# # ---------------------------- # XSD SCHEMA DEFINATION # ---------------------------- # # # ----------------------------- # SCHEMATRON RULES DEFINITION # ----------------------------- # # # ----------------------------- # TRANSLATIONS DEFINITION # ----------------------------- # data _system_translations { ConvertFrom-StringData @' # check FSRM service status FSRMServiceStatusCheck_Title=The File Server Resource Manager service should be running FSRMServiceStatusCheck_Problem=The File Server Resource Manager service is not started. FSRMServiceStatusCheck_Impact=File Server Resource Manager features will not work. FSRMServiceStatusCheck_Resolution=Start the File Server Resource Manager service and set it to start automatically. FSRMServiceStatusCheck_Compliant=The FileServices Best Practices Analyzer scan has determined that you are in compliance with this best practice. # check FSRM service status on cluster FSRMServiceStatusCheckOnCluster_Title=File Server Resource Manager should be installed on all nodes of a failover cluster FSRMServiceStatusCheckOnCluster_Problem=File Server Resource Manager is not installed on all nodes of the failover cluster. FSRMServiceStatusCheckOnCluster_Impact=File Server Resource Manager (FSRM) will not function properly when resources fail over to nodes that do not have FSRM installed. FSRMServiceStatusCheckOnCluster_Resolution=Install the File Server Resource Manager role service on each node of the failover cluster. Alternatively, remove the role service from all nodes. FSRMServiceStatusCheckOnCluster_Compliant=The File Server Best Practices Analyzer scan has determined that you are in compliance with this best practice. # check FSRM service status on cluster: not all nodes are reachable FSRMServiceStatusCheckOnCluster_NotReachableNode_Title=All nodes in a failover cluster should be reachable FSRMServiceStatusCheckOnCluster_NotReachableNode_Problem=The following nodes in a failover cluster cannot be verified because the nodes are not reachable, or because the BPA scan was performed against a remote failover cluster: {0} FSRMServiceStatusCheckOnCluster_NotReachableNode_Impact=The Best Practices Analyzer will not be able to check the status of File Server Resource Manager on the following nodes: {0} FSRMServiceStatusCheckOnCluster_NotReachableNode_Resolution=Confirm that the nodes are online, log on to the nodes locally (or by using Remote Desktop), and then run the Best Practices Analyzer scan again. If this doesn't resolve the issue, use Windows PowerShell to troubleshoot the problem. FSRMServiceStatusCheckOnCluster_NotReachableNode_Compliant=The File Server Best Practices Analyzer scan has determined that you are in compliance with this best practice. # check classification schedule present FSRMClassificationSchedulePresent_Title=Classification rules should have schedules FSRMClassificationSchedulePresent_Problem=One or more classification rules do not have schedules. FSRMClassificationSchedulePresent_Impact=Classification rules will only be applied to files when an application or a file management task queries the classification properties on a file. This may severely slow down the performance of the application or file management task. FSRMClassificationSchedulePresent_Resolution=Use File Server Resource Manager to set up a schedule for automatic classification that runs before applications or file management tasks need the information. FSRMClassificationSchedulePresent_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check property definition count FSRMPropertyDefinitionCount_Title=There should be fewer than 200 classification properties FSRMPropertyDefinitionCount_Problem=There are more than 200 classification properties. FSRMPropertyDefinitionCount_Impact=File classification will consume more time and server resources. FSRMPropertyDefinitionCount_Resolution=Use File Server Resource Manager to delete all properties that aren't used in any classification rules. FSRMPropertyDefinitionCount_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check