DSC not accepting values from config file

system · October 11, 2018, 5:21am

Hi Everyone,

I have a weird issue with my configuration. I am trying to create RDS environment across 3 servers. My issue is that DSC not accepting value from configuration data. In my configuration data I have both PSDscAllowPlainTextPassword, PSDscAllowDomainUser fields but still I get this issue.

$data = @{
  AllNodes = @(
    @{
        NodeName = '*'
        PSDscAllowPlainTextPassword = $true
        PSDscAllowDomainUser = $true
    },

    @{....

Even If I have both PSDscAllowPlainTextPassword, PSDscAllowDomainUser it is not accepting it.

ConvertTo-MOFInstance : System.InvalidOperationException error processing property ‘PsDscRunAsCredential’ OF TYPE ‘xRDSessionDeployment’: Converting and storing encrypted passwords as plain text is not recommended. For m
ore information on securing credentials in MOF file, please refer to MSDN blog: Securing the MOF File - PowerShell | Microsoft Docs
At C:\RDS2016.ps1:109 char:9
WARNING: It is not recommended to use domain credential for node ‘System.Collections.Hashtable’. In order to suppress the warning, you can add a property named ‘PSDscAllowDomainUser’ with a value of $true to your DSC conf
iguration data for node ‘System.Collections.Hashtable’.

kvprasoon · October 11, 2018, 5:55am

How are you calling pushing the configuration ? Can you show us the code which is triggering the configuration.

system · October 11, 2018, 6:05am

Hi,

Here comes the whole config

$data = @{
  AllNodes = @(

    @{
        NodeName = '*'
        PSDscAllowPlainTextPassword = $true
        PSDscAllowDomainUser = $true      
     },

    @{
        NodeName = 'rdcb01'
        Role = 'Connection Broker'
    },

    @{        
        NodeName = 'rdsh01'
        Role = 'Session Host'
    },

    @{
        NodeName = 'rdwa01'
        Role = 'Web Access'
    }

  );

  RDSData = @{
        ConnectionBroker = 'rdcb01.domain.com'
        SessionHost = 'rdsh01.domain.com'
        WebAccessServer = 'rdwa01.domain.com'
        CollectionName = 'RDS'
        AutomaticReconnectionEnabled = $true
        DisconnectedSessionLimitMin = 300
        IdleSessionLimitMin = 300
        BrokenConnectionAction = 'Disconnect'
        UserGroup = 'Domain Users'
    
   }

}

Configuration RDS {

param ( 
    
     [Parameter(Mandatory=$true)]
     [pscredential]$DomainAdminCred
)

#region

Import-DscResource -ModuleName PSDesiredStateConfiguration, 
    @{ModuleName='xRemoteDesktopSessionHost';ModuleVersion="1.8.0.0"}

#endregion

Node $AllNodes.Where{$_.Role -eq 'Connection Broker'} {
$RDData = $data.RDSData
        WindowsFeature RDSConnectionBroker {
        Name = 'RDS-Connection-Broker'
        Ensure = 'Present'
        }

        WindowsFeature RSATRDSTools {
        Name = 'RSAT-RDS-Tools'
        Ensure = 'Present'
        IncludeAllSubFeature  = $true
        DependsOn = '[WindowsFeature]RDSConnectionBroker'
        }
        
        WaitForAll SessionHost {
        NodeName = 'rdsh01'
        ResourceName = '[WindowsFeature]SessionHost'
        RetryIntervalSec = 15
        RetryCount = 50
        DependsOn = '[WindowsFeature]RSATRDSTools'
        }

        WaitForAll WebAccess {
        NodeName = 'rdwa01'
        ResourceName = '[WindowsFeature]WebAccess'
        RetryIntervalSec = 15
        RetryCount = 50
        DependsOn = '[WaitForAll]SessionHost'
        }

        xRDSessionDeployment NewDeployment {
        ConnectionBroker = $RDData.ConnectionBroker
        SessionHost = $RDData.SessionHost
        WebAccessServer = $RDData.WebAccessServer
        DependsOn = '[WaitForAll]WebAccess'
        PsDscRunAsCredential = $DomainAdminCred
        }

        xRDSessionCollection collection {    
        CollectionName = $RDData.CollectionName
        SessionHost = $RDData.SessionHost
        ConnectionBroker = $RDData.ConnectionBroker
        DependsOn = '[xRDSessionDeployment]NewDeployment'
        PsDscRunAsCredential = $DomainAdminCred
        }
} 

Node $AllNodes.Where{$_.Role -eq 'Session Host'}.NodeName {
        WindowsFeature SessionHost {
        Name = 'RDS-RD-Server'
        Ensure = 'Present'
        }
}

Node $AllNodes.Where{$_.Role -eq 'Web Access'}.NodeName {
        WindowsFeature WebAccess {
        Name = 'RDS-Web-Access'
        Ensure = 'Present'
        }
    }
}

RDS -OutputPath 'C:\' -DomainAdminCred $DomainAdminCred -ConfigurationData $data -Verbose

kvprasoon · October 11, 2018, 11:52pm

You have missed to take out NodeName from Node $AllNodes.Where{$_.Role -eq ‘Connection Broker’}

it should be Node

$AllNodes.Where{$_.Role -eq 'Connection Broker'}.NodeName

system · October 12, 2018, 7:56am

Thank you so much. Don’t understand how could I miss that but it is wierd that DSC didn’t prompt for that.

kvprasoon · October 12, 2018, 8:06am

DSC won’t prompt for that, the condition $AllNodes.Where{$_.Role -eq ‘Connection Broker’} does have an output which is a hashtable, it then converts it to a string and will get System.Collections.Hashtable as value and will treat that as a node name. your mof file will get created with this name if you try to execute by commenting the credential part.

-a----       10/12/2018   7:03 PM           4378 System.Collections.Hashtable.mof

Topic		Replies	Views
Unable to use credential objects within DSC DSC	3	231	December 28, 2015
Problem with ConfiguratinData and Composite Resources DSC	5	182	January 12, 2016
Strange error when executing configuration file DSC	3	202	May 24, 2018
Creating a resource to check if service is running DSC	3	190	July 16, 2015
Import pfx DSC	1	350	December 13, 2018

DSC not accepting values from config file

Related Topics