feat: Add WinNoCimSession parameter to Windows Plugin #600
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hey @rhochmayr, thanks for the PR. This seems like a pretty straightforward improvement. Give me a bit to review. |
|
Hi @rmbolger, thanks as well for looking into the PR. Just let me know if you have any questions or would like any changes to be made. Background for this PR was due to permissions. We give our service accounts that are responsible for renewals only DNS permissions but no local admin or remote management permissions on the domain controllers. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces a new feature to the
Posh-ACME/Plugins/Windows.ps1script, allowing users to opt out of using CIM sessions for DNS commandlets. The changes include updates to theAdd-DnsTxtandRemove-DnsTxtfunctions, as well as documentation updates to reflect the new functionality.This seems to require less permissions as DNS permissions alone are not enough to establish a CIM Session to the DNS Servers / Domain Controllers.
New Feature: Opt-out of CIM Sessions
Posh-ACME/Plugins/Windows.ps1: Added a new switch parameterWinNoCimSessionto theAdd-DnsTxtandRemove-DnsTxtfunctions. This allows users to choose not to use CIM sessions when running DNS commandlets. The script now checks for this parameter and adjusts its behavior accordingly. [1] [2] [3] [4]Documentation Updates
docs/Plugins/Windows.md: Updated the documentation to include examples of using DNS commandlets without CIM sessions. This includes both the command line and theNew-PACertificatefunction. [1] [2]