Test if Windows server firewall is disabled with Pester in Chef

2015/10/13

First of all, be aware that is a very BAD practice to disable the firewall; do so only for test purposes or a short period of time.

The following code was tested under Windows Server 2008 R2, but it should also work for Windows Server 2012.
Under your cookbook folder you must add the file test\integration\default\pester\firewall.tests.ps1.
It will contain the following PowerShell code sequence:

describe “disable firewall” {

  $publicFwEnabled = (Invoke-Command -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(“LocalMachine”, $env:COMPUTERNAME).OpenSubKey(“System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile”).GetValue(“EnableFirewall”)})

  it “should disable public firewall” {
    $publicFwEnabled | Should Be 0
  }

  $domainFwEnabled = (Invoke-Command -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(“LocalMachine”, $env:COMPUTERNAME).OpenSubKey(“System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile”).GetValue(“EnableFirewall”)})

  it “should disable domain firewall” {
    $domainFwEnabled | Should Be 0
  }

  $privateFwEnabled = (Invoke-Command -ScriptBlock {[Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(“LocalMachine”, $env:COMPUTERNAME).OpenSubKey(“System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile”).GetValue(“EnableFirewall”)})

  it “should disable private firewall” {
    $privateFwEnabled | Should Be 0
  }
}

Then, in your cookbook folder, you can check if tests passed after running kitchen verify command.

Note 1: Credits go to StackOverflow, IT blogs and alike, sites that helped me with the code when searching for solutions.
Note 2: Be aware that when copy-pasting, the quotes and possibly other characters get messed up by WordPress, you’ll have to replace them.


Install PowerShell Active Directory module on Windows Server 2012

2015/09/10

Here’s the PowerShell one-liner to install Active Directory module for PowerShell on Windows Server 2012, if it’s not already installed:

Add-WindowsFeature RSAT-AD-PowerShell

After that, if you want to find out the users using the PC, you can use:

Get-ADUser -Filter * -SearchBase “ou=testou,dc=iammred,dc=net”

Note 1: Credits go to StackOverflow, IT blogs and alike, sites that helped me with the code when searching for solutions.
Note 2: Be aware that when copy-pasting, the quotes and possibly other characters get messed up by WordPress, you’ll have to replace them.


%d bloggers like this: