Octopus.Script exported 2018-03-28 by bobjwalker belongs to ‘Windows’ category.
Create one or more MSMQ transactional queues and configure permissions.
Parameters
When steps based on the template are included in a project’s deployment process, the parameters below can be set.
Queue names
MSMQQueues =
Queue names, separated by semicolons. Example: Queue1;Queue2;Queue3
Queue users
MSMQUsers =
Users with access to the queue separated by semicolons. Example: DOMAIN\User1;DOMAIN\User2
Allowed permissions
MSMQPermAllow = DeleteMessage;PeekMessage;ReceiveMessage;WriteMessage
Permissions granted to the queue users, separated by semicolons. Example: DeleteMessage;PeekMessage;ReceiveMessage
Denied permissions
MSMQPermDeny = TakeQueueOwnership
Denied permissions, separated by semicolons: TakeQueueOwnership
Admin queue users
MSMQAdminUsers
Users with access to the queue separated by semicolons. Example: DOMAIN\User1;DOMAIN\User2
Allowed admin permissions
MSMQPermAdminAllow = FullControl
Permissions granted to the queue admin users, separated by semicolons. Example: DeleteMessage;PeekMessage;ReceiveMessage
Denied admin permissions
MSMQPermAdminDeny
Denied permissions, separated by semicolons: TakeQueueOwnership
Reset Permissions
MSMQResetPermissions = false
Remove all existing permissions from the Queue if it already exists
Reset Permissions Domains
MSMQResetDomains
This is used if Reset Permissions is set. Example: YOURDOMAIN1;YOURDOMAIN2
Script body
Steps based on this template will execute the following PowerShell script.
$MSMQQueues = $OctopusParameters['MSMQQueues']
$MSMQResetPermissions = $OctopusParameters['MSMQResetPermissions']
$MSMQResetDomains = $OctopusParameters['MSMQResetDomains']
$MSMQUsers = $OctopusParameters['MSMQUsers']
$MSMQPermAllow = $OctopusParameters['MSMQPermAllow']
$MSMQPermDeny = $OctopusParameters['MSMQPermDeny']
$MSMQAdminUsers = $OctopusParameters['MSMQAdminUsers']
$MSMQPermAdminAllow = $OctopusParameters['MSMQPermAdminAllow']
$MSMQPermAdminDeny = $OctopusParameters['MSMQPermAdminDeny']
Write-Verbose "`$MSMQQueues = $MSMQQueues"
Write-Verbose "`$MSMQResetPermissions = $MSMQResetPermissions"
Write-Verbose "`$MSMQResetDomains = $MSMQResetDomains"
Write-Verbose "`$MSMQUsers = $MSMQUsers"
Write-Verbose "`$MSMQPermAllow = $MSMQPermAllow"
Write-Verbose "`$MSMQPermDeny = $MSMQPermDeny"
Write-Verbose "`$MSMQAdminUsers = $MSMQAdminUsers"
Write-Verbose "`$MSMQPermAdminAllow = $MSMQPermAdminAllow"
Write-Verbose "`$MSMQPermAdminDeny = $MSMQPermAdminDeny"
#Split the Queues into an array
$arrQueues = $MSMQQueues.split(";")
foreach ($Queue in $arrQueues)
{
#Does Queue Exists Already?
