DSC Pull server cannot find module

Hey guys,

i’m getting the below error on nodes when trying to pull a configuration onto a node. I can see PSDesiredStateConfiguration_1.1.zip with a checksum on pull server im not sure why it is looking for a module verison 1.0. I have rezipped the modules for the pull server, cleaned out C:\windows\system32\configuration\ , rebooted.

In the event log in seeing events (4104), (4252)

1. This event indicates that failure happens when LCM is trying to get the configuration from pull server using download manager NULL. ErrorId is 0x1. ErrorDetail is Cannot find module PSDesiredStateConfiguration_1.0 from the server https://Pullserver:8080/PSDSCPullServer.svc/Modules(ModuleName='PSDesiredStateConfiguration',ModuleVersion='1.0')/ModuleContent.
2. MIResult: 1
Error Message: Cannot find module PSDesiredStateConfiguration_1.0 from the server https://Pullserver:8080/PSDSCPullServer.svc/Modules(ModuleName='PSDesiredStateConfiguration',ModuleVersion='1.0')/ModuleContent.
Message ID: WebDownloadManagerModuleNotFound,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscModuleCommand
Error Category: 21
Error Code: 1
Error Type: MI

I’m switching from Push to Pull, which i don’t know if it’s affecting this.

Any ideas where i’m going wrong?

PS C:\Windows\system32> Update-DscConfiguration -Wait -Verbose -ComputerName Targetnode1
VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = PerformRequiredConfigurationChecks,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' = root/Microsoft/Windows/DesiredStateConfiguration'.
VERBOSE: An LCM method call arrived from computer  with user sid S-1-5-21-XXXXXXXXXXX.
VERBOSE: [Targetnode1]:                            [] Executing Get-Action with configuration 's checksum: .
VERBOSE: [Targetnode1]:                            [] Executing Get-Action with configuration 's checksum returned result status: GetConfiguration.
VERBOSE: [Targetnode1]:                            [] Checksum is different. LCM will execute GetConfiguration to pull configuration .
VERBOSE: [Targetnode1]:                            [] Executing GetConfiguration failed. Configuration  is not pulled.
Cannot find module PSDesiredStateConfiguration_1.0 from the server https://PULLSERV:8080/PSDSCPullServer.svc/Modules(ModuleName='PSDesiredStateConfiguration',ModuleVersion='1.0')/ModuleContent.
    + CategoryInfo          : ResourceUnavailable: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : WebDownloadManagerModuleNotFound,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscModuleCommand
    + PSComputerName        : Targetnode1
 
VERBOSE: Operation 'Invoke CimMethod' complete.
VERBOSE: Time taken for configuration job to complete is 3.121 seconds


ActionAfterReboot              : ContinueConfiguration
AgentId                        : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
AllowModuleOverWrite           : True
CertificateID                  : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ConfigurationDownloadManagers  : {[ConfigurationRepositoryWeb]prod-PullSrv}
ConfigurationID                : 
ConfigurationMode              : ApplyAndMonitor
ConfigurationModeFrequencyMins : 15
Credential                     : 
DebugMode                      : {All}
DownloadManagerCustomData      : 
DownloadManagerName            : 
LCMCompatibleVersions          : {1.0, 2.0}
LCMState                       : Idle
LCMStateDetail                 : 
LCMVersion                     : 2.0
StatusRetentionTimeInDays      : 10
PartialConfigurations          : 
RebootNodeIfNeeded             : True
RefreshFrequencyMins           : 30
RefreshMode                    : Pull
ReportManagers                 : {[ReportServerWeb]Prod-ReportSrv}
ResourceModuleManagers         : {}
PSComputerName                 : Targetnode1
PSComputerName                 : Targetnode1

ResourceId              : [ConfigurationRepositoryWeb]PROD-PullSrv
SourceInfo              : ::24::9::ConfigurationRepositoryWeb
AllowUnsecureConnection : False
CertificateID           : XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ConfigurationNames      : {Targetnode1}
RegistrationKey         : 
ServerURL               : https://PULLSERV:8080/PSDSCPullServer.svc
PSComputerName          : Targetnode1

im seeing under eventvwr "Powershell-Desiredstatecpmfiguation-PullServer - Operational "
i originally had pointed these locations to a file server. i have moved them back default location. Cycled IIS on the pull server which has made no difference.

event id 4353 - Module repository C:\Program Files\WindowsPowerShell\DscService\Modules\ is not found.
event id 4352 - Configuration repository C:\Program Files\WindowsPowerShell\DscService\Configuration\ is not found.

