BREAKING CHANGE: WaitForADDomain: Refactored the resource to handle t…

…imeout better (#455) - Changes to ActiveDirectoryDsc - The helper function `Find-DomainController` is exported in the module manifest. When running `Import-Module -Name ActiveDirectoryDsc` the module will also import the nested module ActiveDirectoryDsc.Common. It is exported so that the resource WaitForADDomain can reuse code when running a background job to search for a domain controller. - Changes to ActiveDirectoryDsc.Common: - Added function `Find-DomainController`. - Added function `Get-CurrentUser` (moved from the resource ADKDSKey). - Changes to WaitForADDomain - BREAKING CHANGE: Refactored the resource to handle timeout better and more correctly wait for a specific amount of time, and at the same time make the resource more intuitive to use. This change has replaced parameters in the resource ([issue #343](#343)). - Now the resource can use built-in `PsDscRunAsCredential` instead of specifying the `Credential` parameter ([issue #367](#367)). - New parameter `SiteName` can be used to wait for a domain controller in a specific site in the domain.
dsccommunity · Aug 2, 2019 · 3efea91 · 3efea91
1 parent 13736cf
commit 3efea91
Show file tree

Hide file tree

Showing 30 changed files with 2,353 additions and 340 deletions.
diff --git a/ActiveDirectoryDsc.psd1 b/ActiveDirectoryDsc.psd1
@@ -12,7 +12,7 @@ Author = 'Microsoft Corporation'
 CompanyName = 'Microsoft Corporation'
 
 # Copyright statement for this module
-Copyright = '(c) 2014 Microsoft Corporation. All rights reserved.'
+Copyright = '(c) 2019 Microsoft Corporation. All rights reserved.'
 
 # Description of the functionality provided by this module
 Description = 'The ActiveDirectoryDsc module contains DSC resources for deployment and configuration of Active Directory.
@@ -25,11 +25,20 @@ PowerShellVersion = '4.0'
 # Minimum version of the common language runtime (CLR) required by this module
 CLRVersion = '4.0'
 
+# Nested modules to load when this module is imported.
+NestedModules = 'Modules\ActiveDirectoryDsc.Common\ActiveDirectoryDsc.Common.psm1'
+
 # Functions to export from this module
-FunctionsToExport = '*'
+FunctionsToExport = @(
+  # Exported so that WaitForADDomain can use this function in a separate scope.
+  'Find-DomainController'
+)
 
 # Cmdlets to export from this module
-CmdletsToExport = '*'
+CmdletsToExport = @()
+
+# Aliases to export from this module
+AliasesToExport = @()
 
 # Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell.
 PrivateData = @{

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,11 @@
 - Changes to ActiveDirectoryDsc
   - BREAKING CHANGE: Renamed the xActiveDirectory to ActiveDirectoryDsc
     and removed the 'x' from all resource names ([issue #312](https://github.com/PowerShell/ActiveDirectoryDsc/issues/312)).
+  - The helper function `Find-DomainController` is exported in the module
+    manifest. When running `Import-Module -Name ActiveDirectoryDsc` the
+    module will also import the nested module ActiveDirectoryDsc.Common.
+    It is exported so that the resource WaitForADDomain can reuse code
+    when running a background job to search for a domain controller.
   - Added a Requirements section to every DSC resource README with the
     bullet point stating "Target machine must be running Windows Server
     2008 R2 or later" ([issue #399](https://github.com/PowerShell/ActiveDirectoryDsc/issues/399)).
@@ -45,6 +50,8 @@
       `Credential` in the function `Restore-ADCommonObject`
     - Removed the alias `DomainAdministratorCredential` from the parameter
       `Credential` in the function `Get-ADCommonParameters`
+    - Added function `Find-DomainController`.
+    - Added function `Get-CurrentUser` (moved from the resource ADKDSKey).
   - Updated all the examples files to be prefixed with the resource
     name so they are more easily discovered in PowerShell Gallery and
     Azure Automation ([issue #416](https://github.com/PowerShell/ActiveDirectoryDsc/issues/416)).
@@ -105,7 +112,15 @@
   - Added comment-based help ([issue #337](https://github.com/PowerShell/ActiveDirectoryDsc/issues/337)).
   - Added integration tests ([issue #348](https://github.com/PowerShell/ActiveDirectoryDsc/issues/348)).
 - Changes to WaitForADDomain
-  - Added comment-based help ([issue #341](https://github.com/PowerShell/ActiveDirectoryDsc/issues/341))
+  - BREAKING CHANGE: Refactored the resource to handle timeout better and
+    more correctly wait for a specific amount of time, and at the same time
+    make the resource more intuitive to use. This change has replaced
+    parameters in the resource ([issue #343](https://github.com/PowerShell/ActiveDirectoryDsc/issues/343)).
+  - Now the resource can use built-in `PsDscRunAsCredential` instead of
+    specifying the `Credential` parameter ([issue #367](https://github.com/PowerShell/ActiveDirectoryDsc/issues/367)).
+  - New parameter `SiteName` can be used to wait for a domain controller
+    in a specific site in the domain.
+  - Added comment-based help ([issue #341](https://github.com/PowerShell/ActiveDirectoryDsc/issues/341)).
 - Changes to ADDomainController
   - BREAKING CHANGE: Renamed the parameter `DomainAdministratorCredential`
     to `Credential` to better indicate that it is possible to impersonate