$thisQueue = Get-MSMQQueue $Queue
if (!$thisQueue)
{
#not found, create
Write-Output "Creating Queue: " $Queue
New-MsmqQueue -Name "$Queue" -Label "private$\$Queue" -Transactional | Out-Null
$thisQueue = Get-MSMQQueue $Queue
}
else
{
Write-Output "Queue Exists: " $thisQueue.QueueName
if($MSMQResetPermissions -eq "True")
{
foreach($domain in $MSMQResetDomains.split(";"))
{
# reset permissions
$QueuePermissions = $thisQueue | Get-MsmqQueueACL
foreach ($AccessItem in $MSMQQueuePermissions)
{
$userName = [Environment]::UserName
if($AccessItem.AccountName -NotLike "*$userName") # not current user
{
$domain = "$($domain)*" #append * to end of domain
if ($AccessItem.AccountName -Like "$($domain)*")
{
Write-Output "Removing Permissions $($AccessItem.Right) for $($AccessItem.AccountName)"
Try
{
$thisQueue | Set-MsmqQueueACL -UserName $AccessItem.AccountName -Remove $AccessItem.Right | Out-Null
}
Catch
{
Write-Output "Could not set permissions item $_.Exception.Message"
Break
}
}
}
}
}
}
}
#set acl for users
$arrUsers = $MSMQUsers.split(";")
foreach ($User in $arrUsers)
{
if ($User)
{
Write-Output "Adding ACL for User: " $User
#allows
if ($MSMQPermAllow)
{
$arrPermissions = $MSMQPermAllow.split(";")
foreach ($Permission in $arrPermissions)
{
$thisQueue | Set-MsmqQueueAcl -UserName $User -Allow $Permission | Out-Null
Write-Output "ACL Allow set: $Permission"
}
}
#denies
if ($MSMQPermDeny)
{
$arrPermissions = $MSMQPermDeny.split(";")
foreach ($Permission in $arrPermissions)
{
$thisQueue | Set-MsmqQueueAcl -UserName $User -Deny $Permission | Out-Null
Write-Output "ACL Deny set: $Permission"
}
}
}
}
$arrAdminUsers = $MSMQAdminUsers.split(";")
foreach ($User in $arrAdminUsers)
{
if ($User)
{
Write-Output "Adding ACL for Admin User: " $User
#allows
if ($MSMQPermAdminAllow)
{
$arrPermissions = $MSMQPermAdminAllow.split(";")
foreach ($Permission in $arrPermissions)
{
$thisQueue | Set-MsmqQueueAcl -UserName $User -Allow $Permission | Out-Null
Write-Output "ACL Allow admin set: $Permission"
}
}
#denies
if ($MSMQPermAdminDeny)
{
$arrPermissions = $MSMQPermAdminDeny.split(";")
foreach ($Permission in $arrPermissions)
{
$thisQueue | Set-MsmqQueueAcl -UserName $User -Deny $Permission | Out-Null
Write-Output "ACL Deny admin set: $Permission"
}
}
}
}
}
Provided under the Apache License version 2.0.
To use this template in Octopus Deploy, copy the JSON below and paste it into the Library → Step templates → Import dialog.
{
"Id": "4c22f201-c634-4a22-aa55-ae24dc83d588",
"Name": "MSMQ - Create Transactional Queue",
"Description": "Create one or more MSMQ transactional queues and configure permissions.",
"Version": 10,
"ExportedAt": "2018-03-28T07:21:22.039Z",
"ActionType": "Octopus.Script",
"Author": "bobjwalker",
"Parameters": [
{
"Id": "35154cac-d005-4a7b-85c9-8eab276e726b",
"Name": "MSMQQueues",
"Label": "Queue names",
"HelpText": "Queue names, separated by semicolons. Example: _Queue1;Queue2;Queue3_",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
},
{
"Id": "6f3a90b7-df04-4884-9cd1-f04ad7a1f97b",
"Name": "MSMQUsers",
"Label": "Queue users",
"HelpText": "Users with access to the queue separated by semicolons. Example: _DOMAIN\\User1;DOMAIN\\User2_",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
},
{
"Id": "3e2e1512-6f75-4e36-80cc-d350a3563a09",
"Name": "MSMQPermAllow",
"Label": "Allowed permissions",
"HelpText": "Permissions granted to the queue users, separated by semicolons. Example: _DeleteMessage;PeekMessage;ReceiveMessage_",
