diff --git a/DSCResources/WindowsOutlook2013/WindowsOutlook2013.psd1 b/DSCResources/WindowsOutlook2013/WindowsOutlook2013.psd1 new file mode 100644 index 00000000..d0b9bda1 --- /dev/null +++ b/DSCResources/WindowsOutlook2013/WindowsOutlook2013.psd1 @@ -0,0 +1,48 @@ +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. + +@{ + + # Script module or binary module file associated with this manifest. + RootModule = 'WindowsOutlook2013.schema.psm1' + + # Version number of this module. #jjs need to define moduleversion i'll be using + ModuleVersion = '1.0.0.0' + + # ID used to uniquely identify this module + GUID = '345c2922-2447-46ad-bd5a-0c169bd31203' + + # Author of this module + Author = 'Jeff Salas' + + # Company or vendor of this module + CompanyName = 'Microsoft Corporation' + + # Copyright statement for this module + Copyright = '(c) 2018 Microsoft. All rights reserved.' + + # Description of the functionality provided by this module + Description = 'Composite DSC Resource for managing the Windows Outlook 2013 DISA STIGs' + + # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. + FunctionsToExport = @('WindowsOutlook2013') #jjs do I need to create a seperate function for WindowsOutlook2013? + + # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. + CmdletsToExport = @() + + # Variables to export from this module + VariablesToExport = '' + + # Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. + AliasesToExport = @() + + # Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. + PrivateData = @{ + + PSData = @{ + + } # End of PSData hashtable + + } # End of PrivateData hashtable + + } diff --git a/DSCResources/WindowsOutlook2013/WindowsOutlook2013.schema.psm1 b/DSCResources/WindowsOutlook2013/WindowsOutlook2013.schema.psm1 new file mode 100644 index 00000000..c6bafa5c --- /dev/null +++ b/DSCResources/WindowsOutlook2013/WindowsOutlook2013.schema.psm1 @@ -0,0 +1,95 @@ +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. + +using module ..\helper.psm1 +using module ..\..\PowerStig.psm1 + +<# + .SYNOPSIS + A composite DSC resource to manage the Windows Outlook 2013 DISA STIG settings + + .PARAMETER StigVersion + The version of the Outlook 2013 DISA STIG to apply and/or monitor + + .PARAMETER Exception + A hashtable of StigId=Value key pairs that are injected into the STIG data and applied to + the target node. The title of STIG settings are tagged with the text ‘Exception’ to identify + the exceptions to policy across the data center when you centralize DSC log collection. + + .PARAMETER OrgSettings + The path to the xml file that contains the local organizations preferred settings for STIG + items that have allowable ranges. + + .PARAMETER SkipRule + The SkipRule Node is injected into the STIG data and applied to the taget node. The title + of STIG settings are tagged with the text 'Skip' to identify the skips to policy across the + data center when you centralize DSC log collection. + + .PARAMETER SkipRuleType + All STIG rule IDs of the specified type are collected in an array and passed to the Skip-Rule + function. Each rule follows the same process as the SkipRule parameter. +#> +Configuration WindowsOutlook2013 +{ + [CmdletBinding()] + param + ( + [Parameter()] + [ValidateSet('1.12')] + [ValidateNotNullOrEmpty()] + [version] + $StigVersion, + + [Parameter()] + [ValidateNotNullOrEmpty()] + [psobject] + $Exception, + + [Parameter()] + [ValidateNotNullOrEmpty()] + [psobject] + $OrgSettings, + + [Parameter()] + [ValidateNotNullOrEmpty()] + [psobject] + $SkipRule, + + [Parameter()] + [ValidateNotNullOrEmpty()] + [psobject] + $SkipRuleType + ) + + ##### BEGIN DO NOT MODIFY ##### + <# + The exception, skipped rule, and organizational settings functionality + is universal across all composites, so the code to process it is in a + central file that is dot sourced into each composite. + #> + $dscResourcesPath = Split-Path -Path $PSScriptRoot -Parent + $userSettingsPath = Join-Path -Path $dscResourcesPath -ChildPath 'stigdata.usersettings.ps1' + . $userSettingsPath + ##### END DO NOT MODIFY ##### + + $technology = [Technology]::Windows + $technologyVersion = [TechnologyVersion]::New( "All", $technology ) + $technologyRole = [TechnologyRole]::New( "Outlook2013", $technologyVersion ) + $stigDataObject = [StigData]::New( $StigVersion, $OrgSettings, $technology, + $technologyRole, $technologyVersion, $Exception, + $SkipRuleType, $SkipRule ) + #### BEGIN DO NOT MODIFY #### + # $StigData is used in the resources that are dot sourced below + [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseDeclaredVarsMoreThanAssignments",'')] + $StigData = $StigDataObject.StigXml + + # $resourcePath is exported from the helper module in the header + + # This is required to process Skipped rules + Import-DscResource -ModuleName PSDesiredStateConfiguration -ModuleVersion 1.1 + . "$resourcePath\windows.Script.skip.ps1" + ##### END DO NOT MODIFY ##### + + Import-DscResource -ModuleName xPSDesiredStateConfiguration -ModuleVersion 8.3.0.0 + . "$resourcePath\windows.xRegistry.ps1" +} diff --git a/PowerStig.psd1 b/PowerStig.psd1 index 010c40fb..5e344368 100644 --- a/PowerStig.psd1 +++ b/PowerStig.psd1 @@ -52,6 +52,7 @@ DscResourcesToExport = @( 'SqlServer', 'WindowsDnsServer', 'WindowsFirewall', + 'WindowsOutlook2013', 'WindowsServer' ) diff --git a/Tests/Integration/DSCResources/WindowsOutlook2013.config.ps1 b/Tests/Integration/DSCResources/WindowsOutlook2013.config.ps1 new file mode 100644 index 00000000..c815d2a9 --- /dev/null +++ b/Tests/Integration/DSCResources/WindowsOutlook2013.config.ps1 @@ -0,0 +1,19 @@ +Configuration WindowsOutlook2013_config +{ + param + ( + [Parameter(Mandatory = $true)] + [version] + $StigVersion + ) + + Import-DscResource -ModuleName PowerStig + + Node localhost + { + WindowsOutlook2013 BaseLineSettings + { + StigVersion = $StigVersion + } + } +} diff --git a/Tests/Integration/DSCResources/WindowsOutlook2013.integration.tests.ps1 b/Tests/Integration/DSCResources/WindowsOutlook2013.integration.tests.ps1 new file mode 100644 index 00000000..9bda599e --- /dev/null +++ b/Tests/Integration/DSCResources/WindowsOutlook2013.integration.tests.ps1 @@ -0,0 +1,59 @@ +$script:DSCCompositeResourceName = ($MyInvocation.MyCommand.Name -split '\.')[0] +. $PSScriptRoot\.tests.header.ps1 +# Header + +# Using try/finally to always cleanup even if something awful happens. +try +{ + #region Integration Tests + $configFile = Join-Path -Path $PSScriptRoot -ChildPath "$($script:DSCCompositeResourceName).config.ps1" + . $configFile + + $stigList = Get-StigVersionTable -CompositeResourceName $script:DSCCompositeResourceName + + #region Integration Tests + Foreach ($stig in $stigList) + { + Describe "Outlook2013 $($stig.TechnologyRole) $($stig.StigVersion) mof output" { + + It 'Should compile the MOF without throwing' { + { + & "$($script:DSCCompositeResourceName)_config" ` + -StigVersion $stig.stigVersion ` + -OutputPath $TestDrive + } | Should Not throw + } + + [xml] $dscXml = Get-Content -Path $stig.Path + + $configurationDocumentPath = "$TestDrive\localhost.mof" + + $instances = [Microsoft.PowerShell.DesiredStateConfiguration.Internal.DscClassCache]::ImportInstances($configurationDocumentPath, 4) + + Context 'Registry' { + $hasAllSettings = $true + $dscXml = @($dscXml.DISASTIG.RegistryRule.Rule) + $dscMof = $instances | + Where-Object {$PSItem.ResourceID -match "\[xRegistry\]"} + + Foreach ($setting in $dscXml) + { + If (-not ($dscMof.ResourceID -match $setting.Id) ) + { + Write-Warning -Message "Missing registry Setting $($setting.Id)" + $hasAllSettings = $false + } + } + + It "Should have $($dscXml.Count) Registry settings" { + $hasAllSettings | Should Be $true + } + } + } +} +#endregion Tests +} +finally +{ + Restore-TestEnvironment -TestEnvironment $TestEnvironment +} diff --git a/Tests/Unit/DSCResources/Composite.tests.ps1 b/Tests/Unit/DSCResources/Composite.tests.ps1 index 61cb1ec9..14be6c3b 100644 --- a/Tests/Unit/DSCResources/Composite.tests.ps1 +++ b/Tests/Unit/DSCResources/Composite.tests.ps1 @@ -83,6 +83,7 @@ Describe 'Common Tests - Configuration Module Requirements' { SqlServer = 'Database|Instance' WindowsDnsServer = 'DNS' WindowsFirewall = 'FW' + WindowsOutlook2013 = 'Outlook2013' WindowsServer = 'DC|MS' } Foreach ($resource in $moduleDscResourceList) diff --git a/Tools/TestHelper/CompositeResourceFilter.psd1 b/Tools/TestHelper/CompositeResourceFilter.psd1 index a20045a4..2b4af2de 100644 --- a/Tools/TestHelper/CompositeResourceFilter.psd1 +++ b/Tools/TestHelper/CompositeResourceFilter.psd1 @@ -5,5 +5,6 @@ SqlServer = @("*Instance*", "*Database*") WindowsFirewall = @("*FW*") WindowsDnsServer = @("*DNS*") + WindowsOutlook2013 = @("*Outlook2013*") WindowsServer = @("*DC*", "*MS*") }