EnableProtocol Enables one of the following network protocols: SharedMemory, NamedPipes, TcpIp. .PARAMETER DisableProtocol Disables one of the following network protocols: SharedMemory, NamedPipes, TcpIp. .PARAMETER DynamicPortForIPAll Configures the instance to listen on a dynamic port for all IP addresses. Will enable the TCP/IP protocol if needed. Will set TcpIpProperties.ListenAll to $true if needed. Will reset the last used dynamic port if already set. .PARAMETER StaticPortForIPAll Configures the instance to listen on one or more static ports for all IP addresses. Will enable the TCP/IP protocol if needed. Will set TcpIpProperties.ListenAll to $true if needed. .PARAMETER RestartService Every change to the network configuration needs a service restart to take effect. This switch will force a restart of the service if the network configuration has changed. .PARAMETER InputObject The output object from Get-DbaNetworkConfiguration. Get-DbaNetworkConfiguration has to be run with -OutputType Full (default) to get the complete object. .PARAMETER EnableException By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch. .PARAMETER WhatIf If this switch is enabled, no actions are performed but informational messages will be displayed that explain what would happen if the command were to run. .PARAMETER Confirm If this switch is enabled, you will be prompted for confirmation before executing any operations that change state. .NOTES Tags: SQLWMI Author: Andreas Jordan (@JordanOrdix), ordix.de Website: https://dbatools.io Copyright: (c) 2021 by dbatools, licensed under MIT License: MIT https://opensource.org/licenses/MIT .LINK https://dbatools.io/Set-DbaNetworkConfiguration .EXAMPLE PS C:\> Set-DbaNetworkConfiguration -SqlInstance sql2016 -EnableProtocol SharedMemory -RestartService Ensures that the shared memory network protocol for the default instance on sql2016 is enabled. Restarts the service if needed. .EXAMPLE PS C:\> Set-DbaNetworkConfiguration -SqlInstance sql2016\test -StaticPortForIPAll 14331, 14332 -RestartService Ensures that the TCP/IP network protocol is enabled and configured to use the ports 14331 and 14332 for all IP addresses. Restarts the service if needed. .EXAMPLE PS C:\> $netConf = Get-DbaNetworkConfiguration -SqlInstance sqlserver2014a PS C:\> $netConf.TcpIpProperties.KeepAlive = 60000 PS C:\> $netConf | Set-DbaNetworkConfiguration -RestartService -Confirm:$false Changes the value of the KeepAlive property for the default instance on sqlserver2014a and restarts the service. Does not prompt for confirmation. #> [CmdletBinding(SupportsShouldProcess, ConfirmImpact = "High", DefaultParameterSetName = 'NonPipeline')] param ( [Parameter(ParameterSetName = 'NonPipeline', Mandatory = $true, Position = 0)] [DbaInstanceParameter[]]$SqlInstance, [Parameter(ParameterSetName = 'NonPipeline')][Parameter(ParameterSetName = 'Pipeline')] [PSCredential]$Credential, [Parameter(ParameterSetName = 'NonPipeline')] [ValidateSet('SharedMemory', 'NamedPipes', 'TcpIp')] [string]$EnableProtocol, [Parameter(ParameterSetName = 'NonPipeline')] [ValidateSet('SharedMemory', 'NamedPipes', 'TcpIp')] [string]$DisableProtocol, [Parameter(ParameterSetName = 'NonPipeline')] [switch]$DynamicPortForIPAll, [Parameter(ParameterSetName = 'NonPipeline')] [int[]]$StaticPortForIPAll, [Parameter(ParameterSetName = 'NonPipeline')][Parameter(ParameterSetName = 'Pipeline')] [switch]$RestartService, [parameter(ValueFromPipeline, ParameterSetName = 'Pipeline', Mandatory = $true)] [object[]]$InputObject, [Parameter(ParameterSetName = 'NonPipeline')][Parameter(ParameterSetName = 'Pipeline')] [switch]$EnableException ) begin { $wmiScriptBlock = { # This scriptblock will be processed by Invoke-ManagedComputerCommand. # It is extended there above this line by the following lines: # $ipaddr = $args[$args.GetUpperBound(0)] # [void][System.Reflection.Assembly]::LoadWithPartialName('Microsoft.SqlServer.SqlWmiManagement') # $wmi = New-Object Microsoft.SqlServer.Management.Smo.Wmi.ManagedComputer $ipaddr # $null = $wmi.Initialize() # So we can use $wmi here and assume that there is a successful connection. # We take on object as the first parameter which has to include the instance name and the target network configuration. $targetConf = $args[0] $changes = @() $verbose = @() $exception = $null try { $verbose += "Getting server protocols for $($targetConf.InstanceName)" $wmiServerProtocols = ($wmi.ServerInstances | Where-Object { $_.Name -eq $targetConf.InstanceName } ).ServerProtocols $verbose += 'Getting server protocol shared memory' $wmiSpSm = $wmiServerProtocols | Where-Object { $_.Name -eq 'Sm' } if ($null -eq $targetConf.SharedMemoryEnabled) { $verbose += 'SharedMemoryEnabled not in target object' } elseif ($wmiSpSm.IsEnabled -ne $targetConf.SharedMemoryEnabled) { $wmiSpSm.IsEnabled = $targetConf.SharedMemoryEnabled $wmiSpSm.Alter() $changes += "Changed SharedMemoryEnabled to $($targetConf.SharedMemoryEnabled)" } $verbose += 'Getting server protocol named pipes' $wmiSpNp = $wmiServerProtocols | Where-Object { $_.Name -eq 'Np' } if ($null -eq $targetConf.NamedPipesEnabled) { $verbose += 'NamedPipesEnabled not in target object' } elseif ($wmiSpNp.IsEnabled -ne $targetConf.NamedPipesEnabled) { $wmiSpNp.IsEnabled = $targetConf.NamedPipesEnabled $wmiSpNp.Alter() $changes += "Changed NamedPipesEnabled to $($targetConf.NamedPipesEnabled)" } $verbose += 'Getting server protocol TCP/IP' $wmiSpTcp = $wmiServerProtocols | Where-Object { $_.Name -eq 'Tcp' } if ($null -eq $targetConf.TcpIpEnabled) { $verbose += 'TcpIpEnabled not in target object' } elseif ($wmiSpTcp.IsEnabled -ne $targetConf.TcpIpEnabled) { $wmiSpTcp.IsEnabled = $targetConf.TcpIpEnabled $wmiSpTcp.Alter() $changes += "Changed TcpIpEnabled to $($targetConf.TcpIpEnabled)" } $verbose += 'Getting properties for server protocol TCP/IP' $wmiSpTcpEnabled = $wmiSpTcp.ProtocolProperties | Where-Object { $_.Name -eq 'Enabled' } if ($null -eq $targetConf.TcpIpProperties.Enabled) { $verbose += 'TcpIpProperties.Enabled not in target object' } elseif ($wmiSpTcpEnabled.Value -ne $targetConf.TcpIpProperties.Enabled) { $wmiSpTcpEnabled.Value = $targetConf.TcpIpProperties.Enabled $wmiSpTcp.Alter() $changes += "Changed TcpIpProperties.Enabled to $($targetConf.TcpIpProperties.Enabled)" } $wmiSpTcpKeepAlive = $wmiSpTcp.ProtocolProperties | Where-Object { $_.Name -eq 'KeepAlive' } if ($null -eq $targetConf.TcpIpProperties.KeepAlive) { $verbose += 'TcpIpProperties.KeepAlive not in target object' } elseif ($wmiSpTcpKeepAlive.Value -ne $targetConf.TcpIpProperties.KeepAlive) { $wmiSpTcpKeepAlive.Value = $targetConf.TcpIpProperties.KeepAlive $wmiSpTcp.Alter() $changes += "Changed TcpIpProperties.KeepAlive to $($targetConf.TcpIpProperties.KeepAlive)" } $wmiSpTcpListenOnAllIPs = $wmiSpTcp.ProtocolProperties | Where-Object { $_.Name -eq 'ListenOnAllIPs' } if ($null -eq $targetConf.TcpIpProperties.ListenAll) { $verbose += 'TcpIpProperties.ListenAll not in target object' } elseif ($wmiSpTcpListenOnAllIPs.Value -ne $targetConf.TcpIpProperties.ListenAll) { $wmiSpTcpListenOnAllIPs.Value = $targetConf.TcpIpProperties.ListenAll $wmiSpTcp.Alter() $changes += "Changed TcpIpProperties.ListenAll to $($targetConf.TcpIpProperties.ListenAll)" } $verbose += 'Getting properties for IPn' $wmiIPn = $wmiSpTcp.IPAddresses | Where-Object { $_.Name -ne 'IPAll' } foreach ($ip in $wmiIPn) { $ipTarget = $targetConf.TcpIpAddresses | Where-Object { $_.Name -eq $ip.Name } $ipActive = $ip.IPAddressProperties | Where-Object { $_.Name -eq 'Active' } if ($null -eq $ipTarget.Active) { $verbose += 'Active not in target IP address object' } elseif ($ipActive.Value -ne $ipTarget.Active) { $ipActive.Value = $ipTarget.Active $wmiSpTcp.Alter() $changes += "Changed Active for $($ip.Name) to $($ipTarget.Active)" } $ipEnabled = $ip.IPAddressProperties | Where-Object { $_.Name -eq 'Enabled' } if ($null -eq $ipTarget.Enabled) { $verbose += 'Enabled