Questions tagged [dsc]
Windows PowerShell Desired State Configuration is a tool akin Chef or Puppet, meant to automate keeping Windows servers in a known state.
97 questions
1
vote
0
answers
135
views
IIS looses SSL certificate binding
We are having a problem in changing the binding in the Internet Information Services (IIS) Manager for the SSL certificate, updating it from the old one to the new one.
First of all, here are some ...
1
vote
2
answers
148
views
Compare state of Windows Server 2022 VSphere instances
Apologies for the noob question regarding Windows and VSphere. I am looking to solve a problem in my current organization where we never seem to know the current state of our servers due to too many ...
0
votes
1
answer
101
views
Additional info request on DSC Syntax for Binary Registry Key
I have more questions about implementing the solution found in: DSC Syntax for Binary Registry Key
For the most part the solution suggested by Matthew Whetmore worked... but if the data starts with &...
- 1
1
vote
0
answers
274
views
Is it possible to write a PowerShell DSC configuration that waits for a manual installation?
I would like to use DSC to check and correct Service resources as State = Running. The issue is that these services don't exist until I have manually run a software installer on the target node. I am ...
- 494
1
vote
1
answer
2k
views
Manage Group Policy across multiple domains
I am looking for a way to manage Group Policy across a number of domains, some in the same forest and others in separate forests.
I haven't seen this done before and can't find anything around the ...
- 109
0
votes
1
answer
139
views
SSL Certificate management with Windows DSC
I have a third-party issued certificate that I need to ensure is running on all targets in a given domain. Is there a way to ensure this certificate is installed by way of DSC?
- 3
0
votes
1
answer
178
views
Resize-Partition errors after first execution in DSC script
I'm trying to use the following piece of code in a powershell DSC script. It runs fine on first execution but on following executions it throws an error as it's already expanded.
Here's the command:
...
- 320
0
votes
1
answer
147
views
DSC SMB Pullserver - clients are unable to locate mof file
I have configured the LCM of my target node like this:
[DSCLocalConfigurationManager()]
configuration SMBPullClientConfig
{
param
(
[PARAMETER(Mandatory=$false)]
$NodeName = 'localhost',
...
- 1
0
votes
1
answer
1k
views
Installing Module during OSD Task Sequence from NuGet not found
I have an OSD task sequence which one of the steps runs a package containing the PowerShell DSC '.ps1' file and the '.MOF' configuration. Now during the task sequence it looks like it can't find the ...
1
vote
1
answer
170
views
DSC not pulling config
my DSC node is not pulling the DSC config from my SMB DSC server. Get-DSCConfigurationStatus says the pull was successfull but Get-DSCConfiguration remains the same(old config).
Im testing it with a ...
- 43
1
vote
0
answers
72
views
DSC switching back to push
Hi there i got a small problem. I have configured a node to pull the config from my HTTP DSC server. But once it pulls its config the node switched back to push.
My node config looks like this:
[...
- 43
1
vote
1
answer
756
views
Powershell DSC composite resource, partial configuration, or roles. What's the best approach that's maintainable?
I'm having a little bit of a hard to trying to decipher what the best approach is when creating configurations based off Powershell DSC.
It appears that partial configurations are meant to allow ...
- 175
2
votes
1
answer
604
views
DSC Resource for SSL and TLS and Ciphers
I need to ensure that servers have been properly configured to prevent the usage of SSL2/3 and TLS1.0/1.1 and ensure that only TLS1.2 is enabled.
In addition I need to ensure that certain ciphers are ...
- 635
1
vote
1
answer
212
views
Only include a CertReq in a PowerShell DSC if needed
I'm currently using the CertificateDSC CertReq resource to generate a certificate request within a DSC configuration. I'm pretty new to DSC, I'm checking it out using a push approach and my workflow ...
- 247
1
vote
1
answer
566
views
How to assign a static IP to linux host using Powershell DSC / Lability?
Setup: I am using Lability to deploy a hacking lab consisting of 3 virtual machines. One of the machines is Kali Linux. How could I automatically set a static IP for the Kali when it is first deployed ...
- 11
1
vote
1
answer
188
views
Puppet unable to add user to AD group
I'm trying to add user to group on my DC using puppet:
dsc_xgroup {'DomainAdministrators':
dsc_ensure => 'present',
dsc_memberstoinclude => '[email protected]',...
- 11
1
vote
1
answer
2k
views
How to Use PowerShell DSC to Keep Services on Windows Server Running?
I've recently noticed that our Windows Server 2016 VMs on Azure sometimes fail to start some of their services after rebooting the system (for example ADFS, Remote Desktop Broker and others) even ...
