DSC to Create Windows Active Directory

Hi

I am trying to deply WIndows AD locally on a VM, I have imported the xmodules etc… but when I run the scripts it prompts for the domain name, which I enter and it accepts, then it prompts me for a user name password, I have tried the local admin account and password , but it keeps failing with the following error

ImportClassResourcesFromModule : Exception calling “ImportClassResourcesFromModule” with “3” argument(s): “Resource name
‘WindowsPackageCab’ is already being used by another Resource or Configuration.”
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\PSDesiredStateConfiguration.psm1:2109 char:35

  • … rcesFound = ImportClassResourcesFromModule -Module $mod -Resources $r …
  •             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
    • CategoryInfo : NotSpecified: (:slight_smile: [ImportClassResourcesFromModule], MethodInvocationException
    • FullyQualifiedErrorId : PSInvalidOperationException,ImportClassResourcesFromModule

Has anyone setup AD using DSC where they can pass the parameters for username and password not in clear text?

This is the script…
configuration CreateADPDC
{
param
(
[Parameter(Mandatory)]
[String]$DomainName,

    [Parameter(Mandatory)]
    [System.Management.Automation.PSCredential]$Admincreds,

    [Int]$RetryCount=20,
    [Int]$RetryIntervalSec=30
)

Import-DscResource -ModuleName xActiveDirectory, xStorage, xNetworking, PSDesiredStateConfiguration, xPendingReboot
$secret = Get-AzKeyVaultSecret -VaultName "kv-adds-01" -Name "vmadmin" -AsPlainText
[System.Management.Automation.PSCredential ]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainName}\$($Admincreds.UserName)", $Admincreds.Password)
$Interface=Get-NetAdapter|Where Name -Like "Ethernet*"|Select-Object -First 1
$InterfaceAlias=$($Interface.Name)

Node localhost
{
    LocalConfigurationManager
    {
        RebootNodeIfNeeded = $true
    }

    WindowsFeature DNS
    {
        Ensure = "Present"
        Name = "DNS"
    }

    Script EnableDNSDiags
    {
  	    SetScript = {
            Set-DnsServerDiagnostics -All $true
            Write-Verbose -Verbose "Enabling DNS client diagnostics"
        }
        GetScript =  { @{} }
        TestScript = { $false }
        DependsOn = "[WindowsFeature]DNS"
    }

    WindowsFeature DnsTools
    {
        Ensure = "Present"
        Name = "RSAT-DNS-Server"
        DependsOn = "[WindowsFeature]DNS"
    }

    xDnsServerAddress DnsServerAddress
    {
        Address        = '127.0.0.1'
        InterfaceAlias = $InterfaceAlias
        AddressFamily  = 'IPv4'
        DependsOn = "[WindowsFeature]DNS"
    }

   # xWaitforDisk Disk2
  #  {
  #      DiskNumber = 2
  ###      RetryIntervalSec =$RetryIntervalSec
   #     RetryCount = $RetryCount
  #  }

  #  xDisk ADDataDisk {
   #     DiskNumber = 2
   #     DriveLetter = "F"
   #     DependsOn = "[xWaitForDisk]Disk2"
   # }

    WindowsFeature ADDSInstall
    {
        Ensure = "Present"
        Name = "AD-Domain-Services"
        DependsOn="[WindowsFeature]DNS"
    }

    WindowsFeature ADDSTools
    {
        Ensure = "Present"
        Name = "RSAT-ADDS-Tools"
        DependsOn = "[WindowsFeature]ADDSInstall"
    }

    WindowsFeature ADAdminCenter
    {
        Ensure = "Present"
        Name = "RSAT-AD-AdminCenter"
        DependsOn = "[WindowsFeature]ADDSTools"
    }

    xADDomain FirstDS
    {
        DomainName = $DomainName
        DomainAdministratorCredential = $DomainCreds
        SafemodeAdministratorPassword = $DomainCreds
        DatabasePath = "C:\NTDS"
        LogPath = "C:\NTDS"
        SysvolPath = "C:\SYSVOL"
        DependsOn = @("[WindowsFeature]ADDSInstall")#"[xDisk]ADDataDisk"
    }

    xPendingReboot RebootAfterPromotion{
        Name = "RebootAfterPromotion"
        DependsOn = "[xADDomain]FirstDS"
    }

}
}
configuration CreateADPDC
{
param
(
[Parameter(Mandatory)]
[String]$DomainName,

    [Parameter(Mandatory)]
    [System.Management.Automation.PSCredential]$Admincreds,

    [Int]$RetryCount=20,
    [Int]$RetryIntervalSec=30
)

Import-DscResource -ModuleName xActiveDirectory, xStorage, xNetworking, PSDesiredStateConfiguration, xPendingReboot
$secret = Get-AzKeyVaultSecret -VaultName "kv-adds-01" -Name "vmadmin" -AsPlainText
[System.Management.Automation.PSCredential ]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainName}\$($Admincreds.UserName)", $Admincreds.Password)
$Interface=Get-NetAdapter|Where Name -Like "Ethernet*"|Select-Object -First 1
$InterfaceAlias=$($Interface.Name)

Node localhost
{
    LocalConfigurationManager
    {
        RebootNodeIfNeeded = $true
    }

    WindowsFeature DNS
    {
        Ensure = "Present"
        Name = "DNS"
    }

    Script EnableDNSDiags
    {
  	    SetScript = {
            Set-DnsServerDiagnostics -All $true
            Write-Verbose -Verbose "Enabling DNS client diagnostics"
        }
        GetScript =  { @{} }
        TestScript = { $false }
        DependsOn = "[WindowsFeature]DNS"
    }

    WindowsFeature DnsTools
    {
        Ensure = "Present"
        Name = "RSAT-DNS-Server"
        DependsOn = "[WindowsFeature]DNS"
    }

    xDnsServerAddress DnsServerAddress
    {
        Address        = '127.0.0.1'
        InterfaceAlias = $InterfaceAlias
        AddressFamily  = 'IPv4'
        DependsOn = "[WindowsFeature]DNS"
    }

   # xWaitforDisk Disk2
  #  {
  #      DiskNumber = 2
  ###      RetryIntervalSec =$RetryIntervalSec
   #     RetryCount = $RetryCount
  #  }

  #  xDisk ADDataDisk {
   #     DiskNumber = 2
   #     DriveLetter = "F"
   #     DependsOn = "[xWaitForDisk]Disk2"
   # }

    WindowsFeature ADDSInstall
    {
        Ensure = "Present"
        Name = "AD-Domain-Services"
        DependsOn="[WindowsFeature]DNS"
    }

    WindowsFeature ADDSTools
    {
        Ensure = "Present"
        Name = "RSAT-ADDS-Tools"
        DependsOn = "[WindowsFeature]ADDSInstall"
    }

    WindowsFeature ADAdminCenter
    {
        Ensure = "Present"
        Name = "RSAT-AD-AdminCenter"
        DependsOn = "[WindowsFeature]ADDSTools"
    }

    xADDomain FirstDS
    {
        DomainName = $DomainName
        DomainAdministratorCredential = $DomainCreds
        SafemodeAdministratorPassword = $DomainCreds
        DatabasePath = "C:\NTDS"
        LogPath = "C:\NTDS"
        SysvolPath = "C:\SYSVOL"
        DependsOn = @("[WindowsFeature]ADDSInstall")#"[xDisk]ADDataDisk"
    }

    xPendingReboot RebootAfterPromotion{
        Name = "RebootAfterPromotion"
        DependsOn = "[xADDomain]FirstDS"
    }

}
}
CreateADPDC