Skip to content

AdcsOnlineResponder: Convert to class-based #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 20 commits into
base: main
Choose a base branch
from
Draft

AdcsOnlineResponder: Convert to class-based #158

Show file tree
Hide file tree
Changes from 10 commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
314d40a
Remove MOF
dan-hughes Jul 24, 2025
bf1c391
Add class
dan-hughes Jul 24, 2025
553587e
Update changelog
dan-hughes Jul 24, 2025
2e8e65b
Fix misplaced It block
dan-hughes Jul 24, 2025
51b7e02
Enable Test and Set tests
dan-hughes Jul 24, 2025
5c28b65
coderabbit fixes
dan-hughes Jul 25, 2025
c200798
Use preview common module
dan-hughes Aug 30, 2025
43c519f
Enable string
dan-hughes Aug 30, 2025
343bca2
Work around type not existing
dan-hughes Aug 30, 2025
16761af
Add GetCurrentState tests
dan-hughes Aug 30, 2025
05c2164
Add setup exception stub
dan-hughes Aug 30, 2025
3be68e8
Update Modify and GetCurrentState
dan-hughes Aug 30, 2025
58f1c2f
Fix tests
dan-hughes Aug 30, 2025
bb1d9c7
Update Modify tests
dan-hughes Aug 31, 2025
8ad4cf0
Fully qualify command names and remove used functions table
dan-hughes Aug 31, 2025
1001230
Remove fully qualified command names
dan-hughes Aug 31, 2025
43ad21f
Improve Integration test reliability
dan-hughes Aug 31, 2025
4ba8b9a
Use preview DscResource.Test
dan-hughes Sep 1, 2025
0c42817
Add HQRM fix
dan-hughes Sep 2, 2025
b0ef088
Move to latest DscResource.Test
dan-hughes Sep 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

### Changed

- ActiveDirectoryCSDsc
- `ActiveDirectoryCSDsc`
- Automatically publish documentation to GitHub Wiki - Fixes [Issue #122](https://github.com/dsccommunity/ActiveDirectoryCSDsc/issues/122).
- Revert Pester to non-prerelease.
- Use DscResource.Base pre-release.
Expand All @@ -22,7 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- `Tests` - Migrate all tests to Pester 5.
- Include module file in code coverage.
- Add RootModule to Module psd1.
- AdcsAuthorityInformationAccess
- `AdcsAuthorityInformationAccess`
- Removed `AllowRestartService` parameter from compared settings, force `Get-CaAiaUriList`
to return unmangled `System.String[]` with single values.
Fixes [Issue #128](https://github.com/dsccommunity/ActiveDirectoryCSDsc/issues/128)
Expand All @@ -35,6 +35,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Move to Private function.
- `Restart-ServiceIfExists`
- Change Write-Verbose to Write-Debug.
- `AdcsOnlineResponder`
- Convert to class-based resource [#155](https://github.com/dsccommunity/ActiveDirectoryCSDsc/issues/155).

### Added

Expand Down
7 changes: 6 additions & 1 deletion RequiredModules.psd1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,12 @@
AllowPrerelease = $true
}
}
'DscResource.Common' = 'latest'
'DscResource.Common' = @{
Version = 'latest'
Parameters = @{
AllowPrerelease = $true
}
}

# Analyzer rules
'DscResource.AnalyzerRules' = 'latest'
Expand Down
138 changes: 138 additions & 0 deletions source/Classes/020.AdcsOnlineResponder.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,138 @@
<#
.SYNOPSIS
The `AdcsOnlineResponder` DSC resource is used to configure the
ADCS Online Responder after the feature has been installed on the server.

.DESCRIPTION
This resource can be used to install an ADCS Online Responder after the feature
has been installed on the server.
Using this DSC Resource to configure an ADCS Certificate Authority assumes that
the ```ADCS-Online-Responder``` feature has already been installed.

Comment on lines +6 to +11
Copy link

@coderabbitai coderabbitai bot Aug 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

⚠️ Potential issue

Fix inaccurate wording and add required “Requirements” and “Known issues” sections in .DESCRIPTION.

“Certificate Authority” is incorrect here; this resource configures the Online Responder. Also add the required sections per guidelines.

