[Parameter(Mandatory=$false,Position=1)][string]$intendedName = "QA2"
process {
$nameMatrix = @{
'dev' = @();
'qa2' = @();
'red9' = @();
$Certs = @{
'dev' = @{ Name = 'DEV'; Database = 'AlkamiMaster_Dev1'; HostnameBase = ''; Broadcaster = ''; Subscription = 'localhost'; };
'qa2' = @{ Name = 'QA2'; Database = 'AlkamiMaster_QA2'; HostnameBase = ''; Broadcaster = ''; Subscription = ''; };
'red9' = @{ Name = 'RED9'; Database = 'AlkamiMaster_Red9'; HostnameBase = ''; Broadcaster = ''; Subscription = ''; };
$name = "";
if ($nameMatrix.ContainsKey($intendedName.ToLower())){
$name = $intendedName;
} else {
$name = @($nameMatrix.Keys | % { if ($nameMatrix.Item($_) -icontains $intendedName.ToLower()) { return $_; } })[0];
if ([String]::IsNullOrEmpty($name)) {
throw "could not find the name $name";
+ db sync tenants from given db master
+ hosts sync tenants from tenant
add site for new server addresses (*, etc)
+ update machine.config subscription server name
Function EnsureDatabaseAccess($connectionString) {
if ($script:v) {
Write-Host "Attempting to verify the connection to $connectionString";
$sqlConnection = New-Object System.Data.SqlClient.SqlConnection "$connectionString";
Write-Host "Can not connect to the specified database. Do you have approved access to the server?";
throw "could not connect to the database!"
Function GetDefaultLocalConnectionString() {
$x = [Xml](Get-Content "C:\Windows\Microsoft.Net\Framework64\v4.0.30319\Config\machine.config");
try {
return $x.configuration.connectionStrings.add | % { if ($_.Name -eq "AlkamiMaster") { $_.ConnectionString } };
} catch {
return $null;
Function GetFormattedConnectionString($serverName, $instanceName, $databaseName) {
if ([System.String]::IsNullOrEmpty($serverName) -and [System.String]::IsNullOrEmpty($instanceName) -and [System.String]::IsNullOrEmpty($databaseName)) {
return (GetDefaultLocalConnectionString);
$serverName = ($serverName, "." -ne $null)[0];
if ($serverName.EndsWith("\\")){
$serverName = $serverName.Substring(0, $serverName.Length - 1);
$connectionString = "data source=$serverName\$instanceName;Integrated Security=SSPI; Database=$databaseName;";
if ($script:v) {
Write-Host $connectionString;
return $connectionString;
function GetFormattedConnectionStringForTenant($serverName, $databaseName)
$serverName = ($serverName, "." -ne $null)[0];
if ($serverName.EndsWith("\\")){
$serverName = $serverName.Substring(0, $serverName.Length - 1);
$connectionString = "data source=$serverName;Integrated Security=SSPI; Database=$databaseName;";
if ($script:v) {
Write-Host $connectionString;
return $connectionString;
Function InsertTenantsToServer($serverName, $instanceName, $databaseName, $tenants) {
$tenants = ($tenants, @() -ne $null)[0];
if ($tenants.length -eq 0) {
Write-Host "No tenants were provided. Can't update the database server $serverName\$instanceName $databaseName with the new records.";
$connectionString = (GetFormattedConnectionString $serverName $instanceName $databaseName);
EnsureDatabaseAccess $connectionString
$sqlConnection = New-Object System.Data.SqlClient.SqlConnection $connectionString;
$tenants | % {
$tenant = $_;
[System.Data.SqlClient.SqlCommand]$command = $sqlConnection.CreateCommand();
$command.CommandText = "
IF NOT EXISTS (SELECT * FROM Tenant WHERE BankIdentifiers = @BankGuid) BEGIN
INSERT INTO Tenant (Name,BankIdentifiers,BankUrlSignatures,CreateDate,BankAdminUrlSignatures,DataSource,Catalog,Version,ConnectionString)
VALUES (@Name,@BankGuid,@Signature,GETDATE(),@AdminSignature,@DataSource,@Catalog,@Version,@ConnectionString);
UPDATE Tenant SET BankUrlSignatures = @Signature, BankAdminUrlSignatures = @AdminSignature, DataSource = @DataSource, Catalog = @Catalog, ConnectionString = @ConnectionString WHERE BankIdentifiers = @BankGuid
$consume = $command.Parameters.AddWithValue("@Name",$tenant.Name);
$consume = $command.Parameters.AddWithValue("@BankGuid",$tenant.BankGuid);
