Skip to content

Commit

Permalink
Merge pull request #88 from ActiveDirectoryManagementFramework/october24
Browse files Browse the repository at this point in the history
1.8.205
  • Loading branch information
FriedrichWeinmann authored Oct 22, 2024
2 parents 696d910 + f50c714 commit a3ac45b
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 13 deletions.
2 changes: 1 addition & 1 deletion DomainManagement/DomainManagement.psd1
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
RootModule = 'DomainManagement.psm1'

# Version number of this module.
ModuleVersion = '1.8.202'
ModuleVersion = '1.8.205'

# ID used to uniquely identify this module
GUID = '0a405382-ebc2-445b-8325-541535810193'
Expand Down
6 changes: 6 additions & 0 deletions DomainManagement/changelog.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
# Changelog

## 1.8.205 (2024-10-22)

- Upd: Exchange - added extra validation to successful deployment runs
- Fix: WmiFilter - number in output of test results, failing a full invoke
- Fix: ServiceAccount - fails to update existing gMSA that are misconfigured

## 1.8.202 (2024-01-12)

- Upd: Access Rules - added option to parallelize tests (experimental)
Expand Down
11 changes: 11 additions & 0 deletions DomainManagement/functions/exchange/Invoke-DMExchange.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,17 @@
if (-not $result.Success) {
throw "Error applying exchange update: $($result.Message)"
}

# Test Message validation (Text parsing is bad, but the method below is less reliable)
if ($result.Message -match 'The Exchange Server setup operation completed successfully') { return }

# Exchange's setup.exe is not always reliable in its exit codes, thus we need to retest
# This is not guaranteed to work 100%, as replication delay may lead to false errors
$testResult = Test-DMExchange @Parameters
if (-not $testResult) { return }
if ($testResult.Type -contains $Mode) {
throw "Exchange Update probably failed! Success could not be verified, but replication delays might lead to a wrong alert here. This was the return from the exchange installer:`n$($result.Message)"
}
}
#endregion Utility Functions
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -165,11 +165,11 @@
$properties = @{ }
$clear = @()
foreach ($change in $testItem.Changed) {
if (-not $change.NewValue -and 0 -ne $change.NewValue) { $clear += $change.Property }
if (-not $change.New -and 0 -ne $change.New) { $clear += $change.Property }
elseif ($change.Property -eq 'KerberosEncryptionType') {
$setParam.KerberosEncryptionType = $change.NewValue
$setParam.KerberosEncryptionType = $change.New
}
else { $properties[$change.Property] = $change.NewValue }
else { $properties[$change.Property] = $change.New }
}
if ($properties.Count -gt 0) { $setParam.Replace = $properties }
if ($clear) { $setParam.Clear = $clear }
Expand Down Expand Up @@ -225,20 +225,20 @@
'PrincipalUpdate'
{
Invoke-PSFProtectedCommand -ActionString 'Invoke-DMServiceAccount.UpdatingPrincipal' -ActionStringValues $testItem.Identity -Target $testItem.Identity -ScriptBlock {
$principals = ($testItem.Changed | Where-Object Type -EQ Update).NewValue
$principals = ($testItem.Changed | Where-Object Type -EQ Update).New
Set-ADServiceAccount @parameters -Identity $testItem.ADObject.ObjectGuid -PrincipalsAllowedToRetrieveManagedPassword $principals
} -EnableException $EnableException -PSCmdlet $PSCmdlet
}
'Move'
{
Invoke-PSFProtectedCommand -ActionString 'Invoke-DMServiceAccount.Moving' -ActionStringValues $testItem.Identity, $testItem.Changed.NewValue -Target $testItem.Identity -ScriptBlock {
Move-ADObject @parameters -Identity $testItem.ADObject.ObjectGuid -TargetPath $testItem.Changed.NewValue -Confirm:$false
Invoke-PSFProtectedCommand -ActionString 'Invoke-DMServiceAccount.Moving' -ActionStringValues $testItem.Identity, $testItem.Changed.New -Target $testItem.Identity -ScriptBlock {
Move-ADObject @parameters -Identity $testItem.ADObject.ObjectGuid -TargetPath $testItem.Changed.New -Confirm:$false
} -EnableException $EnableException -PSCmdlet $PSCmdlet
}
'Rename'
{
Invoke-PSFProtectedCommand -ActionString 'Invoke-DMServiceAccount.Renaming' -ActionStringValues $testItem.Identity, $testItem.Changed.NewValue -Target $testItem.Identity -ScriptBlock {
Rename-ADObject @parameters -Identity $testItem.ADObject.ObjectGuid -NewName $testItem.Changed.NewValue -Confirm:$false
Invoke-PSFProtectedCommand -ActionString 'Invoke-DMServiceAccount.Renaming' -ActionStringValues $testItem.Identity, $testItem.Changed.New -Target $testItem.Identity -ScriptBlock {
Rename-ADObject @parameters -Identity $testItem.ADObject.ObjectGuid -NewName $testItem.Changed.New -Confirm:$false
} -EnableException $EnableException -PSCmdlet $PSCmdlet
}
'RenameSam'
Expand Down
4 changes: 2 additions & 2 deletions DomainManagement/functions/wmifilter/Test-DMWmiFilter.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@
continue
}
$change = New-Change -Property Query -OldValue $adFilter.Query -NewValue $Configuration.Query -Identity $Configuration.name -Type WmiFilter
$changes.Add($change)
$null = $changes.Add($change)
break
}
#endregion Verify whether all intended queries are already applied
Expand All @@ -87,7 +87,7 @@
continue
}
$change = New-Change -Property Query -OldValue $adFilter.Query -NewValue $Configuration.Query -Identity $Configuration.name -Type WmiFilter
$changes.Add($change)
$null = $changes.Add($change)
break
}
}
Expand Down
4 changes: 2 additions & 2 deletions DomainManagement/xml/DomainManagement.Format.ps1xml
Original file line number Diff line number Diff line change
Expand Up @@ -250,10 +250,10 @@ else { $_.Category }
<PropertyName>Property</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>Previous</PropertyName>
<PropertyName>Old</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>NewValue</PropertyName>
<PropertyName>New</PropertyName>
</TableColumnItem>
</TableColumnItems>
</TableRowEntry>
Expand Down

0 comments on commit a3ac45b

Please sign in to comment.