Author Posts

August 1, 2014 at 10:02 am

Hello,

I had built a DSC pull server on a local VM, and am now looking to build it out in our shared lab environment. However, I'm not able to execute the Start-DSCConfiguration command. I have tried it with the -Credential argument as well without luck.

PS C:\dsc# Start-DscConfiguration .\CreatePullServer -Wait
WinRM cannot process the request. The following error occurred while using Kerberos authentication: Cannot find the computer dscpullserver.lab.net. Verify that the computer
exists on the network and that the name provided is spelled correctly.
    + CategoryInfo          : NotSpecified: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : HRESULT 0x80070035
    + PSComputerName        : dscpullserver.lab.net

PS C:\dsc# ping dscpullserver.lab.net

Pinging dscpullserver.lab.net. [10.0.17.152] with 32 bytes of data:
Reply from 10.0.17.152: bytes=32 time=39ms TTL=120

Any idea?

Thanks.

Mike

August 1, 2014 at 10:55 am

I assume that you are you running Start-DSCConfiguration from the VM you are trying to create the Pull Server on? Whether you are or not, you might try killing any WMI processes ( Get-Process wmip* | Stop-Process) on the machine you are running the command from and see if that fixes it.

August 1, 2014 at 11:00 am

No, I was executing Start-Configuration from my workstation. Is this only supported to run on the server destined to be the pull server?

August 1, 2014 at 11:05 am

Nope, not at all. I built my Pull Server from my Windows 8.1 Workstation, I was just asking. I would seriously try to kill all the WMI Processes and try it again. I have seen lots of weird things happen with DSC that were solved by doing that.

August 1, 2014 at 1:25 pm

That didn't work for me. I'm spinning up another Windows 2012 R2 server to use as my 'workstation', residing in the same domain. Will see if that fixes me.

August 8, 2014 at 12:44 am

If your two domains aren't connected by trusts, then you obviously can't use Kerberos authentication. You'll have to either set up CredSSP, apply the DSC configuration from a trusted machine or apply the configuration locally.

There's an ebook available on PowerShell remoting: https://powershell.org/ebooks/

August 8, 2014 at 6:31 am

Yes, there is a one way trust, from my workstation domain to my second domain. I can connect via UNC path using the same credentials.