diff --git a/CHANGELOG.md b/CHANGELOG.md index 1aadab3d..b71da4d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ - Added xExchAddressList ressource - Added xExchSendConnector resource +- Added additional parameters to the MSFT_xExchImapSettings resource ## 1.30.0.0 diff --git a/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.psm1 b/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.psm1 index 1d908aa1..01e8e836 100644 --- a/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.psm1 +++ b/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.psm1 @@ -3,7 +3,12 @@ Retrieves the current DSC configuration for this resource. .PARAMETER Server - The IMAP server to configure. + The Server parameter specifies the Exchange server where you want to run this command. You can use any value that uniquely identifies the server. For example: + * Name + * FQDN + * Distinguished name (DN) + * Exchange Legacy DN + If you don't use this parameter, the command is run on the local server. .PARAMETER Credential Credentials used to establish a remote PowerShell session to Exchange. @@ -18,18 +23,156 @@ Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com. + .Parameter AuthenticatedConnectionTimeout + The AuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle authenticated connection. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are 00:00:30 to 1:00:00. The default setting is 00:30:00 (30 minutes). + + .Parameter Banner + The Banner parameter specifies the text string that's displayed to connecting IMAP4 clients. The default value is: The Microsoft Exchange IMAP4 service is ready. + + .Parameter CalendarItemRetrievalOption + The CalendarItemRetrievalOption parameter specifies how calendar items are presented to IMAP4 clients. Valid values are: + * 0 or iCalendar. This is the default value. + * 1 or IntranetUrl + * 2 or InternetUrl + * 3 or Custom + If you specify 3 or Custom, you need to specify a value for the OwaServerUrl parameter setting. + + .Parameter EnableExactRFC822Size + The EnableExactRFC822Size parameter specifies how message sizes are presented to IMAP4 clients. Valid values are: + * $true: Calculate the exact message size. Because this setting can negatively affect performance, you should configure it only if it's required by your IMAP4 clients. + * $false: Use an estimated message size. This is the default value. + + .Parameter EnableGSSAPIAndNTLMAuth + The EnableGSSAPIAndNTLMAuth parameter specifies whether connections can use Integrated Windows authentication (NTLM) using the Generic Security Services application programming interface (GSSAPI). This setting applies to connections where Transport Layer Security (TLS) is disabled. Valid values are: + * $true: NTLM for IMAP4 connections is enabled. This is the default value. + * $false: NTLM for IMAP4 connections is disabled. + + .Parameter EnforceCertificateErrors + The EnforceCertificateErrors parameter specifies whether to enforce valid Secure Sockets Layer (SSL) certificate validation failures. Valid values are: + The default setting is $false. + * $true: If the certificate isn't valid or doesn't match the target IMAP4 server's FQDN, the connection attempt fails. + * $false: The server doesn't deny IMAP4 connections based on certificate errors. This is the default value. + + .Parameter ExtendedProtectionPolicy + The ExtendedProtectionPolicy parameter specifies how Extended Protection for Authentication is used. Valid values are: + * None: Extended Protection for Authentication isn't used. This is the default value. + * Allow: Extended Protection for Authentication is used only if it's supported by the incoming IMAP4 connection. If it's not, Extended Protection for Authentication isn't used. + * Require: Extended Protection for Authentication is required for all IMAP4 connections. If the incoming IMAP4 connection doesn't support it, the connection is rejected. + Extended Protection for Authentication enhances the protection and handling of credentials by Integrated Windows authentication (also known as NTLM), so we strongly recommend that you use it if it's supported by your clients (default installations of Windows 7 or later and Windows Server 2008 R2 or later support it). + .PARAMETER ExternalConnectionSettings - The ExternalConnectionSettings parameter specifies the host name, port, - and encryption method that's used by external IMAP4 clients (IMAP4 - connections from outside your corporate network). + The ExternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by external IMAP4 clients (IMAP4 connections from outside your corporate network). + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is blank ($null), which means no external IMAP4 connection settings are configured. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter InternalConnectionSettings + The InternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by internal IMAP4 clients (IMAP4 connections from inside your corporate network). This setting is also used when a IMAP4 connection is forwarded to another Exchange server that's running the Microsoft Exchange IMAP4 service. + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is :993:SSL,:143:TLS. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter LogFileLocation + The LogFileLocation parameter specifies the location for the IMAP4 protocol log files. The default location is %ExchangeInstallPath%Logging\Imap4. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. + + .Parameter LogFileRollOverSettings + The LogFileRollOverSettings parameter specifies how frequently IMAP4 protocol logging creates a new log file. Valid values are: + * 1 or Hourly. + * 2 or Daily. This is the default value + * 3 or Weekly. + * 4 or Monthly. + This parameter is only meaningful when the LogPerFileSizeQuota parameter value is 0, and the ProtocolLogEnabled parameter value is $true. + + .Parameter LogPerFileSizeQuota + The LogPerFileSizeQuota parameter specifies the maximum size of a IMAP4 protocol log file. + When you enter a value, qualify the value with one of the following units: + * B (bytes) + * KB (kilobytes) + * MB (megabytes) + * GB (gigabytes) + * TB (terabytes) + Unqualified values are typically treated as bytes, but small values may be rounded up to the nearest kilobyte. + The default value is 0, which means a new IMAP4 protocol log file is created at the frequency that's specified by the LogFileRollOverSettings parameter. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. .PARAMETER LoginType - The LoginType parameter specifies the authentication method for IMAP4 - connections. + The LoginType parameter specifies the authentication method for IMAP4 connections. Valid values are: + * 1 or PlainTextLogin. + * 2 or PlainTextAuthentication. + * 3 or SecureLogin. This is the default value. + + .Parameter MaxCommandSize + The MaxCommandSize parameter specifies the maximum size in bytes of a single IMAP4 command. Valid values are from 40 through 1024. The default value is 512. + + .Parameter MaxConnectionFromSingleIP + The MaxConnectionFromSingleIP parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server from a single IP address. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnections + The MaxConnections parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnectionsPerUser + The MaxConnectionsPerUser parameter specifies the maximum number of IMAP4 connections that are allowed for each user. Valid values are from 1 through 2147483647. The default value is 16. + + .Parameter MessageRetrievalMimeFormat + The MessageRetrievalMimeFormat parameter specifies the MIME encoding of messages. Valid values are: + * 0 or TextOnly. + * 1 or HtmlOnly. + * 2 or HtmlAndTextAlternative. + * 3 or TextEnrichedOnly. + * 4 or TextEnrichedAndTextAlternative. + * 5 or BestBodyFormat. This is the default value. + * 6 or Tnef. + + .Parameter OwaServerUrl + The OwaServerUrl parameter specifies the URL that's used to retrieve calendar information for instances of custom Outlook on the web calendar items. + + .Parameter PreAuthenticatedConnectionTimeout + The PreAuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle IMAP4 connection that isn't authenticated. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are00:00:30 to 1:00:00. The default value is 00:01:00 (one minute). + + .Parameter ProtocolLogEnabled + The ProtocolLogEnabled parameter specifies whether to enable protocol logging for IMAP4. Valid values are: + * $true: IMAP4 protocol logging is enabled. + * $false: IMAP4 protocol logging is disabled. This is the default value. + + .Parameter ProxyTargetPort + The ProxyTargetPort parameter specifies the port on the Microsoft Exchange IMAP4 Backend service that listens for client connections that are proxied from the Microsoft Exchange IMAP4 service. The default value is 1993. + + .Parameter ShowHiddenFoldersEnabled + The ShowHiddenFoldersEnabled parameter specifies whether hidden mailbox folders are visible. Valid values are: + * $true: Hidden folders are visible. + * $false: Hidden folders aren't visible. This is the default value. + + .Parameter SSLBindings + The SSLBindings parameter specifies the IP address and TCP port that's used for IMAP4 connection that's always encrypted by SSL/TLS. This parameter uses the syntax :. + The default value is [::]:993,0.0.0.0:993. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + + .Parameter SuppressReadReceipt + The SuppressReadReceipt parameter specifies whether to stop duplicate read receipts from being sent to IMAP4 clients that have the Send read receipts for messages I send setting configured in their IMAP4 email program. Valid values are: + * $true: The sender receives a read receipt only when the recipient opens the message. + * $false: The sender receives a read receipt when the recipient downloads the message, and when the recipient opens the message. This is the default value. + + .Parameter UnencryptedOrTLSBindings + The UnencryptedOrTLSBindings parameter specifies the IP address and TCP port that's used for unencrypted IMAP4 connections, or IMAP4 connections that are encrypted by using opportunistic TLS (STARTTLS) after the initial unencrypted protocol handshake. This parameter uses the syntax :. + The default value is [::]:143,0.0.0.0:143. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. .PARAMETER X509CertificateName - The X509CertificateName parameter specifies the certificate that's used - for encrypting IMAP4 client connections. + The X509CertificateName parameter specifies the certificate that's used for encrypting IMAP4 client connections. + A valid value for this parameter is the FQDN from the ExternalConnectionSettings or InternalConnectionSettings parameters (for example, mail.contoso.com or mailbox01.contoso.com). + If you use a single subject certificate or a subject alternative name (SAN) certificate, you also need to assign the certificate to the Exchange IMAP service by using the Enable-ExchangeCertificate cmdlet. + If you use a wildcard certificate, you don't need to assign the certificate to the Exchange IMAP service. #> function Get-TargetResource { @@ -66,7 +209,107 @@ function Get-TargetResource [Parameter()] [System.String] - $X509CertificateName + $X509CertificateName, + + [Parameter()] + [System.String] + $AuthenticatedConnectionTimeout, + + [Parameter()] + [System.String] + $Banner, + + [Parameter()] + [ValidateSet('iCalendar', 'IntranetUrl', 'InternetUrl', 'Custom')] + [System.String] + $CalendarItemRetrievalOption, + + [Parameter()] + [System.Boolean] + $EnableExactRFC822Size, + + [Parameter()] + [System.Boolean] + $EnableGSSAPIAndNTLMAuth, + + [Parameter()] + [System.Boolean] + $EnforceCertificateErrors, + + [Parameter()] + [ValidateSet('None', 'Allow', 'Require')] + [System.String] + $ExtendedProtectionPolicy, + + [Parameter()] + [System.String[]] + $InternalConnectionSettings, + + [Parameter()] + [System.String] + $LogFileLocation, + + [Parameter()] + [ValidateSet('Hourly', 'Daily', 'Weekly', 'Monthly')] + [System.String] + $LogFileRollOverSettings, + + [Parameter()] + [System.String] + $LogPerFileSizeQuota, + + [Parameter()] + [System.Int32] + $MaxCommandSize, + + [Parameter()] + [System.Int32] + $MaxConnectionFromSingleIP, + + [Parameter()] + [System.Int32] + $MaxConnections, + + [Parameter()] + [System.Int32] + $MaxConnectionsPerUser, + + [Parameter()] + [ValidateSet('TextOnly', 'HtmlOnly', 'HtmlAndTextAlternative', 'TextEnrichedOnly', 'TextEnrichedAndTextAlternative', 'BestBodyFormat', 'Tnef')] + [System.String] + $MessageRetrievalMimeFormat, + + [Parameter()] + [System.String] + $OwaServerUrl, + + [Parameter()] + [System.String] + $PreAuthenticatedConnectionTimeout, + + [Parameter()] + [System.Boolean] + $ProtocolLogEnabled, + + [Parameter()] + [System.Int32] + $ProxyTargetPort, + + [Parameter()] + [System.Boolean] + $ShowHiddenFoldersEnabled, + + [Parameter()] + [System.String[]] + $SSLBindings, + + [Parameter()] + [System.Boolean] + $SuppressReadReceipt, + + [Parameter()] + [System.String[]] + $UnencryptedOrTLSBindings ) Write-FunctionEntry -Parameters @{ @@ -81,10 +324,34 @@ function Get-TargetResource if ($null -ne $imap) { $returnValue = @{ - Server = [System.String] $Server - ExternalConnectionSettings = [System.String[]] $imap.ExternalConnectionSettings - LoginType = [System.String] $imap.LoginType - X509CertificateName = [System.String] $imap.X509CertificateName + Server = [System.String] $Server + ExternalConnectionSettings = [System.String[]] $imap.ExternalConnectionSettings + LoginType = [System.String] $imap.LoginType + X509CertificateName = [System.String] $imap.X509CertificateName + AuthenticatedConnectionTimeout = [System.String] $imap.AuthenticatedConnectionTimeout + Banner = [System.String] $imap.Banner + CalendarItemRetrievalOption = [System.String] $imap.CalendarItemRetrievalOption + EnableExactRFC822Size = [System.Boolean] $imap.EnableExactRFC822Size + EnableGSSAPIAndNTLMAuth = [System.Boolean] $imap.EnableGSSAPIAndNTLMAuth + EnforceCertificateErrors = [System.Boolean] $imap.EnforceCertificateErrors + ExtendedProtectionPolicy = [System.String] $imap.ExtendedProtectionPolicy + InternalConnectionSettings = [System.String[]] $imap.InternalConnectionSettings + LogFileLocation = [System.String] $imap.LogFileLocation + LogFileRollOverSettings = [System.String] $imap.LogFileRollOverSettings + LogPerFileSizeQuota = [System.String] $imap.LogPerFileSizeQuota + MaxCommandSize = [System.Int32] $imap.MaxCommandSize + MaxConnectionFromSingleIP = [System.Int32] $imap.MaxConnectionFromSingleIP + MaxConnections = [System.Int32] $imap.MaxConnections + MaxConnectionsPerUser = [System.Int32] $imap.MaxConnectionsPerUser + MessageRetrievalMimeFormat = [System.String] $imap.MessageRetrievalMimeFormat + OwaServerUrl = [System.String] $imap.OwaServerUrl + PreAuthenticatedConnectionTimeout = [System.String] $imap.PreAuthenticatedConnectionTimeout + ProtocolLogEnabled = [System.Boolean] $imap.ProtocolLogEnabled + ProxyTargetPort = [System.Int32] $imap.ProxyTargetPort + ShowHiddenFoldersEnabled = [System.Boolean] $imap.ShowHiddenFoldersEnabled + SSLBindings = [System.String[]] $imap.SSLBindings + SuppressReadReceipt = [System.Boolean] $imap.SuppressReadReceipt + UnencryptedOrTLSBindings = [System.String[]] $imap.UnencryptedOrTLSBindings } } @@ -96,7 +363,12 @@ function Get-TargetResource Sets the DSC configuration for this resource. .PARAMETER Server - The IMAP server to configure. + The Server parameter specifies the Exchange server where you want to run this command. You can use any value that uniquely identifies the server. For example: + * Name + * FQDN + * Distinguished name (DN) + * Exchange Legacy DN + If you don't use this parameter, the command is run on the local server. .PARAMETER Credential Credentials used to establish a remote PowerShell session to Exchange. @@ -111,18 +383,156 @@ function Get-TargetResource Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com. + .Parameter AuthenticatedConnectionTimeout + The AuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle authenticated connection. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are 00:00:30 to 1:00:00. The default setting is 00:30:00 (30 minutes). + + .Parameter Banner + The Banner parameter specifies the text string that's displayed to connecting IMAP4 clients. The default value is: The Microsoft Exchange IMAP4 service is ready. + + .Parameter CalendarItemRetrievalOption + The CalendarItemRetrievalOption parameter specifies how calendar items are presented to IMAP4 clients. Valid values are: + * 0 or iCalendar. This is the default value. + * 1 or IntranetUrl + * 2 or InternetUrl + * 3 or Custom + If you specify 3 or Custom, you need to specify a value for the OwaServerUrl parameter setting. + + .Parameter EnableExactRFC822Size + The EnableExactRFC822Size parameter specifies how message sizes are presented to IMAP4 clients. Valid values are: + * $true: Calculate the exact message size. Because this setting can negatively affect performance, you should configure it only if it's required by your IMAP4 clients. + * $false: Use an estimated message size. This is the default value. + + .Parameter EnableGSSAPIAndNTLMAuth + The EnableGSSAPIAndNTLMAuth parameter specifies whether connections can use Integrated Windows authentication (NTLM) using the Generic Security Services application programming interface (GSSAPI). This setting applies to connections where Transport Layer Security (TLS) is disabled. Valid values are: + * $true: NTLM for IMAP4 connections is enabled. This is the default value. + * $false: NTLM for IMAP4 connections is disabled. + + .Parameter EnforceCertificateErrors + The EnforceCertificateErrors parameter specifies whether to enforce valid Secure Sockets Layer (SSL) certificate validation failures. Valid values are: + The default setting is $false. + * $true: If the certificate isn't valid or doesn't match the target IMAP4 server's FQDN, the connection attempt fails. + * $false: The server doesn't deny IMAP4 connections based on certificate errors. This is the default value. + + .Parameter ExtendedProtectionPolicy + The ExtendedProtectionPolicy parameter specifies how Extended Protection for Authentication is used. Valid values are: + * None: Extended Protection for Authentication isn't used. This is the default value. + * Allow: Extended Protection for Authentication is used only if it's supported by the incoming IMAP4 connection. If it's not, Extended Protection for Authentication isn't used. + * Require: Extended Protection for Authentication is required for all IMAP4 connections. If the incoming IMAP4 connection doesn't support it, the connection is rejected. + Extended Protection for Authentication enhances the protection and handling of credentials by Integrated Windows authentication (also known as NTLM), so we strongly recommend that you use it if it's supported by your clients (default installations of Windows 7 or later and Windows Server 2008 R2 or later support it). + .PARAMETER ExternalConnectionSettings - The ExternalConnectionSettings parameter specifies the host name, port, - and encryption method that's used by external IMAP4 clients (IMAP4 - connections from outside your corporate network). + The ExternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by external IMAP4 clients (IMAP4 connections from outside your corporate network). + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is blank ($null), which means no external IMAP4 connection settings are configured. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter InternalConnectionSettings + The InternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by internal IMAP4 clients (IMAP4 connections from inside your corporate network). This setting is also used when a IMAP4 connection is forwarded to another Exchange server that's running the Microsoft Exchange IMAP4 service. + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is :993:SSL,:143:TLS. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter LogFileLocation + The LogFileLocation parameter specifies the location for the IMAP4 protocol log files. The default location is %ExchangeInstallPath%Logging\Imap4. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. + + .Parameter LogFileRollOverSettings + The LogFileRollOverSettings parameter specifies how frequently IMAP4 protocol logging creates a new log file. Valid values are: + * 1 or Hourly. + * 2 or Daily. This is the default value + * 3 or Weekly. + * 4 or Monthly. + This parameter is only meaningful when the LogPerFileSizeQuota parameter value is 0, and the ProtocolLogEnabled parameter value is $true. + + .Parameter LogPerFileSizeQuota + The LogPerFileSizeQuota parameter specifies the maximum size of a IMAP4 protocol log file. + When you enter a value, qualify the value with one of the following units: + * B (bytes) + * KB (kilobytes) + * MB (megabytes) + * GB (gigabytes) + * TB (terabytes) + Unqualified values are typically treated as bytes, but small values may be rounded up to the nearest kilobyte. + The default value is 0, which means a new IMAP4 protocol log file is created at the frequency that's specified by the LogFileRollOverSettings parameter. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. .PARAMETER LoginType - The LoginType parameter specifies the authentication method for IMAP4 - connections. + The LoginType parameter specifies the authentication method for IMAP4 connections. Valid values are: + * 1 or PlainTextLogin. + * 2 or PlainTextAuthentication. + * 3 or SecureLogin. This is the default value. + + .Parameter MaxCommandSize + The MaxCommandSize parameter specifies the maximum size in bytes of a single IMAP4 command. Valid values are from 40 through 1024. The default value is 512. + + .Parameter MaxConnectionFromSingleIP + The MaxConnectionFromSingleIP parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server from a single IP address. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnections + The MaxConnections parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnectionsPerUser + The MaxConnectionsPerUser parameter specifies the maximum number of IMAP4 connections that are allowed for each user. Valid values are from 1 through 2147483647. The default value is 16. + + .Parameter MessageRetrievalMimeFormat + The MessageRetrievalMimeFormat parameter specifies the MIME encoding of messages. Valid values are: + * 0 or TextOnly. + * 1 or HtmlOnly. + * 2 or HtmlAndTextAlternative. + * 3 or TextEnrichedOnly. + * 4 or TextEnrichedAndTextAlternative. + * 5 or BestBodyFormat. This is the default value. + * 6 or Tnef. + + .Parameter OwaServerUrl + The OwaServerUrl parameter specifies the URL that's used to retrieve calendar information for instances of custom Outlook on the web calendar items. + + .Parameter PreAuthenticatedConnectionTimeout + The PreAuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle IMAP4 connection that isn't authenticated. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are00:00:30 to 1:00:00. The default value is 00:01:00 (one minute). + + .Parameter ProtocolLogEnabled + The ProtocolLogEnabled parameter specifies whether to enable protocol logging for IMAP4. Valid values are: + * $true: IMAP4 protocol logging is enabled. + * $false: IMAP4 protocol logging is disabled. This is the default value. + + .Parameter ProxyTargetPort + The ProxyTargetPort parameter specifies the port on the Microsoft Exchange IMAP4 Backend service that listens for client connections that are proxied from the Microsoft Exchange IMAP4 service. The default value is 1993. + + .Parameter ShowHiddenFoldersEnabled + The ShowHiddenFoldersEnabled parameter specifies whether hidden mailbox folders are visible. Valid values are: + * $true: Hidden folders are visible. + * $false: Hidden folders aren't visible. This is the default value. + + .Parameter SSLBindings + The SSLBindings parameter specifies the IP address and TCP port that's used for IMAP4 connection that's always encrypted by SSL/TLS. This parameter uses the syntax :. + The default value is [::]:993,0.0.0.0:993. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + + .Parameter SuppressReadReceipt + The SuppressReadReceipt parameter specifies whether to stop duplicate read receipts from being sent to IMAP4 clients that have the Send read receipts for messages I send setting configured in their IMAP4 email program. Valid values are: + * $true: The sender receives a read receipt only when the recipient opens the message. + * $false: The sender receives a read receipt when the recipient downloads the message, and when the recipient opens the message. This is the default value. + + .Parameter UnencryptedOrTLSBindings + The UnencryptedOrTLSBindings parameter specifies the IP address and TCP port that's used for unencrypted IMAP4 connections, or IMAP4 connections that are encrypted by using opportunistic TLS (STARTTLS) after the initial unencrypted protocol handshake. This parameter uses the syntax :. + The default value is [::]:143,0.0.0.0:143. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. .PARAMETER X509CertificateName - The X509CertificateName parameter specifies the certificate that's used - for encrypting IMAP4 client connections. + The X509CertificateName parameter specifies the certificate that's used for encrypting IMAP4 client connections. + A valid value for this parameter is the FQDN from the ExternalConnectionSettings or InternalConnectionSettings parameters (for example, mail.contoso.com or mailbox01.contoso.com). + If you use a single subject certificate or a subject alternative name (SAN) certificate, you also need to assign the certificate to the Exchange IMAP service by using the Enable-ExchangeCertificate cmdlet. + If you use a wildcard certificate, you don't need to assign the certificate to the Exchange IMAP service. #> function Set-TargetResource { @@ -157,7 +567,107 @@ function Set-TargetResource [Parameter()] [System.String] - $X509CertificateName + $X509CertificateName, + + [Parameter()] + [System.String] + $AuthenticatedConnectionTimeout, + + [Parameter()] + [System.String] + $Banner, + + [Parameter()] + [ValidateSet('iCalendar', 'IntranetUrl', 'InternetUrl', 'Custom')] + [System.String] + $CalendarItemRetrievalOption, + + [Parameter()] + [System.Boolean] + $EnableExactRFC822Size, + + [Parameter()] + [System.Boolean] + $EnableGSSAPIAndNTLMAuth, + + [Parameter()] + [System.Boolean] + $EnforceCertificateErrors, + + [Parameter()] + [ValidateSet('None', 'Allow', 'Require')] + [System.String] + $ExtendedProtectionPolicy, + + [Parameter()] + [System.String[]] + $InternalConnectionSettings, + + [Parameter()] + [System.String] + $LogFileLocation, + + [Parameter()] + [ValidateSet('Hourly', 'Daily', 'Weekly', 'Monthly')] + [System.String] + $LogFileRollOverSettings, + + [Parameter()] + [System.String] + $LogPerFileSizeQuota, + + [Parameter()] + [System.Int32] + $MaxCommandSize, + + [Parameter()] + [System.Int32] + $MaxConnectionFromSingleIP, + + [Parameter()] + [System.Int32] + $MaxConnections, + + [Parameter()] + [System.Int32] + $MaxConnectionsPerUser, + + [Parameter()] + [ValidateSet('TextOnly', 'HtmlOnly', 'HtmlAndTextAlternative', 'TextEnrichedOnly', 'TextEnrichedAndTextAlternative', 'BestBodyFormat', 'Tnef')] + [System.String] + $MessageRetrievalMimeFormat, + + [Parameter()] + [System.String] + $OwaServerUrl, + + [Parameter()] + [System.String] + $PreAuthenticatedConnectionTimeout, + + [Parameter()] + [System.Boolean] + $ProtocolLogEnabled, + + [Parameter()] + [System.Int32] + $ProxyTargetPort, + + [Parameter()] + [System.Boolean] + $ShowHiddenFoldersEnabled, + + [Parameter()] + [System.String[]] + $SSLBindings, + + [Parameter()] + [System.Boolean] + $SuppressReadReceipt, + + [Parameter()] + [System.String[]] + $UnencryptedOrTLSBindings ) Write-FunctionEntry -Parameters @{ @@ -174,8 +684,7 @@ function Set-TargetResource if ($AllowServiceRestart -eq $true) { Write-Verbose -Message 'Restarting IMAP Services' - - Get-Service MSExchangeIMAP4* | Restart-Service + Restart-Service -Name MSExchangeIMAP4* -WarningAction SilentlyContinue } else { @@ -189,7 +698,12 @@ function Set-TargetResource applied. .PARAMETER Server - The IMAP server to configure. + The Server parameter specifies the Exchange server where you want to run this command. You can use any value that uniquely identifies the server. For example: + * Name + * FQDN + * Distinguished name (DN) + * Exchange Legacy DN + If you don't use this parameter, the command is run on the local server. .PARAMETER Credential Credentials used to establish a remote PowerShell session to Exchange. @@ -204,18 +718,156 @@ function Set-TargetResource Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com. + .Parameter AuthenticatedConnectionTimeout + The AuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle authenticated connection. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are 00:00:30 to 1:00:00. The default setting is 00:30:00 (30 minutes). + + .Parameter Banner + The Banner parameter specifies the text string that's displayed to connecting IMAP4 clients. The default value is: The Microsoft Exchange IMAP4 service is ready. + + .Parameter CalendarItemRetrievalOption + The CalendarItemRetrievalOption parameter specifies how calendar items are presented to IMAP4 clients. Valid values are: + * 0 or iCalendar. This is the default value. + * 1 or IntranetUrl + * 2 or InternetUrl + * 3 or Custom + If you specify 3 or Custom, you need to specify a value for the OwaServerUrl parameter setting. + + .Parameter EnableExactRFC822Size + The EnableExactRFC822Size parameter specifies how message sizes are presented to IMAP4 clients. Valid values are: + * $true: Calculate the exact message size. Because this setting can negatively affect performance, you should configure it only if it's required by your IMAP4 clients. + * $false: Use an estimated message size. This is the default value. + + .Parameter EnableGSSAPIAndNTLMAuth + The EnableGSSAPIAndNTLMAuth parameter specifies whether connections can use Integrated Windows authentication (NTLM) using the Generic Security Services application programming interface (GSSAPI). This setting applies to connections where Transport Layer Security (TLS) is disabled. Valid values are: + * $true: NTLM for IMAP4 connections is enabled. This is the default value. + * $false: NTLM for IMAP4 connections is disabled. + + .Parameter EnforceCertificateErrors + The EnforceCertificateErrors parameter specifies whether to enforce valid Secure Sockets Layer (SSL) certificate validation failures. Valid values are: + The default setting is $false. + * $true: If the certificate isn't valid or doesn't match the target IMAP4 server's FQDN, the connection attempt fails. + * $false: The server doesn't deny IMAP4 connections based on certificate errors. This is the default value. + + .Parameter ExtendedProtectionPolicy + The ExtendedProtectionPolicy parameter specifies how Extended Protection for Authentication is used. Valid values are: + * None: Extended Protection for Authentication isn't used. This is the default value. + * Allow: Extended Protection for Authentication is used only if it's supported by the incoming IMAP4 connection. If it's not, Extended Protection for Authentication isn't used. + * Require: Extended Protection for Authentication is required for all IMAP4 connections. If the incoming IMAP4 connection doesn't support it, the connection is rejected. + Extended Protection for Authentication enhances the protection and handling of credentials by Integrated Windows authentication (also known as NTLM), so we strongly recommend that you use it if it's supported by your clients (default installations of Windows 7 or later and Windows Server 2008 R2 or later support it). + .PARAMETER ExternalConnectionSettings - The ExternalConnectionSettings parameter specifies the host name, port, - and encryption method that's used by external IMAP4 clients (IMAP4 - connections from outside your corporate network). + The ExternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by external IMAP4 clients (IMAP4 connections from outside your corporate network). + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is blank ($null), which means no external IMAP4 connection settings are configured. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter InternalConnectionSettings + The InternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by internal IMAP4 clients (IMAP4 connections from inside your corporate network). This setting is also used when a IMAP4 connection is forwarded to another Exchange server that's running the Microsoft Exchange IMAP4 service. + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is :993:SSL,:143:TLS. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter LogFileLocation + The LogFileLocation parameter specifies the location for the IMAP4 protocol log files. The default location is %ExchangeInstallPath%Logging\Imap4. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. + + .Parameter LogFileRollOverSettings + The LogFileRollOverSettings parameter specifies how frequently IMAP4 protocol logging creates a new log file. Valid values are: + * 1 or Hourly. + * 2 or Daily. This is the default value + * 3 or Weekly. + * 4 or Monthly. + This parameter is only meaningful when the LogPerFileSizeQuota parameter value is 0, and the ProtocolLogEnabled parameter value is $true. + + .Parameter LogPerFileSizeQuota + The LogPerFileSizeQuota parameter specifies the maximum size of a IMAP4 protocol log file. + When you enter a value, qualify the value with one of the following units: + * B (bytes) + * KB (kilobytes) + * MB (megabytes) + * GB (gigabytes) + * TB (terabytes) + Unqualified values are typically treated as bytes, but small values may be rounded up to the nearest kilobyte. + The default value is 0, which means a new IMAP4 protocol log file is created at the frequency that's specified by the LogFileRollOverSettings parameter. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. .PARAMETER LoginType - The LoginType parameter specifies the authentication method for IMAP4 - connections. + The LoginType parameter specifies the authentication method for IMAP4 connections. Valid values are: + * 1 or PlainTextLogin. + * 2 or PlainTextAuthentication. + * 3 or SecureLogin. This is the default value. + + .Parameter MaxCommandSize + The MaxCommandSize parameter specifies the maximum size in bytes of a single IMAP4 command. Valid values are from 40 through 1024. The default value is 512. + + .Parameter MaxConnectionFromSingleIP + The MaxConnectionFromSingleIP parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server from a single IP address. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnections + The MaxConnections parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnectionsPerUser + The MaxConnectionsPerUser parameter specifies the maximum number of IMAP4 connections that are allowed for each user. Valid values are from 1 through 2147483647. The default value is 16. + + .Parameter MessageRetrievalMimeFormat + The MessageRetrievalMimeFormat parameter specifies the MIME encoding of messages. Valid values are: + * 0 or TextOnly. + * 1 or HtmlOnly. + * 2 or HtmlAndTextAlternative. + * 3 or TextEnrichedOnly. + * 4 or TextEnrichedAndTextAlternative. + * 5 or BestBodyFormat. This is the default value. + * 6 or Tnef. + + .Parameter OwaServerUrl + The OwaServerUrl parameter specifies the URL that's used to retrieve calendar information for instances of custom Outlook on the web calendar items. + + .Parameter PreAuthenticatedConnectionTimeout + The PreAuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle IMAP4 connection that isn't authenticated. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are00:00:30 to 1:00:00. The default value is 00:01:00 (one minute). + + .Parameter ProtocolLogEnabled + The ProtocolLogEnabled parameter specifies whether to enable protocol logging for IMAP4. Valid values are: + * $true: IMAP4 protocol logging is enabled. + * $false: IMAP4 protocol logging is disabled. This is the default value. + + .Parameter ProxyTargetPort + The ProxyTargetPort parameter specifies the port on the Microsoft Exchange IMAP4 Backend service that listens for client connections that are proxied from the Microsoft Exchange IMAP4 service. The default value is 1993. + + .Parameter ShowHiddenFoldersEnabled + The ShowHiddenFoldersEnabled parameter specifies whether hidden mailbox folders are visible. Valid values are: + * $true: Hidden folders are visible. + * $false: Hidden folders aren't visible. This is the default value. + + .Parameter SSLBindings + The SSLBindings parameter specifies the IP address and TCP port that's used for IMAP4 connection that's always encrypted by SSL/TLS. This parameter uses the syntax :. + The default value is [::]:993,0.0.0.0:993. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + + .Parameter SuppressReadReceipt + The SuppressReadReceipt parameter specifies whether to stop duplicate read receipts from being sent to IMAP4 clients that have the Send read receipts for messages I send setting configured in their IMAP4 email program. Valid values are: + * $true: The sender receives a read receipt only when the recipient opens the message. + * $false: The sender receives a read receipt when the recipient downloads the message, and when the recipient opens the message. This is the default value. + + .Parameter UnencryptedOrTLSBindings + The UnencryptedOrTLSBindings parameter specifies the IP address and TCP port that's used for unencrypted IMAP4 connections, or IMAP4 connections that are encrypted by using opportunistic TLS (STARTTLS) after the initial unencrypted protocol handshake. This parameter uses the syntax :. + The default value is [::]:143,0.0.0.0:143. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. .PARAMETER X509CertificateName - The X509CertificateName parameter specifies the certificate that's used - for encrypting IMAP4 client connections. + The X509CertificateName parameter specifies the certificate that's used for encrypting IMAP4 client connections. + A valid value for this parameter is the FQDN from the ExternalConnectionSettings or InternalConnectionSettings parameters (for example, mail.contoso.com or mailbox01.contoso.com). + If you use a single subject certificate or a subject alternative name (SAN) certificate, you also need to assign the certificate to the Exchange IMAP service by using the Enable-ExchangeCertificate cmdlet. + If you use a wildcard certificate, you don't need to assign the certificate to the Exchange IMAP service. #> function Test-TargetResource { @@ -252,7 +904,107 @@ function Test-TargetResource [Parameter()] [System.String] - $X509CertificateName + $X509CertificateName, + + [Parameter()] + [System.String] + $AuthenticatedConnectionTimeout, + + [Parameter()] + [System.String] + $Banner, + + [Parameter()] + [ValidateSet('iCalendar', 'IntranetUrl', 'InternetUrl', 'Custom')] + [System.String] + $CalendarItemRetrievalOption, + + [Parameter()] + [System.Boolean] + $EnableExactRFC822Size, + + [Parameter()] + [System.Boolean] + $EnableGSSAPIAndNTLMAuth, + + [Parameter()] + [System.Boolean] + $EnforceCertificateErrors, + + [Parameter()] + [ValidateSet('None', 'Allow', 'Require')] + [System.String] + $ExtendedProtectionPolicy, + + [Parameter()] + [System.String[]] + $InternalConnectionSettings, + + [Parameter()] + [System.String] + $LogFileLocation, + + [Parameter()] + [ValidateSet('Hourly', 'Daily', 'Weekly', 'Monthly')] + [System.String] + $LogFileRollOverSettings, + + [Parameter()] + [System.String] + $LogPerFileSizeQuota, + + [Parameter()] + [System.Int32] + $MaxCommandSize, + + [Parameter()] + [System.Int32] + $MaxConnectionFromSingleIP, + + [Parameter()] + [System.Int32] + $MaxConnections, + + [Parameter()] + [System.Int32] + $MaxConnectionsPerUser, + + [Parameter()] + [ValidateSet('TextOnly', 'HtmlOnly', 'HtmlAndTextAlternative', 'TextEnrichedOnly', 'TextEnrichedAndTextAlternative', 'BestBodyFormat', 'Tnef')] + [System.String] + $MessageRetrievalMimeFormat, + + [Parameter()] + [System.String] + $OwaServerUrl, + + [Parameter()] + [System.String] + $PreAuthenticatedConnectionTimeout, + + [Parameter()] + [System.Boolean] + $ProtocolLogEnabled, + + [Parameter()] + [System.Int32] + $ProxyTargetPort, + + [Parameter()] + [System.Boolean] + $ShowHiddenFoldersEnabled, + + [Parameter()] + [System.String[]] + $SSLBindings, + + [Parameter()] + [System.Boolean] + $SuppressReadReceipt, + + [Parameter()] + [System.String[]] + $UnencryptedOrTLSBindings ) Write-FunctionEntry -Parameters @{ @@ -290,6 +1042,126 @@ function Test-TargetResource { $testResults = $false } + + if (!(Test-ExchangeSetting -Name 'AuthenticatedConnectionTimeout' -Type 'Timespan' -ExpectedValue $AuthenticatedConnectionTimeout -ActualValue $imap.AuthenticatedConnectionTimeout -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'Banner' -Type 'String' -ExpectedValue $Banner -ActualValue $imap.Banner -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'CalendarItemRetrievalOption' -Type 'String' -ExpectedValue $CalendarItemRetrievalOption -ActualValue $imap.CalendarItemRetrievalOption -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'EnableExactRFC822Size' -Type 'Boolean' -ExpectedValue $EnableExactRFC822Size -ActualValue $imap.EnableExactRFC822Size -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'EnableGSSAPIAndNTLMAuth' -Type 'Boolean' -ExpectedValue $EnableGSSAPIAndNTLMAuth -ActualValue $imap.EnableGSSAPIAndNTLMAuth -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'EnforceCertificateErrors' -Type 'Boolean' -ExpectedValue $EnforceCertificateErrors -ActualValue $imap.EnforceCertificateErrors -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'ExtendedProtectionPolicy' -Type 'String' -ExpectedValue $ExtendedProtectionPolicy -ActualValue $imap.ExtendedProtectionPolicy -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'InternalConnectionSettings' -Type 'Array' -ExpectedValue $InternalConnectionSettings -ActualValue $imap.InternalConnectionSettings -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'LogFileLocation' -Type 'String' -ExpectedValue $LogFileLocation -ActualValue $imap.LogFileLocation -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'LogFileRollOverSettings' -Type 'String' -ExpectedValue $LogFileRollOverSettings -ActualValue $imap.LogFileRollOverSettings -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'LogPerFileSizeQuota' -Type 'String' -ExpectedValue $LogPerFileSizeQuota -ActualValue $imap.LogPerFileSizeQuota -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'MaxCommandSize' -Type 'Int' -ExpectedValue $MaxCommandSize -ActualValue $imap.MaxCommandSize -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'MaxConnectionFromSingleIP' -Type 'Int' -ExpectedValue $MaxConnectionFromSingleIP -ActualValue $imap.MaxConnectionFromSingleIP -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'MaxConnections' -Type 'Int' -ExpectedValue $MaxConnections -ActualValue $imap.MaxConnections -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'MaxConnectionsPerUser' -Type 'Int' -ExpectedValue $MaxConnectionsPerUser -ActualValue $imap.MaxConnectionsPerUser -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'MessageRetrievalMimeFormat' -Type 'String' -ExpectedValue $MessageRetrievalMimeFormat -ActualValue $imap.MessageRetrievalMimeFormat -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'OwaServerUrl' -Type 'String' -ExpectedValue $OwaServerUrl -ActualValue $imap.OwaServerUrl -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'PreAuthenticatedConnectionTimeout' -Type 'Timespan' -ExpectedValue $PreAuthenticatedConnectionTimeout -ActualValue $imap.PreAuthenticatedConnectionTimeout -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'ProtocolLogEnabled' -Type 'Boolean' -ExpectedValue $ProtocolLogEnabled -ActualValue $imap.ProtocolLogEnabled -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'ProxyTargetPort' -Type 'Int' -ExpectedValue $ProxyTargetPort -ActualValue $imap.ProxyTargetPort -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'ShowHiddenFoldersEnabled' -Type 'Boolean' -ExpectedValue $ShowHiddenFoldersEnabled -ActualValue $imap.ShowHiddenFoldersEnabled -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'SSLBindings' -Type 'Array' -ExpectedValue $SSLBindings -ActualValue $imap.SSLBindings -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'SuppressReadReceipt' -Type 'Boolean' -ExpectedValue $SuppressReadReceipt -ActualValue $imap.SuppressReadReceipt -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } + + if (!(Test-ExchangeSetting -Name 'UnencryptedOrTLSBindings' -Type 'Array' -ExpectedValue $UnencryptedOrTLSBindings -ActualValue $imap.UnencryptedOrTLSBindings -PSBoundParametersIn $PSBoundParameters -Verbose:$VerbosePreference)) + { + $testResults = $false + } } return $testResults @@ -302,7 +1174,12 @@ function Test-TargetResource optionally DomainController, and returns the results. .PARAMETER Server - The IMAP server to configure. + The Server parameter specifies the Exchange server where you want to run this command. You can use any value that uniquely identifies the server. For example: + * Name + * FQDN + * Distinguished name (DN) + * Exchange Legacy DN + If you don't use this parameter, the command is run on the local server. .PARAMETER Credential Credentials used to establish a remote PowerShell session to Exchange. @@ -317,18 +1194,156 @@ function Test-TargetResource Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com. + .Parameter AuthenticatedConnectionTimeout + The AuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle authenticated connection. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are 00:00:30 to 1:00:00. The default setting is 00:30:00 (30 minutes). + + .Parameter Banner + The Banner parameter specifies the text string that's displayed to connecting IMAP4 clients. The default value is: The Microsoft Exchange IMAP4 service is ready. + + .Parameter CalendarItemRetrievalOption + The CalendarItemRetrievalOption parameter specifies how calendar items are presented to IMAP4 clients. Valid values are: + * 0 or iCalendar. This is the default value. + * 1 or IntranetUrl + * 2 or InternetUrl + * 3 or Custom + If you specify 3 or Custom, you need to specify a value for the OwaServerUrl parameter setting. + + .Parameter EnableExactRFC822Size + The EnableExactRFC822Size parameter specifies how message sizes are presented to IMAP4 clients. Valid values are: + * $true: Calculate the exact message size. Because this setting can negatively affect performance, you should configure it only if it's required by your IMAP4 clients. + * $false: Use an estimated message size. This is the default value. + + .Parameter EnableGSSAPIAndNTLMAuth + The EnableGSSAPIAndNTLMAuth parameter specifies whether connections can use Integrated Windows authentication (NTLM) using the Generic Security Services application programming interface (GSSAPI). This setting applies to connections where Transport Layer Security (TLS) is disabled. Valid values are: + * $true: NTLM for IMAP4 connections is enabled. This is the default value. + * $false: NTLM for IMAP4 connections is disabled. + + .Parameter EnforceCertificateErrors + The EnforceCertificateErrors