  1. Why are you trying to push or pull PSDesiredStateConfiguraion 1.1 ?
    This is present on all servers by default as PowerShell v5 installs it
    I can understand xPSDesiredStateConfiguration 1.10.1.1 or lower for that matter.

  2. your configuration script probably has

Import-Module statement for the module requiring version 1.0 as you can see on the log
but your offering 1.1

can you elaborate, either link here or use gist, the script for your pull server and LCM
plus the configuration you want to pull/push ?

Can you also share the exact version of PowerShell you are using? Doing $PSVersiontable on PowerShell console should give this information.

As a workaround, can you try the following?
In your configuration script, you can explicitly ask for 1.1 by doing the following

 Import-DscResource -ModuleName PSDesiredStateConfiguration -ModuleVersion 1.1 

Hey guys,

i’m not trying to push or pull PSDesiredStateConfiguration

PS C:\Windows\system32> $PSVersionTable

Name                           Value                                                                                                                                                                                                                             
----                           -----                                                                                                                                                                                                                             
PSVersion                      5.0.10586.117                                                                                                                                                                                                                     
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}                                                                                                                                                                                                           
BuildVersion                   10.0.10586.117                                                                                                                                                                                                                    
CLRVersion                     4.0.30319.34014                                                                                                                                                                                                                   
WSManStackVersion              3.0                                                                                                                                                                                                                               
PSRemotingProtocolVersion      2.3                                                                                                                                                                                                                               
SerializationVersion           1.1.0.1                    
       
foreach  ($item in $nodes) {   
[DSCLocalConfigurationManager()]
configuration PullClientConfigID
{
    Node $item
    {
        Settings
        {
            AllowModuleOverWrite = $true
            RefreshMode = 'Pull'
            RefreshFrequencyMins = 30 
            RebootNodeIfNeeded = $true
            Debugmode = "All"           
        }

        ConfigurationRepositoryWeb INGD-PullSrv
        {
            ServerURL = 'https://pullserver:8080/PSDSCPullServer.svc'
            RegistrationKey = 'key'
            AllowUnsecureConnection = $false
            CertificateID = (get-childitem -path  Cert:\LocalMachine\My |  ?{$_.subject -like "*$item*"}).Thumbprint 
            ConfigurationNames = @("$item")
        }

        ReportServerWeb ClientD-ReportSrv
        {
            ServerURL = 'https://pullserver:8080/PSDSCPullServer.svc'
            RegistrationKey = 'key'
             CertificateID = (get-childitem -path  Cert:\LocalMachine\My |  ?{$_.subject -like "*$item*"}).Thumbprint 
        }
    }
}
PullClientConfigID -verbose
Set-DSCLocalConfigurationManager –Path .\PullClientConfigID –Verbose -force -ComputerName $item
}

           

#Pull Servers.
$nodes = "SRV1","SRV2"
$ConfigurationData = @{
    AllNodes = @(
        @{
            Role = @('Web', 'PullServer','Soe')
                    NodeName                    = "SRV1"
                    groupname                   = "Local Admins - SRV1"
                    Description                 =  PULL Server - Web Farm'
                    PSDscAllowPlainTextPassword = $True
                    PSDscAllowDomainUser = $true
                    #Thumbprint = ""
                    #CertificateFile = "C:\inetpub\wwwroot\DSC\Keys\DscPublicKey.cer" 
                    Domain                      = "$env:USERDNSDOMAIN"                   
                    PullServerEndPointName = 'PullServer'
                    PullserverPort = 8080                     
                    PullserverPhysicalPath = "C:\inetpub\wwwroot\DSC\PSDSCPullServer\"
                    PullserverModulePath = "\\SOFS\DSC\AU\Modules\"
                    PullServerConfigurationPath = "\\SOFS\DSC\AU\Configuration\"
                    RegistrationKeyPath = "\\SOFS\DSC\AU\Registration_Key\"
                    PullServerThumbPrint =  "09D84548A44A4A415B9CA8C22B7C9ED8D8B37742"
                    ComplianceServerEndPointName = 'PSDSCComplianceServer'
                    ComplianceServerPort = 9080
                    ComplianceServerPhysicalPath = "C:\inetpub\wwwroot\DSC\Compliance\PSDSCPullServer"
                    ComplianceServerThumbPrint = 'AllowUnencryptedTraffic'
                   
