As I'm new to PowerShell and also DSC (and programming in total) i have a question to which i couldn't find an answer in the web.
I'm trying to install an msi (or an exe) with PS DSC. I sucessfully wrote a script to check and install windows-features and to install JDK and set the ressources.
But with my next step I seem to be overchallenged.
so heres my code so far:
$ConfigurationData = #{
AllNodes = #(
#{
NodeName="*"
PSDscAllowPlainTextPassword=$true
}
)
}
Configuration AppFabric
{
param (
$TargetNodes,
[Parameter(Mandatory=$false)]
[PSCredential]$Credential
)
Import-DscResource –ModuleName ’PSDesiredStateConfiguration’
Node localhost
{
Package AppFabric
{
Ensure = "Present"
Name = "AppFabric"
Path = "$PWD\src\AppFabric\package\appfabric-1.1-for-windows-server-64.msi"
ProductId = ""
LogPath = "$PWD\logs\$env:computername-AppFabric"
Arguments = "/i HostingServices,CacheClient,HostingServicesAdmin"
Credential = "$Credential"
}
}
}
AppFabric -OutputPath $PWD\mof\AppFabric\
Start-DscConfiguration -Path $PWD\mof\AppFabric\ -wait -verbose -Force
So as you see i'm trying to install AppFabric on a Windows Server 2012R2 up to date.
When i Run the script i get following error:
I have no clue, what that means and can't find anything on the web that could help.
If you need further information, let me know, as I said, I'm new to this :x
Thanks!
Edit:
If I try to do it without credentials I get the following:
VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = SendConfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' = root/Microsoft/Windows/DesiredStateConfiguration'.
You are treating the Credential property as a string instead of PSCredential.
Remove double quotes from Credential property to fix the issue.
Package AppFabric
{
Ensure = "Present"
Name = "AppFabric"
Path = "$PWD\src\AppFabric\package\appfabric-1.1-for-windows-server-64.msi"
ProductId = ""
LogPath = "$PWD\logs\$env:computername-AppFabric"
Arguments = "/i HostingServices,CacheClient,HostingServicesAdmin"
Credential = $Credential
}
Related
I am trying to seup SQL Server with PowerShell DSC with following configuration script.
After successful installation When I am trying to login with windows authentication it doesn't work and throws error "login failed for user <domain\user>" even though I am already part of administrators group.
This is my DSC configuration script
Am I missing anything?
Configuration InstallSQLServer
{
param(
[string[]]$NodeName = 'localhost'
)
Import-DscResource -ModuleName SqlServerDsc
Import-DscResource –ModuleName 'PSDesiredStateConfiguration'
node localhost
{
WindowsFeature 'NetFramework45'
{
Name = 'NET-Framework-45-Core'
Ensure = 'Present'
}
SqlSetup 'InstallDefaultInstance'
{
InstanceName = 'MSSQLSERVER'
Features = 'SQLENGINE'
SourcePath = 'C:\SQL2019'
SQLSysAdminAccounts = #("Administrators")
DependsOn = '[WindowsFeature]NetFramework45'
}
Registry REG_LoginMode{
DependsOn = '[SqlSetup]InstallDefaultInstance'
Key = 'HKEY_LOCAL_MACHINE\Software\Microsoft\MSSQLServer\MSSQLServer'
ValueName = 'LoginMode'
ValueType = 'DWORD'
ValueData = $Node.LoginMode
PsDscRunAsCredential = $SQLInstallCredential
}
SqlServerNetwork EnableTcpIp {
DependsOn = '[SqlSetup]InstallDefaultInstance'
InstanceName = 'MSSQLSERVER'
ProtocolName = 'Tcp'
IsEnabled = $true
TCPPort = 1433
RestartService = $true
}
}
}
#Create the MOF
InstallSQLServer -NodeName localhost
#Apply the Configuration
Start-DscConfiguration -Path .\InstallSQLServer -Wait -Force -Verbose
When attempting to access a network shared folder, DSC returns an "Access is denied" error, despite that I have provided a valid credential to it.
I'm using a DSC configuration, where a DSC "Script" resource is as follows:
Script myScriptResource {
GetScript = {return $true}
SetScript = {
$setupShare = '\\SomeNetworkSharesFolder\subFolder'
# This line produces valid results when run directly on node VM.
$build = Get-ChildItem "FileSystem::$setupShare" -Name | Sort-Object -Descending | Select-Object -First 1 | Out-String
Write-Host "Final Build: $build"
}
TestScript = {return $false} #Always run Set-Script block!
