Hello,
I started with DSC watching Jason and Jefrrey Snover’s videos at MVA.
I’m trying to configure an HTTPS Pull Server on a Windows Server 2012 with WMF 5.1 an got stuck with an error. Before showing what the error is, let me give you an idea of the steps I performed.
- I prepared a PKI infrastructure for my domain and generated a valid (nonself-signed) certificate
- I setup the pull server (using the MVA scripts/configurations) with the thumbprint's certificate.
The server is running correctly either in the browser (https://vmdt01.dggh.es:8080/PSDSCPullServer.svc) or using the verify-DSCPullserver function
<li>Then I set the following LCM configuration for a specific node and it ran correctly.
[DSCLocalConfigurationManager()]
Configuration LCM_HTTPSPULL
{
param
(
[Parameter(Mandatory=$true)]
[string[]]$ComputerName,
[Parameter(Mandatory=$true)]
[string]$guid
)
Node $ComputerName {
Settings {
AllowModuleOverwrite = $True
ConfigurationMode = 'ApplyAndAutoCorrect'
RefreshMode = 'Pull'
ConfigurationID = $guid
}
ConfigurationRepositoryWeb DSCHTTPS {
ServerURL = 'https://vmdt01.dggh.es:8080/PSDSCPullServer.svc'
CertificateID = '9F00EDBDFB791C7AAD9200E9E0BA8FD59684B419'
AllowUnsecureConnection = $False
}
}
}
# Computer list
$ComputerName='VCONTAB6-W10'
# Create the Computer.Meta.Mof in folder
LCM_HTTPSPULL -ComputerName $ComputerName -Guid '64cf90fc-6e55-4e62-9dff-c45e61dc429a' -OutputPath E:\DSC\HTTPS
<li>
I generated the configuration for the node, naming the mof file with the configurationId guid, and afterwards generated a checksum file with `New-DSCChecksum` cmdlet.
The problem arises when I want to invoke
Update-DscConfiguration -Computer VCONTAB6-W10 -Verbose -Wait
DETALLADO: Realice la operación ‘Invocar método de CIM’ con los parámetros siguientes, ‘‘methodName’ = PerformRequiredConfigurationChecks,‘className’ = MSFT_DSCLocalConfi
gurationManager,‘namespaceName’ = root/Microsoft/Windows/DesiredStateConfiguration’.
DETALLADO: Se recibió una llamada de método de LCM desde el equipo VMDT01 con el SID de usuario S-1-5-21-1960408961-299502267-725345543-500.
DETALLADO: [VCONTAB6-W10]: Ejecutando Get-Action con la suma de comprobación de la configuración 64cf90fc-6e55-4e62-9dff-c45e61dc429a: 6f063
a91179d512336175d89c76d61844a3f789417b2519466c220838bca2fd2.
DETALLADO: [VCONTAB6-W10]: Error al configurar Get-Action con la suma de comprobación de la configuración 64cf90fc-6e55-4e62-9dff-c45e61dc42
9a. Comprueba que el servidor de extracción está disponible.
No se pudo obtener la acción del servidor https://vmdt01.dggh.es:8080/PSDSCPullServer.svc/Action(ConfigurationId=‘64cf90fc-6e55-4e62-9dff-c45e61dc429a’)/GetAction.
+ CategoryInfo : InvalidResult: (root/Microsoft/…gurationManager:String) , CimException
+ FullyQualifiedErrorId : WebDownloadManagerGetActionFailed,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscActionCommand
+ PSComputerName : vcontab6-w10
The most relevant part states:
Error while configuring Get-Action with the checksum of configuration 64cf90fc-6e55-4e62-9dff-c45e61dc429a
But if delete checksum file, I get the same error. So I undesrtand the error has nothing to do with the checksum
If I paste the url https://vmdt01.dggh.es:8080/PSDSCPullServer.svc/Action(ConfigurationId=‘64cf90fc-6e55-4e62-9dff-c45e61dc429a’)/GetAction I get a 405 http error - Method not allowed
If a lookup the event viewer I get:
Trabajo {7D3448B5-924C-11E8-A151-000C296AF402}:
Comando Do-DscAction de WebDownloadManager para configuración 64cf90fc-6e55-4e62-9dff-c45e61dc429a, resultado de llamada GET:
+ FullyQualifiedErrorId : WebDownloadManagerGetActionFailed
+ CategoryInfo : InvalidResult: ( , InvalidOperationException
+ ExceptionMessage : No se pudo obtener la acción del servidor https://vmdt01.dggh.es:8080/PSDSCPullServer.svc/Action(ConfigurationId=‘64cf90fc-6e55-4e62-9dff-c45e61dc429a’)/GetAction.
+ InnerException : System.AggregateException: Se han producido uno o varios errores. —> System.Net.Http.HttpRequestException: Error al enviar la solicitud. —> System.Net.WebException: Se ha terminado la conexión: Error inesperado de envío. —> System.IO.IOException: No se puede escribir datos de en la conexión de transporte: Se ha forzado la interrupción de una conexión existente por el host remoto. —> System.Net.Sockets.SocketException: Se ha forzado la interrupción de una conexión existente por el host remoto
en System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)
en System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)
— Fin del seguimiento de la pila de la excepción interna —
en System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
en System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
— Fin del seguimiento de la pila de la excepción interna —
en System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
en System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
— Fin del seguimiento de la pila de la excepción interna —
— Fin del seguimiento de la pila de la excepción interna —
en System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
en Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscActionCommand.IssueRequest(IHttpClient client, String subLink, String& responseStatus, ErrorRecord& errorRecord)
—> (Nº de excepción interna 0) System.Net.Http.HttpRequestException: Error al enviar la solicitud. —> System.Net.WebException: Se ha terminado la conexión: Error inesperado de envío. —> System.IO.IOException: No se puede escribir datos de en la conexión de transporte: Se ha forzado la interrupción de una conexión existente por el host remoto. —> System.Net.Sockets.SocketException: Se ha forzado la interrupción de una conexión existente por el host remoto
en System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult)
en System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult)
— Fin del seguimiento de la pila de la excepción interna —
en System.Net.TlsStream.EndWrite(IAsyncResult asyncResult)
en System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar)
— Fin del seguimiento de la pila de la excepción interna —
en System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
en System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)
— Fin del seguimiento de la pila de la excepción interna —<—
The most relevant part states:
Error sending request
Cannot write data on transport connection
This resource, https://www.jofe.ch/be-aware-of-dsc-pull-server-compatibility-issues-with-wmf-5-0-and-5-1/, points out the problems that may arise when having different WMF versions in the client and the server.
I’m trying to pull a configuration to a W10 Pro workstation, which has WMF 5.1 built-on, from a Windows Server 12 with WMF 5.1 installed. Therefore, I’m not in that incompatibility case, but I get the very same error described when WMF are different.
Just to prove:
-
Server 2012 + WMF 5.1
Name Value
---- -----
PSVersion 5.1.14409.1012
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14409.1012
CLRVersion 4.0.30319.36440
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
-
Client Windows 10 Pro 1709
Name Value
PSVersion 5.1.16299.547
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
BuildVersion 10.0.16299.547
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
Another thing I’ve checked is that the W10 client should have .Net Framework 4.5.2 installed, because WMF 5.1 requires it to function properly. Doing that didn’t solve the problem neither.
At that point I’m stuck and can get to find where is the problem. Could you pleae give me any hint of what may I be doing wrong?