     .DESCRIPTION
-        This resource can be used to install an ADCS Online Responder after the feature
-        has been installed on the server.
-        Using this DSC Resource to configure an ADCS Certificate Authority assumes that
-        the ```ADCS-Online-Responder``` feature has already been installed.
+        This resource can be used to install and configure an ADCS Online Responder after
+        the Windows feature has been installed on the server.
+        Using this DSC resource to configure an ADCS Online Responder assumes that the
+        'ADCS-Online-Responder' Windows feature is already installed.
+
+        ## Requirements
+            - Windows Server with Active Directory Certificate Services available.
+            - ADCSDeployment PowerShell module present on the node.
+            - 'ADCS-Online-Responder' feature installed.
+
+        ## Known issues
+            All issues are not listed here, see all open issues:
+            https://github.com/dsccommunity/ActiveDirectoryCSDsc/issues?q=is%3Aissue+is%3Aopen+in%3Atitle+AdcsOnlineResponder
🤖 Prompt for AI Agents 
In source/Classes/020.AdcsOnlineResponder.ps1 around lines 6 to 11, the
.DESCRIPTION text incorrectly refers to a "Certificate Authority" and lacks
required "Requirements" and "Known issues" sections; update the description to
say this resource installs and configures an ADCS Online Responder after the
Windows feature is installed, change wording to reference the
'ADCS-Online-Responder' Windows feature (no triple-backticks), and append a
Requirements section listing: Windows Server with AD CS available;
ADCSDeployment PowerShell module present on the node; 'ADCS-Online-Responder'
feature installed, plus a Known issues section that points to the repository
issues URL for AdcsOnlineResponder.

.PARAMETER IsSingleInstance
Specifies the resource is a single instance, the value must be 'Yes'.

.PARAMETER Credential
If the Online Responder service is configured to use Standalone certification authority,
then an account that is a member of the local Administrators on the CA is required. If
the Online Responder service is configured to use an Enterprise CA, then an account that
is a member of Domain Admins is required.

.PARAMETER Ensure
Specifies whether the Online Responder feature should be installed or uninstalled.

.PARAMETER Reasons
Returns the reason a property is not in desired state.

.NOTES
Used Functions:
Name | Module
----------------------------- |-------------------
Install-AdcsOnlineResponder | ADCSDeployment
Uninstall-AdcsOnlineResponder | ADCSDeployment
Assert-Module | DscResource.Common
New-InvalidOperationException | DscResource.Common
#>

[DscResource()]
class AdcsOnlineResponder : ResourceBase
{
[DscProperty(Key)]
[System.String]
$IsSingleInstance = 'Yes'

[DscProperty(Mandatory)]
[System.Management.Automation.PSCredential]
[System.Management.Automation.Credential()]
$Credential

[DscProperty()]
[Ensure]
$Ensure = [Ensure]::Present

[DscProperty(NotConfigurable)]
[AdcsReason[]]
$Reasons

AdcsOnlineResponder () : base ($PSScriptRoot)
{
# These properties will not be enforced.
$this.ExcludeDscProperties = @(
'IsSingleInstance'
'Credential'
)
}

[AdcsOnlineResponder] Get()
{
# Call the base method to return the properties.
return ([ResourceBase] $this).Get()
}

# Base method Get() calls this method to get the current state as a Hashtable.
[System.Collections.Hashtable] GetCurrentState([System.Collections.Hashtable] $properties)
{
try
{
$null = Install-AdcsOnlineResponder -Credential $this.Credential -WhatIf

return @{}
}
catch
{
if ($_.Exception.ToString() -match 'OnlineResponderSetupException$')
{
return @{
IsSingleInstance = $this.IsSingleInstance
Credential = $this.Credential
}
}

return New-InvalidOperationException -Message $this.localizedData.ErrorGetCurrentState -ErrorRecord $_
}
}

[void] Set()
{
# Call the base method to enforce the properties.
([ResourceBase] $this).Set()
}

<#
Base method Set() call this method with the properties that should be
enforced and that are not in desired state.
#>
hidden [void] Modify([System.Collections.Hashtable] $properties)
{
$errorMessage = ''

if ($properties.ContainsKey('Ensure') -and $properties.Ensure -eq [Ensure]::Absent)
{
$errorMessage = (Uninstall-AdcsOnlineResponder -Force).ErrorString
}
else
{
$errorMessage = (Install-AdcsOnlineResponder -Credential $this.Credential -Force).ErrorString
}

if (-not [System.String]::IsNullOrEmpty($errorMessage))
{
New-InvalidOperationException -Message $errorMessage
}
}

[System.Boolean] Test()
{
# Call the base method to test all of the properties that should be enforced.
return ([ResourceBase] $this).Test()
}

<#
Base method Assert() call this method with the properties that was assigned
a value.
#>
hidden [void] AssertProperties([System.Collections.Hashtable] $properties)
{
Assert-Module -ModuleName 'ADCSDeployment'
}
}
Loading