             

}
       @{
          Role = @('Web', 'PullServer','Soe')
                    NodeName                    = "SRV2"
                    groupname                   = "Local Admins - SRV2"
                    Description                 = 'TG AU DSC PULL Server - Web Farm'
                    PSDscAllowPlainTextPassword = $false
                    PSDscAllowDomainUser = $true
                    #Thumbprint = ""
                    #CertificateFile = "C:\inetpub\wwwroot\DSC\Keys\SRV2.cer" 
                    Domain                      = "$env:USERDNSDOMAIN"                   
                    PullServerEndPointName = 'PULLServer'
                    PullserverPort = 8080                     
                    PullserverPhysicalPath = "C:\inetpub\wwwroot\DSC\PSDSCPullServer\"
                    PullserverModulePath = "\\SOFS\DSC\AU\Modules\"
                    PullServerConfigurationPath = "\\SOFSDSC\AU\Configuration\"
                    PullServerThumbPrint =  "thumbprint "
                    RegistrationKeyPath = "\\SOFS\DSC\AU\Registration_Key\"
                    ComplianceServerEndPointName = 'PSDSCComplianceServer'
                    ComplianceServerPort = 9080
                    ComplianceServerPhysicalPath = "C:\inetpub\wwwroot\DSC\Compliance\PSDSCPullServer"
                    ComplianceServerThumbPrint = 'AllowUnencryptedTraffic'
                       

}

     );
}


   
Configuration PullServer
{
Param(
       [PsCredential]$DomainAdminCredential
       
    )


    Import-DscResource -name iComputerDescription, iadgroup ,iServiceOwnProcess,  idisk, iWaitForDisk, xSystemVirtualMemory,   xComputer,iSccmSite,iLocalAccounts, idvddrive, xWebsite
    Import-DscResource -Module xPSDesiredStateConfiguration -ModuleVersion 3.9.0.0
    Import-DscResource –ModuleName PSDesiredStateConfiguration
    Node  $AllNodes.where{$_.Role -eq 'SOE'}.NodeName {
            LocalConfigurationManager
            {
                
                ConfigurationMode  = 'ApplyAndAutoCorrect' 
                RebootNodeIfNeeded = $true
                DebugMode = 'ALL'
                ActionAfterReboot  = 'ContinueConfiguration' 
                RefreshMode = 'push' 
                CertificateId = "AllowUnencryptedTraffic"         
            }
        windowsfeature RSATADPowerShell
        {
                name = 'RSAT-AD-PowerShell'
                Ensure = 'Present'
        }
        iComputerDescription description
        {
               Name = $node.Description
               Ensure = 'Present'
        }
        idvddrive Z
        {
               Name = "Z:"
               Ensure = "Present"
        }
        xComputer Domain
        {
            Name = $node.nodename
            Credential = $DomainAdminCredential
            DomainName = $node.domain
        }
        iServiceOwnProcess WinRM
        {
            Name = 'WinRM'
            Ensure = 'Present'
        }
        iWaitForDisk DiskP
        {
            DiskNumber= 0
            RetryCount = 10
            RetryIntervalSec = 20
        }
        idisk Page
        {
            DiskNumber = 1
            DriveLetter = 'P'
            Dependson = '[iWaitForDisk]DiskP'
        }
       
        xSystemVirtualMemory Page
        {
            ConfigureOption = 'CustomSize'
            DriveLetter = 'P:'
            InitialSize = '2048'
            MaximumSize = '8096'
            Dependson = '[idisk]Page'
        }

