Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SqlSecureConnection: Should support the property HideInstance #1520

Open
johlju opened this issue May 3, 2020 · 1 comment
Open

SqlSecureConnection: Should support the property HideInstance #1520

johlju opened this issue May 3, 2020 · 1 comment
Labels
enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community.

Comments

@johlju
Copy link
Member

johlju commented May 3, 2020

The HideInstance is not supported in any resource yet, suggest adding it to either SqlServerSecureConnection or a another more suitable resource.

HideInstance is a property in the DB instances network properties and found via SQL Server Configuration Manager, see sample code:

##  apply surface area configuration control 2.12
$WmiObject = @{
    ComputerName = $SQLServer.NetName
    Namespace    = "root\Microsoft\SqlServer\ComputerManagement$($SQLServer.VersionMajor)"
    Class        = "ServerSettingsGeneralFlag"
    Filter       = "FlagName = 'HideInstance'"
}
$HideInstance = Get-WmiObject @WmiObject

if ($HideInstance.FlagValue -eq $false) {
    Write-Verbose "Setting HideInstance to True."
    $HideInstance.SetValue($true) | Out-Null
    Write-Verbose "HideInstance set to True"
}

##  apply surface area configuration control 8.2
$WmiObject = @{
    ComputerName = $SQLServer.NetName
    Namespace    = "root\Microsoft\SqlServer\ComputerManagement$($SQLServer.VersionMajor)"
    Class        = "ServerSettingsGeneralFlag"
    Filter       = "FlagName = 'ForceEncryption'"
}
$ForceEncryption = Get-WmiObject @WmiObject

if ($ForceEncryption.FlagValue -eq $false) {
    Write-Verbose "Setting ForceEncryption to True."
    $ForceEncryption.SetValue($true) | Out-Null
    Write-Verbose "ForceEncryption set to True"
}

Note $SQLServer is the SMO object

However this would only be half a solution as some client may wish to apply the certificate with this option.

Originally posted by @SQLHorizons in #1161 (comment)
@johlju johlju added enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. labels May 3, 2020
@johlju johlju mentioned this issue May 3, 2020
Closed
@johlju johlju changed the title SqlServerSecureConnection: Should support the property HideInstance SqlSecureConnection: Should support the property HideInstance Jul 10, 2020
@whereisaaron
Copy link

Agree this should be added to SqlServerDsc. In the meantime If you want to do this with DSC you can use Registry / xRegistry to achieve it.

xRegistry 'SqlSetHideInstance' {
    Key       = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\$($Node.SqlMajorVersion).$($Node.SqlInstanceName)\MSSQLServer\SuperSocketNetLib"
    ValueName = 'HideInstance'
    ValueType = 'DWord'
    ValueData = '1'
    Force     = $true
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@whereisaaron @johlju