Credential = $ValidNetworkShareCredential
PsDscRunAsCredential = $ValidNetworkShareCredential
}
I receive an error:
VERBOSE: [MyNodeVM]: [[Script]myScriptResource] Performing the operation "Set-TargetResource" on target "Executing t
he SetScript with the user supplied credential".
Access is denied
+ CategoryInfo : PermissionDenied: (\\SomeNetworkSharesFolder\subFolder:) [], CimException
+ FullyQualifiedErrorId : ItemExistsUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetChildItemCommand
+ PSComputerName : myNodeVM
This might be due to the fact the LCM on the node VM is using a local SYSTEM user credential by default.
I attempted to change the user credential manually by navigating to the windows services manager (Hint: RUN then services.msc), and change the user credential in the logon tab of winRM service properties. Everytime I attempt to run the Windows Remote Management (WS-Managment) service, I receive and error:
Windows could not start the Windows Remote Management (WS-Management) service on Local Computer.
Error 1079: The account specified for this service is different from the account specified for other services running in the same process.
I don't know how to change the credential of LCM so that it can access the network shared folder upon the execution of Get-ChildItem.
Script myScriptResource {
GetScript = {return $true}
SetScript = {
$username ="someusername"
$secpasswd = ConvertTo-SecureString “somepassword” -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ($username, $secpasswd)
$setupShare = '\\SomeNetworkSharesFolder\subFolder'
$psDriveArgs = #{ Name = ([guid]::NewGuid()); PSProvider = "FileSystem"; Root = $setupShare; Scope = "Private"; Credential = $mycreds }
new-psdrive #psDriveArgs -ErrorAction Stop
# This line produces valid results when run directly on node VM.
$build = Get-ChildItem "FileSystem::$setupShare" | Sort-Object -Descending | Select-Object -First 1 | Out-String
Write-Host "Final Build: $build"
}
TestScript = {return $false} #Always run Set-Script block!
}
There isn't an easy way to make it work with script resource because you need an ability to pass credentials to the script resource so that you can mount a drive and use it to copy/paste. If you want to copy files/directory from the share you can use 'File' resource. If you want to copy files/directory to the share you can use 'xFileUpload' resource from xPsDesiredStateConfiguration (https://gallery.technet.microsoft.com/xPSDesiredStateConfiguratio-417dc71d) Module. If you really need to use script resource to do this job, look into how xFileUpload resource is doing it.
I'm working through the DSC book from powershell.org and trying to setup a pull server using the configuration code specified in the book.
configuration CreatePullServer
{
param
(
[string[]]$ComputerName = 'localhost'
)
Import-DSCResource -ModuleName xPSDesiredStateConfiguration
Node $ComputerName
{
WindowsFeature DSCServiceFeature
{
Ensure = "Present"
Name = "DSC-Service"
}
xDscWebService PSDSCPullServer
{
Ensure = "Present"
EndpointName = "PSDSCPullServer"
Port = 8080
PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\PSDSCPullServer"
CertificateThumbPrint = "AllowUnencryptedTraffic"
ModulePath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Modules"
ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration"
State = "Started"
DependsOn = "[WindowsFeature]DSCServiceFeature"
}
xDscWebService PSDSCComplianceServer
{
Ensure = "Present"
EndpointName = "PSDSCComplianceServer"
Port = 9080
PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\PSDSCComplianceServer"
CertificateThumbPrint = "AllowUnencryptedTraffic"
State = "Started"
IsComplianceServer = $true
DependsOn = ("[WindowsFeature]DSCServiceFeature","[xDSCWebService]PSDSCPullServer")
}
}
}
CreatePullServer -ComputerName pull1.lab.pri
When I run the configuration script, powershell reports that it is unable to load the xPSDesiredStateConfiguration module.
Import-DSCResource -ModuleName xPSDesiredStateConfiguration Unable to
load module 'xPSDesiredStateConfiguration': module not found.
I verified that I have the DSC resource kit installed, and the module is listed when I execute the Get-DSCResource command. Can anyone give me a clue as to what I may have done wrong?
Also, I am using Windows 7 64-bit and have installed KB2819745 to bring powershell up to version 4.
Responding to a comment to my original question, I checked that the module was being listed when executing Get-Module -ListAvailable. I noticed that when I ran the command it was listing the directory containing the module twice. I then realized that while trying to solve an earlier problem I had added the $env:ProgramFiles\WindowsPowerShell\Modules directory to the PSModulePath environment variable, so the modules were being duplicated and causing problems. After removing the path from the PSModulePath environment variable, everything works!
First, you need to install the package. You can download it from here:
https://gallery.technet.microsoft.com/xPSDesiredStateConfiguratio-417dc71d
I'm using the PowerShell 5.0 September Preview to configure a PowerShell Desired State Configuration Pull Server on a Windows Server 2012 R2 virtual machine running on VMware Workstation. To perform the configuration of the DSC Pull Server, I am using a code snippet that I pulled off of the Microsoft PowerShell MSDN blog, which leverages the xPSDesiredStateConfiguration module's xDscWebService DSC resource.
When I attempt to test the OData endpoint for the DSC Pull Server, I receive a HTTP 503: Service Unavailable message. Any ideas on how to debug and fix this?
configuration DscWebService
{
param
(
[ValidateNotNullOrEmpty()]
[string] $CertificateThumbPrint = 'AllowUnencryptedTraffic'
)
Import-DSCResource -ModuleName xPSDesiredStateConfiguration;
WindowsFeature DSCServiceFeature
{
Ensure = 'Present';
Name = 'DSC-Service';
}
WindowsFeature WinAuth
{
Ensure = 'Present';
Name = 'web-Windows-Auth';
}
xDscWebService PSDSCPullServer
{
Ensure = 'Present';
EndpointName = 'PullSvc';
Port = 10100;
PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\PSDSCPullServer";
CertificateThumbPrint = $CertificateThumbPrint;
ModulePath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Modules";
ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration";
State = 'Started';
DependsOn = '[WindowsFeature]DSCServiceFeature';
}
xDscWebService PSDSCConformanceService
{
Ensure = 'Present';
EndpointName = 'DscConformance';
Port = 10101;
PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\PSDSCComplianceServer";
CertificateThumbPrint = 'AllowUnencryptedTraffic';
State = 'Started';
IsComplianceServer = $true;
DependsOn = #('[WindowsFeature]DSCServiceFeature', '[WindowsFeature]WinAuth','[xDSCWebService]PSDSCPullServer') ;
}
}
DscWebService -ComputerName dsc01.t.loc -OutputPath c:\dsc\PullServer -CertificateThumbPrint 00A2F55847C5523FE6CB0C2EE132C638339EA3A8;
Start-DscConfiguration -Wait -Verbose -Path c:\dsc\PullServer -Force;
a 503 Error usually indicates an issue with the apppool associated with a site. Run the following to see the state of your apppools
Get-ChildItem IIS:\AppPools
I am using powershell 1.0 and I need to install a service on a remote machine and first uninstall it if it exists.
This is my script I have that installs the service, however, I seem unable to uninstall the
service. I have tried installutil however the service path is a network path which installutil, throws errors over.
I'm sure there must be a better and cleaner way of approaching this.
$class = "Win32_Service"
$method = "Create"
$mc = [wmiclass]"\\DUMMYServer\ROOT\CIMV2:$class"
$inparams = $mc.PSBase.GetMethodParameters($method)
$inparams.DesktopInteract = $false
$inparams.DisplayName = "DummyService"
$inparams.ErrorControl = 0
$inparams.LoadOrderGroup = $null
$inparams.LoadOrderGroupDependencies = $null
$inparams.Name = "DummyMessageService"
$inparams.PathName = '\\DummyServer\c$\Applications\DummyMessageWindowsService\DummyWindowsService.exe'
$inparams.ServiceDependencies = $null
$inparams.ServiceType = 16
$inparams.StartMode = "Automatic"
$inparams.StartName = $null # will start as localsystem builtin if null
$inparams.StartPassword = $null
$result = $mc.PSBase.InvokeMethod($method,$inparams,$null)
$result | Format-List
If you're stuck on PowerShell 1.0, check out psexec which will allow you to run installutil.exe on the remote machine. If you were on PowerShell 2.0 on both the local and remote machines, you could use remoting to run installutil.exe on the remote machine.