Add xSPWebAppExtension resource about sharepointdsc HOT 11 CLOSED

I'm taking a stab at this one, as my customer has a project that needs extended webapps.
That said, what conditions should trigger the Set method?
Obviously, the Set method will support creating or removing the extended zone based on the ensure property.
But I'm thinking about how to handle other situations... for example, the desired zone exists, but say the host header doesn't match, or the port? I'd rather not modify IIS settings directly for supportability, and I'm thinking in situations like that it may be best for the user to just remove the extended zone and recreate it with desired settings?

thoughts?

from sharepointdsc.

So I think what I want to do with this one is to make Zone name and web app URL the keys for this one, so that if you set Ensure = "present" every other property should be set to match - but those would only be the SharePoint specific bits. Anything to do with settings that are actually set in IIS I think can and should continue to be managed through xWebsite in the xWebAdministration module. Does that make sense?

from sharepointdsc.

make sense... looking at the SPWebApp.IisSettings[[Microsoft.SharePoint.Administration.SPUrlZone] object properties, it looks like we can support changing an existing zone's AllowAnonymous and Kerberos / NTLM auth settings as well. For actual bindings, I agree, leave that with xWebSite.

from sharepointdsc.

Hello,
@MikeLacher448 I saw you started to work on on SPWebAppExtension and it's awesome, but in your current version you allow only Windows NTLM or Kerberos authentication modes.
But:

• it should be possible to set FBA or federated authentication
• it should be possible to combine multiple authentication modes.

In example below, I add both NTLM and federated authentication:

$winAp = new-SPAuthenticationProvider -UseWindowsIntegratedAuthentication
$trust = Get-SPTrustedIdentityTokenIssuer "Proseware"
Get-SPWebApplication http://sp16/ | New-SPWebApplicationExtension -Name "SharePoint - 443" -SecureSocketsLayer -Zone "Intranet" -URL "https://spsites.proseware.com" -AuthenticationProvider $trust, $winAp

Maybe a possible way to implement that would be to use a parameter of type Microsoft.Management.Infrastructure.CimInstance[] in the script (I used that in SPTrustedIdentityTokenIssuer).
Can you please make sure that those scenarios are covered?

from sharepointdsc.

sure, I just did a direct copy / paste from the SPWebApplication resource for the authentication, but this makes perfect sense. I'll see what I can do.

from sharepointdsc.

@MikeLacher448 @Yvand I would rather see us put in the extension option with just the NTLM/Kerb support we have elsewhere as a starting point rather than make Mike slow down here trying to make this one perfect first go. I think we should raise another issue about "Lack of claims support in Web Applications" and track that as a separate piece of work. @ykuijs your thoughts?

from sharepointdsc.

Agreed! But if @MikeLacher448 already has some code in place, lets port leave this in and port it back to the SPWebApplications resource

from sharepointdsc.

I do not have support for claims in place yet, and was just thinking over the weekend that I should commit this resource as-is (once I fix the failing tests ofcourse). That way it can be used for folks (like my current customer), that just need support for an extended web application with Windows Authentication while I (or anyone else who'd like to tackle it) work on adding claims support for a future update.

from sharepointdsc.

I agree that adding support for FBA/Federated authentication should not delay the release of the resource, especially considering that SPWebApplication resource misses it for a while.
But it's a very important feature to integrate in a future version, and I'm very glad that @MikeLacher448 is already working on this for a later release, thanks a lot for this it will be very useful!

from sharepointdsc.

OK I'll raise a new issue to add that claims support in to these resources and we can track that separately to this one.

from sharepointdsc.

Resource created in PR #510

from sharepointdsc.