not in target IP address object' } elseif ($ipEnabled.Value -ne $ipTarget.Enabled) { $ipEnabled.Value = $ipTarget.Enabled $wmiSpTcp.Alter() $changes += "Changed Enabled for $($ip.Name) to $($ipTarget.Enabled)" } $ipIpAddress = $ip.IPAddressProperties | Where-Object { $_.Name -eq 'IpAddress' } if ($null -eq $ipTarget.IpAddress) { $verbose += 'IpAddress not in target IP address object' } elseif ($ipIpAddress.Value -ne $ipTarget.IpAddress) { $ipIpAddress.Value = $ipTarget.IpAddress $wmiSpTcp.Alter() $changes += "Changed IpAddress for $($ip.Name) to $($ipTarget.IpAddress)" } $ipTcpDynamicPorts = $ip.IPAddressProperties | Where-Object { $_.Name -eq 'TcpDynamicPorts' } if ($null -eq $ipTarget.TcpDynamicPorts) { $verbose += 'TcpDynamicPorts not in target IP address object' } elseif ($ipTcpDynamicPorts.Value -ne $ipTarget.TcpDynamicPorts) { $ipTcpDynamicPorts.Value = $ipTarget.TcpDynamicPorts $wmiSpTcp.Alter() $changes += "Changed TcpDynamicPorts for $($ip.Name) to $($ipTarget.TcpDynamicPorts)" } $ipTcpPort = $ip.IPAddressProperties | Where-Object { $_.Name -eq 'TcpPort' } if ($null -eq $ipTarget.TcpPort) { $verbose += 'TcpPort not in target IP address object' } elseif ($ipTcpPort.Value -ne $ipTarget.TcpPort) { $ipTcpPort.Value = $ipTarget.TcpPort $wmiSpTcp.Alter() $changes += "Changed TcpPort for $($ip.Name) to $($ipTarget.TcpPort)" } } $verbose += 'Getting properties for IPAll' $wmiIPAll = $wmiSpTcp.IPAddresses | Where-Object { $_.Name -eq 'IPAll' } $ipTarget = $targetConf.TcpIpAddresses | Where-Object { $_.Name -eq 'IPAll' } $ipTcpDynamicPorts = $wmiIPAll.IPAddressProperties | Where-Object { $_.Name -eq 'TcpDynamicPorts' } if ($null -eq $ipTarget.TcpDynamicPorts) { $verbose += 'TcpDynamicPorts not in target IP address object' } elseif ($ipTcpDynamicPorts.Value -ne $ipTarget.TcpDynamicPorts) { $ipTcpDynamicPorts.Value = $ipTarget.TcpDynamicPorts $wmiSpTcp.Alter() $changes += "Changed TcpDynamicPorts for $($wmiIPAll.Name) to $($ipTarget.TcpDynamicPorts)" } $ipTcpPort = $wmiIPAll.IPAddressProperties | Where-Object { $_.Name -eq 'TcpPort' } if ($null -eq $ipTarget.TcpPort) { $verbose += 'TcpPort not in target IP address object' } elseif ($ipTcpPort.Value -ne $ipTarget.TcpPort) { $ipTcpPort.Value = $ipTarget.TcpPort $wmiSpTcp.Alter() $changes += "Changed TcpPort for $($wmiIPAll.Name) to $($ipTarget.TcpPort)" } } catch { $exception = $_ } [PSCustomObject]@{ Changes = $changes Verbose = $verbose Exception = $exception } } } process { if ($SqlInstance -and (Test-Bound -Not -ParameterName EnableProtocol, DisableProtocol, DynamicPortForIPAll, StaticPortForIPAll)) { Stop-Function -Message "You must choose an action if SqlInstance is used." return } if ($SqlInstance -and (Test-Bound -ParameterName EnableProtocol, DisableProtocol, DynamicPortForIPAll, StaticPortForIPAll -Not -Max 1)) { Stop-Function -Message "Only one action is allowed at a time." return } foreach ($instance in $SqlInstance) { try { Write-Message -Level Verbose -Message "Get network configuration from $($instance.ComputerName) for instance $($instance.InstanceName)." $netConf = Get-DbaNetworkConfiguration -SqlInstance $instance -Credential $Credential -EnableException } catch { Stop-Function -Message "Failed to collect network configuration from $($instance.ComputerName) for instance $($instance.InstanceName)." -Target $instance -ErrorRecord $_ -Continue } if ($EnableProtocol) { if ($netConf."${EnableProtocol}Enabled") { Write-Message -Level Verbose -Message "Protocol $EnableProtocol is already enabled on $instance." } else { Write-Message -Level Verbose -Message "Will enable protocol $EnableProtocol on $instance." $netConf."${EnableProtocol}Enabled" = $true if ($EnableProtocol -eq 'TcpIp') { $netConf.TcpIpProperties.Enabled = $true } } } if ($DisableProtocol) { if ($netConf."${DisableProtocol}Enabled") { Write-Message -Level Verbose -Message "Will disable protocol $EnableProtocol on $instance." $netConf."