$consume = $command.Parameters.AddWithValue("@Signature",$tenant.Signature);
$consume = $command.Parameters.AddWithValue("@AdminSignature",$tenant.AdminSignature);
$consume = $command.Parameters.AddWithValue("@DataSource",$tenant.DataSource);
$consume = $command.Parameters.AddWithValue("@Catalog",$tenant.Catalog);
$consume = $command.Parameters.AddWithValue("@Version",$tenant.Version);
$consume = $command.Parameters.AddWithValue("@ConnectionString", $tenant.ConnectionString);
$consume = $command.ExecuteNonQuery();
if ($null -ne $sqlConnection) {
try {
} catch {
Write-Host "something happened bad...";
throw $_.Exception;
Function GetFullTenantsFromServer($serverName, $instanceName, $databaseName) {
$connectionString = (GetFormattedConnectionString $serverName $instanceName $databaseName);
EnsureDatabaseAccess $connectionString
$sqlConnection = New-Object System.Data.SqlClient.SqlConnection $connectionString;
$query = "
FROM Tenant;";
[System.Data.SqlClient.SqlCommand]$command = $sqlConnection.CreateCommand();
$command.CommandText = $query;
[System.Data.SqlClient.SqlDataReader]$reader = $command.ExecuteReader();
$data = @();
while ($reader.Read()) {
$data += @{
Name = $reader[0];
BankGuid = $reader[1];
Signature = $reader[2];
AdminSignature = $reader[3];
DataSource = $reader[4];
Catalog = $reader[5];
Version = $reader[6];
ConnectionString = (GetFormattedConnectionStringForTenant "dc00db01" $reader[5])
return $data;
Write-Host "something happened bad...";
return $null;
Function UpdateTenants($databaseName) {
# always force it to localhost for this operation.
FlushTenantsFromServer "localhost" "" "AlkamiMaster"
$tenants = (GetFullTenantsFromServer (GetPrimaryDBServerForDev) "" $databaseName);
if($intendedName.ToLower() -eq "dev")
$tenants += GetDeveloperTenant;
InsertTenantsToServer "localhost" "" "AlkamiMaster" $tenants
Function FlushTenantsFromServer($serverName, $instanceName, $databaseName) {
$connectionString = (GetFormattedConnectionString $serverName $instanceName $databaseName);
EnsureDatabaseAccess $connectionString
$sqlConnection = New-Object System.Data.SqlClient.SqlConnection $connectionString;
$query = "DELETE FROM Tenant;";
[System.Data.SqlClient.SqlCommand]$command = $sqlConnection.CreateCommand();
$command.CommandText = $query;
$consume = $command.ExecuteNonQuery();
return $data;
if ($null -ne $sqlConnection) {
try {
} catch {
Write-Host "something happened bad...";
throw $_.Exception;
Function GetPrimaryDBServerForDev(){
return "DC00DB01";
Function GetLocalDatabaseTenantsBankUrlSignatures() {
$tenants = (GetFullTenantsFromServer "localhost" "" "AlkamiMaster");
$ret = $tenants.Signature | % { if ($_ -match ",") { return ($_ -split ",")[0] } else { return $_; } }
return $ret;
Function GetLocalDatabaseTenantsBankAdminUrlSignatures() {
$tenants = (GetFullTenantsFromServer "localhost" "" "AlkamiMaster");
Function GetKnownHostsEntries() {
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = "bldsrvr-dev03.ftfcu.corp"; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = "uat.udi.local"; },
@{ ipAddress = ""; hostname = "SymConnectMultiplexer"; },
@{ ipAddress = ""; hostname = "AuditService"; },
@{ ipAddress = ""; hostname = "BankService"; },
@{ ipAddress = ""; hostname = "ContentService"; },
@{ ipAddress = ""; hostname = "CoreService"; },
@{ ipAddress = ""; hostname = "ExceptionService"; },
@{ ipAddress = ""; hostname = "IP-STS"; },
@{ ipAddress = ""; hostname = "MessageCenterService"; },
@{ ipAddress = ""; hostname = "NagConfigurationService"; },
@{ ipAddress = ""; hostname = "NotificationService"; },
@{ ipAddress = ""; hostname = "RP-STS"; },
@{ ipAddress = ""; hostname = "Scheduler"; },
@{ ipAddress = ""; hostname = "SecurityManagementService"; },
@{ ipAddress = ""; hostname = "STSConfiguration"; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
#todo: do we need these here still? can't they just be in the database?
