-
Notifications
You must be signed in to change notification settings - Fork 490
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #5169 from NikCharlebois/AADDomain
AADDomain - Initial Release
- Loading branch information
Showing
10 changed files
with
1,356 additions
and
31 deletions.
There are no files selected for viewing
501 changes: 501 additions & 0 deletions
501
Modules/Microsoft365DSC/DSCResources/MSFT_AADDomain/MSFT_AADDomain.psm1
Large diffs are not rendered by default.
Oops, something went wrong.
22 changes: 22 additions & 0 deletions
22
Modules/Microsoft365DSC/DSCResources/MSFT_AADDomain/MSFT_AADDomain.schema.mof
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
[ClassVersion("1.0.0.0"), FriendlyName("AADDomain")] | ||
class MSFT_AADDomain : OMI_BaseResource | ||
{ | ||
[Key, Description("Custom domain name.")] String Id; | ||
[Write, Description("Indicates the configured authentication type for the domain. The value is either Managed or Federated. Managed indicates a cloud managed domain where Microsoft Entra ID performs user authentication. Federated indicates authentication is federated with an identity provider such as the tenant's on-premises Active Directory via Active Directory Federation Services.")] String AuthenticationType; | ||
[Write, Description("This property is always null except when the verify action is used. When the verify action is used, a domain entity is returned in the response. The availabilityStatus property of the domain entity in the response is either AvailableImmediately or EmailVerifiedDomainTakeoverScheduled.")] String AvailabilityStatus; | ||
[Write, Description("The value of the property is false if the DNS record management of the domain is delegated to Microsoft 365. Otherwise, the value is true. Not nullable")] Boolean IsAdminManaged; | ||
[Write, Description("True if this is the default domain that is used for user creation. There's only one default domain per company. Not nullable.")] Boolean IsDefault; | ||
[Write, Description("True if the domain is a verified root domain. Otherwise, false if the domain is a subdomain or unverified. Not nullable.")] Boolean IsRoot; | ||
[Write, Description("True if the domain completed domain ownership verification. Not nullable.")] Boolean IsVerified; | ||
[Write, Description("Specifies the number of days before a user receives notification that their password expires. If the property isn't set, a default value of 14 days is used.")] UInt32 PasswordNotificationWindowInDays; | ||
[Write, Description("Specifies the length of time that a password is valid before it must be changed. If the property isn't set, a default value of 90 days is used.")] UInt32 PasswordValidityPeriodInDays; | ||
[Write, Description("The capabilities assigned to the domain. Can include 0, 1 or more of following values: Email, Sharepoint, EmailInternalRelayOnly, OfficeCommunicationsOnline, SharePointDefaultDomain, FullRedelegation, SharePointPublic, OrgIdAuthentication, Yammer, Intune. The values that you can add or remove using the API include: Email, OfficeCommunicationsOnline, Yammer. Not nullable.")] String SupportedServices[]; | ||
|
||
[Write, Description("Present ensures the instance exists, absent ensures it is removed."), ValueMap{"Absent","Present"}, Values{"Absent","Present"}] string Ensure; | ||
[Write, Description("Credentials of the workload's Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; | ||
[Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; | ||
[Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; | ||
[Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; | ||
[Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; | ||
[Write, Description("Access token used for authentication.")] String AccessTokens[]; | ||
}; |
6 changes: 6 additions & 0 deletions
6
Modules/Microsoft365DSC/DSCResources/MSFT_AADDomain/readme.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