quota definition count FSRMQuotaCount_Title=There should be fewer than 10000 quotas configured on the server FSRMQuotaCount_Problem=There are more than 10000 quotas configured on the server. FSRMQuotaCount_Impact=The File Server Resource Manager user interface will perform slowly. FSRMQuotaCount_Resolution=Use File Server Resource Manager to delete unneeded quotas or to consolidate individual quotas. If this is not possible, use command-line tools or scripts to administer quotas. FSRMQuotaCount_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check file screen count FSRMFileScreenCount_Title=There should be fewer than 1000 file screens configured on the server FSRMFileScreenCount_Problem=There are more than 1000 file screens configured on the server. FSRMFileScreenCount_Impact=The File Server Resource Manager user interface will perform slowly. FSRMFileScreenCount_Resolution=Use File Server Resource Manager to delete unneeded file screens or to consolidate individual file screens. If this is not possible, use command-line tools or scripts to administer file screens. FSRMFileScreenCount_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check cache not active. FSRMCacheEnabled_Title=The cache for classification properties should be active FSRMCacheEnabled_Problem=The cache for classification properties is disabled. FSRMCacheEnabled_Impact=File Server Resource Manager will reclassify files every time an application or Windows queries the classification of a file. This will result in reduced performance for applications, file management tasks, and reports that query classification properties for files. FSRMCacheEnabled_Resolution=Use a script to enable the system cache module. FSRMCacheEnabled_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check for adequate cache size FSRMCacheSizeAdequate_Title=Alternate data streams should be large enough to store classification properties FSRMCacheSizeAdequate_Problem=The alternate data stream size is too small to store classification properties. FSRMCacheSizeAdequate_Impact=File Server Resource Manager will reclassify files every time Windows or an application queries the classification of a file. This will result in reduced performance for applications, file management tasks, and reports that query classification properties for files. FSRMCacheSizeAdequate_Resolution=Use Registry Editor to increase the size of the alternate data stream cache. FSRMCacheSizeAdequate_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check for orpahned logs FSRMNoOrphanedLogs_Title=Log files for file management tasks should be properly deleted FSRMNoOrphanedLogs_Problem=A log file used to track which notifications were sent by a file management task was not deleted when the task was deleted. FSRMNoOrphanedLogs_Impact=The log files can consume a significant amount of disk space. FSRMNoOrphanedLogs_Resolution=Delete the log files. The following log files do not belong to an existing file management job:\n\n\tLogs: {0} FSRMNoOrphanedLogs_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check for read only files FSRMFewReadOnlyFiles_Title=Classified files should have read/write attributes FSRMFewReadOnlyFiles_Problem=File Server Resource Manager (FSRM) is configured to classify read-only files, and cannot save classification properties for the files. FSRMFewReadOnlyFiles_Impact=FSRM will reclassify the read-only files every time an application or Windows queries the classification of a file. This will reduce performance for applications, file management tasks, and reports that query classification properties for files. FSRMFewReadOnlyFiles_Resolution=Remove the read-only attribute from the files or exclude them from the classification rules. To view the affected files, see the following log file: {0} FSRMFewReadOnlyFiles_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check for V2 schedules FSRMV2Schedules_Title=On a non-cluster Server, all file management jobs, reports, and the classification schedule should be compatible with the V2 scheduling API. FSRMV2Schedules_Problem=One or more file management jobs, reports, or the classification use schedules that are in-compatible with the V2 schedule API. FSRMV2Schedules_Impact=V1 schedules will continue to run, but cannot be updated, only replaced. FSRMV2Schedules_Resolution=Please create new schedules for the following: \n\nFile Management Jobs:\n{0}\n\nStorage Reports:\n{1}\n\nClassification (if version = V1):\nVersion = {2} FSRMV2Schedules_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check firewall FSRMFirewall_Title=Access Denied Remediation requires port 5985 be open in the firewall FSRMFirewall_Problem=Access Denied Remediation is enabled, but port 5985 is not open in the firewall. FSRMFirewall_Impact=Access Denied Remediation is enabled on this server, but port 5985 must be opened in the firewall to allow remote clients to interact with the server. FSRMFirewall_Resolution=Open port 5985 in the firewall on this server or disable Access Denied Remediation FSRMFirewall_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. # check WinRm FSRMWinRm_Title=Access Denied Remediation requires remote management be enabled on this server FSRMWinRm_Problem=Access Denied Remediation is enabled on this server, but remote management is not enabled. FSRMWinRm_Impact=Remote clients cannot use Access Denied Remediation on this server. FSRMWinRm_Resolution=Ensure that Remote Management is enabled for this server or disable Access Denied Remediation. For more information see http://msdn.microsoft.com/en-us/library/aa384372(v=VS.85).aspx. FSRMWinRm_Compliant=The File Server Best Pratices Analyzer scan has determined that you are in compliance with this best practice. '@ } Import-LocalizedData -BindingVariable _system_translations -filename FSRM.psd1 $windir = $env:Windir . $windir\System32\BestPractices\v1.0\Models\Microsoft\Windows\FileServices\fscommon.ps1 # # ------------------ # FUNCTIONS - START # ------------------ # function CheckFSRMClassificationSchedulePresent { $CM = new-object -com("Fsrm.FsrmClassificationManager") $rules = @($CM.EnumRules(1)) # if there are no rules we don't care about the schedule if ($rules.Count -lt 1) { return $true } $cls = Get-FsrmClassification $clsTask = $cls.Schedule if ($clsTask -eq $null) { return $false } return $true } function CheckFSRMPropertyDefinitionCount { $CM = new-object -com("Fsrm.FsrmClassificationManager") $propertyDefs = @($CM.EnumPropertyDefinitions(0)) if ($propertyDefs.Count -ge 200) { return $false } return $true } function CheckFSRMQuotaCount { $QM = new-object -com("Fsrm.FsrmQuotaManager") $Quotas = @($QM.EnumQuotas()) if ($Quotas.Count -ge 10000) { return $false } return $true } function CheckFSRMFileScreenCount { $FSM = new-object -com("Fsrm.FsrmFileScreenManager") $FileScreens = @($FSM.EnumFileScreens()) if ($FileScreens.Count -ge 1000) { return $false } return $true } function CheckFSRMCacheEnabled { $CM = new-object -com("Fsrm.FsrmClassificationManager") $StorageModules = @($CM.EnumModuleDefinitions(1)) foreach($module in $StorageModules) { if ($module.StorageType -ne 1) { continue } $moduleParams = @($module.Parameters) $staticModuleParam = "StaticModuleName" $adsStaticModuleName = "System Cache Storage Module" foreach($moduleParam in $moduleParams) { if ($moduleParam.SubString(0, $staticModuleParam.Length) -ieq $staticModuleParam -and $moduleParam.SubString($staticModuleParam.Length + 1) -ieq $adsStaticModuleName) { if ($module.Enabled -eq $false) { return $false } break } } } return $true } function CheckFSRMOrphanedFMJLogs { $FMJM = new-object -com("Fsrm.FsrmFileManagementJobManager") $FMJs = @($FMJM.EnumFileManagementJobs()) $orphanedFiles = "" $volumes = @(Get-WMIObject Win32_Volume) foreach ($volume in $volumes) { $logFiles = @() $path = "" # We can only check volumes with a drive letter because the PS cmdlets # cannot handle device ids. if ($volume.DriveLetter.Length -gt 0) { $path = $volume.DriveLetter + "\system volume information\srm\FileManagementTasks" if (test-path $path) { $logFiles = @(Get-ChildItem $path -Exclude "*.xml") } } foreach ($logFile in $logFiles) { $orphaned = $true foreach ($FMJ in $FMJs) { if ($FMJ.Id.Guid -ieq $logFile.Name.Substring(0, $logFile.Name.Length - $logFile.Extension.Length)) { $orphaned = $false } } if ($orphaned) { if ($orphanedFiles -ne "") { $orphanedFiles = $orphanedFiles + "; " } $orphanedFiles = $orphanedFiles + "'" + $path + "\" + $logFile.Name + "'" } } } $orphanedFiles } function FsrmCheckIsErrorLogEnabled { $CM = new-object -com("Fsrm.FsrmClassificationManager") $loggingFlags = $CM.Logging if ($loggingFlags -band 0x2) { return $true } return $false } function FsrmReplaceEnvMacros { param( [string] $path ) $envSystemDrive = "%systemdrive%" $envHomeDrive = "%homedrive%" $path = $path.ToLower() $path = $path.Replace($envSystemDrive, "$env:systemdrive") $path = $path.Replace($envHomeDrive, "$env:homedrive") if (-not ($path.EndsWith("\"))) { $path = $path + "\" } $path } function FsrmGetLastErrorLog { $errorSuffix = '\fileclassification*error.xml' $classificationLogSuffix = '\fileclassification*.xml' $latestLog = "" if (FsrmCheckIsErrorLogEnabled) { $RM = new-object -com("Fsrm.FsrmReportManager") $pathScheduled = $RM.GetOutputDirectory(2) $pathScheduled = FsrmReplaceEnvMacros $pathScheduled $pathInteractive = $RM.GetOutputDirectory(3) $pathInteractive = FsrmReplaceEnvMacros $pathInteractive $errorFilePathScheduled = $pathScheduled + $errorSuffix $classificationFilePathScheduled = $pathScheduled + $classificationLogSuffix $errorFilePathInteractive = $pathInteractive + $errorSuffix $classificationFilePathInteractive = $pathInteractive + $classificationLogSuffix $classificationLogs = @() $classificationLogs = @(@(dir $classificationFilePathScheduled) | sort LastWriteTime -Descending) $latestClassificationLog = "" if ($classificationLogs.Length -gt 0) { $latestClassificationLog = $classificationLogs[0] } $allErrorLogs = @() $allErrorLogs = @(@(dir $errorFilePathScheduled) | sort LastWriteTime -Descending) if ($allErrorLogs.Length -gt 0) { $diff = $latestClassificationLog.LastWriteTime.Subtract($allErrorLogs[0].LastWriteTime) if ($diff.TotalMinutes -lt 10) { $latestLog = $allErrorLogs[0] } } $classificationLogs = @(@(dir $classificationFilePathInteractive) | sort LastWriteTime -Descending) if ($classificationLogs.Length -gt 0) { if ($latestClassificationLog.LastWriteTime -lt $classificationLogs[0].LastWriteTime) { $latestClassificationLog = $classificationLogs[0] } } $allErrorLogs = @(@(dir $errorFilePathInteractive) | sort LastWriteTime -Descending) if ($allErrorLogs.Length -gt 0) { $diff = $latestClassificationLog.LastWriteTime.Subtract($allErrorLogs[0].LastWriteTime) if (($allErrorLogs[0].LastWriteTime -gt $latestLog.LastWriteTime) -and ($diff.TotalMinutes -lt 10)) { $latestLog = $allErrorLogs[0] } } } $latestLog } function CheckFsrmErrorLogAlerts { $errorADSReadOnly = "System Cache Storage Module::0x80070005" $errorADSCachSize = "System Cache Storage Module::0x800700df" $okAtCount = 2000 $okReadOnly = $true $okCacheSize = $true $ErrorCountTable = @{} # We must put the whole of log parsing in a script block so the file is properly parsed on the machine running the BPA, which may be remote invoke-command -scriptblock { param($lastErrorLogParam) function GetFsrmLocalizedModuleName { param ( [string] $nonLocalizedName ) $CM = new-object -com("Fsrm.FsrmClassificationManager") $StorageModules = @($CM.EnumModuleDefinitions(1)) $staticModuleParam = "StaticModuleName" $localizedName = "" # get table of module names and static names foreach($module in $StorageModules) { $moduleParams = @($module.Parameters) foreach($moduleParam in $moduleParams) { if ($moduleParam.SubString(0, $staticModuleParam.Length) -ieq $staticModuleParam) { if ($nonLocalizedName -ieq $moduleParam.SubString($moduleParam.IndexOf('=') + 1)) { $localizedName = $module.Name break } } } } return $localizedName } Function ParseFsrmErrorLog { Param ( [string]$ErrorLogFilePath, [int]$TimeOutInSeconds ) Begin { # Look for the localized name since that is what is in the log files # but write the