Skip to content

docs: add Windows User Credentials section to Credential-overview#2466

Open
AlexMnrs wants to merge 8 commits into
dsccommunity:mainfrom
AlexMnrs:codex/fix-duplicate-set-strings
Open

docs: add Windows User Credentials section to Credential-overview#2466
AlexMnrs wants to merge 8 commits into
dsccommunity:mainfrom
AlexMnrs:codex/fix-duplicate-set-strings

Conversation

@AlexMnrs

@AlexMnrs AlexMnrs commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Summary

Validation

  • Manual markdown review
  • Content aligns with existing wiki style and CONTRIBUTING.md guidelines

Closes #1768


This change is Reviewable

AlexMnrs added 2 commits June 27, 2026 13:28
Signed-off-by: alexmnrs <alexmnrs92@gmail.com>
- Document UserName vs GetNetworkCredential().UserName behavior
- Table of supported username formats (FQDN, username-only, NetBIOS)
- Note NetBIOS incompatibility with SQLPS/SQL 2016
- Recommendations and examples for credential creation
- Reference issues dsccommunity#1223 and dsccommunity#1768

Addresses dsccommunity#1768
@AlexMnrs AlexMnrs requested review from a team and johlju as code owners June 29, 2026 12:37
@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

Adds markdownlint suppressions to two existing credential overview sections and introduces a new “Windows User Credentials” section with username format guidance, recommendations, and PowerShell/DSC examples.

Changes

Windows User Credentials documentation

Layer / File(s) Summary
Markdownlint suppressions
source/WikiSource/Credential-overview.md
Adds markdownlint suppression markup around an existing gMSA link paragraph and an existing issue-reference note.
Windows User Credentials section
source/WikiSource/Credential-overview.md
Adds supported username formats, SQLPS and SqlServer module behavior, recommendations, PowerShell credential examples, a DSC snippet, and an issue reference.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and accurately summarizes the new Windows User Credentials documentation section.
Description check ✅ Passed The description clearly matches the documentation-focused changes in CredentialOverview.
Linked Issues check ✅ Passed The changes document credential usage, supported formats, and known NetBIOS behavior as requested by #1768.
Out of Scope Changes check ✅ Passed The edits stay within documentation updates, with only lint suppressions and examples needed to support the new section.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@source/WikiSource/Credential-overview.md`:
- Around line 82-90: The ordered list in the Recommendations section uses mixed
numbering, which does not follow the required 1/1/1 style. Update the list in
the Markdown content so every ordered item in that block uses “1.” consistently,
keeping the existing text but changing the list markers only. Locate the fix in
the Recommendations section of the Credential-overview document.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4b2cca40-b3ab-45c0-93a9-2c1145f8892f

📥 Commits

Reviewing files that changed from the base of the PR and between 1be7d60 and d0ecd63.

📒 Files selected for processing (4)
  • CHANGELOG.md
  • source/DSCResources/DSC_SqlRS/en-US/DSC_SqlRS.strings.psd1
  • source/DSCResources/DSC_SqlWindowsFirewall/en-US/DSC_SqlWindowsFirewall.strings.psd1
  • source/WikiSource/Credential-overview.md

Comment thread source/WikiSource/Credential-overview.md

@johlju johlju left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work, thank you! Just small comments.

> without domain prefix.

This limitation was identified in [issue #1223](https://github.com/dsccommunity/SqlServerDsc/issues/1223)
where `GetNetworkCredential().UserName` was being used internally, causing

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GetNetworkCredential().UserName is not used in any code, so this paragraph is incorrect and states past-tense which we do not need to document. Also, if this is still an issue it is not because of GetNetworkCredential().UserName and if this is kept it should instead state why it doesn't work today. 🤔

Comment on lines +61 to +63
**Always use `$Credential.UserName`** when passing the username to SMO connection
contexts (e.g., `ConnectAsUserName`). This preserves the domain format exactly
as the user entered it.

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is referencing properties of SMO types. For examples it should instead reference parameters of the commands or DSC resources. The reader will want to know how to use the commands and DSC resource in this module, not SMO.

