I have successfully encrypted my first set of credentials within a DSC configuration using a Certificate. I needed to encrypt the credentials for a service account running an App Pool. But I have 12 different App Pools running on a single machine in one environment. Times this by 4(or more) and now I have 48 credentials that I must encrypt.
What are your recommendations on encrypting multiple Credentials in one DSC configuration? Can you provide an example?
xWebAppPool Example
{
Name = “ExampleAppPool”
State = “Started”
identityType = “SpecificUser”
Credential = $ExampleCredential
}
You’d do it the same way you did the first one ;). Any PSCredential object will be encrypted during MOF creation, provided you have a certificate set up, which you do. You only need the one certificate to actually DO the encryption, so this shouldn’t be any more difficult than doing one credential.
I understand. I forgot to mention one critical piece of information here. Sorry about that. I am trying to pass the PSCredential’s to the DSC configuration but they are either coming up Empty or it still prompts me for a password.
However, this approach seems odd to me because I would have 30-50+ user accounts/passwords to pass-through depending on the environment because our Application Pools run under specific domain user accounts. I would think there is an easier way. Any suggestions?
So I finally got it to work. However I still think there is a better way to pass in domain creds then to secure each cred into a variable and pass it in. Anyhow the reason why I was getting blank credentials was because when I was executing the DSC configuration to create the .mof it was not detecting my parameters. It was until I moved the Import-DSCResource line from above the param statement to below the param statement. That seems strange to me. I provided my code below.
Still instead of me writing out each Service account user/pass and passing them in, do you know of a better approach?