parameter specifies whether to enforce valid Secure Sockets Layer (SSL) certificate validation failures. Valid values are: + The default setting is $false. + * $true: If the certificate isn't valid or doesn't match the target IMAP4 server's FQDN, the connection attempt fails. + * $false: The server doesn't deny IMAP4 connections based on certificate errors. This is the default value. + + .Parameter ExtendedProtectionPolicy + The ExtendedProtectionPolicy parameter specifies how Extended Protection for Authentication is used. Valid values are: + * None: Extended Protection for Authentication isn't used. This is the default value. + * Allow: Extended Protection for Authentication is used only if it's supported by the incoming IMAP4 connection. If it's not, Extended Protection for Authentication isn't used. + * Require: Extended Protection for Authentication is required for all IMAP4 connections. If the incoming IMAP4 connection doesn't support it, the connection is rejected. + Extended Protection for Authentication enhances the protection and handling of credentials by Integrated Windows authentication (also known as NTLM), so we strongly recommend that you use it if it's supported by your clients (default installations of Windows 7 or later and Windows Server 2008 R2 or later support it). + .PARAMETER ExternalConnectionSettings - The ExternalConnectionSettings parameter specifies the host name, port, - and encryption method that's used by external IMAP4 clients (IMAP4 - connections from outside your corporate network). + The ExternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by external IMAP4 clients (IMAP4 connections from outside your corporate network). + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is blank ($null), which means no external IMAP4 connection settings are configured. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter InternalConnectionSettings + The InternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by internal IMAP4 clients (IMAP4 connections from inside your corporate network). This setting is also used when a IMAP4 connection is forwarded to another Exchange server that's running the Microsoft Exchange IMAP4 service. + This parameter uses the syntax ::[]. The encryption method value is optional (blank indicates unencrypted connections). + The default value is :993:SSL,:143:TLS. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + The combination of encryption methods and ports that are specified for this parameter need to match the corresponding encryption methods and ports that are specified by the SSLBindings and UnencryptedOrTLSBindings parameters. + + .Parameter LogFileLocation + The LogFileLocation parameter specifies the location for the IMAP4 protocol log files. The default location is %ExchangeInstallPath%Logging\Imap4. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. + + .Parameter LogFileRollOverSettings + The LogFileRollOverSettings parameter specifies how frequently IMAP4 protocol logging creates a new log file. Valid values are: + * 1 or Hourly. + * 2 or Daily. This is the default value + * 3 or Weekly. + * 4 or Monthly. + This parameter is only meaningful when the LogPerFileSizeQuota parameter value is 0, and the ProtocolLogEnabled parameter value is $true. + + .Parameter LogPerFileSizeQuota + The LogPerFileSizeQuota parameter specifies the maximum size of a IMAP4 protocol log file. + When you enter a value, qualify the value with one of the following units: + * B (bytes) + * KB (kilobytes) + * MB (megabytes) + * GB (gigabytes) + * TB (terabytes) + Unqualified values are typically treated as bytes, but small values may be rounded up to the nearest kilobyte. + The default value is 0, which means a new IMAP4 protocol log file is created at the frequency that's specified by the LogFileRollOverSettings parameter. + This parameter is only meaningful when the ProtocolLogEnabled parameter value is $true. .PARAMETER LoginType - The LoginType parameter specifies the authentication method for IMAP4 - connections. + The LoginType parameter specifies the authentication method for IMAP4 connections. Valid values are: + * 1 or PlainTextLogin. + * 2 or PlainTextAuthentication. + * 3 or SecureLogin. This is the default value. + + .Parameter MaxCommandSize + The MaxCommandSize parameter specifies the maximum size in bytes of a single IMAP4 command. Valid values are from 40 through 1024. The default value is 512. + + .Parameter MaxConnectionFromSingleIP + The MaxConnectionFromSingleIP parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server from a single IP address. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnections + The MaxConnections parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server. Valid values are from 1 through 2147483647. The default value is 2147483647. + + .Parameter MaxConnectionsPerUser + The MaxConnectionsPerUser parameter specifies the maximum number of IMAP4 connections that are allowed for each user. Valid values are from 1 through 2147483647. The default value is 16. + + .Parameter MessageRetrievalMimeFormat + The MessageRetrievalMimeFormat parameter specifies the MIME encoding of messages. Valid values are: + * 0 or TextOnly. + * 1 or HtmlOnly. + * 2 or HtmlAndTextAlternative. + * 3 or TextEnrichedOnly. + * 4 or TextEnrichedAndTextAlternative. + * 5 or BestBodyFormat. This is the default value. + * 6 or Tnef. + + .Parameter OwaServerUrl + The OwaServerUrl parameter specifies the URL that's used to retrieve calendar information for instances of custom Outlook on the web calendar items. + + .Parameter PreAuthenticatedConnectionTimeout + The PreAuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle IMAP4 connection that isn't authenticated. + To specify a value, enter it as a time span: dd.hh:mm:ss where dd = days, hh = hours, mm = minutes, and ss = seconds. + Valid values are00:00:30 to 1:00:00. The default value is 00:01:00 (one minute). + + .Parameter ProtocolLogEnabled + The ProtocolLogEnabled parameter specifies whether to enable protocol logging for IMAP4. Valid values are: + * $true: IMAP4 protocol logging is enabled. + * $false: IMAP4 protocol logging is disabled. This is the default value. + + .Parameter ProxyTargetPort + The ProxyTargetPort parameter specifies the port on the Microsoft Exchange IMAP4 Backend service that listens for client connections that are proxied from the Microsoft Exchange IMAP4 service. The default value is 1993. + + .Parameter ShowHiddenFoldersEnabled + The ShowHiddenFoldersEnabled parameter specifies whether hidden mailbox folders are visible. Valid values are: + * $true: Hidden folders are visible. + * $false: Hidden folders aren't visible. This is the default value. + + .Parameter SSLBindings + The SSLBindings parameter specifies the IP address and TCP port that's used for IMAP4 connection that's always encrypted by SSL/TLS. This parameter uses the syntax :. + The default value is [::]:993,0.0.0.0:993. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. + + .Parameter SuppressReadReceipt + The SuppressReadReceipt parameter specifies whether to stop duplicate read receipts from being sent to IMAP4 clients that have the Send read receipts for messages I send setting configured in their IMAP4 email program. Valid values are: + * $true: The sender receives a read receipt only when the recipient opens the message. + * $false: The sender receives a read receipt when the recipient downloads the message, and when the recipient opens the message. This is the default value. + + .Parameter UnencryptedOrTLSBindings + The UnencryptedOrTLSBindings parameter specifies the IP address and TCP port that's used for unencrypted IMAP4 connections, or IMAP4 connections that are encrypted by using opportunistic TLS (STARTTLS) after the initial unencrypted protocol handshake. This parameter uses the syntax :. + The default value is [::]:143,0.0.0.0:143. + To enter multiple values and overwrite any existing entries, use the following syntax: ,,.... If the values contain spaces or otherwise require quotation marks, you need to use the following syntax: "","",..."". + To add or remove one or more values without affecting any existing entries, use the following syntax: @{Add="",""...; Remove="",""...