        iadgroup localadmins
        {
            GroupName = $node.groupname
            Credential = $DomainAdminCredential
        }
        group Localadmins
        {
            GroupName = 'Administrators'
            Ensure = 'Present'
            MembersToInclude = @("$($env:USERDOMAIN)\$($node.groupname)")
            Credential = $DomainAdminCredential
            dependson = '[iadgroup]localadmins'
        }
        iSccmSite NR1
        {
            Name = "NR1"
            Ensure = "Present"
        }
        iLocalAccounts ING
        {
            Name = $node.NodeName 
            Ensure = 'Present'     
        }
        registry AutoAdminLogon
        {
            key = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"
            ValueName = "AutoAdminLogon"
            Valuedata = "0"
            Ensure = "Present"
        }
        registry DefaultUserName
        {
            key = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"
            ValueName = "DefaultUserName"
            Valuedata = ""
            Ensure = "Present"
        }
        registry DefaultDomainName
        {
            key = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"
            ValueName = "DefaultDomainName"
            Valuedata = ""
            Ensure = "Present"
        }
        registry DefaultPassword
        {
            key = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"
            ValueName = "DefaultPassword"
            Valuedata = ""
            Ensure = "Present"
        }
        registry AutoLogonCount
        {
            key = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\"
            ValueName = "AutoLogonCount"
            Valuedata = "0"
            Ensure = "Present"
        }
        registry DoNotOpenServerManagerAtLogon
        {
            key = "HKLM:\Software\Microsoft\ServerManager\"
            ValueName = "DoNotOpenServerManagerAtLogon"
            Valuedata = "1"
            Ensure = "Present"
        }
        registry DisabledComponents
        {
            key = "HKLM:\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\"
            ValueName = "DisabledComponents"
            valuedata = "4294967295"
            Ensure = "Present"
            ValueType = "Qword"
        } 
                registry Showalltrayicons
        {
            key = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer"
            ValueName = "EnableAutoTray"
            valuedata = "0"
            Ensure = "Present"
            ValueType = "Dword"
        }  

        
        #End Node Role SOE

###############################################################################

   Node $AllNodes.where{$_.Role -eq 'Web'}.NodeName {
    

#       # Install the IIS role

        WindowsFeature IIS {
        
            Ensure = "Present"
            Name = "Web-Server"
        }

#       # Make sure the following defaults cannot be removed:        

        WindowsFeature DefaultDoc {
        
            Ensure = "Present"
            Name = "Web-Default-Doc"
            DependsOn = '[WindowsFeature]IIS'
        }

        WindowsFeature HTTPErrors {
        
            Ensure = "Present"
            Name = "Web-HTTP-Errors"
            DependsOn = '[WindowsFeature]IIS'
        }

        WindowsFeature HTTPLogging {
        
            Ensure = "Present"
            Name = "Web-HTTP-Logging"
            DependsOn = '[WindowsFeature]IIS'
        }

        WindowsFeature StaticContent {
        
            Ensure = "Present"
            Name = "Web-Static-Content"
            DependsOn = '[WindowsFeature]IIS'
        }

        WindowsFeature RequestFiltering {
        
            Ensure = "Present"
            Name = "Web-Filtering"
            DependsOn = '[WindowsFeature]IIS'
        }
        
 #      # Install additional IIS components to support the Web Application 

        WindowsFeature NetExtens4 {
        
            Ensure = "Present"
            Name = "Web-Net-Ext45"
            DependsOn = '[WindowsFeature]IIS'
        }

        WindowsFeature AspNet45 {
        
            Ensure = "Present"
            Name = "Web-Asp-Net45"
            DependsOn = '[WindowsFeature]IIS'
        }

        WindowsFeature ISAPIExt {
        
            Ensure = "Present"
            Name = "Web-ISAPI-Ext"
            DependsOn = '[WindowsFeature]IIS'
        }

        WindowsFeature ISAPIFilter {

            Ensure = "Present"
            Name = "Web-ISAPI-filter"
            DependsOn = '[WindowsFeature]IIS'
        }


        WindowsFeature DirectoryBrowsing {
        
            Ensure = "Present"
            Name = "Web-Dir-Browsing"
            DependsOn = '[WindowsFeature]IIS'
        }
     