- 13
0
votes
0
answers
145
views
Applying PowerShell Desired State Configuration to Windows host from Linux control machine
I'm interested in using my Linux work machine to apply DSC configuration to Windows machines. I can find lots about using DSC to manage Linux, but that isn't what I'm interested in, I want to use it ...
- 11
0
votes
1
answer
36
views
What Installtion is needed before desired state configuration can be used?
I want to know what is installed on a bare mental machine (real or virtual) to allow it to be further configured by DSC.
All the demos I have seen already have "something" installed on the target so ...
- 1
4
votes
2
answers
4k
views
Can DSC be used to configure IIS on a Windows 10 workstation
I couldn't find this on the interwebs and it seems like a obvious use case to me
Is it possible run Windows Desired State Configuration / DSC on a Windows 10 workstation?
For example, setting up IIS ...
- 978
1
vote
0
answers
232
views
PowerShell JEA RoleDefinitions Trusted Domain
This one may be a bit tricky, and may not be possible. I have a PowerShell JEA endpoint configured in my DSC. It runs fine. The trouble is the users that are listed in the RoleDefinitions section of ...
- 11
1
vote
1
answer
1k
views
Manual PowerShell DSC module installation
I am working on servers without access to the Internet. I am uploading DSC modules to the server, E.g. AccessControlDSC.
The modules are being installed in c:\Program Files\WindowsPowerShell\Modules
...
- 952
2
votes
1
answer
587
views
Is it possible to manage Server Manager Properties through PowerShell DSC?
For example:
Server Manager → Manage → Server Manager Properties "Do not Start manager automatically at logon"
Server Manager → Local Server → IE Enhanced Security Configuration → Off
- 765
3
votes
1
answer
2k
views
Is it possible to download a file using a Powershell DSC resource from Azure File storage account?
I have a file in an Azure File storage. I would like to download it using a DSC resource (xRemoteFile, for example).
The Azure File storage gives me an HTTPS url to that file, but it is not directly ...
- 765
0
votes
1
answer
526
views
Is it possible to ensure a certain schedule for the windows updates on a Windows Server 2016 using Powershell DSC?
Part of configuration is to run all the Windows Updates. I am trying to figure out how to express it with Powershell DSC. Seems like the best is to ensure that the windows updates are scheduled ...
- 765
0
votes
1
answer
154
views
Is Azure Automation DSC at all suitable for configuring client machines (not servers)?
I am trying to create a DSC configuration for a developer workstation and facing difficulties.
A developer machine has a well defined owner - the developer who is going to get it. Some ...
- 765
0
votes
1
answer
820
views
How to install SSMS on a client workstation using Azure Automation DSC?
I found the following post - https://blogs.msdn.microsoft.com/troy_aults_blog/2017/01/13/automating-installation-of-ssms-with-dsc/
Great, all I need to know now is the Product Id of SSMS-Setup-ENU....
- 765
1
vote
1
answer
4k
views
How to use DSC to install .NET windows feature on a non server machine?
Observe the following DSC configuration:
Configuration Example
{
Import-DscResource –ModuleName PSDesiredStateConfiguration
node localhost
{
WindowsFeature 'NetFramework45'
...
- 765
2
votes
1
answer
117
views
When using Azure Automation DSC is it possible to install a product on a non SSD drive if the latter exists?
Suppose I have a product which I want to install on a non SSD drive, if exists. Otherwise, I want it to go on the drive C.
For example, the following configuration is supposed to install the Sql ...
- 765
1
vote
1
answer
133
views
How to automatically deploy a new resource from Azure Automation to DSC nodes?
Scenario:
I have a Windows 10 workstation on-boarded to Azure Automation (AA). It is configured to pull configuration from AA correctly - checked.
I wish to install Sql Server 2016 Developer edition ...
- 765
0
votes
1
answer
115
views
Is it possible to keep all the DSC configurations in Version Control and make Azure Automation fetch it from there automatically?
The Azure Automation DSC seems to know to integrate with GitHub, but it seems to expect only runbooks there. At least, this is what I understand from the following UI screen:
I have just started to ...
- 765
0
votes
1
answer
330
views
Passing arguments to Set-AzureRmVmDscExtension
I'm trying to pick up a passed-in argument to a PowerShell DSC configuration fired by Set-AzureRmVMDscExtension and not having much luck. The idea is to have a xRemoteFile section download a file at a ...
- 343
1
vote
0
answers
942
views
Configuring NICs on Windows safely in DSC or Puppet
We've been using DSC basically since its day 1 release, but one thing we've never been able to do successfully (either by direct plain DSC or via invoking DSC via puppet) is configure Windows ...
- 69.3k
1
vote
1
answer
470
views
How do ARM projects in Visual Studio upload their DSC (and other) assets?