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; },
@{ ipAddress = ""; hostname = ""; }
Function WriteHostsEntryToFile($hostsRenderedLines, $pathName) {
$hostsRenderedLines | Out-File $pathName -encoding ASCII
Function SetOrbHostsComplete() {
WriteHostsEntryToFile (RenderCompleteHostsFile (GetHostsFileActualEntries (GetHostsFilePath)) (DeltaHostsFileAndExpectedEntries (GetHostsFilePath))) (GetHostsFilePath)
Function GetHostsFileActualEntries($hostsFilePath) {
(Get-Content -Path $hostsFilePath) | % {
$rawline = $_;
$record = @{ Keep = $false; ipAddress = $null; hostname = $null; Comment = $null; blankLine = $false; };
$commentSeparator = $rawline.IndexOf("#");
$comment = "";
$keep = $false;
if ($commentSeparator -gt -1) {
$record.Comment = $rawline.Substring($commentSeparator + 1, $rawline.Length - $commentSeparator - 1).Trim();
if ($commentSeparator -eq 0) {
$rawline = "";
} else {
$rawline = $rawline.Substring(0, $commentSeparator - 1);
if ($rawline.length -gt 0) {
$bits = [regex]::Split($rawline, "\s+")
if ($bits.count -gt 1) {
$record.ipAddress = $bits[0].Trim();
$record.hostname = $bits[1].Trim();
$record.Keep = (($record.Comment -imatch 'keep') -or ($record.ipAddress -eq $null));
$record.blankLine = (!$record.Comment -and !$record.ipAddress -and ($commentSeparator -eq -1));
return $record;
Function GetAllExpectedHostsEntries() {
$hostsEntries = @();
$hostsEntries += (GetKnownHostsEntries);
$hostsEntries += @(((GetLocalDatabaseTenantsBankUrlSignatures) | % { @{ ipAddress = ""; hostname = $_; } } ));
$hostsEntries += @(((GetLocalDatabaseTenantsBankAdminUrlSignatures) | % { @{ ipAddress = ""; hostname = $_; } } ));
Function RenderCompleteHostsFile($entries, $newEntries) {
$entries = ($entries,@() -ne $null)[0];
$entries += @(($newEntries, @() -ne $null)[0]);
$maxHostnameWidth = 0;
$entries | % {
$entry = $_; #readability line
if (!!$entry.hostname) {
if ($entry.hostname.length -gt $maxHostnameWidth) {
$maxHostnameWidth = $entry.hostname.length;
if ($maxHostnameWidth -eq 0) {
} else {
$maxHostnameWidth += 5;
($entries | % {
$entry = $_; #readability line
if (!$entry.ipAddress) {
if ($entry.blankLine) {
return "";
} else {
return ("# {0}" -f $entry.Comment);
} else {
$thirdPart = "";
$secondPart = $entry.hostname;
if (!!$entry.Comment) {
$thirdPart = "# $($entry.Comment)";
$secondPart = $secondPart.PadRight($maxHostnameWidth);
return ("{0}{1}{2}" -f $entry.ipAddress.PadRight(18), $secondPart, $thirdpart);
}) | Get-Unique
Function GetHostsFilePath() {
return "$env:windir\System32\drivers\etc\hosts";
Function DeltaHostsFileAndExpectedEntries($hostsPath){
$existingEntries = (GetHostsFileActualEntries $hostsPath);
$expectedEntries = (GetAllExpectedHostsEntries);
$missingEntries = @();
$expectedEntries | % {
$found = $false;
$expectedEntry = $_;
if (!!$expectedEntry.ipaddress) {
$existingEntries | % {
$existingEntry = $_;
if (!!($existingEntry.ipAddress) -and ($expectedEntry.hostname -eq $existingEntry.hostname) -and ($expectedEntry.ipAddress -eq $existingEntry.ipAddress)) {
$found = $true;
if (!$found) {
$missingEntries += $expectedEntry;
Function UpdateMachineConfigs($broadcaster, $subscription) {
UpdateMachineConfig 'C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config' $broadcaster $subscription;
