Hi, I downloaded the xPSDesiredStateConfiguration module and found the xGroup resource
The xGroup resource extends the in-box Group resource by supporting cross-domain account lookup where a valid trust relationship exists.
In addition, limited support for UPN-formatted names are supported for identifying user, computer, and group domain-based accounts.
The properties of the xGroup resource are identical to the in-box resource and include the following:
•GroupName: The name of the group for which you want to ensure a specific state
•Ensure: An enumeration stating if the group should be Present (default)or Absent.
•Description: Description of the group.
•Members: The members that form the group. •Important …If the group already exists, the listed items in this property replaces what is in the Group.
•MembersToInclude: List of users to add to the group. •Important …This property is ignored if ‘Members’ is specified.
•MembersToExclude: List of users you want to ensure are not members of the group. •Important …This property is ignored if ‘Members’ is specified.
•Credential: Indicates the credentials required to access remote resources. •Important …This account must have the appropriate Active Directory permissions to add all non-local accounts to the group; otherwise, an error will occur.
Local accounts may be specified in one of the following ways:
•The simple name of the account of the group or local user.
•The account name scoped to the explicit machine name; such as myserver\users or myserver\username
•The account name scoped using the explicit local machine qualifier; such as .\users or .\username
Domain members may be specified using domain\name or Universal Principal Name (UPN) formatting. The following illustrates the various formats
•Domain joined machines: mydomain\myserver or myserver@mydomain.com
•Domain user accounts: mydomain\username or username@mydomain.com
•Domain group accounts: mydomain\groupname or groupname@mydomain.com
I have tried to input a user with Members and MembersToInclude, If I put in a local user it works fine. If I put in a Domain User I get this error:
You cannot call a method on a null-valued expression.
+ CategoryInfo : InvalidOperation: ( , CimException
+ FullyQualifiedErrorId : InvokeMethodOnNull
+ PSComputerName : FPKDSCTESTIAPP
Here is how I set it up:
xGroup wm_rsc_iis_apppools {
GroupName = “wm_rsc_iis_apppools”
Ensure = “Present”
MembersToInclude = @(‘michael.felkins@corp.local’) # also tried “corp\michael.felkins” and “corp.local\michael.felkins”
Description = “wm_rsc_iis_apppools”
Credential = $cred
}
}