Function Set-SDKUsers {
<#
.SYNOPSIS
Set the default SDK users for the current local development environment

.DESCRIPTION
For more information, see https://confluence.alkami.com/display/ISG/Alkami+SDK+Developer+Guide

.EXAMPLE
choco upgrade alkami.machinesetup.sdk -y
Set-SDKUsers

.PARAMETER DatabaseUser
Each service that connects to a database will be ran as this user name, will default to Alkami gMSA dev defaults.

.PARAMETER NonDatabaseUser
Services that do not connect to a database will be ran as this user name, will default to Alkami gMSA dev defaults

.PARAMETER EnvironmentType
The machine.config value for this key will be updated to match the value of the argument, will default to "Development".

.PARAMETER EnvironmentName
The machine.config value for this key will be updated to match the value of the argument, will default to "Development".

.PARAMETER DevelopmentDatabase
The developers target database, will default to "DeveloperDynamic"

.PARAMETER TenantDatabase
The developers target tenant database, will default to "AlkamiMaster"

.PARAMETER CertificateUsers
The users we should grant certificate permissions for, will default to @('dev.nag$', 'dev.radium$', 'dev.micro$', 'dev.dbms$')

.NOTES
This version uses the Alkami dev.* gMSA defaults.
#>

    [CmdletBinding()]
    param(
        [string]$DatabaseUser = "CORP\dev.dbms$",
        [string]$NonDatabaseUser = "CORP\dev.micro$",
        [string]$EnvironmentType = 'Development',
        [string]$EnvironmentName = 'Development',
        [string]$DevelopmentDatabase = 'DeveloperDynamic',
        [string]$TenantDatabase = 'AlkamiMaster',
        [string[]] $CertificateUsers = @('dev.nag$', 'dev.radium$', 'dev.micro$', 'dev.dbms$')
    )

    Write-Debug "Ensuring environment users have been added to the local security group"
    Add-UsersToLocalSecurityGroup @($DatabaseUser, $NonDatabaseUser) "Performance Monitor Users"

    Write-Host "Updating environment, this may take some time."
    Set-AppSetting 'Environment.Type' $EnvironmentType
    Set-AppSetting 'Environment.Name' $EnvironmentName

    Set-AppSetting 'NonDatabaseMicroServiceAccount' $NonDatabaseUser
    Set-AppSetting 'DatabaseMicroServiceAccount' $DatabaseUser

    Write-Debug "Updating SMSvcHostSids"
    Set-SMSvcHostSids
    Remove-SMSvcHostBlankSecurityIdentifiers

    Write-Debug "Stopping Alkami Services"
    Stop-SDKServices

    Write-Debug "Restarting Windows Process Activation Service"
    Restart-Service @("WAS") -Force

    Write-Debug "Updating Database Users"
    Set-SDKDatabaseUsers 'localhost' $TenantDatabase $DevelopmentDatabase

    Write-Debug "Updating IIS Application Pools"
    Invoke-CallOperatorWithPathAndParameters -Path "C:\WINDOWS\system32\iisreset.exe" -Arguments @("/stop")
    Get-SDKUserMatrix | Set-SDKAppPoolUsers
    Invoke-CallOperatorWithPathAndParameters -Path "C:\WINDOWS\system32\iisreset.exe" -Arguments @("/start")

    Write-Debug "Updating Installed Microservices"
    Set-SDKServicePermissions $DatabaseUser $NonDatabaseUser $DevelopmentDatabase 'localhost'

    Write-Debug "Updating Alkami Common Certificates"
    Set-SDKCertificateUsers $CertificateUsers

    # Write-Debug "Installing Alkami Vendor Certificates Chocolatey Package"
    # & choco upgrade Alkami.DeveloperKit.Certificates.Employee.Vendors -y
    Write-Host "Environment users updated. You may Start-SDKServices when you are ready to continue, or now may be a good time to reboot."
}