Tag Archives: State Configuration

Building a Desired State Configuration Pull Server

Quick recap, I’m working through a series of posts about the Desired State Configuration infrastructure that I’m building at Stack Exchange, including some how-to’s.

The High Points

I started with an overview of what and why.  Today, I’m going to start the how.

Building a Pull Server

I’m going to describe how to do this with Server 2012 R2 RTM (NOTE: this is not the General Availability  release, so there may be changes at GA), since that’s the environment I’m working most in.  If there is enough demand, I may follow up with how to do this using the Windows Management Framework on downlevel operating systems after the GA version of WMF 4 is released.

The first step is adding the required roles and features, including the DSC Service.

Add-WindowsFeature Dsc-Service

Fortunately, the Dsc-Service feature has the right dependencies configured so IIS, the correct modules, and the Management OData Extension are all enabled.

Next we need to set up the IIS web site:

  • Create an directory to serve the web application from (I’ll use c:\inetpub\wwwroot\PSDSCPullServer)
  • Copy several files from $pshome/modules/psdesiredstateconfiguration/pullserver (Global.asax, PSDSCPullServer.mof, PSDSCPullServer.svc, PSDSCPullServer.xml) to this directory.
  • Copy PSDSCPullServer.config and rename it to web.config
  • Create a subdirectory named “bin”.
  • Copy one file from $pshome/modules/psdesiredstateconfiguration/pullserver (Microsoft.Powershell.DesiredStateConfiguration.Service.dll) to the “bin” directory.
  • In IIS, create an application pool that runs under the “Local System” account.
  • In, IIS, create a new site (or application in an existing site or just use the existing default site)
  • Point the site or application root to the directory you designated as the root of the site.
  • Unlock the sections of the web config as below
$appcmd = "$env:windir\system32\inetsrv\appcmd.exe" 
& $appCmd unlock config -section:access
& $appCmd unlock config -section:anonymousAuthentication
& $appCmd unlock config -section:basicAuthentication
& $appCmd unlock config -section:windowsAuthentication


Now we need to set up the location where the pull server content will be served from.  Installing the DSC Service feature creates a default location ( $env:programfiles\WindowsPowerShell\DscService ).  There’ll you find sub-directories for configuration and modules.  We can use these folders or we can create another location.  I’m going to stick with the defaults for now.  We’ve got a few steps left.

First, we need to copy the Devices.mdb from $pshome/modules/psdesiredstateconfiguration/pullserver to the root of our pull server data location (in this case, $env:programfiles\WindowsPowerShell\DscService )

Update the web.config app settings with the following settings:

<add key="dbprovider" value="System.Data.OleDb" />
<add key="dbconnectionstr" value="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Program Files\WindowsPowerShell\DscService\Devices.mdb;" />
<add key="ConfigurationPath" value="C:\Program Files\WindowsPowerShell\DscService\Configuration" />
<add key="ModulePath" value="C:\Program Files\WindowsPowerShell\DscService\Modules" />

After that your pull server should be up and running.  You should see something like this if you navigate to http://yourpullserver/psdscpullserver.svc




Need Desired State Configuration Modules?

You’ve probably been hearing about Desired State Configuration from a number of sources (Runas Radio, the PowerScripting Podcast, or the Channel 9 TechEd video for example).  If you haven’t go check out those previously mentioned resources, I’ll wait…

Ok, now that you have a basic understanding of what Desired State Configuration (DSC) is, I have an announcement.

PowerShell.Org is building a repository of DSC modules for the community to use and contribute to.

As I’ve started working with Desired State Configuration, I began building up a repository of modules I would use in configuring my systems.  I started to round them out with some basic documentation and decent logging messages and began pushing them to GitHub.

I’ve also seen several others starting to post some DSC modules on Github and elsewhere.  Since we are very early in the Desired State Configuration lifecycle (it’s still not RTM yet), I would like our community to come together on a central location for our community contributions.  I reached out to Don and the PowerShell.Org team and they graciously offered to host the contributions on the PowerShell.Org GitHub repository.  What that means is that this effort is no longer under the control of one person (me), but owned by the community, by PowerShell.Org.

There’s not much in the repository yet, so if you’ve been experimenting with DSC and would like to share your efforts with the community, feel free to send a pull request (if you’re into the whole GitHub thing) or file an issue on the GitHub site and we’ll figure something out.

There is some basic “Getting Started With Developing DSC Modules” information at the GitHub repository as well.

Up Next: Don Jones talks about PowerShell V4 Desired State Configuration

6759769a746ca9f0c2339df2a38cb9a8This Thursday July 25, we are having PowerShell MVP, Don Jones, on the show to give us his take on the PowerShell V4 feature Desired State Configuration. This will be a great show, don’t miss it!

Some reading material from Don on the topic:

Join us at 9:30PM EST at http://live.powerscripting.net