        WindowsFeature StaticCompression {
        
            Ensure = "Present"
            Name = "Web-Stat-Compression"
            DependsOn = '[WindowsFeature]IIS'
        }        


       WindowsFeature ASP {
        
            Ensure = "Present"
            Name = "Web-ASP"
            DependsOn = '[WindowsFeature]IIS'
        }

       WindowsFeature CGI {
        
            Ensure = "Present"
            Name = "Web-CGI"
            DependsOn = '[WindowsFeature]IIS'
        }

       WindowsFeature IPDomainRestrictions {
        
            Ensure = "Present"
            Name = "Web-IP-Security"
            DependsOn = '[WindowsFeature]IIS'
        }


        WindowsFeature Management {

            Name = 'Web-Mgmt-Service'
            Ensure = 'Present'
        }

        Registry RemoteManagement { # Can set other custom settings inside this reg key

            Key = 'HKLM:\SOFTWARE\Microsoft\WebManagement\Server'
            ValueName = 'EnableRemoteManagement'
            ValueType = 'Dword'
            ValueData = '1'
            DependsOn = @('[WindowsFeature]IIS','[WindowsFeature]Management')
       }

       Service StartWMSVC {

            Name = 'WMSVC'
            StartupType = 'Automatic'
            State = 'Running'
            DependsOn = '[Registry]RemoteManagement'

       }

        xWebsite DefaultSite {

            Name            = "Default Web Site"
            State           = "Started"
            PhysicalPath    = "C:\inetpub\wwwroot"
            DependsOn       = "[WindowsFeature]IIS"
        }


    } #End Node Role Web

###############################################################################

    Node $AllNodes.where{$_.Role -eq 'PullServer'}.NodeName {

#       # This installs both, WebServer and the DSC Service for a pull server
#       # You could do everything manually - which I prefer

         WindowsFeature DSCServiceFeature {

            Ensure = "Present"
            Name   = "DSC-Service"
        }

       xDscWebService PSDSCPullServer {
        
            Ensure = "Present"
            EndpointName = $Node.PullServerEndPointName
            Port = $Node.PullServerPort   
            PhysicalPath = $Node.PullserverPhysicalPath
            CertificateThumbPrint = $node.PullServerThumbPrint
            ModulePath = $Node.PullServerModulePath
            ConfigurationPath = $Node.PullserverConfigurationPath
            RegistrationKeyPath =  $node.RegistrationKeyPath
            State = "Started"
      
            AcceptSelfSignedCertificates = $False
            DependsOn = "[WindowsFeature]DSCServiceFeature"
        }
      
        xDscWebService PSDSCComplianceServer {
        
            Ensure = "Present"
            EndpointName = $Node.ComplianceServerEndPointName
            Port = $Node.ComplianceServerPort
            PhysicalPath = $Node.ComplianceServerPhysicalPath
            CertificateThumbPrint =  $Node.ComplianceServerThumbPrint
            State = "Started"
            DependsOn = ("[WindowsFeature]DSCServiceFeature","[xDSCWebService]PSDSCPullServer")
        }

   
       
        } # End Node PullServer

    }
}

$source = '\\SOFS\DSC\AU\Configuration\'
PullServer -OutputPath $source -ConfigurationData $ConfigurationData -DomainAdminCredential (Get-Credential) -Verbose

First thing that pops to the eye is that your using a powershell v4 pull server script
with the PSDSCComplianceServer that you need to fix.

Still going over your script but that’s the first thing that caught my eye.

second thing is I’m not sure you can use, I haven’t checked it myself but I dont remember seeing that as being supported

                    PullserverModulePath = "\\SOFS\DSC\AU\Modules\"
                    PullServerConfigurationPath = "\\SOFS\DSC\AU\Configuration\"
                    RegistrationKeyPath = "\\SOFS\DSC\AU\Registration_Key\"

it has the be on the pull server with local path not network one

Dont know if its an editing you did on the script or its a misstype but the ConfigurationData section needs a fix:

$ConfigurationData = @{
    AllNodes = @(
        @{
            Role = @('Web', 'PullServer','Soe')
                    NodeName                    = "SRV1"
                    groupname                   = "Local Admins – SRV1"
                    Description                 =  PULL Server – Web Farm'

missing a starting ’ at the Description

That was a mistake when i was scrubbing the data. I’m removing the compliance server on my pull servers. Ill let you know how i go!

