diff --git a/CHANGELOG.md b/CHANGELOG.md index 4a63b26..a26d151 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +2.5.1 +* Fixed WinSQL service name when InstanceID differs from InstanceName + 2.5.0 * Added the Bindings to the end of the thumbprint to make the alias unique. * Using new IISWebBindings commandlet to use additional SSL flags when binding certificate to website. diff --git a/IISU/ClientPsSqlManager.cs b/IISU/ClientPsSqlManager.cs index a98d8b0..de3ab68 100644 --- a/IISU/ClientPsSqlManager.cs +++ b/IISU/ClientPsSqlManager.cs @@ -231,17 +231,17 @@ public string GetSqlCertRegistryLocation(string instanceName,PowerShell ps) return $"HKLM:\\SOFTWARE\\Microsoft\\Microsoft SQL Server\\{GetSqlInstanceValue(instanceName,ps)}\\MSSQLServer\\SuperSocketNetLib\\"; } - public string GetSqlServerServiceName(string instanceValue) + public string GetSqlServerServiceName(string instanceName) { - if(string.IsNullOrEmpty(instanceValue)) + if(string.IsNullOrEmpty(instanceName)) return string.Empty; //Default SQL Instance has this format - if (instanceValue.Split('.')[1] == "MSSQLSERVER") + if (instanceName == "MSSQLSERVER") return "MSSQLSERVER"; //Named Instance service has this format - return $"MSSQL`${instanceValue.Split('.')[1]}"; + return $"MSSQL`${instanceName}"; } public JobResult BindCertificates(string renewalThumbprint, X509Certificate2 x509Cert) @@ -344,9 +344,8 @@ public string BindCertificate(X509Certificate2 x509Cert,PowerShell ps) _logger.LogTrace(cmd.CommandText); } - _logger.LogTrace($"funcScript {funcScript}"); ps.AddScript(funcScript); - _logger.LogTrace("funcScript added..."); + _logger.LogTrace($"Running script: {funcScript}"); ps.Invoke(); _logger.LogTrace("funcScript Invoked..."); @@ -354,16 +353,21 @@ public string BindCertificate(X509Certificate2 x509Cert,PowerShell ps) ps.Commands.Clear(); //Get the SqlServer Service User Name - var serviceName = GetSqlServerServiceName(GetSqlInstanceValue(instanceName, ps)); - funcScript = @$"(Get-WmiObject Win32_Service -Filter ""Name='{serviceName}'"").StartName"; - ps.AddScript(funcScript); - _logger.LogTrace("funcScript added..."); - SqlServiceUser = ps.Invoke()[0].ToString(); - _logger.LogTrace("funcScript Invoked..."); - _logger.LogTrace("Got service login user for ACL Permissions"); - ps.Commands.Clear(); + var serviceName = GetSqlServerServiceName(instanceName); + if (serviceName != "") + { + _logger.LogTrace($"Service Name: {serviceName} was returned."); + + funcScript = @$"(Get-WmiObject Win32_Service -Filter ""Name='{serviceName}'"").StartName"; + ps.AddScript(funcScript); + _logger.LogTrace($"Running script: {funcScript}"); + SqlServiceUser = ps.Invoke()[0].ToString(); + + _logger.LogTrace($"SqlServiceUser: {SqlServiceUser}"); + _logger.LogTrace("Got service login user for ACL Permissions"); + ps.Commands.Clear(); - funcScript = $@"$thumbprint = '{thumbPrint}' + funcScript = $@"$thumbprint = '{thumbPrint}' $Cert = Get-ChildItem Cert:\LocalMachine\My | Where-Object {{ $_.Thumbprint -eq $thumbprint }} $privKey = $Cert.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName $keyPath = ""$($env:ProgramData)\Microsoft\Crypto\RSA\MachineKeys\"" @@ -373,9 +377,15 @@ public string BindCertificate(X509Certificate2 x509Cert,PowerShell ps) $Acl.SetAccessRule($Ar) Set-Acl $privKeyPath.FullName $Acl"; - ps.AddScript(funcScript); - ps.Invoke(); - _logger.LogTrace("ACL FuncScript Invoked..."); + ps.AddScript(funcScript); + ps.Invoke(); + _logger.LogTrace("ACL FuncScript Invoked..."); + + } + else + { + _logger.LogTrace("No Service User has been returned. Skipping ACL update."); + } //If user filled in a service name in the store then restart the SQL Server Services if (RestartService)