Merge pull request #6 from xoap-io/dev

fix: multiple fixes in schema and configurations
xoap-io · Jul 27, 2023 · dda5409 · dda5409
2 parents 2dbb8f7 + 3b3d1ed
commit dda5409
Show file tree

Hide file tree

Showing 12 changed files with 3,351 additions and 3,379 deletions.
diff --git a/DSCResources/Bitlocker/Bitlocker.psd1 b/DSCResources/Bitlocker/Bitlocker.psd1
@@ -12,7 +12,7 @@
 RootModule = 'Bitlocker.schema.psm1'
 
 # Version number of this module.
-ModuleVersion = '1.0.0'
+ModuleVersion = '0.0.1'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

diff --git a/DSCResources/Bitlocker/Bitlocker.schema.psm1 b/DSCResources/Bitlocker/Bitlocker.schema.psm1
@@ -35,112 +35,108 @@ https://gallery.technet.microsoft.com/scriptcenter/PowerShellAccessControl-d3be7
 https://www.powershellgallery.com/packages/WindowsDefender/1.0.0.4
 #>
 
-Configuration Windows_11_v22H2_Security_Baseline_Bitlocker
+Configuration Bitlocker
 {
 
      Import-DSCResource -ModuleName 'PSDesiredStateConfiguration'
      Import-DSCResource -ModuleName 'GPRegistryPolicyDsc' -ModuleVersion '1.2.0'
      Import-DSCResource -ModuleName 'AuditPolicyDSC' -ModuleVersion '1.4.0.0'
      Import-DSCResource -ModuleName 'SecurityPolicyDSC' -ModuleVersion '2.10.0.0'
 
-	Node Windows_11_v22H2_Security_Baseline_Bitlocker
-	{
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\FVE\UseEnhancedPin'
-         {
-              ValueName = 'UseEnhancedPin'
-              ValueData = 1
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\FVE'
-         }
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\FVE\RDVDenyCrossOrg'
-         {
-              ValueName = 'RDVDenyCrossOrg'
-              ValueData = 0
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\FVE'
-         }
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\FVE\DisableExternalDMAUnderLock'
-         {
-              ValueName = 'DisableExternalDMAUnderLock'
-              ValueData = 1
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\FVE'
-         }
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab\DCSettingIndex'
-         {
-              ValueName = 'DCSettingIndex'
-              ValueData = 0
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab'
-         }
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab\ACSettingIndex'
-         {
-              ValueName = 'ACSettingIndex'
-              ValueData = 0
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab'
-         }
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
-         {
-              ValueName = 'DenyDeviceClasses'
-              ValueData = 1
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions'
-         }
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClassesRetroactive'
-         {
-              ValueName = 'DenyDeviceClassesRetroactive'
-              ValueData = 1
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions'
-         }
-
-         <#RegistryPolicyFile 'DELVALS_\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
-         {
-              ValueName = ''
-              Exclusive = $True
-              ValueData = ''
-              Ensure = 'Present'
-              ValueType = 'String'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
-         }#>
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses\1'
-         {
-              ValueName = '1'
-              ValueData = '{d48179be-ec20-11d1-b6b8-00c04fa372a7}'
-              ValueType = 'String'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
-         }
-
-         RegistryPolicyFile 'Registry(POL): HKLM:\System\CurrentControlSet\Policies\Microsoft\FVE\RDVDenyWriteAccess'
-         {
-              ValueName = 'RDVDenyWriteAccess'
-              ValueData = 1
-              ValueType = 'Dword'
-              TargetType = 'ComputerConfiguration'
-              Key = 'HKLM:\System\CurrentControlSet\Policies\Microsoft\FVE'
-         }
-
-         RefreshRegistryPolicy 'ActivateClientSideExtension'
-         {
-             IsSingleInstance = 'Yes'
-         }
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\FVE\UseEnhancedPin'
+     {
+          ValueName = 'UseEnhancedPin'
+          ValueData = 1
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\FVE'
+     }
+
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\FVE\RDVDenyCrossOrg'
+     {
+          ValueName = 'RDVDenyCrossOrg'
+          ValueData = 0
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\FVE'
+     }
+
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\FVE\DisableExternalDMAUnderLock'
+     {
+          ValueName = 'DisableExternalDMAUnderLock'
+          ValueData = 1
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\FVE'
      }
-}
 
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab\DCSettingIndex'
+     {
+          ValueName = 'DCSettingIndex'
+          ValueData = 0
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab'
+     }
+
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab\ACSettingIndex'
+     {
+          ValueName = 'ACSettingIndex'
+          ValueData = 0
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab'
+     }
+
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
+     {
+          ValueName = 'DenyDeviceClasses'
+          ValueData = 1
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions'
+     }
+
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClassesRetroactive'
+     {
+          ValueName = 'DenyDeviceClassesRetroactive'
+          ValueData = 1
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions'
+     }
+
+     <#RegistryPolicyFile 'DELVALS_\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
+     {
+          ValueName = ''
+          Exclusive = $True
+          ValueData = ''
+          Ensure = 'Present'
+          ValueType = 'String'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
+     }#>
+
+     RegistryPolicyFile 'Registry(POL): HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses\1'
+     {
+          ValueName = '1'
+          ValueData = '{d48179be-ec20-11d1-b6b8-00c04fa372a7}'
+          ValueType = 'String'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses'
+     }
+
+     RegistryPolicyFile 'Registry(POL): HKLM:\System\CurrentControlSet\Policies\Microsoft\FVE\RDVDenyWriteAccess'
+     {
+          ValueName = 'RDVDenyWriteAccess'
+          ValueData = 1
+          ValueType = 'Dword'
+          TargetType = 'ComputerConfiguration'
+          Key = 'HKLM:\System\CurrentControlSet\Policies\Microsoft\FVE'
+     }
+
+     RefreshRegistryPolicy 'ActivateClientSideExtension'
+     {
+         IsSingleInstance = 'Yes'
+     }
+}
diff --git a/DSCResources/Computer/Computer.psd1 b/DSCResources/Computer/Computer.psd1
@@ -12,7 +12,7 @@
 RootModule = 'Computer.schema.psm1'
 
 # Version number of this module.
-ModuleVersion = '1.0.0'
+ModuleVersion = '0.0.1'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()