I've worked with ARM templates a bit but building ARM projects in Visual Studio is new. When you create VM resources and then subsequently create a script or DSC extension, in addition to the new JSON,...
- 343
4
votes
2
answers
2k
views
Failure joining on-prem to Azure DSC Automation (Response code: Unauthorized)
I'm having difficulties joining a Windows machine to Azure DSC automation. I'm getting the following error:
Registration of the Dsc Agent with the server https://azureserver/accounts/...
- 103
0
votes
1
answer
83
views
Desired State for MsSQL and IIS (puppet or chef)
In our infrastructure, some developers/consultants change some mssql or iis configurations without any notification which cause us problems.
For example, if somebody change mssql recovery simple to ...
- 33
5
votes
1
answer
1k
views
Why can't I use a DSC resource in push mode from a module that is installed in my user's module path?
I have a Powershell DSC custom resource, embedded in a module. The full code is available here if you want to see it, but that may not be necessary; my problem isn't (I think) in the code I wrote, but ...
0
votes
1
answer
83
views
Server configuration management [closed]
We have windows servers hosting our software. There is a third party company doing something like penetration testing and provides us with reports and recommendations about the servers' setup/...
- 101
2
votes
1
answer
2k
views
DSC Syntax for Binary Registry Key
What should be a simple registry DSC configuration has turned into a somewhat frustrating piece of guesswork. I'm trying to setting a binary registry key. I am finding it impossible to find the right ...
- 39k
1
vote
1
answer
229
views
Azure DSC validation error on portal
Any ideas on the cause value for the template parameter 'modulesUrl' at line '11' and column '20' is not provided returned when validating a new VM in the Azure Portal with the DSC extension. It's no ...
user374923
3
votes
1
answer
158
views
DSC pull schedule randomly stops working
I am using DSC to configure 30 servers.
They are configured to pull with ApplyAndAutoCorrect.
This generally works great, but randomly, servers will stop all DSC activity. The servers never ...
- 111
0
votes
1
answer
535
views
Desired State Configuration HTTPS Pull Site Doesn't Work
I've created a domain certificate for my DSC web pull server (issued by my internal CA) and retrieved the thumbprint.
I exported the certificate from inetmgr and installed it on the pull server (both ...
3
votes
2
answers
2k
views
Investigating Sysvol replication issues when promoting domain controllers with DSC in Azure
We're using PowerShell DSC to automate the deployment of a number of small self contained environments, in these environments we are deploying 2 domain controllers and use DSC to setup the domain etc. ...
- 39k
4
votes
1
answer
679
views
DSC Environment Resource no longer working after WMF5.1 - not detecting PATH values?
I have a number of Partial DSC scripts that use the Environment Resource to set a Path value. I have two scripts that does this and after upgrading from WMF5.0 to WMF5.1, I am getting the following ...
- 43
4
votes
1
answer
5k
views
Enable-PSRemoting or Set-WSManQuickConfig?
I'm getting pumped up for DSC and I want to cover my bases. I see that Enable-PSRemoting actually runs Set-WSManQuickConfig according to help documentation, I guess my main question is, what is the ...
- 95
2
votes
0
answers
622
views
DSC Environment resource failing to see environment variable it has set
I'm using DSC to provision virtual machines. The VMs are setup to pull a DSC configuration from a pull server. All is well with this. However, I noticed that I am frequently seeing:
Job {8B376B76-...
- 146
0
votes
1
answer
526
views
Get-DscResource not returning full list when run from Jenkins on Windows
I have a Windows Server 2016 Jenkins build box. I want to run some powershell in a Jenkins job.
As a test I have set the job to do this in a Execute Windows batch command build step:
powershell -...
- 2,248
2
votes
1
answer
2k
views
How to create a Hyper-V VM with Powershell DSC and module xHyper-V?
I've been trying to create a VM on my Hyper-V 2016 host from my Windows 10 workstation using module xHyper-V with not a lot of joy.
My Hyper-V host is called Lithium and my DSC Script is below.
...
- 2,248
0
votes
1
answer
1k
views
Azure Automation DSC: how to unregister old/misconfigured DSC Nodes from the pull server?
Every now and then I am facing a situation where some old DSC Node remains on the registration list in the Azure Automation DSC pull server.
The nodes appear for a brief moment (1-2 seconds) after ...
- 4,383
2
votes
1
answer
164
views
How to install DSC on Azure Windows 2016 Nano Server deployed from Microsoft's image?
All information I could find regarding DSC on Nano Server suggest the DSC should be added to the server image upon creation, e.g. Using DSC on Nano Server:
DSC on Nano Server is an optional package ...
- 4,383