Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

xDscWebService: FIX The IIS apppool account and credentials cannot be set and fixing some bugs from PR #614 #613

Merged
merged 33 commits into from
May 13, 2019
Merged
Show file tree
Hide file tree
Changes from 31 commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
83aaeb3
First implementation that passed unit tests of fix for issue 463
Mar 4, 2019
03c1d58
Various adjustments to the MSFT_xDSCWebService resource after reviewi…
Mar 7, 2019
36b08e6
Fixed bugs after integration tests
Mar 14, 2019
bd11178
xDSCWebService: Merged integration tests from branch issue-536
Apr 9, 2019
00f8a0e
* Fixed bug in handling of application pools and sites
May 3, 2019
8ef31c4
Reverted naming of PullServer firewall rule naming scheme
May 4, 2019
d5225db
Corrected firewall display name filter in DSC PullServer unit test
May 4, 2019
1fc7538
Added DSC PullServer integration test to ensure clean removal of a de…
May 4, 2019
6fa47bc
Corrected Test-DSCPullServer
May 4, 2019
b794ec5
Added additional integration test DSC configuration to MSFT_xDSCWebSe…
May 4, 2019
5f09edc
Corrected test initialization in MSFT_xDSCWebService.Integration.test…
May 4, 2019
2d5efad
Corrcted path reference in MSFT_xDSCWebService.Integration.tests.ps1
May 4, 2019
023dc3a
MSFT_xDSCWebService: Added new integration tests for firewall and app…
May 4, 2019
421632a
MSFT_xDSCWebService: fixed bugs in new integration tests
May 4, 2019
a4ec227
MSFT_xDSCWebService: corrected integration test
May 4, 2019
6a034e0
MSFT_xDSCWebService: added Changelog, Readme documentation and a new …
May 4, 2019
4aba934
MSFT_xDSCWebService: correct an error in Sample_xDscWebServiceAppPool…
May 4, 2019
ae102b3
MSFT_xDSCWebService: corrected a meta test error in Sample_xDscWebSer…
May 4, 2019
de65a11
MSFT_xDSCWebService: corrected the PSScriptInfo and description of Sa…
May 4, 2019
22fce06
Changes after 1st review
May 5, 2019
72d57bd
Changes after 2nd review
May 10, 2019
bd73630
Merge branch 'issue-463' of https://github.com/tmeckel/xPSDesiredStat…
May 10, 2019
3d962bf
Changed new Sample_MetaConfigurationToRegisterWithSecurePullServer.ps…
May 10, 2019
62c17c3
Corrected some markdown meta test errors
May 11, 2019
871d78e
Renamed and corrected Examples\Sample_xDscWebService_Client.ps1
May 11, 2019
9418189
Corrected link to xDSCWebService client example
May 11, 2019
cc2a8c3
Corrected Examples\Sample_xDscWebService_Client.ps1
May 11, 2019
25c54c6
Corrected Tests\Integration\MSFT_xDSCWebService.Integration.tests.ps1
May 11, 2019
92c2757
xDSCWebService: removed formatting for firewall rule name
May 12, 2019
3f2445c
xDSCWebService: Replaces Write-Error with throw
May 12, 2019
52e7b76
xDSCWebService: renamed Sample_xDscWebServiceAppPool.ps1 to Sample_xD…
May 12, 2019
a8b1e3f
xDSCWebService: removed some more formatting stuff from DSCResources\…
May 12, 2019
1118a4b
Applied changes after addtional review
May 13, 2019
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,9 @@
#536](https://github.com/PowerShell/xPSDesiredStateConfiguration/issues/536)
and starts the deprecation process for configuring a windows firewall
(exception) rule using xDSCWebService
- Fixes [issue
#463](https://github.com/PowerShell/xPSDesiredStateConfiguration/issues/463)
and fixes some bugs introduced with the new firewall rule handling

## 8.6.0.0

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ Describe PullServerInstallationTests {

# Skip all tests if web.config is not found
if (-not (Test-Path $DscWebConfigPath)){
Write-Error 'No pullserver web.config found.' -ErrorAction Stop
throw 'No pullserver web.config found.'
}

# Get web.config content as XML
Expand Down
20 changes: 13 additions & 7 deletions DSCResources/MSFT_xDSCWebService/Firewall.psm1
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Name and description for the Firewall rules. Used in multiple locations
New-Variable -Name fireWallRuleDisplayName -Value 'Desired State Configuration - Pull Server Port:{0}' -Option ReadOnly -Scope Script -Force
New-Variable -Name FireWallRuleDisplayName -Value 'DSCPullServer_IIS_Port' -Option ReadOnly -Scope Script -Force
New-Variable -Name netsh -Value "$env:windir\system32\netsh.exe" -Option ReadOnly -Scope Script -Force
<#
.SYNOPSIS
Expand All @@ -22,11 +22,13 @@ function Add-PullServerFirewallConfiguration
Write-Verbose -Message 'Disable Inbound Firewall Notification'
$null = & $script:netsh advfirewall set currentprofile settings inboundusernotification disable

$ruleName = $FireWallRuleDisplayName

# Remove all existing rules with that displayName
$null = & $script:netsh advfirewall firewall delete rule name=DSCPullServer_IIS_Port protocol=tcp localport=$Port
$null = & $script:netsh advfirewall firewall delete rule name=$ruleName protocol=tcp localport=$Port

Write-Verbose -Message "Add Firewall Rule for port $Port"
$null = & $script:netsh advfirewall firewall add rule name=DSCPullServer_IIS_Port dir=in action=allow protocol=TCP localport=$Port
$null = & $script:netsh advfirewall firewall add rule name=$ruleName dir=in action=allow protocol=TCP localport=$Port
}

<#
Expand All @@ -51,14 +53,17 @@ function Remove-PullServerFirewallConfiguration
{
# remove all existing rules with that displayName
Write-Verbose -Message "Delete Firewall Rule for port $Port"
$null = & $script:netsh advfirewall firewall delete rule name=DSCPullServer_IIS_Port protocol=tcp localport=$Port
$ruleName = $FireWallRuleDisplayName -f $port

# backwards compatibility with old code
if (Get-Command -Name Get-NetFirewallRule -CommandType Cmdlet -ErrorAction:SilentlyContinue)
{
# Remove all rules with that name
$ruleName = ($($FireWallRuleDisplayName) -f $port)
Get-NetFirewallRule | Where-Object -Property DisplayName -eq -Value "$ruleName" | Remove-NetFirewallRule
Get-NetFirewallRule -DisplayName $ruleName | Remove-NetFirewallRule
}
else
{
$null = & $script:netsh advfirewall firewall delete rule name=$ruleName protocol=tcp localport=$Port
}
}
else
Expand Down Expand Up @@ -88,7 +93,8 @@ function Test-PullServerFirewallConfiguration

# Remove all existing rules with that displayName
Write-Verbose -Message "Testing Firewall Rule for port $Port"
$result = & $script:netsh advfirewall firewall show rule name=DSCPullServer_IIS_Port | Select-String -Pattern "LocalPort:\s*$Port"
$ruleName = $FireWallRuleDisplayName -f $port
$result = & $script:netsh advfirewall firewall show rule name=$ruleName | Select-String -Pattern "LocalPort:\s*$Port"
return -not [string]::IsNullOrWhiteSpace($result)
}

Expand Down
Loading