8

Copying PowerShell modules and custom DSC resources using DSC

In an earlier article, I showed you a custom DSC resource I built for managing hosts file entries, but I did not tell you that the custom DSC resource must exist on the remote system at a predefined path. When using push configuration model for configuration management, without copying the custom DSC resource, you cannot really apply any configuration supported by the resource. In DSC, there is also a pull model for configuration management which eliminates the need for you to take care of copying the DSC resources to remote systems. We will save this for a later article.

In this article I will show you how to copy the DSC resources from a network share to a set of remote systems using DSC. Before we get started, we need to create a network share and copy all the custom DSC resources.

1

Once we copy all the custom DSC resources, we need to assign permissions to the computer accounts that are target nodes for this configuration. This is required because the DSC Local Configuration Manager runs as the SYSTEM account and won’t have access to network resources. In my lab setup, I just have three virtual machines running Windows PowerShell 4.0 for all my DSC-related work. I have added all the computer accounts to the share with Read permission. As I’d mentioned, this is required and without this you will receive an access denied error when you try to copy files from a network share to a remote system. Thanks to Steven Murawski for this tip!

2

Now, coming to the actual DSC configuration document, we will use a File resource to perform a copy of a network share contents to a module path for custom DSC resources.

Configuration CopyDSCResource {
    param (
        [Parameter(Mandatory=$true)]
        [ValidateNotNullOrEmpty()]
        [String[]]$NodeName,

        [Parameter(Mandatory=$false)]
        [ValidateNotNullOrEmpty()]
        [String]$SourcePath,

        [Parameter(Mandatory=$false)]
        [ValidateNotNullOrEmpty()]
        [String]$ModulePath = "$PSHOME\modules\PSDesiredStateConfiguration\PSProviders"
    )

    Node $NodeName {
        File DSCResourceFolder {
            SourcePath = $SourcePath
            DestinationPath = $ModulePath
            Recurse = $true
            Type = "Directory"
        }
    }
}

CopyDSCResource -NodeName SRV2-WS2012R2,SRV3-WS2012R2 -SourcePath "\\10.10.10.101\DSCResources"

Once you customize the above configuration document for your requirements, save it as a .ps1 file. Notice the last line in the script where we are specifying the computer names as arguments to the –NodeName parameter and the -SourcePath where all the custom DSC resources are stored.

We can now build the MOF files by dot-sourcing the configuration document and then apply the configuration using Start-DscConfiguration cmdlet.

PS C:\demo> .\demo.ps1
PS C:\demo> Start-DscConfiguration -Wait -Verbose -Path .\CopyDSCResource

Once we complete applying the configuration using the Start-DscConfiguration cmdlet, we can see the custom resource folder in the network share copied to the specified module path.

3

Alright, I must admit this is just one way of copying the files from a network share to a remote system. If you have paid enough attention to the attributes available in the File resource, you will ask me a question about the Credential attribute. Yes, this attribute can be used to specify the credentials to access the network share. The Credential attribute eliminates the need for assigning permissions to computer accounts – what is discussed in this article – to access the network shares when applying DSC configuration. However, the Credential attribute comes with its own baggage. Let us save that for a later post! :)

Filed in: Articles, Online Only Tags: 

6 Pingbacks/Trackbacks

© 2014 PowerShell Magazine. All rights reserved. XHTML / CSS Valid.
Proudly designed by Theme Junkie.
%d bloggers like this: