xExchange

1.23.0.0

DSCResources/MSFT_xExchAntiMalwareScanning/MSFT_xExchAntiMalwareScanning.psm1

                                function Get-TargetResource

{

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]

    [CmdletBinding()]

    [OutputType([System.Collections.Hashtable])]

    param

    (

        [Parameter(Mandatory = $true)]

        [System.Boolean]

        $Enabled,

        [Parameter(Mandatory = $true)]

        [System.Management.Automation.PSCredential]

        [System.Management.Automation.Credential()]

        $Credential,

        [Parameter()]

        [System.Boolean]

        $AllowServiceRestart = $false

    )

    LogFunctionEntry -Parameters @{"Enabled" = $Enabled} -Verbose:$VerbosePreference

    #Establish remote Powershell session

    GetRemoteExchangeSession -Credential $Credential -CommandsToLoad 'Get-TransportAgent' -Verbose:$VerbosePreference

    $agent = Get-TransportAgent -Identity "Malware Agent"

    if ($null -ne $agent)

    {

        $returnValue = @{

            Enabled = [System.Boolean] $agent.Enabled

        }

    }

    $returnValue

}

function Set-TargetResource

{

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]

    [CmdletBinding()]

    param

    (

        [Parameter(Mandatory = $true)]

        [System.Boolean]

        $Enabled,

        [Parameter(Mandatory = $true)]

        [System.Management.Automation.PSCredential]

        [System.Management.Automation.Credential()]

        $Credential,

        [Parameter()]

        [System.Boolean]

        $AllowServiceRestart = $false

    )

    LogFunctionEntry -Parameters @{"Enabled" = $Enabled} -Verbose:$VerbosePreference

    $scriptsRoot = Join-Path -Path ((Get-ItemProperty HKLM:\SOFTWARE\Microsoft\ExchangeServer\v15\Setup).MsiInstallPath) -ChildPath "Scripts"

    if ($Enabled -eq $true)

    {

        $scriptPath = Join-Path -Path "$($scriptsRoot)" -ChildPath "Enable-AntimalwareScanning.ps1"

    }

    else

    {

        $scriptPath = Join-Path -Path "$($scriptsRoot)" -ChildPath "Disable-AntimalwareScanning.ps1"

    }

    #Override Write-Host, as it is used by the target scripts, and causes a DSC error since the session is not interactive

    New-Alias Write-Host Write-Verbose

    if($AllowServiceRestart -eq $true)

    {

        . $scriptPath -ForceRestart

    }

    else

    {

        . $scriptPath

        Write-Warning -Message 'The configuration will not take effect until the MSExchangeTransport service is manually restarted.'

    }

    Remove-HelperSnapin

    Remove-Item Alias:Write-Host

}

function Test-TargetResource

{

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSDSCUseVerboseMessageInDSCResource", "")]

    [CmdletBinding()]

    [OutputType([System.Boolean])]

    param

    (

        [Parameter(Mandatory = $true)]

        [System.Boolean]

        $Enabled,

        [Parameter(Mandatory = $true)]

        [System.Management.Automation.PSCredential]

        [System.Management.Automation.Credential()]

        $Credential,

        [Parameter()]

        [System.Boolean]

        $AllowServiceRestart = $false

    )

    LogFunctionEntry -Parameters @{"Enabled" = $Enabled} -Verbose:$VerbosePreference

    $agentStatus = Get-TargetResource @PSBoundParameters

    $testResults = $true

    if ($null -eq $agentStatus)

    {

        Write-Verbose -Message 'Unable to retrieve AntiMalware Agent Status for server'

        $testResults = $false

    }

    else

    {

        if (!(VerifySetting -Name "Enabled" -Type "Boolean" -ExpectedValue $Enabled -ActualValue $agentStatus.Enabled -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference))

        {

            $testResults = $false

        }

    }

    Remove-HelperSnapin

    return $testResults

}

<#

    .SYNOPSIS

        Removes the Exchange and ForeFront snapins, which are loaded by the

        Enable/Disable-AntimalwareScanning.ps1 scripts in the $Exscripts

        directory. Prevents an issue where if a snapin is added by multiple

        modules during the same session, subsequent additions of the same

        module fail with 'An item with the same key has already been added'.

    .NOTES

        This similar function exists in the files

        MSFT_xExchAntiMalwareScanning.psm1 and MSFT_xExchMaintenanceMode.psm1.

        This was initially attempted to be put in xExchangeHelper.psm1 instead.

        However when xExchangeHelper.psm1 is loaded as a NestedModule from

        xExchange.psd1, functions within xExchangeHelper.psm1 do not appear to

        be able to detect added snapins loaded by scripts called from other

        modules. The added snapins were only detectable when running

        Get-PSSnapin directly from functions within

        MSFT_xExchAntiMalwareScanning.psm1 and MSFT_xExchMaintenanceMode.psm1.

#>

function Remove-HelperSnapin

{

    [CmdletBinding()]

    param()

    $snapinsToRemove = @('Microsoft.Exchange.Management.Powershell.E2010', 'Microsoft.Forefront.Filtering.Management.PowerShell')

    foreach ($snapin in $snapinsToRemove)

    {

        if ($null -ne (Get-PSSnapin -Name $snapin -ErrorAction SilentlyContinue))

        {

            Write-Verbose -Message "'$snapin' snapin is currently loaded. Removing."

            Remove-PSSnapin -Name $snapin -ErrorAction SilentlyContinue -Confirm:$false

        }

    }

}

Export-ModuleMember -Function *-TargetResource