|
||
# AADDomain | ||
|
||
## Description | ||
|
||
Configures custom domain names in Entra Id. |
28 changes: 28 additions & 0 deletions
28
Modules/Microsoft365DSC/DSCResources/MSFT_AADDomain/settings.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
{ | ||
"resourceName": "AADDomain", | ||
"description": "Configures custom domain names in Entra Id.", | ||
"roles": { | ||
"read": [], | ||
"update": [] | ||
}, | ||
"permissions": { | ||
"graph": { | ||
"delegated": { | ||
"read": [], | ||
"update": [] | ||
}, | ||
"application": { | ||
"read": [ | ||
{ | ||
"name": "Domain.Read.All" | ||
} | ||
], | ||
"update": [ | ||
{ | ||
"name": "Domain.ReadWrite.All" | ||
} | ||
] | ||
} | ||
} | ||
} | ||
} |
40 changes: 40 additions & 0 deletions
40
Modules/Microsoft365DSC/Examples/Resources/AADDomain/1-Create.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
<# | ||
This example is used to test new resources and showcase the usage of new resources being worked on. | ||
It is not meant to use as a production baseline. | ||
#> | ||
|
||
Configuration Example | ||
{ | ||
param( | ||
[Parameter()] | ||
[System.String] | ||
$ApplicationId, | ||
|
||
[Parameter()] | ||
[System.String] | ||
$TenantId, | ||
|
||
[Parameter()] | ||
[System.String] | ||
$CertificateThumbprint | ||
) | ||
Import-DscResource -ModuleName Microsoft365DSC | ||
node localhost | ||
{ | ||
AADDomain "AADDomain-Contoso" | ||
{ | ||
ApplicationId = $ApplicationId; | ||
AuthenticationType = "Managed"; | ||
CertificateThumbprint = $CertificateThumbprint; | ||
Ensure = "Present"; | ||
Id = "contoso.com"; | ||
IsAdminManaged = $True; | ||
IsDefault = $True; | ||
IsRoot = $True; | ||
IsVerified = $True; | ||
PasswordNotificationWindowInDays = 14; | ||
PasswordValidityPeriodInDays = 2147483647; | ||
TenantId = $TenantId; | ||
} | ||
} | ||
} |
40 changes: 40 additions & 0 deletions
40
Modules/Microsoft365DSC/Examples/Resources/AADDomain/2-Update.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
<# | ||
This example is used to test new resources and showcase the usage of new resources being worked on. | ||
It is not meant to use as a production baseline. | ||
#> | ||
|
||
Configuration Example | ||
{ | ||
param( | ||
[Parameter()] | ||
[System.String] | ||
$ApplicationId, | ||
|
||
[Parameter()] | ||
[System.String] | ||
$TenantId, | ||
|
||
[Parameter()] | ||
[System.String] | ||
$CertificateThumbprint | ||
) | ||
Import-DscResource -ModuleName Microsoft365DSC | ||
node localhost | ||
{ | ||
AADDomain "AADDomain-Contoso" | ||
{ | ||
ApplicationId = $ApplicationId; | ||
AuthenticationType = "Managed"; | ||
CertificateThumbprint = $CertificateThumbprint; | ||
Ensure = "Present"; | ||
Id = "contoso.com"; | ||
IsAdminManaged = $True; | ||
IsDefault = $True; | ||
IsRoot = $True; | ||
IsVerified = $False; #Drift | ||
PasswordNotificationWindowInDays = 14; | ||
PasswordValidityPeriodInDays = 2147483647; | ||
TenantId = $TenantId; | ||
} | ||
} | ||
} |
33 changes: 33 additions & 0 deletions
33
Modules/Microsoft365DSC/Examples/Resources/AADDomain/3-Remove.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
<# | ||
This example is used to test new resources and showcase the usage of new resources being worked on. | ||
It is not meant to use as a production baseline. | ||
#> | ||
|
||
Configuration Example | ||
{ | ||
param( | ||
[Parameter()] | ||
[System.String] | ||
$ApplicationId, | ||
|
||
[Parameter()] | ||
[System.String] | ||
$TenantId, | ||
|
||
[Parameter()] | ||
[System.String] | ||
$CertificateThumbprint | ||
) | ||
Import-DscResource -ModuleName Microsoft365DSC | ||
node localhost | ||
{ | ||
AADDomain "AADDomain-Contoso" | ||
{ | ||
ApplicationId = $ApplicationId; | ||
CertificateThumbprint = $CertificateThumbprint; | ||
Ensure = "Absent"; | ||
Id = "contoso.com"; | ||
TenantId = $TenantId; | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.