"DefaultValue": "DeleteMessage;PeekMessage;ReceiveMessage;WriteMessage",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
},
{
"Id": "2063989e-587f-4787-b3ce-6865501316b2",
"Name": "MSMQPermDeny",
"Label": "Denied permissions",
"HelpText": "Denied permissions, separated by semicolons: _TakeQueueOwnership_",
"DefaultValue": "TakeQueueOwnership",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
},
{
"Id": "42ec591d-9631-4ff4-ac56-94a1ac7c5994",
"Name": "MSMQAdminUsers",
"Label": "Admin queue users",
"HelpText": "Users with access to the queue separated by semicolons. Example: _DOMAIN\\User1;DOMAIN\\User2_",
"DefaultValue": null,
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
},
{
"Id": "47dee55f-9d5a-4798-a61c-b4c7350774a5",
"Name": "MSMQPermAdminAllow",
"Label": "Allowed admin permissions",
"HelpText": "Permissions granted to the queue admin users, separated by semicolons. Example: _DeleteMessage;PeekMessage;ReceiveMessage_",
"DefaultValue": "FullControl",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
},
{
"Id": "949b3efb-5fb7-4350-8336-1dfff67172aa",
"Name": "MSMQPermAdminDeny",
"Label": "Denied admin permissions",
"HelpText": "Denied permissions, separated by semicolons: _TakeQueueOwnership_",
"DefaultValue": null,
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
},
{
"Id": "2be54d36-3b81-4a39-8685-adfe8d98ebbb",
"Name": "MSMQResetPermissions",
"Label": "Reset Permissions",
"HelpText": "Remove all existing permissions from the Queue if it already exists",
"DefaultValue": "false",
"DisplaySettings": {
"Octopus.ControlType": "Checkbox"
},
"Links": {}
},
{
"Id": "54143721-075f-4270-89c1-154719ee0b3c",
"Name": "MSMQResetDomains",
"Label": "Reset Permissions Domains",
"HelpText": "This is used if Reset Permissions is set.\nExample: YOURDOMAIN1;YOURDOMAIN2",
"DefaultValue": null,
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
},
"Links": {}
}
],
"Properties": {
"Octopus.Action.Script.ScriptBody": "$MSMQQueues = $OctopusParameters['MSMQQueues']\n$MSMQResetPermissions = $OctopusParameters['MSMQResetPermissions']\n$MSMQResetDomains = $OctopusParameters['MSMQResetDomains']\n$MSMQUsers = $OctopusParameters['MSMQUsers']\n$MSMQPermAllow = $OctopusParameters['MSMQPermAllow']\n$MSMQPermDeny = $OctopusParameters['MSMQPermDeny']\n$MSMQAdminUsers = $OctopusParameters['MSMQAdminUsers']\n$MSMQPermAdminAllow = $OctopusParameters['MSMQPermAdminAllow']\n$MSMQPermAdminDeny = $OctopusParameters['MSMQPermAdminDeny']\n\nWrite-Verbose \"`$MSMQQueues = $MSMQQueues\"\nWrite-Verbose \"`$MSMQResetPermissions = $MSMQResetPermissions\"\nWrite-Verbose \"`$MSMQResetDomains = $MSMQResetDomains\"\nWrite-Verbose \"`$MSMQUsers = $MSMQUsers\"\nWrite-Verbose \"`$MSMQPermAllow = $MSMQPermAllow\"\nWrite-Verbose \"`$MSMQPermDeny = $MSMQPermDeny\"\nWrite-Verbose \"`$MSMQAdminUsers = $MSMQAdminUsers\"\nWrite-Verbose \"`$MSMQPermAdminAllow = $MSMQPermAdminAllow\"\nWrite-Verbose \"`$MSMQPermAdminDeny = $MSMQPermAdminDeny\"\n\n#Split the Queues into an array\n$arrQueues = $MSMQQueues.split(\";\")\nforeach ($Queue in $arrQueues) \n{\n #Does Queue Exists Already?\n $thisQueue = Get-MSMQQueue $Queue\n if (!