I am writing some logic for DSC to check if Negotiate:Kerberos is in the provider list for Windows Authentication under one of our Websites. I've written the logic to check for Windows Authentication and confirm that's turned on:
Script ActiveSyncAuthentication
{
SetScript = {
Set-WebConfiguration system.webServer/security/authentication/windowsAuthentication -PSPath IIS:\ -Location 'Default Web Site/MySite' -Value @{enabled="True"}
}
TestScript = {
return ((Get-WebConfigurationProperty //system.webServer/security/authentication/windowsAuthentication -PSPath IIS:\ -Location 'Default Web Site/MySite' -Name Enabled) -eq "True")
}
GetScript = { }
}
I know that I can add to the list of providers with the below:
Add-WebConfiguration -Filter system.webServer/security/authentication/windowsAuthentication/providers -PSPath IIS:\ -Location 'Default Web Site/MySite' -Value Negotiate:Kerberos
However, I'm struggling with returning this using Get-WebConfiguration or Get-WebConfigurationProperty.
答案 0 :(得分:1)
您可以使用:
$WinAuthen = Get-WebConfigurationProperty -filter /system.webServer/security/authentication/windowsAuthentication -PSPath $PSPath -Name enabled | Select Name,Value
$WinProviders = Get-WebConfigurationProperty -filter /system.webServer/security/authentication/windowsAuthentication -PSPath $PSPath -Name Providers
$WinProviders = $WinProviders.Collection | Select Value