${DisableProtocol}Enabled" = $false if ($DisableProtocol -eq 'TcpIp') { $netConf.TcpIpProperties.Enabled = $false } } else { Write-Message -Level Verbose -Message "Protocol $EnableProtocol is already disabled on $instance." } } if ($DynamicPortForIPAll) { if (-not $netConf.TcpIpEnabled) { Write-Message -Level Verbose -Message "Will enable protocol TcpIp on $instance." $netConf.TcpIpEnabled = $true } if (-not $netConf.TcpIpProperties.Enabled) { Write-Message -Level Verbose -Message "Will set property Enabled of protocol TcpIp to True on $instance." $netConf.TcpIpProperties.Enabled = $true } if (-not $netConf.TcpIpProperties.ListenAll) { Write-Message -Level Verbose -Message "Will set property ListenAll of protocol TcpIp to True on $instance." $netConf.TcpIpProperties.ListenAll = $true } $ipAll = $netConf.TcpIpAddresses | Where-Object { $_.Name -eq 'IPAll' } Write-Message -Level Verbose -Message "Will set property TcpDynamicPorts of IPAll to '0' on $instance." $ipAll.TcpDynamicPorts = '0' Write-Message -Level Verbose -Message "Will set property TcpPort of IPAll to '' on $instance." $ipAll.TcpPort = '' } if ($StaticPortForIPAll) { if (-not $netConf.TcpIpEnabled) { Write-Message -Level Verbose -Message "Will enable protocol TcpIp on $instance." $netConf.TcpIpEnabled = $true } if (-not $netConf.TcpIpProperties.Enabled) { Write-Message -Level Verbose -Message "Will set property Enabled of protocol TcpIp to True on $instance." $netConf.TcpIpProperties.Enabled = $true } if (-not $netConf.TcpIpProperties.ListenAll) { Write-Message -Level Verbose -Message "Will set property ListenAll of protocol TcpIp to True on $instance." $netConf.TcpIpProperties.ListenAll = $true } $ipAll = $netConf.TcpIpAddresses | Where-Object { $_.Name -eq 'IPAll' } Write-Message -Level Verbose -Message "Will set property TcpDynamicPorts of IPAll to '' on $instance." $ipAll.TcpDynamicPorts = '' $port = $StaticPortForIPAll -join ',' Write-Message -Level Verbose -Message "Will set property TcpPort of IPAll to '$port' on $instance." $ipAll.TcpPort = $port } $InputObject += $netConf } foreach ($netConf in $InputObject) { try { $output = [PSCustomObject]@{ ComputerName = $netConf.ComputerName InstanceName = $netConf.InstanceName SqlInstance = $netConf.SqlInstance Changes = @() RestartNeeded = $false Restarted = $false } if ($Pscmdlet.ShouldProcess("Setting network configuration for instance $($netConf.InstanceName) on $($netConf.ComputerName)")) { $return = Invoke-ManagedComputerCommand -ComputerName $netConf.ComputerName -Credential $Credential -ScriptBlock $wmiScriptBlock -ArgumentList $netConf $output.Changes = $return.Changes foreach ($msg in $return.Verbose) { Write-Message -Level Verbose -Message $msg } if ($return.Exception) { Stop-Function -Message "Setting network configuration for instance $($netConf.InstanceName) on $($netConf.ComputerName) failed with: $($return.Exception)" -Target $netConf.ComputerName -ErrorRecord $output.Exception -Continue } } if ($return.Changes.Count -gt 0) { $output.RestartNeeded = $true if ($RestartService) { if ($Pscmdlet.ShouldProcess("Restarting service for instance $($netConf.InstanceName) on $($netConf.ComputerName)")) { try { $null = Restart-DbaService -ComputerName $netConf.ComputerName -InstanceName $netConf.InstanceName -Credential $Credential -Type Engine -Force -EnableException -Confirm:$false $output.Restarted = $true } catch { Write-Message -Level Warning -Message "A restart of the service for instance $($netConf.InstanceName) on $($netConf.ComputerName) failed ($_). Restart of instance is necessary for the new settings to take effect." } } } else { Write-Message -Level Warning -Message "A restart of the service for instance $($netConf.InstanceName) on $($netConf.ComputerName) is needed for the changes to take effect." } } $output } catch { Stop-Function -Message "Setting network configuration for instance $($netConf.InstanceName) on $($netConf.ComputerName) not possible." -Target $netConf.ComputerName -ErrorRecord $_ -Continue } } } } |