Setting up an ADMF Configuration Module

The recommended practice is to create your own PowerShell Module to store and transport your configuration sets. This approach offers several key advantages:

• No Extra Infrastructure - you already need a way to distribute the ADMF modules themselves.
• Simple Onboarding/Deployment - with PowerShell Package Management, a simple One-liner will deploy everything you need.
• Reliable Versioning - each version of your desired state matches a module version. You can always know what version you are on and can easily rollback to a previous version if needed.
• Extensibility - it makes it easy to add your own code aspects to the ADMF operational workflow, such as logging or secret/privilege management.

Preparation

The guidance assumes you are following along on a computer with the following tools setup:

• Visual Studio Code
• git client

It is possible to do without, but it either makes it extremely hard or - in case of prefering other tools - require some adaption in how some of the steps are achieved.

Steps

Preparation: Source Control

One of the key goals of implementing ADMF is introducing manageability into your Active Directory infrastructure. On the side of the Active Directory service itself, that is directly what the ADMF commands do, but ... they need to compare what is with what you tell it should be. And that documented - in configuration files - state of what should be needs to also be managed!

That is where source control comes in.

So we need a Source Control Service to maintain the configuration module in and an Internal PowerShell Repository to distributed it through.

Then we create and prepare a Source Control Project / Repository for it.

Implement

Then we create the actual module intended to host our configuration:

• Create the Module Layout
• Setup the configuration sets
• Add some tools & convenience to the module

info

After initially setting this up, we usually only modify the content within the configuration sets, or create new Contexts as needed. For more thoughts on how to design your Context setup, see the related design guidance.

Build & Publish

Finally, with the module ready - and the first set of configurations defined - we are ready to wrap up the module and get ready to ship.

• Building & Releasing the ADMF Configuration Module