Skip to content

Commit

Permalink
First working cut of SPProjectServerADResourcePoolSync - still needs …
Browse files Browse the repository at this point in the history 
…tests
  • Loading branch information
Brian Farnhill committed Aug 23, 2017
1 parent 739851e commit 9721e11
Show file tree
Hide file tree
Showing 28 changed files with 259,810 additions and 0 deletions.
229 changes: 229 additions & 0 deletions ...ources/MSFT_SPProjectServerADResourcePoolSync/MSFT_SPProjectServerADResourcePoolSync.psm1
View file
@@ -0,0 +1,229 @@
function Get-TargetResource
{
[CmdletBinding()]
[OutputType([System.Collections.Hashtable])]
param
(
[parameter(Mandatory = $true)]
[System.String]
$Url,

[parameter(Mandatory = $false)]
[System.String[]]
$GroupNames,

[parameter(Mandatory = $false)]
[ValidateSet("Present","Absent")]
[System.String]
$Ensure = "Present",

[parameter(Mandatory = $false)]
[System.Management.Automation.PSCredential]
$InstallAccount
)

Write-Verbose -Message "Getting license status for Project Server"

if ((Get-SPDSCInstalledProductVersion).FileMajorPart -lt 16)
{
throw [Exception] ("Support for Project Server in SharePointDsc is only valid for " + `
"SharePoint 2016.")
}

$result = Invoke-SPDSCCommand -Credential $InstallAccount `
-Arguments @($PSBoundParameters, $PSScriptRoot) `
-ScriptBlock {
$params = $args[0]
$scriptRoot = $args[1]

$modulePath = "..\..\Modules\SharePointDsc.ProjectServer\ProjectServerConnector.psm1"
Import-Module -Name (Join-Path -Path $scriptRoot -ChildPath $modulePath -Resolve)

$adminService = New-SPDscProjectServerWebService -PwaUrl $params.Url -EndpointName Admin

$script:currentSettings = $null
Use-SPDscProjectServerWebService -Service $adminService -ScriptBlock {
$script:currentSettings = $adminService.GetActiveDirectorySyncEnterpriseResourcePoolSettings2()
}

if ($null -eq $script:currentSettings)
{
return @{
Url = $params.Url
GroupNames = @()
Ensure = "Absent"
InstallAccount = $params.InstallAccount
}
}
else
{
if ($null -eq $script:currentSettings.ADGroupGuids -or $script:currentSettings.ADGroupGuids.Length -lt 1)
{
return @{
Url = $params.Url
GroupNames = @()
Ensure = "Absent"
InstallAccount = $params.InstallAccount
}
}
else
{
$adGroups = @()
$script:currentSettings.ADGroupGuids | ForEach-Object -Process {
$guid = $_
$bytes = $guid.ToByteArray()
$queryGuid = ""
$bytes | ForEach-Object -Process {
$queryGuid += "\" + $_.ToString("x2")
}

$domain = New-Object -TypeName "System.DirectoryServices.DirectoryEntry"
$search = New-Object -TypeName "System.DirectoryServices.DirectorySearcher"
$search.SearchRoot = $domain
$search.PageSize = 1
$search.Filter = "(&(objectGuid=$queryGuid))"
$search.SearchScope = "Subtree"
$search.PropertiesToLoad.Add("name") | Out-Null
$result = $search.FindOne()

if ($null -ne $result)
{
$sid = New-Object -TypeName "System.Security.Principal.SecurityIdentifier" `
-ArgumentList @($result.GetDirectoryEntry().objectsid[0], 0)

$adGroups += $sid.Translate([System.Security.Principal.NTAccount]).ToString()
}
else
{
$adGroups += $guid.ToString()
}
}

return @{
Url = $params.Url
GroupNames = $adGroups
Ensure = "Present"
InstallAccount = $params.InstallAccount
}
}
}
}
return $result
}


function Set-TargetResource
{
[CmdletBinding()]
param
(
[parameter(Mandatory = $true)]
[System.String]
$Url,

[parameter(Mandatory = $false)]
[System.String[]]
$GroupNames,

[parameter(Mandatory = $false)]
[ValidateSet("Present","Absent")]
[System.String]
$Ensure = "Present",