nonlocalized name so we don't have to convert it again later $nonlocalizedSystemCache = "System Cache Storage Module" $localizedSystemCache = GetFsrmLocalizedModuleName $nonlocalizedSystemCache $interestingErrors = @("0x80070005", "0x800700df") $ErrorEntryCount = 0 $StartTime = Get-Date $TimeoutTimeSpan = new-object System.TimeSpan(0, 0, $TimeOutInSeconds) $ExpectedEndTime = $StartTime.Add($TimeoutTimeSpan) $TimedOut = $False } Process { # use the stream reader because it is memory efficient unlike get-content $xr = [System.Xml.XmlReader]::Create($ErrorLogFilePath) if ($xr -eq $null) { return } $xr.ReadToFollowing("Item") do { $foundInterestingError = $false # Look for the localized module name since that is what is in the log files # but write the nonlocalized name so we don't have to convert it again later if ($xr.GetAttribute("Module") -eq $localizedSystemCache) { foreach ($error in $interestingErrors) { if ($xr.GetAttribute("Message").Contains($error)) { $ErrorCodeKey = $nonlocalizedSystemCache + "::" + $error $foundInterestingError = $true break } } } # didn't find an interesting error so move on if ($foundInterestingError -eq $false) { continue } $NoOfOccurences = 1 if ($ErrorCountTable.ContainsKey($ErrorCodeKey)) { $NoOfOccurences = $ErrorCountTable.Get_Item($ErrorCodeKey) + 1 $ErrorCountTable.Set_Item($ErrorCodeKey, $NoOfOccurences) } else { $ErrorCountTable.Add($ErrorCodeKey, $NoOfOccurences) } $ElapsedTime = Get-Date if ($ElapsedTime.CompareTo($ExpectedEndTime) -ge 0) { $TimedOut = $True break } } while ($xr.ReadToNextSibling("Item")) } } ParseFsrmErrorLog $lastErrorLogParam -TimeOutInSeconds 60 } -ArgumentList (FsrmGetLastErrorLog) # end of script block for invoke-command if ($ErrorCountTable[$errorADSReadOnly] -gt $okAtCount) { $okReadOnly = $false } if ($ErrorCountTable[$errorADSCachSize] -gt 0) { $okCacheSize = $false } $warnings = @{} $warnings.Add("readonly", $okReadOnly) $warnings.Add("cachesize", $okCacheSize) $warnings } function CheckAllV2Schedules { $strV1 = "V1" $strV2 = "V2" $V1Fmjs = "" $V1Reports = "" $V1Classification = $strV2 $V1ObjectsExist = $false # To determine if an object's schedule is V2 we see if its # schedule object's legacy name is empty # Check FMJs $FMJs = Get-FSRMFileManagementJob foreach ($fmj in $FMJs) { $fmjTask = $fmj.Schedule.LegacyTaskName if ($fmjTask.length -gt 0) { write-host "Found V1 FMJ: " $fmj.Name if ($V1Fmjs.length -ne 0) { $V1Fmjs = $V1Fmjs + "`n" } $V1Fmjs = $V1Fmjs + $fmj.Name } } # Check Reports $Reports = Get-FsrmStorageReport foreach ($report in $Reports) { $repTask = $report.Schedule.LegacyTaskName if ($repTask.length -gt 0) { write-host "Found V1 Report: " $report.Name if ($V1Reports.length -ne 0) { $V1Reports = $V1Reports + "`n" } $V1Reports = $V1Reports + $report.Name } } # Check Classification $cls = Get-FsrmClassification $clsTask = $cls.Schedule.LegacyTaskName if ($clsTask -ne $null) { if ($clsTask.length -gt 0) { write-host "Classification is V1" $V1Classification = $strV1 } } # If any of our objects are V1 we need to set the flag for our return object if ($V1Fmjs.length -gt 0 -or $V1Reports.length -gt 0 -or $V1Classification.CompareTo($strV2) -ne 0 ) { $V1ObjectsExist = $true } #Build the return object $v1Objects = @{} $v1Objects.Add("hasV1Schedules", $V1ObjectsExist) $v1Objects.Add("fmjs", $V1Fmjs) $v1Objects.Add("reports", $V1Reports) $v1Objects.Add("classification", $V1Classification) $v1Objects } function CheckFsrmFirewall { # We want to see if there are any rules enabled where the local port # is 5985 and the protocol is TCP. This is required for WMI to work remotely $firewall = New-Object -ComObject hnetcfg.fwpolicy2 $enabledRules = $firewall.rules | ?