diff --git a/source/checks/Instancev5.Tests.ps1 b/source/checks/Instancev5.Tests.ps1 index 25edbe80..94ab77c3 100644 --- a/source/checks/Instancev5.Tests.ps1 +++ b/source/checks/Instancev5.Tests.ps1 @@ -394,6 +394,18 @@ Describe "SQL and Windows names match" -Tag ServerNameMatch, Medium, Instance -F } } +Describe "SQL Engine Service" -Tags SqlEngineServiceAccount, ServiceAccount, High, Instance -ForEach $InstancesToTest { + $skip = ($__dbcconfig | Where-Object { $_.Name -eq 'skip.instance.sqlengineserviceaccount' }).Value + Context "Testing SQL Engine Service on <_.Name>" -Skip:$skip { + It "SQL Engine service account should be <_.State> on <_.InstanceName>" -ForEach $PsItem.SqlEngineServiceAccount { + $PsItem.State | Should -Be $PsItem.ExpectedState -Because "We expected the SQL Engine service account to be $($PsItem.ExpectedState)" + } + It "SQL Engine service account should have a start mode of <_.ExpectedStartType> on instance <_.InstanceName>" -ForEach $PsItem.SqlEngineServiceAccount { + $PsItem.StartType | Should -Be $PsItem.ExpectedStartType -Because $Psitem.because + } + } +} + Describe "SQL Mail XPs Disabled" -Tag SQLMailXPsDisabled, Security, CIS, Low, Instance -ForEach $InstancesToTest { $skip = ($__dbcconfig | Where-Object { $_.Name -eq 'skip.instance.SQLMailXPsDisabled' }).Value Context "Checking SQL Mail XPs on <_.Name>" { diff --git a/source/internal/configurations/configuration.ps1 b/source/internal/configurations/configuration.ps1 index 09453b0f..ea3fb18b 100644 --- a/source/internal/configurations/configuration.ps1 +++ b/source/internal/configurations/configuration.ps1 @@ -289,6 +289,13 @@ Set-PSFConfig -Module dbachecks -Name skip.instance.maxmemory -Validation bool - Set-PSFConfig -Module dbachecks -Name skip.instance.orphanedfile -Validation bool -Value $false -Initialize -Description "Skip the check for orphaned file" Set-PSFConfig -Module dbachecks -Name skip.instance.servernamematch -Validation bool -Value $false -Initialize -Description "Skip the check for server name match" Set-PSFConfig -Module dbachecks -Name skip.instance.supportedbuild -Validation bool -Value $false -Initialize -Description "Skip the checks for supported build" +# becuase we can't run this on core +if ($IsCoreCLR) { + $value = $true +} { + $value = $false +} +Set-PSFConfig -Module dbachecks -Name skip.instance.sqlengineserviceaccount -Validation bool -Value $value -Initialize -Description "Skip the checks for sql engine service account" diff --git a/source/internal/functions/NewGet-AllInstanceInfo.ps1 b/source/internal/functions/NewGet-AllInstanceInfo.ps1 index b30d6532..f3f147b9 100644 --- a/source/internal/functions/NewGet-AllInstanceInfo.ps1 +++ b/source/internal/functions/NewGet-AllInstanceInfo.ps1 @@ -492,7 +492,26 @@ function NewGet-AllInstanceInfo { } 'SqlEngineServiceAccount' { + $EngineAccounts = Get-DbaService -ComputerName $psitem -Type Engine -ErrorAction SilentlyContinue + $starttype = ($__dbcconfig | Where-Object { $_.Name -eq 'policy.instance.sqlenginestart' }).Value + $state = ($__dbcconfig | Where-Object { $_.Name -eq 'policy.instance.sqlenginestate' }).Value + if ($Instance.IsClustered) { + $starttype = 'Manual' + $because = 'This is a clustered instance and Clustered Instances required that the SQL engine service is set to manual' + } else { + $because = "The SQL Service Start Type was expected to be $starttype" + } + $SqlEngineServiceAccount = foreach ($EngineAccount in $EngineAccounts) { + [PSCustomObject]@{ + InstanceName = $Instance.Name + State = $EngineAccount.State + ExpectedState = $state + StartType = $EngineAccount.StartType + ExpectedStartType = $starttype + because = $because + } + } } Default { } @@ -600,6 +619,7 @@ function NewGet-AllInstanceInfo { LoginMustChangeCount = $LoginMustChangeCount LoginPasswordExpirationCount = $LoginPasswordExpirationCount AgentServiceAdminExist = $AgentServiceAdminExist + SqlEngineServiceAccount = $SqlEngineServiceAccount # TempDbConfig = [PSCustomObject]@{ # TF118EnabledCurrent = $tempDBTest[0].CurrentSetting # TF118EnabledRecommended = $tempDBTest[0].Recommended