UpdateMachineConfig 'C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\machine.config' $broadcaster $subscription;
Function UpdateMachineConfig($path, $broadcaster, $subscription) {
$config = [Xml](get-content $path);
$config.configuration.appSettings.add | % { if ($_.Key -eq "SubscriptionServiceMachine") { $_.Value = $subscription; } };
$config.configuration.appSettings.add | % { if ($_.Key -eq "Broadcasters") { $_.Value = $broadcaster; } };
Function GetOrCreateAppPoolForOrb($appPoolName) {
$ret = Get-Item IIS:\AppPools\$appPoolName -ErrorAction Ignore;
if ($ret -eq $null) {
$ret = New-Item IIS:\AppPools\$appPoolName -ErrorAction Stop;
Set-ItemProperty IIS:\AppPools\$appPoolName managedRuntimeVersion 'v4.0';
Set-ItemProperty IIS:\AppPools\$appPoolName ProcessModel.loadUserProfile true;
Set-ItemProperty IIS:\AppPools\$appPoolName ProcessModel.idleTimeout -Value "0";
return $ret;
Function GetOrCreateWebsite($siteName, $physicalPath) {
Write-Host $siteName
Write-Host $physicalPath
$appPool = GetOrCreateAppPoolForOrb $siteName;
$ret = WebAdministration\Get-WebSite -Name $siteName
if ($ret -eq $null) {
$ret = WebAdministration\New-Website -Name $siteName -PhysicalPath $physicalPath -ApplicationPool $appPool.Name -ErrorAction Stop;
if ($ret -eq $null){
throw "could not create/find the website for $siteName! ARGH!";
return $ret;
Function rebind-ipsts($site) {
Write-Host "rebing-ipsts" -ForegroundColor Yellow
$cert = (Get-ChildItem cert:\LocalMachine\My | Where { $_.Subject -like "*``*.$($site.HostnameBase)*" } -ErrorAction Ignore);
$toBeInstalled = @("ip.$($site.HostnameBase)");
if (Test-Path 'C:\Orb\IP-STS') {
$consume = GetOrCreateWebsite 'IPSTS' 'C:\Orb\IP-STS'
} else {
$consume = GetOrCreateWebsite 'IPSTS' 'C:\Orb\IPSTS'
#Remove-WebBinding -Name 'IPSTS' -IPAddress * -Port 80 -ErrorAction Ignore;
if ($toBeInstalled -ne $null) {
Write-Host "Installing new client sites under ORB\Client";
Write-Host -NoNewline "of $($toBeInstalled.Length) we are on ";
$counter = 0;
$toBeInstalled | %{
$counter += 1;
$newSiteBinding = $_;
if (!(WebAdministration\Get-WebBinding -Name 'IPSTS' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding)) {
$consume = WebAdministration\New-WebBinding -Name 'IPSTS' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding -SslFlags 1
(WebAdministration\Get-WebBinding -Name 'IPSTS' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding).AddSslCertificate($cert.Thumbprint, "my");
Write-Host -NoNewline "$counter ";
Write-Host "done";
Function rebind-clients($rebindTier, $site) {
$toBeInstalled = (GetLocalDatabaseTenantsBankUrlSignatures);
$sites = gci IIS:\Sites -Exclude "WebClientAdmin", "Eagle Eye", "Default Web Site", "IPSTS"
$consume = $sites | % { Stop-Website -Name $_.Name; Remove-Website -Name $_.Name; }
$iis = @{};
if (Test-Path 'C:\Orb\Shared') {
$iis = GetOrCreateWebsite 'WebClient' 'C:\Orb\WebClient'
} else {
$iis = GetOrCreateWebsite 'WebClient' 'C:\Orb\Client'
WebAdministration\Remove-WebBinding -Name $iis.Name -IPAddress * -Port 80 -ErrorAction Ignore;
if ($toBeInstalled -ne $null) {
Write-Host "Installing new client sites under ORB\Client";
Write-Host -NoNewline "of $($toBeInstalled.Length) we are on ";
$counter = 0;
$toBeInstalled | %{
$counter += 1;
$newSiteBinding = $_;
$pos = $newSiteBinding.IndexOf(".")
