Hi everybody,
I have two servers windows 2016 in wmf5.1.
My dsc pull server is configured in HTTPS and registration keys.
I configured the LCM and made a configuration to pull it to my client.
LCM Configuration:
Node $NodeName
{
Settings
{
RefreshMode = ‘Pull’
ConfigurationMode=“ApplyAndAutoCorrect”
CertificateID = ‘mycertificatethumbprint’
}
ConfigurationRepositoryWeb CORE-O_PullSrv
{
ServerURL = "https://myserver:8080/PSDSCPullServer.svc"
CertificateID = 'mycertificatethumbprint'
RegistrationKey = 'myregistrationKey'
ConfigurationNames = @('Server2016')
}
Mof file are present in … DscService\Configuration
I renamed my mof file in Server2016.mof
But in the client when i tried to update-dsconfiguration -wait -verbose there is an error:
Configuration Not found.
In Windows Event : ResourceNotFound(404).
Could you give me some advices?
noldus
April 6, 2017, 5:40am
2
Hi,
your mof and checksum are directly in dsc/configurations/Server2016.mof ?
Thank’s
Hi,
My MOF file renamed in Server2016.mof and my checksum are present in dsc/configurations
I tried to rename the checksum file too in Server20106.mof.checksum.
I have the same result.
The client doesn’t pull his configuration
noldus
April 6, 2017, 7:25am
4
Try to make first ConfigurationMode=“ApplyAndMonitor” and show us the result
With ApplyAndMonitor this is the result:
...(AgentId='9FC96A5D-157E-11E7-A0E0-005056951FCF')/GetDscAction
pour AgentId 9FC96A5D-157E-11E7-A0E0-005056951FCF avec l'erreur serveur «ResourceNotFound(404)».
....
+ CategoryInfo : ResourceUnavailable: (root/Microsoft/...gurationManager:String) [], CimException
+ FullyQualifiedErrorId : WebDownloadManagerGetActionNodeConfigurationNotFound,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscActionCommand
+ PSComputerName : localhost
The same error
noldus
April 6, 2017, 8:21am
6
ok
I had the same problem when I use dsc pull server HTTPS with a certificate. But when I used with non certificate all was run successfuly.
try this:
Pull server:
configuration DSCPullServer
{
param
(
[string ]$NodeName = ‘localhost’
)
Import-DscResource -ModuleName xPSDesiredStateConfiguration #-ModuleVersion 3.7.0.0
Import-DscResource -ModuleName PSDesiredStateConfiguration
Node $NodeName
{
WindowsFeature DSCServiceFeature
{
Ensure = 'Present'
Name = 'DSC-Service'
}
WindowsFeature IIS
{
Ensure = 'Present'
Name = 'Web-Server'
}
xDscWebService DSCPullSRV
{
Ensure = 'Present'
EndpointName = 'DSCPullSRV'
Port = 8080
PhysicalPath = "$env:SystemDrive\inetpub\DSCPullSRV"
CertificateThumbPrint = "AllowUnencryptedTraffic"
ModulePath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Modules"
ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration"
RegistrationKeyPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService"
AcceptSelfSignedCertificates = $true
State = 'Started'
DependsOn = '[WindowsFeature]DSCServiceFeature'
UseSecurityBestPractices = $false
}
}
}
DSCPullServer -OutputPath c:\dsc\DSCPullServer
Start-DscConfiguration -Path $env:SystemDrive\dsc\DSCPullServer -Wait -Verbose -force
and for LCM in your node:
[DSCLocalConfigurationManager()]
configuration PullClient
{
Node localhost
{
Settings
{
RefreshMode = ‘Pull’
RefreshFrequencyMins = 30
RebootNodeIfNeeded = $true
ConfigurationMode = ‘ApplyAndAutoCorrect’
ConfigurationModeFrequencyMins = 15
}
ConfigurationRepositoryWeb DSC-Pull
{
ServerURL = ‘http://yourserver:8080/PSDSCPullServer.svc ’
RegistrationKey = ‘your registrationkey’
AllowUnsecureConnection = $true #Use this parameter only if you do not have a certificate installed on the pull server
}
ReportServerWeb DSC-Pull
{
ServerURL = 'http://yourserver:8080/PSDSCPullServer.svc'
RegistrationKey = 'your registrationkey'
AllowUnsecureConnection = $true
}
}
}
PullClient
Set-DSCLocalConfigurationManager localhost –Path .\PullClient –Verbose -force
I tried.