2. **Avoid NetBIOS format** (`DOMAIN\user`) when targeting SQL Server 2016 or
environments where SQLPS may be used.
3. **Use `$Credential.UserName`** (not `GetNetworkCredential().UserName`) in
any custom code that passes credentials to SMO connection contexts.

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
any custom code that passes credentials to SMO connection contexts.
any custom code that passes credentials to commands or DSC resources.

# FQDN format (recommended - works everywhere)
$password = ConvertTo-SecureString 'P@ssw0rd1' -AsPlainText -Force
$username = 'user@company.local'
$credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could also do with the short form (could be another example)

Suggested change
$credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password
$credential = [PSCredential]::new($username, $password)

Comment on lines +100 to +101
$username = 'user'
$credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Set the password in this example too so it more clear, otherwise "username only" could be seen as a PSCredential without password, which is not possible.

Comment on lines +103 to +106
# NetBIOS format (AVOID for SQL 2016 / SQLPS)
$username = 'COMPANY\user'
$credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, $password
```

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we need to document how to NOT do it? It is already stated above, so we don't need an example for it?

```

When using these credentials with SqlServerDsc resources, pass them via the
built-in `PsDscRunAsCredential` parameter:

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also add something like

Suggested change
built-in `PsDscRunAsCredential` parameter:
built-in `PsDscRunAsCredential`, credential or password parameters. This example shows the built-in `PsDscRunAsCredential` parameter:

Comment on lines +138 to +139
<sup>_This section was informed by [issue #1223](https://github.com/dsccommunity/SqlServerDsc/issues/1223)
and [issue #1768](https://github.com/dsccommunity/SqlServerDsc/issues/1768)._</sup>

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need to mention issue #1768 as that is what this PR resolves.

Suggested change
<sup>_This section was informed by [issue #1223](https://github.com/dsccommunity/SqlServerDsc/issues/1223)
and [issue #1768](https://github.com/dsccommunity/SqlServerDsc/issues/1768)._</sup>
<sup>_This section was informed by [issue #1223](https://github.com/dsccommunity/SqlServerDsc/issues/1223)._</sup>

@johlju johlju added the waiting for code fix A review left open comments, and the pull request is waiting for changes to be pushed by the author. label Jun 29, 2026
@codecov

codecov Bot commented Jun 29, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91%. Comparing base (9400ebf) to head (e5670fd).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@         Coverage Diff          @@
##           main   #2466   +/-   ##
====================================
  Coverage    91%     91%           
====================================
  Files        32      32           
  Lines      5353    5353           
====================================
  Hits       4904    4904           
  Misses      449     449           
Flag Coverage Δ
unit 91% <ø> (ø)
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (2)
source/WikiSource/Credential-overview.md (2)

56-60: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Add markdownlint-disable comment for the wide table.

The table header exceeds 80 characters. Per the Markdown style guidelines, disable the MD013 rule for this table block.

As per path instructions: "Disable MD013 rule by adding a comment for tables/code blocks exceeding 80 characters".

📝 Proposed fix
+<!-- markdownlint-disable MD013 -->
 | Format | Example | Works with SQLPS (SQL 2016) | Works with SqlServer module |
 | ------ | ------- | --------------------------- | --------------------------- |
 | **FQDN (UPN)** | `user@domain.local` | ✅ Yes | ✅ Yes |
 | **Username only** | `user` | ✅ Yes | ✅ Yes |
 | **NetBIOS** | `DOMAIN\user` | ❌ **No** | ✅ Yes |
+<!-- markdownlint-enable MD013 -->
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@source/WikiSource/Credential-overview.md` around lines 56 - 60, The wide
markdown table in Credential-overview.md triggers MD013 because the header
exceeds 80 characters; add a markdownlint disable comment for MD013 around this
specific table block. Use the existing table near the credential format examples
and ensure the disable applies only to that table, then re-enable afterward if
needed.

Source: Path instructions


48-48: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Use bold for parameter names and italic for module/product names.

Several text formatting guidelines are not followed in the changed text. Please update the following:

  • Line 48: _SqlServerDsc_ (module name)
  • Line 50: **Credential**, **UserName**, **Password** (parameter names in text)
  • Line 63: _SQLPS_ (module name)
  • Line 64: _SQL Server_ (product name)
  • Line 69: _SQL Server_ (product name)
  • Line 90–92: **PsDscRunAsCredential**, **credential**, **password** (parameter names in text)

As per path instructions: "Parameters: bold" and "Resource/module/product names: italic".

📝 Proposed fix
-When using Windows user credentials (i.e., `LoginType = 'WindowsUser'`) with
-SqlServerDsc resources, there are important considerations regarding the
+When using Windows user credentials (i.e., `LoginType = 'WindowsUser'`) with
+_SqlServerDsc_ resources, there are important considerations regarding the
 username format used in credential, username, and password parameters.
+username format used in **Credential**, **UserName**, and **Password** parameters.
 
-When using these credentials with SqlServerDsc resources, pass them via the
-built-in `PsDscRunAsCredential`, credential or password parameters. This
-example shows the built-in `PsDscRunAsCredential` parameter:
+When using these credentials with _SqlServerDsc_ resources, pass them via the
+built-in **PsDscRunAsCredential**, **credential** or **password** parameters. This
+example shows the built-in **PsDscRunAsCredential** parameter:
-### Recommendations
+### Recommendations
 
 1. **Prefer FQDN format** (`user@domain.local`) for maximum compatibility across
-   all SQL Server versions and PowerShell modules.
+   all _SQL Server_ versions and PowerShell modules.
 1. **Avoid NetBIOS format** (`DOMAIN\user`) when targeting SQL Server 2016 or
-   environments where SQLPS may be used.
+   environments where _SQLPS_ may be used.

Also applies to: 50-50, 63-64, 69-69, 90-92

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@source/WikiSource/Credential-overview.md` at line 48, Update the affected
prose in Credential-overview.md to follow the formatting rules: wrap
module/product names such as SqlServerDsc, SQLPS, and SQL Server in italics, and
wrap parameter names such as Credential, UserName, Password,
PsDscRunAsCredential, credential, and password in bold. Make the edits in the
referenced paragraphs so the existing text reads consistently with the
“Parameters: bold” and “Resource/module/product names: italic” guidance.

Source: Path instructions

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@source/WikiSource/Credential-overview.md`:
- Around line 56-60: The wide markdown table in Credential-overview.md triggers
MD013 because the header exceeds 80 characters; add a markdownlint disable
comment for MD013 around this specific table block. Use the existing table near
the credential format examples and ensure the disable applies only to that
table, then re-enable afterward if needed.
- Line 48: Update the affected prose in Credential-overview.md to follow the
formatting rules: wrap module/product names such as SqlServerDsc, SQLPS, and SQL
Server in italics, and wrap parameter names such as Credential, UserName,
Password, PsDscRunAsCredential, credential, and password in bold. Make the edits
in the referenced paragraphs so the existing text reads consistently with the
“Parameters: bold” and “Resource/module/product names: italic” guidance.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 1df4d141-2335-4fd9-a26c-0ebc633a30ce

📥 Commits

Reviewing files that changed from the base of the PR and between c973ae9 and 710de74.

📒 Files selected for processing (1)
  • source/WikiSource/Credential-overview.md

@AlexMnrs

Copy link
Copy Markdown
Contributor Author

Thanks for the careful review, @johlju. I pushed an update that addresses the wording and examples: removed the incorrect GetNetworkCredential()/SMO explanation, kept the guidance focused on commands and DSC resources, switched the credential examples to [PSCredential]::new(), removed the NetBIOS anti-example, and trimmed the footer to only reference #1223. I also updated the branch with current main.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

waiting for code fix A review left open comments, and the pull request is waiting for changes to be pushed by the author.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

SqlServerDsc: Document how to use credentials

2 participants