$thisQueue)\n {\n #not found, create\n Write-Output \"Creating Queue: \" $Queue\n New-MsmqQueue -Name \"$Queue\" -Label \"private$\\$Queue\" -Transactional | Out-Null\n $thisQueue = Get-MSMQQueue $Queue \n }\n else\n {\n Write-Output \"Queue Exists: \" $thisQueue.QueueName\n \n if($MSMQResetPermissions -eq \"True\")\n {\n foreach($domain in $MSMQResetDomains.split(\";\"))\n {\n # reset permissions\n $QueuePermissions = $thisQueue | Get-MsmqQueueACL\n foreach ($AccessItem in $MSMQQueuePermissions)\n {\n $userName = [Environment]::UserName\n if($AccessItem.AccountName -NotLike \"*$userName\") # not current user\n {\n $domain = \"$($domain)*\" #append * to end of domain\n if ($AccessItem.AccountName -Like \"$($domain)*\")\n {\n Write-Output \"Removing Permissions $($AccessItem.Right) for $($AccessItem.AccountName)\"\n Try\n {\n $thisQueue | Set-MsmqQueueACL -UserName $AccessItem.AccountName -Remove $AccessItem.Right | Out-Null\n }\n Catch\n {\n Write-Output \"Could not set permissions item $_.Exception.Message\"\n Break\n }\n }\n }\n }\n }\n }\n }\n\n #set acl for users\n $arrUsers = $MSMQUsers.split(\";\")\n foreach ($User in $arrUsers) \n { \n if ($User)\n { \n Write-Output \"Adding ACL for User: \" $User \n \n #allows\n if ($MSMQPermAllow)\n {\n $arrPermissions = $MSMQPermAllow.split(\";\")\n foreach ($Permission in $arrPermissions) \n {\n $thisQueue | Set-MsmqQueueAcl -UserName $User -Allow $Permission | Out-Null \n Write-Output \"ACL Allow set: $Permission\"\n }\n }\n \n #denies\n if ($MSMQPermDeny)\n {\n $arrPermissions = $MSMQPermDeny.split(\";\")\n foreach ($Permission in $arrPermissions) \n {\n $thisQueue | Set-MsmqQueueAcl -UserName $User -Deny $Permission | Out-Null\n Write-Output \"ACL Deny set: $Permission\"\n }\n }\n }\n } \n \n \n $arrAdminUsers = $MSMQAdminUsers.split(\";\") \n foreach ($User in $arrAdminUsers) \n { \n if ($User)\n { \n Write-Output \"Adding ACL for Admin User: \" $User \n \n #allows\n if ($MSMQPermAdminAllow)\n {\n $arrPermissions = $MSMQPermAdminAllow.split(\";\")\n foreach ($Permission in $arrPermissions) \n {\n $thisQueue | Set-MsmqQueueAcl -UserName $User -Allow $Permission | Out-Null \n Write-Output \"ACL Allow admin set: $Permission\"\n }\n }\n \n #denies\n if ($MSMQPermAdminDeny)\n {\n $arrPermissions = $MSMQPermAdminDeny.split(\";\")\n foreach ($Permission in $arrPermissions) \n {\n $thisQueue | Set-MsmqQueueAcl -UserName $User -Deny $Permission | Out-Null\n Write-Output \"ACL Deny admin set: $Permission\"\n }\n }\n }\n }\n}",
"Octopus.Action.Script.Syntax": "PowerShell",
"Octopus.Action.Script.ScriptSource": "Inline",
"Octopus.Action.RunOnServer": "false",
"Octopus.Action.Script.ScriptFileName": null,
"Octopus.Action.Package.FeedId": null,
"Octopus.Action.Package.PackageId": null
},
"Category": "Windows",
"HistoryUrl": "https://github.com/OctopusDeploy/Library/commits/master/step-templates//opt/buildagent/work/75443764cd38076d/step-templates/msmq-create-transactional-queue.json",
"Website": "/step-templates/4c22f201-c634-4a22-aa55-ae24dc83d588",
"Logo": "iVBORw0KGgoAAAANSUhEUgAAAMgAAADICAMAAACahl6sAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAADNQTFRF////Da3qSsLvhtb0wur6O7zuWcfxldv2aMzyK7ftpOD3s+X48Pr+0fD7d9HzHLLr4fX8xD/OcwAAAaNJREFUeNrs3cFygjAUQFECWott1f//2sJoW6kIKEzNs+euXOmcmSSGDa8oJEmSJEmSJGmsj1W1K9cpsGD1Vr2WdToVEPC+2lYvZfpVrEW0qZpF1F+MRdRugzoNlvkiarfBPk0pT8GhWUSX2yASpDlLr2+DEJBmEY1ug6whx7N0n2b30G1QlmmxHsRYp6X76yvF9vg5RYQczq8UVURI35UiFmTgShED0p6lI1eKzCHTrxS5Qk6PZ9PLDtJ9PIsJmXWlyAky6/dAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQMJCyjltF/iO3gpJUpD8s4OAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgID8T8itwwKyhbTdMr4ha8hXUwZqhICcOgyNOIkE+V5wo4MSgr1u/fp7poO+AL8K/gL8yw0UeyRB34m9iQ/pVD8L5JYTO3NI58R+AsiEEzsW5OfE3sUe/zRwYkeGnG2g2CPS7rhjF4GKP0ZwyoldxK37kFqEL/7wU0mSJEmSJOmJ+xRgAHxZTCXGdZkfAAAAAElFTkSuQmCC",
"$Meta": {
"Type": "ActionTemplate"
}
}
Page updated on Wednesday, March 28, 2018