I have a working configuration script which encrypts my credentials inside the MOF. I am now working on splitting the entire configuration script in composite resource. One of the composite resource installs Windows Feature role (everything works as expected) but on the second composite resource, I need to pass credentials to the resource in order to access it.
Main Configuration script:
Configuration Test {
param (
[Parameter(Mandatory = $true)]
[ValidateNotNullorEmpty()]
[System.Management.Automation.PSCredential]
[Alias('Type your username and password')]
$Credential
)
Import-DscResource -ModuleName CompositeResource
node localhost {
WebServer-CommonPackage TestResource{
CredentialShare = $CredentialShare
}
}
}
Test -ConfigurationData ConfigData.psd1
Configuration CompositeResource
{
param (
[Parameter(Mandatory = $true)]
[ValidateNotNullorEmpty()]
[System.Management.Automation.PSCredential]
$CredentialShare
)
PackageApplication {
Ensure = 'Present'
Path = "SharePath"
Name = Name
ProductID = ProductID
Arguments = Arguments
Credential = $CredentialShare
}
In configuration data I also have
@{
AllNodes = @(
@{
Environment = 'DEV'
NodeName = 'localhost'
PSDSCAllowPlainTextPassword = $false
Certificatefile = 'PublicKey.cer'
Thumbprint = 'thumbprint'}
)
}
Every time I try to compile I get the following errror:
ConvertTo-MOFInstance : System.InvalidOperationException error processing property 'PsDscRunAsCredential' OF TYPE 'File': Converting and storing encryp
ted passwords as plain text is not recommended. For more information on securing credentials in MOF file, please refer to MSDN blog
I need to use credentials for package as I need to install multiple applications directly from share and not have to copy them locally.
If I don’t try to do composite resource module, then everything is encrypted and working, as in my configuration data I have defined both the .cer file path, thumbprint and everything that is need.
The issue is when I try to use credentials inside the composite resource module, then I get the error. I need Credential and not PsDscRunAsCredential as my share requires authentication in order, not to run the installation under a certain user.