}. .PARAMETER X509CertificateName - The X509CertificateName parameter specifies the certificate that's used - for encrypting IMAP4 client connections. + The X509CertificateName parameter specifies the certificate that's used for encrypting IMAP4 client connections. + A valid value for this parameter is the FQDN from the ExternalConnectionSettings or InternalConnectionSettings parameters (for example, mail.contoso.com or mailbox01.contoso.com). + If you use a single subject certificate or a subject alternative name (SAN) certificate, you also need to assign the certificate to the Exchange IMAP service by using the Enable-ExchangeCertificate cmdlet. + If you use a wildcard certificate, you don't need to assign the certificate to the Exchange IMAP service. #> function Get-ImapSettingsInternal { @@ -363,7 +1378,107 @@ function Get-ImapSettingsInternal [Parameter()] [System.String] - $X509CertificateName + $X509CertificateName, + + [Parameter()] + [System.String] + $AuthenticatedConnectionTimeout, + + [Parameter()] + [System.String] + $Banner, + + [Parameter()] + [ValidateSet('iCalendar', 'IntranetUrl', 'InternetUrl', 'Custom')] + [System.String] + $CalendarItemRetrievalOption, + + [Parameter()] + [System.Boolean] + $EnableExactRFC822Size, + + [Parameter()] + [System.Boolean] + $EnableGSSAPIAndNTLMAuth, + + [Parameter()] + [System.Boolean] + $EnforceCertificateErrors, + + [Parameter()] + [ValidateSet('None', 'Allow', 'Require')] + [System.String] + $ExtendedProtectionPolicy, + + [Parameter()] + [System.String[]] + $InternalConnectionSettings, + + [Parameter()] + [System.String] + $LogFileLocation, + + [Parameter()] + [ValidateSet('Hourly', 'Daily', 'Weekly', 'Monthly')] + [System.String] + $LogFileRollOverSettings, + + [Parameter()] + [System.String] + $LogPerFileSizeQuota, + + [Parameter()] + [System.Int32] + $MaxCommandSize, + + [Parameter()] + [System.Int32] + $MaxConnectionFromSingleIP, + + [Parameter()] + [System.Int32] + $MaxConnections, + + [Parameter()] + [System.Int32] + $MaxConnectionsPerUser, + + [Parameter()] + [ValidateSet('TextOnly', 'HtmlOnly', 'HtmlAndTextAlternative', 'TextEnrichedOnly', 'TextEnrichedAndTextAlternative', 'BestBodyFormat', 'Tnef')] + [System.String] + $MessageRetrievalMimeFormat, + + [Parameter()] + [System.String] + $OwaServerUrl, + + [Parameter()] + [System.String] + $PreAuthenticatedConnectionTimeout, + + [Parameter()] + [System.Boolean] + $ProtocolLogEnabled, + + [Parameter()] + [System.Int32] + $ProxyTargetPort, + + [Parameter()] + [System.Boolean] + $ShowHiddenFoldersEnabled, + + [Parameter()] + [System.String[]] + $SSLBindings, + + [Parameter()] + [System.Boolean] + $SuppressReadReceipt, + + [Parameter()] + [System.String[]] + $UnencryptedOrTLSBindings ) Remove-FromPSBoundParametersUsingHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToKeep 'Server', 'DomainController' diff --git a/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.schema.mof b/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.schema.mof index 83f7daad..c5861a3c 100644 --- a/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.schema.mof +++ b/DSCResources/MSFT_xExchImapSettings/MSFT_xExchImapSettings.schema.mof @@ -5,8 +5,32 @@ class MSFT_xExchImapSettings : OMI_BaseResource [Key, Description("The IMAP server to configure.")] String Server; [Required, Description("Credentials used to establish a remote PowerShell session to Exchange."), EmbeddedInstance("MSFT_Credential")] String Credential; [Write, Description("Whether it is OK to restart the IMAP services after making changes. Defaults to $false.")] Boolean AllowServiceRestart; - [Write, Description("The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.")] String DomainController; //Optional Domain Controller to connect to + [Write, Description("The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.")] String DomainController; [Write, Description("The ExternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by external IMAP4 clients (IMAP4 connections from outside your corporate network).")] String ExternalConnectionSettings[]; [Write, Description("The LoginType parameter specifies the authentication method for IMAP4 connections."), ValueMap{"PlainTextLogin","PlainTextAuthentication","SecureLogin"}, Values{"PlainTextLogin","PlainTextAuthentication","SecureLogin"}] String LoginType; [Write, Description("The X509CertificateName parameter specifies the certificate that's used for encrypting IMAP4 client connections.")] String X509CertificateName; + [Write, Description("The AuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle authenticated connection.")] String AuthenticatedConnectionTimeout; + [Write, Description("The Banner parameter specifies the text string that's displayed to connecting IMAP4 clients.")] String Banner; + [Write, Description("The CalendarItemRetrievalOption parameter specifies how calendar items are presented to IMAP4 clients."), ValueMap{"iCalendar","IntranetUrl","InternetUrl", "Custom"}, Values{"iCalendar","IntranetUrl","InternetUrl", "Custom"}] String CalendarItemRetrievalOption; + [Write, Description("The EnableExactRFC822Size parameter specifies how message sizes are presented to IMAP4 clients.")] Boolean EnableExactRFC822Size; + [Write, Description("The EnableGSSAPIAndNTLMAuth parameter specifies whether connections can use Integrated Windows authentication (NTLM) using the Generic Security Services application programming interface (GSSAPI). This setting applies to connections where Transport Layer Security (TLS) is disabled.")] Boolean EnableGSSAPIAndNTLMAuth; + [Write, Description("The EnforceCertificateErrors parameter specifies whether to enforce valid Secure Sockets Layer (SSL) certificate validation failures.")] Boolean EnforceCertificateErrors; + [Write, Description("The ExtendedProtectionPolicy parameter specifies how Extended Protection for Authentication is used."), ValueMap{"None","Allow","Require"}, Values{"None","Allow","Require"}] String ExtendedProtectionPolicy; + [Write, Description("The InternalConnectionSettings parameter specifies the host name, port, and encryption method that's used by internal IMAP4 clients (IMAP4 connections from inside your corporate network).")] String InternalConnectionSettings[]; + [Write, Description("The LogFileLocation parameter specifies the location for the IMAP4 protocol log files.")] String LogFileLocation; + [Write, Description("The LogFileRollOverSettings parameter specifies how frequently IMAP4 protocol logging creates a new log file."), ValueMap{"Hourly","Daily","Weekly", "Monthly"}, Values{"Hourly","Daily","Weekly", "Monthly"}] String LogFileRollOverSettings; + [Write, Description("The LogPerFileSizeQuota parameter specifies the maximum size of a IMAP4 protocol log file.")] String LogPerFileSizeQuota; + [Write, Description("The MaxCommandSize parameter specifies the maximum size in bytes of a single IMAP4 command.")] SInt32 MaxCommandSize; + [Write, Description("The MaxConnectionFromSingleIP parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server from a single IP address.")] SInt32 MaxConnectionFromSingleIP; + [Write, Description("The MaxConnections parameter specifies the maximum number of IMAP4 connections that are accepted by the Exchange server.")] SInt32 MaxConnections; + [Write, Description("The MaxConnectionsPerUser parameter specifies the maximum number of IMAP4 connections that are allowed for each user.")] SInt32 MaxConnectionsPerUser; + [Write, Description("The MessageRetrievalMimeFormat parameter specifies the MIME encoding of messages."), ValueMap{"TextOnly","HtmlOnly","HtmlAndTextAlternative","TextEnrichedOnly","TextEnrichedAndTextAlternative","BestBodyFormat","Tnef"}, Values{"TextOnly","HtmlOnly","HtmlAndTextAlternative","TextEnrichedOnly","TextEnrichedAndTextAlternative","BestBodyFormat","Tnef"}] String MessageRetrievalMimeFormat; + [Write, Description("The OwaServerUrl parameter specifies the URL that's used to retrieve calendar information for instances of custom Outlook on the web calendar items.")] String OwaServerUrl; + [Write, Description("The PreAuthenticatedConnectionTimeout parameter specifies the period of time to wait before closing an idle IMAP4 connection that isn't authenticated.")] String PreAuthenticatedConnectionTimeout; + [Write, Description("The ProtocolLogEnabled parameter specifies whether to enable protocol logging for IMAP4.")] Boolean ProtocolLogEnabled; + [Write, Description("The ProxyTargetPort parameter specifies the port on the Microsoft Exchange IMAP4 Backend service that listens for client connections that are proxied from the Microsoft Exchange IMAP4 service.")] SInt32 ProxyTargetPort; + [Write, Description("The ShowHiddenFoldersEnabled parameter specifies whether hidden mailbox folders are visible.")] Boolean ShowHiddenFoldersEnabled; + [Write, Description("The SSLBindings parameter specifies the IP address and TCP port that's used for IMAP4 connection that's always encrypted by SSL/TLS. This parameter uses the syntax :.")] String SSLBindings[]; + [Write, Description("The SuppressReadReceipt parameter specifies whether to stop duplicate read receipts from being sent to IMAP4 clients that have the Send read receipts for messages I send setting configured in their IMAP4 email program.")] Boolean SuppressReadReceipt; + [Write, Description("The X509CertificateName parameter specifies the certificate that's used for encrypting IMAP4 client connections.")] String UnencryptedOrTLSBindings[]; }; diff --git a/README.md b/README.md index fee01122..55008ff9 100644 --- a/README.md +++ b/README.md @@ -758,6 +758,69 @@ parameters. for IMAP4 connections. * **X509CertificateName**: The X509CertificateName parameter specifies the certificate that's used for encrypting IMAP4 client connections. +* **AuthenticatedConnectionTimeout**: The AuthenticatedConnectionTimeout + parameter specifies the period of time to wait before closing an idle + authenticated connection.")] String AuthenticatedConnectionTimeout. +* **Banner**: The Banner parameter specifies the text string that's displayed to + connecting IMAP4 clients. +* **CalendarItemRetrievalOption**: The CalendarItemRetrievalOption parameter + specifies how calendar items are presented to IMAP4 clients. + {iCalendar | IntranetUrl | InternetUrl | Custom} +* **EnableExactRFC822Size**: The EnableExactRFC822Size parameter specifies how + message sizes are presented to IMAP4 clients. +* **EnableGSSAPIAndNTLMAuth**: The EnableGSSAPIAndNTLMAuth parameter specifies + whether connections can use Integrated Windows authentication (NTLM) using the + Generic Security Services application programming interface (GSSAPI). This + setting applies to connections where