Copying PowerShell modules and custom DSC resources using DSC

In an earlier article, I showed you a custom DSC resource I built for managing hosts file entries, but I did not tell you that the custom DSC resource must exist on the remote system at a predefined path. When using push configuration model for configuration management, without copying the custom DSC resource, you cannot really apply any configuration supported by the resource. In DSC, there is also a pull model for configuration management which eliminates the need for you to take care of copying the DSC resources to remote systems. We will save this for a later article.

In this article I will show you how to copy the DSC resources from a network share to a set of remote systems using DSC. Before we get started, we need to create a network share and copy all the custom DSC resources.


Once we copy all the custom DSC resources, we need to assign permissions to the computer accounts that are target nodes for this configuration. This is required because the DSC Local Configuration Manager runs as the SYSTEM account and won’t have access to network resources. In my lab setup, I just have three virtual machines running Windows PowerShell 4.0 for all my DSC-related work. I have added all the computer accounts to the share with Read permission. As I’d mentioned, this is required and without this you will receive an access denied error when you try to copy files from a network share to a remote system. Thanks to Steven Murawski for this tip!


Now, coming to the actual DSC configuration document, we will use a File resource to perform a copy of a network share contents to a module path for custom DSC resources.

Configuration CopyDSCResource {
    param (


        [String]$ModulePath = "$PSHOME\modules\PSDesiredStateConfiguration\PSProviders"

    Node $NodeName {
        File DSCResourceFolder {
            SourcePath = $SourcePath
            DestinationPath = $ModulePath
            Recurse = $true
            Type = "Directory"

CopyDSCResource -NodeName SRV2-WS2012R2,SRV3-WS2012R2 -SourcePath "\\\DSCResources"

Once you customize the above configuration document for your requirements, save it as a .ps1 file. Notice the last line in the script where we are specifying the computer names as arguments to the –NodeName parameter and the -SourcePath where all the custom DSC resources are stored.

We can now build the MOF files by dot-sourcing the configuration document and then apply the configuration using Start-DscConfiguration cmdlet.

PS C:\demo> .\demo.ps1
PS C:\demo> Start-DscConfiguration -Wait -Verbose -Path .\CopyDSCResource

Once we complete applying the configuration using the Start-DscConfiguration cmdlet, we can see the custom resource folder in the network share copied to the specified module path.


Alright, I must admit this is just one way of copying the files from a network share to a remote system. If you have paid enough attention to the attributes available in the File resource, you will ask me a question about the Credential attribute. Yes, this attribute can be used to specify the credentials to access the network share. The Credential attribute eliminates the need for assigning permissions to computer accounts – what is discussed in this article – to access the network shares when applying DSC configuration. However, the Credential attribute comes with its own baggage. Let us save that for a later post! 🙂

Filed in: Articles, Online Only Tags: 

14 Responses to "Copying PowerShell modules and custom DSC resources using DSC"

  1. Mike Hegyi IT says:

    Hi Ravi,

    Good post. I implemented this in my labs and it works nicely.

    I found that while developing the providers, and wanting to keep the files in sync, I needed to add MatchSource=$True to the DSCResourceFolder section. This allowed me to ensure that the test servers got updated versions of the individual files I want to keep in sync.

  2. Krushna says:

    Hi Ravi,

    I have used the similar code to copy files from shared to local machine with credentials encrypted using certificate. I have given permission to the share folder as shown above but still I’m receiving the error related to authentication. But the same script is able to copy locally from one drive to another drive.

    Granted Read and list permissions to source folder.

    Below is the error:
    The specified network password is not correct. An error occurs when accessing the network share with the specified credential.
    Please make sure the credential is correct and the network share is accessible. Note that Credential should not be specified with
    the local path. The related file/directory is:

    + CategoryInfo : NotSpecified: (:) [], CimException
    + FullyQualifiedErrorId : Windows System Error 86
    + PSComputerName : xxxxxxxxxxxx


  3. Francesco says:

    Hi Ravi
    Is there to make it work if the computers are not under the same domain?

Leave a Reply

Submit Comment

© 2018 PowerShell Magazine. All rights reserved. XHTML / CSS Valid.
Proudly designed by Theme Junkie.
%d bloggers like this: