3

So I mention the untrusted domain aspect because I went through all the hoops around credential delegation and trusted hosts lists etc to allow me to successfully push a DSC configuration from my RM server to a target node (not using RM, just native DSC). I get that bit and it works, great. Now when I use those same scripts in RM (with some minor edits for the format expected by RM), RM reports a successful deploy but all that has happened is the components bits have been copied to the target node to the default location for $applicationPathRoot (C:\Windows\DtlDownloads), there is no real evidence of an attempt to apply a mof file.

My RM server and target nodes are in different domains with no trust. Both servers are W2k8R2 (+ WMF4 of course). I'm running with Update 4 of RM server and client.

Here are the DSC scripts I'm running in RM:

CopyDSCResources.ps1

Configuration CopyDSCResource 
{
    param (        
 [Parameter(Mandatory=$false)]   
 [ValidateNotNullOrEmpty()]        
 [String] $ModulePath = "$env:ProgramFiles\WindowsPowershell\Modules")
    
    #[PSCredential] $credential = get-credential

 Node VCTSCFDSMWEB01   
 {
       
  File DeployWebDeployResource        
  {            
   Ensure = "Present"            
   SourcePath = "C:\test.txt"            
   DestinationPath = "D:\temp"
   Force = $true            
   Type = "File"        
  }    
 }
} 
CopyDSCResource -ConfigurationData $configData -Verbose 
# test outside of RM
#CopyDSCResource -ConfigurationData CopyDSCResource.ConfigData.psd1
#Start-DscConfiguration -Path .\CopyDSCResource -Credential $credential -Verbose -Wait

CopyDSCResource.ConfigData.psd1

#@{
$configData = @{    
 AllNodes = @(
            @{
             NodeName = "*"
                PSDscAllowPlainTextPassword = $true
         },
            @{
             NodeName = "VCTSCFDSWEB01.rlg.test"
                Role = "WebServer"
         }
            
 )
}

I'm afraid I cant seem to upload screenshots from my current location but in terms of RM, I have a vNext environment with a single server linked, a vNext release path with a single 'Dev' stage and a vNext release template with a single 'Deploy PS/DSC' action. The configuration of the action is:

ServerName - VCTSCFDSMWEB01

ComponentName - COpyDSCResource vNext

PSScriptPath - copydscresources.ps1

PSConfigurationPath - copydscresource.configdata.psd1

UseCredSSP - true

When I run a new release, the deploy stage reports success and when I view the Deployment log files I get the following:

Upload components - Successfully uploaded to the normalized store.

Deploy Using PS/DSC - Copying recursively from \vcxxxxtfs03\Drops\CorrespondenceCI\CorrespondenceCI20150114.1\Scripts to C:\Windows\DtlDownloads\CopyDSCResource vNext succeeded.

Finally the DSC event log has the following:

Job {CD3BE350-4072-4C8B-835F-4B4D1C46D65D} : Configuration is sent from computer NULL by user sid S-1-5-18.

This compares markedly to the same event log entry when run outside of RM:

Job {34F78498-CF18-4F2A-9874-EB54FDA2D990} : Configuration is sent from computer VCXXXXTFS01 by user sid S-1-5-21-1034805355-1149422947-1317505720-10867.

Any pointers appreciated

It would be good if I could see evidence of a mof file being created on the RM server for example, anybody know where I can find this??

sburgess123
  • 332
  • 2
  • 10
  • I should add the these scripts work fine in RM when targetting a node in the same domain. In this scenario the DSC event log also shows the configuration as being sent from a copmuter NULL..so maybe thats not significant int he failure scenario – sburgess123 Feb 05 '15 at 12:25

1 Answers1

3

Turns out the crucial element was that my DSC script had to use an environment variable for naming the node. So:

Node $env:COMPUTERNAME

No idea why but it works!

techraf
  • 64,883
  • 27
  • 193
  • 198
sburgess123
  • 332
  • 2
  • 10