duffney/CertificateAuthority.ps1

## CertificateAuthority.ps1
Configuration CertificateAuthority
{

    Import-DscResource -ModuleName xAdcsDeployment,PSDesiredStateConfiguration,xNetworking,xComputerManagement,xTimeZone

    Node $AllNodes.Where{$_.Role -eq "PKI"}.Nodename
    {
        xTimeZone SystemTimeZone {
            TimeZone = 'Central Standard Time'
            IsSingleInstance = 'Yes'

        }

        xIPAddress NewIPAddress
        {
            IPAddress      = $Node.IPAddress
            InterfaceAlias = "Ethernet"
            SubnetMask     = 24
            AddressFamily  = "IPV4"

        }

        xDefaultGatewayAddress NewDefaultGateway
        {
            AddressFamily = 'IPv4'
            InterfaceAlias = 'Ethernet'
            Address = $Node.DefaultGateway
            DependsOn = '[xIPAddress]NewIpAddress'

        }
        WindowsFeature ADCS-Cert-Authority
        {
               Ensure = 'Present'
               Name = 'ADCS-Cert-Authority'
        }
        xADCSCertificationAuthority ADCS
        {
            Ensure = 'Present'
            Credential = $Node.Credential
            CAType = 'EnterpriseRootCA'
            DependsOn = '[WindowsFeature]ADCS-Cert-Authority'
        }
        WindowsFeature ADCS-Web-Enrollment
        {
            Ensure = 'Present'
            Name = 'ADCS-Web-Enrollment'
            DependsOn = '[WindowsFeature]ADCS-Cert-Authority'
        }
        xADCSWebEnrollment CertSrv
        {
            Ensure = 'Present'
            Name = 'CertSrv'
            Credential = $Node.Credential
            DependsOn = '[WindowsFeature]ADCS-Web-Enrollment','[xADCSCertificationAuthority]ADCS'
        }
    }
}

$ConfigData = @{
    AllNodes = @(
        @{
            Nodename = 'S2'
            Role = "PKI"
            PsDscAllowPlainTextPassword = $true
            PSDscAllowDomainUser = $true
            IPAddress = '192.168.2.4'
            Credential = (Get-Credential -UserName 'source\administrator' -Message 'cred')
            DefaultGateway = '192.168.2.1'
        }
    )
}

#Generates .mof file to be pushed
CertificateAuthority -ConfigurationData $ConfigData
#Pushes the .mof to the remote system to make it so
Start-DscConfiguration -ComputerName S2 -Wait -Force -Path C:\DSC\CertificateAuthority\ -Verbose
	Configuration CertificateAuthority
	{

	Import-DscResource -ModuleName xAdcsDeployment,PSDesiredStateConfiguration,xNetworking,xComputerManagement,xTimeZone

	Node $AllNodes.Where{$_.Role -eq "PKI"}.Nodename
	{
	xTimeZone SystemTimeZone {
	TimeZone = 'Central Standard Time'
	IsSingleInstance = 'Yes'

	}

	xIPAddress NewIPAddress
	{
	IPAddress = $Node.IPAddress
	InterfaceAlias = "Ethernet"
	SubnetMask = 24
	AddressFamily = "IPV4"

	}

	xDefaultGatewayAddress NewDefaultGateway
	{
	AddressFamily = 'IPv4'
	InterfaceAlias = 'Ethernet'
	Address = $Node.DefaultGateway
	DependsOn = '[xIPAddress]NewIpAddress'

	}
	WindowsFeature ADCS-Cert-Authority
	{
	Ensure = 'Present'
	Name = 'ADCS-Cert-Authority'
	}
	xADCSCertificationAuthority ADCS
	{
	Ensure = 'Present'
	Credential = $Node.Credential
	CAType = 'EnterpriseRootCA'
	DependsOn = '[WindowsFeature]ADCS-Cert-Authority'
	}
	WindowsFeature ADCS-Web-Enrollment
	{
	Ensure = 'Present'
	Name = 'ADCS-Web-Enrollment'
	DependsOn = '[WindowsFeature]ADCS-Cert-Authority'
	}
	xADCSWebEnrollment CertSrv
	{
	Ensure = 'Present'
	Name = 'CertSrv'
	Credential = $Node.Credential
	DependsOn = '[WindowsFeature]ADCS-Web-Enrollment','[xADCSCertificationAuthority]ADCS'
	}
	}
	}

	$ConfigData = @{
	AllNodes = @(
	@{
	Nodename = 'S2'
	Role = "PKI"
	PsDscAllowPlainTextPassword = $true
	PSDscAllowDomainUser = $true
	IPAddress = '192.168.2.4'
	Credential = (Get-Credential -UserName 'source\administrator' -Message 'cred')
	DefaultGateway = '192.168.2.1'
	}
	)
	}

	#Generates .mof file to be pushed
	CertificateAuthority -ConfigurationData $ConfigData
	#Pushes the .mof to the remote system to make it so
	Start-DscConfiguration -ComputerName S2 -Wait -Force -Path C:\DSC\CertificateAuthority\ -Verbose