SaRenamed for v5 adn tested #882

dataplat · Apr 27, 2022 · b910e32 · b910e32
1 parent ae74f95
commit b910e32
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 6 deletions.
diff --git a/Perf Testing pesterv5.ps1 b/Perf Testing pesterv5.ps1
@@ -14,8 +14,8 @@ ipmo ./dbachecks.psd1
 
 # 
 
-$Checks = 'DefaultFilePath','AdHocDistributedQueriesEnabled','AdHocWorkload',  'DefaultTrace', 'OleAutomationProceduresDisabled', 'CrossDBOwnershipChaining', 'ScanForStartupProceduresDisabled', 'RemoteAccessDisabled', 'SQLMailXPsDisabled', 'DAC', 'OLEAutomation'
-$Checks = 'DefaultFilePath'
+$Checks = 'SaRenamed','DefaultFilePath','AdHocDistributedQueriesEnabled','AdHocWorkload',  'DefaultTrace', 'OleAutomationProceduresDisabled', 'CrossDBOwnershipChaining', 'ScanForStartupProceduresDisabled', 'RemoteAccessDisabled', 'SQLMailXPsDisabled', 'DAC', 'OLEAutomation'
+$Checks = 'SaRenamed'
 Compare-CheckRuns -Checks $checks
 
 # Load the function below and then you can keep running the checks defined above in v4 and v5 and compare the performance

diff --git a/Validate v4 adn v5.ps1 b/Validate v4 adn v5.ps1
@@ -14,8 +14,8 @@ ipmo ./dbachecks.psd1
 
 # 
 
-$Checks = 'DefaultFilePath','AdHocDistributedQueriesEnabled','AdHocWorkload',  'DefaultTrace', 'OleAutomationProceduresDisabled', 'CrossDBOwnershipChaining', 'ScanForStartupProceduresDisabled', 'RemoteAccessDisabled', 'SQLMailXPsDisabled', 'DAC', 'OLEAutomation'
-$Checks = 'DefaultFilePath'
+$Checks = 'SaRenamed','DefaultFilePath','AdHocDistributedQueriesEnabled','AdHocWorkload',  'DefaultTrace', 'OleAutomationProceduresDisabled', 'CrossDBOwnershipChaining', 'ScanForStartupProceduresDisabled', 'RemoteAccessDisabled', 'SQLMailXPsDisabled', 'DAC', 'OLEAutomation'
+$Checks = 'SaRenamed'
 Compare-v4andv5Results -Checks $Checks
 
 # Load the function below and then you can keep running the checks defined above in v4 and v5 and compare the performance

diff --git a/checks/Instancev5.Tests.ps1 b/checks/Instancev5.Tests.ps1
@@ -68,7 +68,7 @@ Describe "Cross Database Ownership Chaining" -Tag CrossDBOwnershipChaining, Secu
     }
 }
 
-Describe "Scan For Startup Procedures" -Tag ScanForStartupProceduresDisabled,  Security, CIS, Low, Instance -ForEach $InstancesToTest {
+Describe "Scan For Startup Procedures" -Tag ScanForStartupProceduresDisabled, Security, CIS, Low, Instance -ForEach $InstancesToTest {
     $skip = Get-DbcConfigValue skip.instance.scanforstartupproceduresdisabled
     Context "Checking Scan For Startup Procedures on <_.Name>" {
         It "Scan For Startup Procedures is set to <_.ConfigValues.scanforstartupproceduresdisabled> on <_.Name>"  -Skip:$skip {
@@ -77,7 +77,7 @@ Describe "Scan For Startup Procedures" -Tag ScanForStartupProceduresDisabled,  S
     }
 }
 
-Describe "SQL Mail XPs Disabled" -Tag SQLMailXPsDisabled,  Security, CIS, Low, Instance -ForEach $InstancesToTest {
+Describe "SQL Mail XPs Disabled" -Tag SQLMailXPsDisabled, Security, CIS, Low, Instance -ForEach $InstancesToTest {
     $skip = Get-DbcConfigValue skip.instance.SQLMailXPsDisabled
     Context "Checking SQL Mail XPs on <_.Name>" {
         It "SQL Mail XPs should be disabled on <_.Name>"  -Skip:($skip -or $psitem.VersionMajor -gt 10) {
@@ -131,3 +131,12 @@ Describe "Default File Path" -Tag DefaultFilePath, Instance -ForEach $InstancesT
         }
     }
 }
+
+Describe "SA Login Renamed" -Tag SaRenamed, DISA, CIS, Medium, Instance -ForEach $InstancesToTest {
+    Context "Checking that sa login has been renamed on <_.Name>" {
+        It "sa login has been renamed on <_.Name>" {
+            ($PsItem.Logins.Name)  | Should -Not -BeIn 'sa' -Because "Renaming the sa account is a requirement"
+        }
+    }
+}
+
diff --git a/internal/functions/NewGet-AllInstanceInfo.ps1 b/internal/functions/NewGet-AllInstanceInfo.ps1
@@ -26,6 +26,9 @@ function NewGet-AllInstanceInfo {
     # Settings Initial Fields
     $SettingsInitFields = $Instance.GetDefaultInitFields([Microsoft.SqlServer.Management.Smo.Settings])
 
+    # Login Initial Fields
+    $LoginInitFields = $Instance.GetDefaultInitFields([Microsoft.SqlServer.Management.Smo.Login])
+
     # Configuration cannot have default init fields :-)
     $configurations = $false
 
@@ -77,6 +80,9 @@ function NewGet-AllInstanceInfo {
             $SettingsInitFields.Add("DefaultLog") | Out-Null # so we can check file paths
             $Instance.SetDefaultInitFields([Microsoft.SqlServer.Management.Smo.Settings], $SettingsInitFields)
         }
+        'SaRenamed' {
+
+        }
 
         Default { }
     }
@@ -93,6 +99,7 @@ function NewGet-AllInstanceInfo {
         VersionMajor  = $Instance.VersionMajor
         Configuration = if ($configurations) { $Instance.Configuration } else { $null }
         Settings      = $Instance.Settings
+        Logins        = $Instance.Logins
     }
     if ($ScanForStartupProceduresDisabled) {
         $StartUpSPs = $Instance.Databases['master'].StoredProcedures.Where{ $_. Name -ne 'sp_MSrepl_startup' -and $_.StartUp -eq $true }.count