That was a mistake when i was scrubbing the data. I’m removing the compliance server on my pull servers. Ill let you know how i go!

when running Get-dscconfiguration on the target node im getting the below. i have stop getting the error when i have set the target node to pull.

i can see PSDesiredStateConfiguration under C:\Windows\System32\WindowsPowerShell\v1.0\Modules\

Target node
Name                           Value                                                                                                                                                                                                                             
----                           -----                                                                                                                                                                                                                             
PSVersion                      5.0.10586.117                                                                                                                                                                                                                     
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}                                                                                                                                                                                                           
BuildVersion                   10.0.10586.117                                                                                                                                                                                                                    
CLRVersion                     4.0.30319.34014                                                                                                                                                                                                                   
WSManStackVersion              3.0                                                                                                                                                                                                                               
PSRemotingProtocolVersion      2.3                                                                                                                                                                                                                               
SerializationVersion           1.1.0.1                                                                                                                                                                                                                           


Get-DscConfiguration : The PowerShell DSC resource MSFT_RoleResource from module  does not exist at the PowerShell module path nor is it registered as a WMI DSC resource.
At line:1 char:1
+ Get-DscConfiguration -CimSession SRV1
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (MSFT_DSCLocalConfigurationManager:root/Microsoft/...gurationManager) [Get-DscConfiguration], CimException
    + FullyQualifiedErrorId : DscResourceNotFound,Get-DscConfiguration

can you please run this on the server

$env:PSModulePath

did you have WMF 5.0 preview installed on this server before and upgraded it when RTM or RTM v2 came out ?

i updated from WMF4 to WMf5 rtm

$env:PSModulePath
C:\Users\*Username*\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules\;c:\Program Files
\Microsoft Security Client\MpProvider\

  1. I have kb3134758
  2. get-module -listavailable only shows one copy of PSDesiredStateConfiguration.

Nathan can you also share:

  1. Generated MOF file.
  2. Ouput of Get-DscResource from ‘SRV1’

Hi Nathan,

Did you every solve this issue? I’m getting exactly the same thing which makes for a pretty flaky pull server.

Thanks

Yes I did, can you post your configuration and your web.conf of your Pull server and the configuration you wished the client to pull?

Thanks for the quick reply.

I’m using ConfigurationsNames on the client side with multiple MOFs. Sometimes it works and sometimes it doesn’t. It seems pretty random. If I remote onto a client machine that has failed to pull down a configuration or register with the Pull server and force a DSC update it generally works second… or third time round.

By “configuration you wished the client to pull” do you want me to post the contents of the MOF?

I’ve only recently added the PSDSCComplianceServer to the Pull server but was getting the same issue without it.

web.config


  
    
  
  
    
    
    
    
    
    
  
  
    
    
    
    
    
    
    
    
  
  
    
  
  
    
      
        
          
          
          
        
      
    
    
  
  
    
      
      
      
      
            
    
    
      
      
      
      
      
      
    
    
      
        
        
        
      
    
    
      
    
    
  
  
    
      
        
        
      
    
  

Pull Server

WindowsFeature IIS {
        
    Ensure = "Present"
    Name = "Web-Server"
} 
        
WindowsFeature DefaultDoc {
        
    Ensure = "Present"
    Name = "Web-Default-Doc"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature HTTPErrors {
        
    Ensure = "Present"
    Name = "Web-HTTP-Errors"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature HTTPLogging {
        
    Ensure = "Present"
    Name = "Web-HTTP-Logging"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature StaticContent {
        
    Ensure = "Present"
    Name = "Web-Static-Content"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature RequestFiltering {
        
    Ensure = "Present"
    Name = "Web-Filtering"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature NetExtens4 {
        
    Ensure = "Present"
    Name = "Web-Net-Ext45"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature AspNet45 {
        
