Skip to content

Commit

Permalink
ADOrganizationalUnit: Added DomainController Parameter dsccommunity#563
Browse files Browse the repository at this point in the history
  • Loading branch information
matt2005 authored May 26, 2022
1 parent 1b336ff commit b2838d9
Show file tree
Hide file tree
Showing 5 changed files with 318 additions and 67 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ For older change log history see the [historic changelog](HISTORIC_CHANGELOG.md)
- ADDomain
- Refactored to use Get-DomainObject.
- Refactored Unit Tests.
- ADOrganizationalUnit
- Added DomainController Parameter.

## [6.2.0] - 2022-05-01

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,17 @@ $script:localizedData = Get-LocalizedData -DefaultUICulture 'en-US'
.PARAMETER Path
Specifies the X.500 path of the OrganizationalUnit (OU) or container where the new object is created.
.PARAMETER Credential
The credential to be used to perform the operation on Active Directory.
.PARAMETER DomainController
Active Directory domain controller to enact the change upon.
.NOTES
Used Functions:
Name | Module
------------------------------|--------------------------
Get-ADCommonParameters | ActiveDirectoryDsc.Common
Get-ADOrganizationalUnit | ActiveDirectory
Assert-Module | DscResource.Common
New-InvalidOperationException | DscResource.Common
Expand All @@ -39,17 +46,39 @@ function Get-TargetResource

[Parameter(Mandatory = $true)]
[System.String]
$Path
$Path,

[Parameter()]
[ValidateNotNull()]
[System.Management.Automation.PSCredential]
[System.Management.Automation.CredentialAttribute()]
$Credential,

[Parameter()]
[ValidateNotNull()]
[System.String]
$DomainController
)

Assert-Module -ModuleName 'ActiveDirectory'

Write-Verbose ($script:localizedData.RetrievingOU -f $Name, $Path)
$commonParameters = Get-ADCommonParameters @PSBoundParameters

Write-Verbose -Message ($script:localizedData.RetrievingOU -f $Name, $Path)

$getADOUProperties = ('Name', 'DistinguishedName', 'Description', 'ProtectedFromAccidentalDeletion')

try
{
$ou = Get-ADOrganizationalUnit -Filter "Name -eq `"$Name`"" -SearchBase $Path `
-SearchScope OneLevel -Properties ProtectedFromAccidentalDeletion, Description
$getADOUParameters = $commonParameters.Clone()
$getADOUParameters.Filter = ('Name -eq "{0}"' -f $Name)
$getADOUParameters.SearchBase = $Path
$getADOUParameters.SearchScope = 'OneLevel'
$getADOUParameters.Properties = $getADOUProperties
$getADOUParameters.Remove('Identity')
$getADOUParameters.Remove('Name')
$getADOUParameters.Remove('Path')
$ou = Get-ADOrganizationalUnit @getADOUParameters
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
Expand Down Expand Up @@ -108,6 +137,9 @@ function Get-TargetResource
.PARAMETER Credential
The credential to be used to perform the operation on Active Directory.
.PARAMETER DomainController
Active Directory domain controller to enact the change upon.
.PARAMETER ProtectedFromAccidentalDeletion
Specifies if the Organizational Unit (OU) container should be protected from deletion. Default value is $true.
Expand Down Expand Up @@ -161,30 +193,50 @@ function Test-TargetResource
[Parameter()]
[ValidateNotNull()]
[System.Boolean]
$RestoreFromRecycleBin
$RestoreFromRecycleBin,

[Parameter()]
[ValidateNotNullOrEmpty()]
[System.String]
$DomainController
)

$targetResource = Get-TargetResource -Name $Name -Path $Path
$getTargetResourceParameters = @{
Name = $Name
Path = $Path
Credential = $Credential
DomainController = $DomainController
}

# Remove parameters that have not been specified, unless in the IgnoreParameters array
@($getTargetResourceParameters.Keys) |
ForEach-Object {
if (-not $PSBoundParameters.ContainsKey($_))
{
$getTargetResourceParameters.Remove($_)
}
}
$getTargetResourceResult = Get-TargetResource @getTargetResourceParameters

if ($targetResource.Ensure -eq 'Present')
if ($getTargetResourceResult.Ensure -eq 'Present')
{
# Resource exists
if ($Ensure -eq 'Present')
{
# Resource should exist
$propertiesNotInDesiredState = (
Compare-ResourcePropertyState -CurrentValue $targetResource -DesiredValues $PSBoundParameters -IgnoreProperties ('Credential', 'RestoreFromRecycleBin') |
Where-Object -Property InDesiredState -eq $false)
$ignoreProperties = @('DomainController', 'Credential', 'RestoreFromRecycleBin')
$propertiesNotInDesiredState = (Compare-ResourcePropertyState -CurrentValues $getTargetResourceResult `
-DesiredValues $PSBoundParameters -IgnoreProperties $ignoreProperties `
-Verbose:$VerbosePreference | Where-Object -Property InDesiredState -eq $false)

if ($propertiesNotInDesiredState)
{
$inDesiredState = $false
}
else
{
# Resource is in the desired state
Write-Verbose ($script:localizedData.OUInDesiredState -f $Name)

# Resource is in desired state
Write-Verbose -Message ($script:localizedData.OUInDesiredState -f $Name)
$inDesiredState = $true
}
}
Expand Down Expand Up @@ -234,6 +286,9 @@ function Test-TargetResource
.PARAMETER Credential
The credential to be used to perform the operation on Active Directory.
.PARAMETER DomainController
Active Directory domain controller to enact the change upon.
.PARAMETER ProtectedFromAccidentalDeletion
Specifies if the Organizational Unit (OU) container should be protected from deletion. Default value is $true.
Expand Down Expand Up @@ -278,6 +333,11 @@ function Set-TargetResource
[System.Management.Automation.CredentialAttribute()]
$Credential,

[Parameter()]
[ValidateNotNullOrEmpty()]
[System.String]
$DomainController,

[Parameter()]
[ValidateNotNull()]
[System.Boolean]
Expand All @@ -294,16 +354,32 @@ function Set-TargetResource
$RestoreFromRecycleBin
)

$targetResource = Get-TargetResource -Name $Name -Path $Path
$getTargetResourceParameters = @{
Name = $Name
Path = $Path
Credential = $Credential
DomainController = $DomainController
}

if ($targetResource.Ensure -eq 'Present')
# Remove parameters that have not been specified
@($getTargetResourceParameters.Keys) |
ForEach-Object {
if (-not $PSBoundParameters.ContainsKey($_))
{
$getTargetResourceParameters.Remove($_)
}
}

$getTargetResourceResult = Get-TargetResource @getTargetResourceParameters

if ($getTargetResourceResult.Ensure -eq 'Present')
{
if ($Ensure -eq 'Present')
{
Write-Verbose ($script:localizedData.UpdatingOU -f $Name)

$setADOrganizationalUnitParams = @{
Identity = $targetResource.DistinguishedName
Identity = $getTargetResourceResult.DistinguishedName
Description = $Description
ProtectedFromAccidentalDeletion = $ProtectedFromAccidentalDeletion
}
Expand All @@ -313,6 +389,11 @@ function Set-TargetResource
$setADOrganizationalUnitParams['Credential'] = $Credential
}

if ($DomainController)
{
$setADOrganizationalUnitParams['Server'] = $DomainController
}

try
{
Set-ADOrganizationalUnit @setADOrganizationalUnitParams
Expand All @@ -329,10 +410,10 @@ function Set-TargetResource
Write-Verbose ($script:localizedData.DeletingOU -f $Name)

# Disable 'ProtectedFromAccidentalDeletion' if it is set.
if ($targetResource.ProtectedFromAccidentalDeletion)
if ($getTargetResourceResult.ProtectedFromAccidentalDeletion)
{
$setADOrganizationalUnitParams = @{
Identity = $targetResource.DistinguishedName
Identity = $getTargetResourceResult.DistinguishedName
ProtectedFromAccidentalDeletion = $false
}

Expand All @@ -341,6 +422,11 @@ function Set-TargetResource
$setADOrganizationalUnitParams['Credential'] = $Credential
}

if ($DomainController)
{
$setADOrganizationalUnitParams['Server'] = $DomainController
}

try
{
Set-ADOrganizationalUnit @setADOrganizationalUnitParams
Expand All @@ -353,14 +439,19 @@ function Set-TargetResource
}

$removeADOrganizationalUnitParams = @{
Identity = $targetResource.DistinguishedName
Identity = $getTargetResourceResult.DistinguishedName
}

if ($Credential)
{
$removeADOrganizationalUnitParams['Credential'] = $Credential
}

if ($DomainController)
{
$removeADOrganizationalUnitParams['Server'] = $DomainController
}

try
{
Remove-ADOrganizationalUnit @removeADOrganizationalUnitParams
Expand Down Expand Up @@ -391,6 +482,11 @@ function Set-TargetResource
$restoreParams['Credential'] = $Credential
}

if ($DomainController)
{
$restoreParams['Server'] = $DomainController
}

$restoreSuccessful = Restore-ADCommonObject @restoreParams
}

Expand All @@ -410,6 +506,11 @@ function Set-TargetResource
$newADOrganizationalUnitParams['Credential'] = $Credential
}

if ($DomainController)
{
$newADOrganizationalUnitParams['Server'] = $DomainController
}

try
{
New-ADOrganizationalUnit @newADOrganizationalUnitParams
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ class MSFT_ADOrganizationalUnit : OMI_BaseResource
[Key, Description("Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created.")] String Path;
[Write, Description("Specifies whether the Organizational Unit (OU) should be present or absent. Default value is 'Present'."), ValueMap{"Present", "Absent"}, Values{"Present", "Absent"}] String Ensure;
[Write, Description("The credential to be used to perform the operation on Active Directory."), EmbeddedInstance("MSFT_Credential")] String Credential;
[Write, Description("Specifies the Active Directory Domain Services instance to use to perform the task.")] String DomainController;
[Write, Description("Specifies if the Organizational Unit (OU) container should be protected from deletion. Default value is $true.")] Boolean ProtectedFromAccidentalDeletion;
[Write, Description("Specifies the description of the Organizational Unit (OU). Default value is empty ('').")] String Description;
[Write, Description("Try to restore the Organizational Unit (OU) from the recycle bin before creating a new one.")] Boolean RestoreFromRecycleBin;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,10 @@
Write - PSCredential
The credential to be used to perform the operation on Active Directory.

.PARAMETER DomainController
Write - String
Specifies the Active Directory Domain Services instance to use to perform the task.

.PARAMETER ProtectedFromAccidentalDeletion
Write - Boolean
Specifies if the Organizational Unit (OU) container should be protected from deletion. Default value is $true.
Expand Down
Loading

0 comments on commit b2838d9

Please sign in to comment.