function New-AppTierWindowsServices { <# .SYNOPSIS Used to configure Windows services for Install\-ORBAppServer #> [CmdletBinding()] Param() $logLead = (Get-LogLeadName) $servicesToInstall = (Get-AppTierServices) foreach ($service in $servicesToInstall) { # The service object has properties: # @{ FolderName; AssemblyInfo; Name; User; Password; IsGMSAAccount; Binary; } # They are used as such: # Install-AlkamiService uses AssemblyInfo, Name, User # Set-WindowsServiceExecutionAccount uses Name, User, Password, IsGMSAAccount # Binary is unused, it is legacy. It's useful, just not for this, due to the way Install-AlkamiService works $serviceName = $service.Name $serviceFolder = (Join-Path (Get-OrbPath) $service.FolderName) # The highly legacy service applications run from ORB proper $assemblyInfo = $service.AssemblyInfo $user = $service.User $password = $service.Password $IsGMSA = $service.IsGMSAAccount try { Write-Host "$logLead : Beginning install of legacy service [$serviceName]." $splat = @{ Path = $serviceFolder AssemblyInfo = $assemblyInfo # ex: "Alkami Nag Service" - Should get set on the service at create or update time DisplayName = $serviceName # SRE-17892 - all two of the default Alkami Windows Services require database access IsDatabaseAccessRequired = $true StartOnInstall = $false } # Install-AlkamiService is self-healing Install-AlkamiService @splat Write-Host "$logLead : Service installed, updating service execution account for [$serviceName]" # Set-WindowsServiceExecutionAccount is self-healing Set-WindowsServiceExecutionAccount -ServiceName $serviceName -ServiceUser $user -ServicePassword $password -IsGMSAAccount:$IsGMSA Write-Host "$logLead : Service [$serviceName] appears to finish installing correctly." } catch { Write-Warning "$logLead : Failed to finish creating account. See previous log statements for last good location. Continuing to next service." } } } Set-Alias -name Create-AppTierWindowsServices -value New-AppTierWindowsServices