[parameter(Mandatory = $false)]
[System.Management.Automation.PSCredential]
$InstallAccount
)

Write-Verbose -Message "Setting Project Server License status"

if ((Get-SPDSCInstalledProductVersion).FileMajorPart -lt 16)
{
throw [Exception] ("Support for Project Server in SharePointDsc is only valid for " + `
"SharePoint 2016.")
}

if ($Ensure -eq "Present")
{
Invoke-SPDSCCommand -Credential $InstallAccount `
-Arguments $PSBoundParameters `
-ScriptBlock {

$params = $args[0]

$groupIDs = New-Object -TypeName "System.Collections.Generic.List[System.Guid]"

$params.GroupNames | ForEach-Object -Process {
$groupName = $_
$groupNTaccount = New-Object -TypeName "System.Security.Principal.NTAccount" `
-ArgumentList $groupName
$groupSid = $groupNTaccount.Translate([System.Security.Principal.SecurityIdentifier])

$result = New-Object -TypeName "System.DirectoryServices.DirectoryEntry" `
-ArgumentList "LDAP://<SID=$($groupSid.ToString())>"
$groupIDs.Add(([Guid]::new($result.objectGUID.Value)))
}

Enable-SPProjectActiveDirectoryEnterpriseResourcePoolSync -Url $params.Url `
-GroupUids $groupIDs.ToArray()
}
}
else
{
Invoke-SPDSCCommand -Credential $InstallAccount `
-Arguments $PSBoundParameters `
-ScriptBlock {

$params = $args[0]

Disable-SPProjectActiveDirectoryEnterpriseResourcePoolSync -Url $params.Url
}
}
}


function Test-TargetResource
{
[CmdletBinding()]
[OutputType([System.Boolean])]
param
(
[parameter(Mandatory = $true)]
[System.String]
$Url,

[parameter(Mandatory = $false)]
[System.String[]]
$GroupNames,

[parameter(Mandatory = $false)]
[ValidateSet("Present","Absent")]
[System.String]
$Ensure = "Present",

[parameter(Mandatory = $false)]
[System.Management.Automation.PSCredential]
$InstallAccount
)

Write-Verbose -Message "Testing Project Server License status"

$currentValues = Get-TargetResource @PSBoundParameters

$PSBoundParameters.Ensure = $Ensure

if ($Ensure -eq "Present")
{
return Test-SPDscParameterState -CurrentValues $CurrentValues `
-DesiredValues $PSBoundParameters `
-ValuesToCheck @("Ensure", "GroupNames")
}
else
{
return Test-SPDscParameterState -CurrentValues $CurrentValues `
-DesiredValues $PSBoundParameters `
-ValuesToCheck @("Ensure")
}
}

Export-ModuleMember -Function *-TargetResource
8 changes: 8 additions & 0 deletions .../MSFT_SPProjectServerADResourcePoolSync/MSFT_SPProjectServerADResourcePoolSync.schema.mof
View file
@@ -0,0 +1,8 @@
[ClassVersion("1.0.0.0"), FriendlyName("SPProjectServerADResourcePoolSync")]
class MSFT_SPProjectServerADResourcePoolSync : OMI_BaseResource
{
[Key, Description("The URL of the Project site to set permissions for")] string Url;
[Write, Description("The names of groups in the current domain to sync resources from")] string GroupNames[];
[Write, Description("Should the resource sync process be present or absent for this site?"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;
[Write, Description("POWERSHELL 4 ONLY: The account to run this resource as, use PsDscRunAsCredential if using PowerShell 5"), EmbeddedInstance("MSFT_Credential")] String InstallAccount;
};
Empty file added ...les/SharePointDsc/DSCResources/MSFT_SPProjectServerADResourcePoolSync/readme.md
View file
Empty file.
82 changes: 82 additions & 0 deletions Modules/SharePointDsc/Modules/SharePointDsc.ProjectServer/ProjectServerConnector.psm1
View file
@@ -0,0 +1,82 @@
function New-SPDscProjectServerWebService
{
[OutputType([System.IDisposable])]
param(
[Parameter(Mandatory = $true)]
[System.String]
$PwaUrl,