diff --git a/DSCResources/MSFT_ADDomainController/en-US/about_ADDomainController.help.txt b/DSCResources/MSFT_ADDomainController/en-US/about_ADDomainController.help.txt
@@ -111,12 +111,10 @@ Configuration ADDomainController_AddDomainControllerToDomainMinimal_Config
 
         WaitForADDomain 'WaitForestAvailability'
         {
-            DomainName           = 'contoso.com'
-            DomainUserCredential = $Credential
-            RetryCount           = 10
-            RetryIntervalSec     = 120
+            DomainName = 'contoso.com'
+            Credential = $Credential
 
-            DependsOn            = '[WindowsFeature]RSATADPowerShell'
+            DependsOn  = '[WindowsFeature]RSATADPowerShell'
         }
 
         ADDomainController 'DomainControllerMinimal'
@@ -171,12 +169,10 @@ Configuration ADDomainController_AddDomainControllerToDomainAllProperties_Config
 
         WaitForADDomain 'WaitForestAvailability'
         {
-            DomainName           = 'contoso.com'
-            DomainUserCredential = $Credential
-            RetryCount           = 10
-            RetryIntervalSec     = 120
+            DomainName = 'contoso.com'
+            Credential = $Credential
 
-            DependsOn            = '[WindowsFeature]RSATADPowerShell'
+            DependsOn  = '[WindowsFeature]RSATADPowerShell'
         }
 
         ADDomainController 'DomainControllerAllProperties'
@@ -236,12 +232,10 @@ Configuration ADDomainController_AddDomainControllerToDomainUsingIFM_Config
 
         WaitForADDomain 'WaitForestAvailability'
         {
-            DomainName           = 'contoso.com'
-            DomainUserCredential = $Credential
-            RetryCount           = 10
-            RetryIntervalSec     = 120
+            DomainName = 'contoso.com'
+            Credential = $Credential
 
-            DependsOn            = '[WindowsFeature]RSATADPowerShell'
+            DependsOn  = '[WindowsFeature]RSATADPowerShell'
         }
 
         ADDomainController 'DomainControllerWithIFM'
@@ -297,12 +291,10 @@ Configuration ADDomainController_AddReadOnlyDomainController_Config
 
         WaitForADDomain 'WaitForestAvailability'
         {
-            DomainName           = 'contoso.com'
-            DomainUserCredential = $Credential
-            RetryCount           = 10
-            RetryIntervalSec     = 120
+            DomainName = 'contoso.com'
+            Credential = $Credential
 
-            DependsOn            = '[WindowsFeature]RSATADPowerShell'
+            DependsOn  = '[WindowsFeature]RSATADPowerShell'
         }
 
         ADDomainController 'Read-OnlyDomainController(RODC)'

diff --git a/DSCResources/MSFT_ADForestProperties/en-US/about_ADForestProperties.help.txt b/DSCResources/MSFT_ADForestProperties/en-US/about_ADForestProperties.help.txt
@@ -52,7 +52,7 @@ Configuration ADForestProperties_ReplaceForestProperties_Config
 
     node 'localhost'
     {
-        ADForestProperties $Node.ForestName
+        ADForestProperties 'contoso.com'
         {
             ForestName                 = 'contoso.com'
             UserPrincipalNameSuffix    = 'fabrikam.com', 'industry.com'

diff --git a/DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.psm1 b/DSCResources/MSFT_ADKDSKey/MSFT_ADKDSKey.psm1
@@ -513,14 +513,4 @@ function Get-ADRootDomainDN
     return $rootDomainDN
 }
 
-<#
-    .SYNOPSIS
-        This is used to get the current user context when the resource script runs.
-        We are putting this in a function so we can mock it with pester
-#>
-function Get-CurrentUser
-{
-    return [System.Security.Principal.WindowsIdentity]::GetCurrent()
-}
-
 Export-ModuleMember *-TargetResource