$rightPart = $newSiteBinding.Substring($pos+1)
$cert = (Get-ChildItem cert:\LocalMachine\My | Where { $_.Subject -like "*``*.$rightPart*" } -ErrorAction Stop);
if (!(Get-WebBinding -Name 'WebClient' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding)) {
WebAdministration\New-WebBinding -Name 'WebClient' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding -SslFlags 1
#Write-Host "Get-WebBinding -Name 'WebClient' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding";
#Get-WebBinding -Name 'WebClient' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding
(Get-WebBinding -Name 'WebClient' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding).AddSslCertificate($cert.Thumbprint, "my");
Write-Host -NoNewline "$counter ";
Write-Host "done";
Function rebind-admin($rebindTier, $site) {
$toBeInstalled = (GetLocalDatabaseTenantsBankAdminUrlSignatures);
$sites = gci IIS:\Sites -Exclude "WebClient", "Eagle Eye", "Default Web Site", "IPSTS"
$consume = $sites | % { Stop-Website -Name $_.Name; Remove-Website -Name $_.Name; }
$iis = @{};
if (Test-Path 'C:\Orb\Shared') {
$iis = GetOrCreateWebsite 'WebClientAdmin' 'C:\Orb\WebClientAdmin'
} else {
$iis = GetOrCreateWebsite 'WebClientAdmin' 'C:\Orb\Admin'
WebAdministration\Remove-WebBinding -Name $iis.Name -IPAddress * -Port 80 -ErrorAction Ignore;
if ($toBeInstalled -ne $null) {
Write-Host "Installing new client sites under ORB\Admin";
Write-Host -NoNewline "of $($toBeInstalled.Length) we are on ";
$counter = 0;
$toBeInstalled | %{
$counter += 1;
$newSiteBinding = $_;
$pos = $newSiteBinding.IndexOf(".")
$rightPart = $newSiteBinding.Substring($pos+1)
$cert = (Get-ChildItem cert:\LocalMachine\My | Where { $_.Subject -like "*``*.$rightPart*" } -ErrorAction Stop);
if (!(WebAdministration\Get-WebBinding -Name 'WebClientAdmin' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding)) {
$binding = WebAdministration\New-WebBinding -Name 'WebClientAdmin' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding -SslFlags 1
(WebAdministration\Get-WebBinding -Name 'WebClientAdmin' -Protocol https -Port 443 -IPAddress * -HostHeader $newSiteBinding).AddSslCertificate($cert.Thumbprint, "my");
Write-Host -NoNewline "$counter ";
Write-Host "done";
Function LoadWebAdministrationModule() {
if (![Environment]::Is64BitProcess) { throw "you are using powershell in 32 bit mode. This is a failure. Please run in 64 bit mode."; }
if ((Get-Module -ListAvailable | ? { $_.Name -eq "webadministration" }) -ne $null) {
import-module WebAdministration;
} else {
throw "WebAdministration powershell module must be installed and available";
Function GetDeveloperTenant() {
Name = 'Developer Dynamic';
BankGuid = '78554577-9DE6-43CD-9085-5868977156D1';
Signature = '';
AdminSignature = '';
DataSource = 'localhost';
Catalog = 'DeveloperDynamic';
Version = '';
ConnectionString = 'data source=localhost;Integrated Security=SSPI; Database=DeveloperDynamic;Max Pool Size=500;Pooling=true;MultipleActiveResultSets=true;'
Function DoIt($site) {
Write-Host "Setting up QA env..." -ForegroundColor Yellow
if($intendedName.ToLower() -ne "dev")
UpdateMachineConfigs $site.Broadcaster $site.Subscription;
UpdateMachineConfigs "" ""
UpdateTenants $site.Database;
rebind-clients $site;
rebind-admin $site;
rebind-ipsts $site;
if (!(WebAdministration\Get-WebBinding -Name 'Default Web Site' -Protocol http -Port 80 -IPAddress * -HostHeader localhost)) {
WebAdministration\New-WebBinding -Name "Default Web Site" -Protocol http -Port 80 -IPAddress * -HostHeader localhost
DoIt $certs[$name];