    Ensure = "Present"
    Name = "Web-Asp-Net45"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature ISAPIExt {
        
    Ensure = "Present"
    Name = "Web-ISAPI-Ext"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature ISAPIFilter {

    Ensure = "Present"
    Name = "Web-ISAPI-filter"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature DirectoryBrowsing {
        
    Ensure = "Absent"
    Name = "Web-Dir-Browsing"
    DependsOn = "[WindowsFeature]IIS"
}
     

WindowsFeature StaticCompression {
        
    Ensure = "Absent"
    Name = "Web-Stat-Compression"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature ASP {
        
    Ensure = "Absent"
    Name = "Web-ASP"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature CGI {
        
    Ensure = "Absent"
    Name = "Web-CGI"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature IPDomainRestrictions {
        
    Ensure = "Absent"
    Name = "Web-IP-Security"
    DependsOn = "[WindowsFeature]IIS"
}

WindowsFeature Management {

    Name = "Web-Mgmt-Service"
    Ensure = "Present"
}

Registry RemoteManagement { # Can set other custom settings inside this reg key

    Key = "HKLM:\SOFTWARE\Microsoft\WebManagement\Server"
    ValueName = "EnableRemoteManagement"
    ValueType = "Dword"
    ValueData = "1"
    DependsOn = @("[WindowsFeature]IIS","[WindowsFeature]Management")
}

Service StartWMSVC {

    Name = "WMSVC"
    StartupType = "Automatic"
    State = "Running"
    DependsOn = "[Registry]RemoteManagement"

}

xWebsite DefaultSite {

    Name            = "Default Web Site"
    State           = "Started"
    PhysicalPath    = "C:\inetpub\wwwroot"
    DependsOn       = "[WindowsFeature]IIS"
}

WindowsFeature DSCServiceFeature
{
    Ensure = "Present";
    Name   = "DSC-Service";
}
           
xDscWebService PSDSCPullServer
{
    Ensure                  = "Present";
    EndpointName            = "PSDSCPullServer";
    Port                    =  8080;
    PhysicalPath            = "$($env:SystemDrive)\inetpub\wwwroot\PSDSCPullServer";
    CertificateThumbPrint   =  $thumbPrint;
    ModulePath              = "$($env:PROGRAMFILES)\WindowsPowerShell\DscService\Modules";
    ConfigurationPath       = "$($env:PROGRAMFILES)\WindowsPowerShell\DscService\Configuration";
    State                   = "Started";
    DependsOn               = "[WindowsFeature]DSCServiceFeature";
    AcceptSelfSignedCertificates = $true;

}

xDscWebService PSDSCComplianceServer {
        
    Ensure = "Present";
    EndpointName = "PSDSCComplianceServer";
    Port = 9080;
    PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\PSDSCComplianceServer";
    CertificateThumbPrint =  "AllowUnencryptedTraffic";
    State = "Started";
    DependsOn = ("[WindowsFeature]DSCServiceFeature","[xDSCWebService]PSDSCPullServer")
}

LCM Config

[DscLocalConfigurationManager()]
Configuration MetaConfig
{
        Settings
        {
            RefreshFrequencyMins = 60;
            RefreshMode = 'PULL';
            ConfigurationMode =  'ApplyAndAutoCorrect';
            RebootNodeIfNeeded = $true;
            ConfigurationModeFrequencyMins = 30;
            ActionAfterReboot = 'ContinueConfiguration';
            CertificateID = $CertificateID;                               
        }

        ConfigurationRepositoryWeb ConfigurationManager
        {
            ServerURL = $ServerURL;
            RegistrationKey =  $DSC_RegKey;
            ConfigurationNames = $DSC_Config;
            AllowUnsecureConnection = $false;           
        }       
}
  
    
  
  
    
    
    
    
    
    
  
  
    
    
    
    
    
    
    
    
  
  
    
  
  
    
      
        
          
          
          
        
      
    
    
  
  
    
      
      
      
      
            
    
    
      
      
      
      
      
      
    
    
      
        
        
        
      
    
    
      
    
    
  
  
    
      
        
        
      
    
  

It does not seem to like my web.config. Is there anything in particular you are looking for?