Transport Layer Security (TLS) is disabled. +* **EnforceCertificateErrors**: The EnforceCertificateErrors parameter specifies + whether to enforce valid Secure Sockets Layer (SSL) certificate validation failures. +* **ExtendedProtectionPolicy**: The ExtendedProtectionPolicy parameter specifies + how Extended Protection for Authentication is used. {None | Allow | Required} +* **InternalConnectionSettings**: The InternalConnectionSettings parameter + specifies the host name, port, and encryption method that's used by internal + IMAP4 clients (IMAP4 connections from inside your corporate network). +* **LogFileLocation**: The LogFileLocation parameter specifies the location for + the IMAP4 protocol log files. +* **LogFileRollOverSettings**: The LogFileRollOverSettings parameter specifies + how frequently IMAP4 protocol logging creates a new log file. + {Hourly | Daily | Weekly | Monthly} +* **LogPerFileSizeQuota**: The LogPerFileSizeQuota parameter specifies the + maximum size of a IMAP4 protocol log file. +* **MaxCommandSize**: The MaxCommandSize parameter specifies the maximum size in + bytes of a single IMAP4 command. +* **MaxConnectionFromSingleIP**: The MaxConnectionFromSingleIP parameter + specifies the maximum number of IMAP4 connections that are accepted by the + Exchange server from a single IP address. +* **MaxConnections**: The MaxConnections parameter specifies the maximum number + of IMAP4 connections that are accepted by the Exchange server. +* **MaxConnectionsPerUser**: The MaxConnectionsPerUser parameter specifies the + maximum number of IMAP4 connections that are allowed for each user. +* **MessageRetrievalMimeFormat**: The MessageRetrievalMimeFormat parameter + specifies the MIME encoding of messages. +{TextOnly | HtmlOnly | HtmlAndTextAlternative | + TextEnrichedOnly | TextEnrichedAndTextAlternative | BestBodyFormat | Tnef} +* **OwaServerUrl**: The OwaServerUrl parameter specifies the URL that's used to + retrieve calendar information for instances of custom Outlook on the web + calendar items. +* **PreAuthenticatedConnectionTimeout**: The PreAuthenticatedConnectionTimeout + parameter specifies the period of time to wait before closing an idle IMAP4 + connection that isn't authenticated. +* **ProtocolLogEnabled**: The ProtocolLogEnabled parameter specifies whether to + enable protocol logging for IMAP4. +* **ProxyTargetPort**: The ProxyTargetPort parameter specifies the port on the + Microsoft Exchange IMAP4 Backend service that listens for client connections + that are proxied from the Microsoft Exchange IMAP4 service. +* **ShowHiddenFoldersEnabled**: The ShowHiddenFoldersEnabled parameter specifies + whether hidden mailbox folders are visible. +* **SSLBindings**: The SSLBindings parameter specifies the IP address and TCP + port that's used for IMAP4 connection that's always encrypted by SSL/TLS. This + parameter uses the syntax {IPv4OrIPv6Address}:{Port}. +* **SuppressReadReceipt**: The SuppressReadReceipt parameter specifies whether + to stop duplicate read receipts from being sent to IMAP4 clients that have the + Send read receipts for messages I send setting configured in their IMAP4 email + program. +* **UnencryptedOrTLSBindings**: The X509CertificateName parameter specifies the + certificate that's used for encrypting IMAP4 client connections. ### xExchInstall diff --git a/Tests/Unit/MSFT_xExchImapSettings.tests.ps1 b/Tests/Unit/MSFT_xExchImapSettings.tests.ps1 index 7e6e8cff..f652a1d7 100644 --- a/Tests/Unit/MSFT_xExchImapSettings.tests.ps1 +++ b/Tests/Unit/MSFT_xExchImapSettings.tests.ps1 @@ -37,28 +37,151 @@ try Invoke-TestSetup InModuleScope $script:DSCResourceName { + + Mock -CommandName Write-FunctionEntry -Verifiable + + $commonTargetResourceParams = @{ + Server = 'Server' + Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList 'fakeuser', (New-Object -TypeName System.Security.SecureString) + AllowServiceRestart = $true + } + + $commonImapSettingsStandardOutput = @{ + ExternalConnectionSettings = [System.String[]] @() + LoginType = [System.String] '' + X509CertificateName = [System.String] '' + AuthenticatedConnectionTimeout = [System.String] '' + Banner = [System.String] '' + CalendarItemRetrievalOption = [System.String] '' + EnableExactRFC822Size = [System.Boolean] $false + EnableGSSAPIAndNTLMAuth = [System.Boolean] $false + EnforceCertificateErrors = [System.Boolean] $false + ExtendedProtectionPolicy = [System.String] '' + InternalConnectionSettings = [System.String[]] @() + LogFileLocation = [System.String] '' + LogFileRollOverSettings = [System.String] '' + LogPerFileSizeQuota = [System.String] '' + MaxCommandSize = [System.Int32] 1 + MaxConnectionFromSingleIP = [System.Int32] 1 + MaxConnections = [System.Int32] 1 + MaxConnectionsPerUser = [System.Int32] 1 + MessageRetrievalMimeFormat = [System.String] '' + OwaServerUrl = [System.String] '' + PreAuthenticatedConnectionTimeout = [System.String] '' + ProtocolLogEnabled = [System.Boolean] $false + ProxyTargetPort = [System.Int32] 1 + ShowHiddenFoldersEnabled = [System.Boolean] $false + SSLBindings = [System.String[]] @() + SuppressReadReceipt = [System.Boolean] $false + UnencryptedOrTLSBindings = [System.String[]] @() + } + Describe 'MSFT_xExchImapSettings\Get-TargetResource' -Tag 'Get' { AfterEach { Assert-VerifiableMock } - $getTargetResourceParams = @{ - Server = 'Server' - Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList 'fakeuser', (New-Object -TypeName System.Security.SecureString) + Context 'When Get-TargetResource is called' { + + Mock -CommandName Get-RemoteExchangeSession -Verifiable + Mock -CommandName Get-ImapSettingsInternal -Verifiable -MockWith { return $commonImapSettingsStandardOutput } + + Test-CommonGetTargetResourceFunctionality -GetTargetResourceParams $commonTargetResourceParams } + } + + Describe 'MSFT_xExchImapSettings\Set-TargetResource' -Tag 'Set' { + # Override Exchange cmdlets + Mock -CommandName Get-RemoteExchangeSession -Verifiable + function Set-ImapSettings {} - $getImapSettingsStandardOutput = @{ - ExternalConnectionSettings = [System.String[]] @() - LoginType = [System.String] '' - X509CertificateName = [System.String] '' + AfterEach { + Assert-VerifiableMock } - Context 'When Get-TargetResource is called' { - Mock -CommandName Write-FunctionEntry -Verifiable - Mock -CommandName Get-RemoteExchangeSession -Verifiable - Mock -CommandName Get-ImapSettingsInternal -Verifiable -MockWith { return $getImapSettingsStandardOutput } + Context 'When Set-TargetResource is called' { + It 'Should call expected functions when AllowServiceRestart is true' { + Mock -CommandName Set-ImapSettings -Verifiable + Mock -CommandName Restart-Service -Verifiable + + Set-TargetResource @commonTargetResourceParams + } + + + It 'Should warn that a MSExchangeIMAP4 service restart is required' { + $AllowServiceRestart = $commonTargetResourceParams.AllowServiceRestart + $commonTargetResourceParams.AllowServiceRestart = $false + Mock -CommandName Set-ImapSettings -Verifiable + Mock -CommandName Write-Warning -Verifiable -ParameterFilter {$Message -eq 'The configuration will not take effect until MSExchangeIMAP4 services are manually restarted.'} + + Set-TargetResource @commonTargetResourceParams + $commonTargetResourceParams.AllowServiceRestart = $AllowServiceRestart + } + } + } + + Describe 'MSFT_xExchImapSettings\Test-TargetResource' -Tag 'Test' { + # Override Exchange cmdlets + Mock -CommandName Get-RemoteExchangeSession -Verifiable + + AfterEach { + Assert-VerifiableMock + } + + Context 'When Test-TargetResource is called' { + It 'Should return False when Get-ImapSettingsInternal returns null' { + Mock -CommandName Get-ImapSettingsInternal -Verifiable + + Test-TargetResource @commonTargetResourceParams -ErrorAction SilentlyContinue | Should -Be $false + } + + It 'Should return False when Test-ExchangeSetting returns False' { + Mock -CommandName Get-ImapSettingsInternal -Verifiable -MockWith { return $commonImapSettingsStandardOutput } + Mock -CommandName Test-ExchangeSetting -Verifiable -MockWith { return $false } + + Test-TargetResource @commonTargetResourceParams | Should -Be $false + } + + It 'Should return True when Test-ExchangeSetting returns True' { + Mock -CommandName Get-ImapSettingsInternal -Verifiable -MockWith { return $commonImapSettingsStandardOutput } + Mock -CommandName Test-ExchangeSetting -Verifiable -MockWith { return $true } + + Test-TargetResource @commonTargetResourceParams | Should -Be $true + } + } + } + + Describe 'MSFT_xExchImapSettings\Get-ImapSettingsInternal' -Tag 'Helper' { + # Override Exchange cmdlets + function Get-ImapSettings { } + + AfterEach { + Assert-VerifiableMock + } + + Context 'When Get-ImapSettingsInternal is called' { + It 'Should call expected functions' { + Mock -CommandName Get-ImapSettings -Verifiable -MockWith { return $commonImapSettingsStandardOutput } + + Get-ImapSettingsInternal @commonTargetResourceParams + } + } + } + + Describe 'MSFT_xExchImapSettings\Get-ImapSettingsInternal' -Tag 'Helper' { + # Override Exchange cmdlets + function Get-ImapSettings { } + + AfterEach { + Assert-VerifiableMock + } + + Context 'When Get-ImapSettingsInternal is called' { + It 'Should call expected functions' { + Mock -CommandName Get-ImapSettings -Verifiable -MockWith { return $commonImapSettingsStandardOutput } - Test-CommonGetTargetResourceFunctionality -GetTargetResourceParams $getTargetResourceParams + Get-ImapSettingsInternal @commonTargetResourceParams + } } } }