I make a update-dscconfiguration -wait -verbose
So no error but the client doesn’t find a configuration for him so no update.
In dscservice\configuration on my pull server i have my computername.mof and computername.mof.checksum, is it correct or must i use a guid for the mof file???
noldus
April 6, 2017, 3:13pm
8
Hi
-on your node
do: new-guid (copy this guid)
on pull server
rename your mof and checksume with this guid
rerun your LCM and wait untill “ConfigurationModeFrequencyMins = 15”
Ok Thanks.
But how the client knows it’s his configuration?
Must i precise a configurationID in the LCM configuration with this Guid?
With Guid and configurationID in the LCM:
http://myserver:8080///PSDSCPullServer.svc/Action(ConfigurationId='5e5f465e-10f0-4281-8a6f-b80a9da9ee48')/GetAction : configuration 5e5f465e-10f0-4281-8a6f-b80a9da9ee48 valide
introuvable.
+ CategoryInfo : ResourceUnavailable: (root/Microsoft/...gurationManager:String) [], CimException
+ FullyQualifiedErrorId : WebDownloadManagerGetActionConfigurationNotFound,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscActionCommand
+ PSComputerName : localhost
With the GUID and without configuratioID in the LCM:
result of update-dscconfiguration -wait -verbose
No error but he can’t find a configuration
[] Configuration not found on the pull server, so no action.
Really i don’t understand
noldus
April 7, 2017, 1:32am
11
Excuse me. use this for your LCM on your node
[DSCLocalConfigurationManager()]
configuration PullClient
{
Node localhost
{
Settings
{
RefreshMode = ‘Pull’
RefreshFrequencyMins = 30
RebootNodeIfNeeded = $true
ConfigurationMode = ‘ApplyAndAutoCorrect’
ConfigurationModeFrequencyMins = 15
}
ConfigurationRepositoryWeb DSC-Pull
{
ServerURL = ‘http://Your_server:8080/PSDSCPullServer.svc’
RegistrationKey = ‘your_registrationkey’
ConfigurationNames = @(‘service’)
AllowUnsecureConnection = $true #Use this parameter only if you do not have a certificate installed on the pull server
}
ReportServerWeb DSC-Pull
{
ServerURL = 'http://Your_server:8080/PSDSCPullServer.svc'
RegistrationKey = 'your_registrationkey'
AllowUnsecureConnection = $true
}
}
}
PullClient
Set-DSCLocalConfigurationManager localhost –Path .\PullClient –Verbose
where “service” will be the same on your pull server in dsc/configurations (service.mof and service.mof.checksum) . make sure this two files are directly in dsc/configurations not in a directory like (dsc/configurations/service/service.mof or .checksum)
Thanks you Arnold.
It works fine !
Now i’ll search for configure it in https
noldus
April 7, 2017, 7:21am
13
Ok good.
Let’s me know if you fix it in https. Are you french?
Ok no problem.
Yes i’m french.
Sorry for my poor english (lol)
noldus
April 7, 2017, 7:54am
15
Je parle pas bien anglais non plus. Je suis Français et actuellement en stage sur le sujet de l’automatisation avec Powershell DSC
Ok.
Bon stage alors !
Je réalise pour ma part un poc.
Merci encore pour ton aide sur le sujet.
Done in HTTPS too.
I’ll post my configuration files soon