{$_.Protocol -eq 6 -and $_.LocalPorts -eq 5985 -and $_.Enabled -and $_.Action -eq 1 -and $_.Direction -eq 1} $enabledRules.Count -gt 0 } function CheckFsrmWinRm { # We want to make sure that win rm is enabled. We'll check the value at # WSMan:\localhost\Service\AllowRemoteAccess to verify that. $allowedPair = Get-Item "WSMan:\localhost\Service\AllowRemoteAccess" [System.Convert]::ToBoolean($allowedPair.value) } function GetFSRMXml($xmlDoc, $ns) { $fsrmNode = $xmlDoc.CreateElement("FSRM", $ns) [void]$xmlDoc.DocumentElement.AppendChild($fsrmNode) $computerName = [System.Net.Dns]::GetHostName() $fsrmServiceStatus = Check-ServiceStatus $computerName "srmsvc" Append-XmlElement $xmlDoc $fsrmNode $ns "ServiceStarted" (Formalize-BoolValue $fsrmServiceStatus) if(Get-ServerInClusterStatus -eq $true) { $clusterElement = $xmlDoc.CreateElement("Cluster", $ns) [void]$fsrmNode.AppendChild($clusterElement) $isServiceInstallationConsistent = Check-ServiceInstalationOnCluster "File Server Resource Manager" Append-XmlElement $xmlDoc $clusterElement $ns "ServiceInstallationOnClusterConsistent" $isServiceInstallationConsistent[0] if($isServiceInstallationConsistent[0] -eq "NA") { Append-XmlElement $xmlDoc $clusterElement $ns "NotReachableNodes" $isServiceInstallationConsistent[1] } } $fsrmClassificationSchedulePresent = CheckFSRMClassificationSchedulePresent Append-XmlElement $xmlDoc $fsrmNode $ns "ClassificationSchedulePresent" (Formalize-BoolValue $fsrmClassificationSchedulePresent) $fsrmPropertyDefinitionCount = CheckFSRMPropertyDefinitionCount Append-XmlElement $xmlDoc $fsrmNode $ns "PropertyDefinitionCount" (Formalize-BoolValue $fsrmPropertyDefinitionCount) $fsrmQuotaCount = CheckFSRMQuotaCount Append-XmlElement $xmlDoc $fsrmNode $ns "QuotaCount" (Formalize-BoolValue $fsrmQuotaCount) $fsrmFileScreenCount = CheckFSRMFileScreenCount Append-XmlElement $xmlDoc $fsrmNode $ns "FileScreenCount" (Formalize-BoolValue $fsrmFileScreenCount) $fsrmCacheEnabled = CheckFSRMCacheEnabled Append-XmlElement $xmlDoc $fsrmNode $ns "CacheEnabled" (Formalize-BoolValue $fsrmCacheEnabled) $fsrmOrphanedLogsNode = $xmlDoc.CreateElement("OrphanedLogs", $ns) [void]$fsrmNode.AppendChild($fsrmOrphanedLogsNode) $fsrmOrphanedLogs = CheckFSRMOrphanedFMJLogs if($fsrmOrphanedLogs.length -gt 0) { Append-XmlElement $xmlDoc $fsrmOrphanedLogsNode $ns "NoOrphanedLogs" (Formalize-BoolValue $false) } else { Append-XmlElement $xmlDoc $fsrmOrphanedLogsNode $ns "NoOrphanedLogs" (Formalize-BoolValue $true) } Append-XmlElement $xmlDoc $fsrmOrphanedLogsNode $ns "Logs" ($fsrmOrphanedLogs) $fsrmErrorLogAlerts = CheckFsrmErrorLogAlerts Append-XmlElement $xmlDoc $fsrmNode $ns "LatestLogFile" (FsrmGetLastErrorLog) Append-XmlElement $xmlDoc $fsrmNode $ns "FewReadOnlyFiles" (Formalize-BoolValue $fsrmErrorLogAlerts.readonly) Append-XmlElement $xmlDoc $fsrmNode $ns "CacheSizeAdequate" (Formalize-BoolValue $fsrmErrorLogAlerts.cachesize) $fsrmV2SchedulesNode = $xmlDoc.CreateElement("V2Schedules", $ns) [void]$fsrmNode.AppendChild($fsrmV2SchedulesNode) $fsrmV2Schedules = CheckAllV2Schedules Append-XmlElement $xmlDoc $fsrmV2SchedulesNode $ns "HasV1Schedules" (Formalize-BoolValue $fsrmV2Schedules.hasV1Schedules) Append-XmlElement $xmlDoc $fsrmV2SchedulesNode $ns "FMJs" ($fsrmV2Schedules.fmjs) Append-XmlElement $xmlDoc $fsrmV2SchedulesNode $ns "Reports" ($fsrmV2Schedules.reports) Append-XmlElement $xmlDoc $fsrmV2SchedulesNode $ns "Classification" ($fsrmV2Schedules.classification) $fsrmFirewall = CheckFsrmFirewall Append-XmlElement $xmlDoc $fsrmNode $ns "Firewall" (Formalize-BoolValue $fsrmFirewall) $fsrmWinRm = CheckFsrmWinRm Append-XmlElement $xmlDoc $fsrmNode $ns "WinRm" (Formalize-BoolValue $fsrmWinRm) } # # End FSRM functions # # # ------------------ # FUNCTIONS - END # ------------------ # # # ------------------------ # SCRIPT MAIN BODY - START # ------------------------ # # # Initialize to perform querying Role information # Setup # # Set the Target Namespace to be used by XML # $tns="http://schemas.microsoft.com/bestpractices/models/FileServices/FSRM/2011/04" # # Create a new XmlDocument # $doc = Create-DocumentElement $tns "FSRMComposite" $fsrmInstalled = Check-FeatureInstallStatus "FS-Resource-Manager" if($fsrmInstalled -eq $true) { GetFSRMXml $doc $tns } # # Role Information obtained. # TearDown $doc $doc.Save([Environment]::SystemDirectory + "\BestPractices\v1.0\Models\Microsoft\Windows\FileServices\tempFSRM.xml")