[Parameter(Mandatory = $true)]
[System.String]
[ValidateSet("Admin", "Archive", "Calendar", "CubeAdmin", "CustomFields",
"Driver", "Events", "LookupTable", "Notifications", "ObjectLinkProvider",
"PortfolioAnalyses", "Project", "QueueSystem", "ResourcePlan", "Resource",
"Security", "Statusing", "TimeSheet", "Workflow", "WssInterop")]
$EndpointName
)

$psDllPath = Join-Path -Path $PSScriptRoot -ChildPath "ProjectServerServices.dll"
Add-Type -Path $psDllPath
$maxSize = 500000000
$svcRouter = "_vti_bin/PSI/ProjectServer.svc"
$pwaUri = New-Object -TypeName "System.Uri" -ArgumentList $pwaUrl

if ($pwaUri.Scheme -eq [System.Uri]::UriSchemeHttps)
{
$binding = New-Object -TypeName "System.ServiceModel.BasicHttpBinding" `
-ArgumentList ([System.ServiceModel.BasicHttpSecurityMode]::Transport)
}
else
{
$binding = New-Object -TypeName "System.ServiceModel.BasicHttpBinding" `
-ArgumentList ([System.ServiceModel.BasicHttpSecurityMode]::TransportCredentialOnly)
}
$binding.Name = "basicHttpConf"
$binding.SendTimeout = [System.TimeSpan]::MaxValue
$binding.MaxReceivedMessageSize = $maxSize
$binding.ReaderQuotas.MaxNameTableCharCount = $maxSize
$binding.MessageEncoding = [System.ServiceModel.WSMessageEncoding]::Text
$binding.Security.Transport.ClientCredentialType = [System.ServiceModel.HttpClientCredentialType]::Ntlm

if ($pwaUrl.EndsWith('/') -eq $false)
{
$pwaUrl = $pwaUrl + "/"
}
$address = New-Object -TypeName "System.ServiceModel.EndpointAddress" `
-ArgumentList ($pwaUrl + $svcRouter)

$webService = New-Object -TypeName "Svc$($EndpointName).$($EndpointName)Client" `
-ArgumentList @($binding, $address)

$webService.ChannelFactory.Credentials.Windows.AllowedImpersonationLevel = [System.Security.Principal.TokenImpersonationLevel]::Impersonation

return $webService
}

function Use-SPDscProjectServerWebService
{
param
(
[Parameter(Mandatory = $true)]
[System.IDisposable]
$Service,

[Parameter(Mandatory = $true)]
[ScriptBlock]
$ScriptBlock
)

try
{
& $ScriptBlock
}
finally
{
if ($null -ne $Service)
{
$Service.Dispose()
}
}
}

Export-ModuleMember -Function *
Binary file added Modules/SharePointDsc/Modules/SharePointDsc.ProjectServer/ProjectServerServices.dll
View file
Binary file not shown.
35 changes: 35 additions & 0 deletions Source/ProjectServerServices/output.config
View file
@@ -0,0 +1,35 @@
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<bindings>
<customBinding>
<binding name="CustomBinding_WssInterop">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedTokenOverTransport"
requireDerivedKeys="false" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<localClientSettings detectReplays="false" />
<localServiceSettings detectReplays="false" />
</security>
<textMessageEncoding />
<httpsTransport />
</binding>
<binding name="CustomBinding_WssInterop1">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedTokenOverTransport"
requireDerivedKeys="false" includeTimestamp="true" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<localClientSettings detectReplays="false" />
<localServiceSettings detectReplays="false" />
</security>
<textMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://sphvm-37812.redmond.corp.microsoft.com:32844/d242c50ddb9947dfb819501200d59ec0/PSI/WssInterop.svc/secure"
binding="customBinding" bindingConfiguration="CustomBinding_WssInterop"
contract="SvcWssInterop.WssInterop" name="CustomBinding_WssInterop" />
<endpoint address="http://sphvm-37812.redmond.corp.microsoft.com:32843/d242c50ddb9947dfb819501200d59ec0/PSI/WssInterop.svc"
binding="customBinding" bindingConfiguration="CustomBinding_WssInterop1"
contract="SvcWssInterop.WssInterop" name="CustomBinding_WssInterop1" />
</client>
</system.serviceModel>
</configuration>

0 comments on commit 9721e11

Please sign in to comment.