Author Posts

August 8, 2016 at 5:29 pm

I have been trying to figure this one out, but I just cannot seem to find any good sources for info on it. I tried what MS has published:
https://msdn.microsoft.com/en-us/powershell/dsc/pullserver
and
https://msdn.microsoft.com/en-us/powershell/dsc/pullclientconfignames

I think I have followed them but I get a number of different errors depending on which House the planet of Saturn is in.

Before I go into troubleshooting and debugging here, are there any good resources for Configuration Names and Registration Keys? Most of the stuff I find on the internet either just links to the two articles above, or just retype it almost verbatim. Sites, books, articles, blogs? Anything? I'd like a little bit of a deeper dive than the MS links give. Thanks.

August 8, 2016 at 5:45 pm

I'm covering it fairly well – with more detail to come – in "The DSC Book" (leanpub.com/the-dsc-book), although it isn't free.

Two easy points: First, make sure you've got the very latest xPSDesiredStateConfiguration module, as there are known problems with some older versions. Second, what sorta errors are you getting?

August 8, 2016 at 6:30 pm

Here we go, keeping it simple as possible. First the pull server Config:

Configuration HTTPSPullServer
{
    Import-DSCResource -ModuleName xPSDesiredStateConfiguration
    Node PullServerName
    {
        WindowsFeature DSCServiceFeature
        {
            Ensure = "Present"
            Name   = "DSC-Service"
        }
        WindowsFeature IISConsole {
            Ensure = "Present"
            Name   = "Web-Mgmt-Console"
        }
        xDscWebService PSDSCPullServer
        {
            Ensure                  = "Present"
            EndpointName            = "PSDSCPullServer"
            Port                    = 8080
            PhysicalPath            = "D:\inetpub\wwwroot\PSDSCPullServer"
            CertificateThumbPrint   = 'CertThumbprintHere'
            ModulePath              = "D:\WindowsPowerShell\DscService\Modules"
            ConfigurationPath       = "D:\WindowsPowerShell\DscService\Configuration"
            State                   = "Started"
            DependsOn               = "[WindowsFeature]DSCServiceFeature"
        }
        File RegistrationKeyFile
        {
            Ensure = "Present"
            Type = "File"
            DestinationPath = "$env:PROGRAMFILES\WindowsPowerShell\DSCService\RegistrationKeys.txt"
            Contents = 'RegistrationGuidHere'
        }
    }
}
HTTPSPullServer -OutputPath D:\DSC\HTTPS

Run this and the follow up with:

Start-DSCConfiguration -CimSession PullServerName -Path D:\DSC\HTTPS -Force -Verbose -Wait

Nothing wrong here. Works just fine.
Now the Node LCM file:

[DSCLocalConfigurationManager()]
Configuration PullClientConfigName
{
    Node NodeName
    {
        Settings
        {
            RefreshMode = 'Pull'
            RefreshFrequencyMins = 30
            RebootNodeIfNeeded = $true
        }
        ConfigurationRepositoryWeb DSCHTTPS
        {
            ServerURL = 'https://PullServerName:8080/PSDSCPullServer.svc'
            ConfigurationNames = @('BaselineConfig')
            RegistrationKey = 'RegistrationGuidHere'
        }
    }
}
PullClientConfigName -OutputPath D:\DSC\HTTPS

Followed up with:

Set-DSCLocalConfigurationManager -ComputerName NodeName -Path D:\SC\HTTPS -Force -Verbose

This gives me the following error:

VERBOSE: Performing the operation "Start-DscConfiguration: SendMetaConfigurationApply" on target "MSFT_DSCLocalConfigurationManager".
VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = SendMetaConfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' = root/Microsoft/Windows/DesiredStateCo
nfiguration'.
VERBOSE: An LCM method call arrived from computer NodeName with user sid XXX.
VERBOSE: [NodeName]: LCM:  [ Start  Set      ]
VERBOSE: [NodeName]: LCM:  [ Start  Resource ]  [MSFT_DSCMetaConfiguration]
VERBOSE: [NodeName]: LCM:  [ Start  Set      ]  [MSFT_DSCMetaConfiguration]
VERBOSE: [NodeName]: LCM:  [ End    Set      ]  [MSFT_DSCMetaConfiguration]  in 0.0000 seconds.
VERBOSE: [NodeName]: LCM:  [ End    Resource ]  [MSFT_DSCMetaConfiguration]
VERBOSE: [NodeName]: LCM:  [ End    Set      ]
The specified Property does not exist.
    + CategoryInfo          : MetadataError: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : MI RESULT 12
    + PSComputerName        : nodename 
VERBOSE: Operation 'Invoke CimMethod' complete.
VERBOSE: Set-DscLocalConfigurationManager finished in 30.332 seconds.

And since this fails if I try to update the configuration for the node I get an error about it not being registered with the pull server, which would expect since something went wrong setting the LCM.

August 8, 2016 at 6:32 pm

PS. xPSDesiredStateConfiguration is 3.12

Updated it this morning

August 8, 2016 at 7:13 pm

Both Pull Server and node are WMF5 latest?

August 8, 2016 at 7:22 pm

I guess I'd try to start by switching back to ConfigurationID, and removing the registration key from the mix. That actually does help narrow down some of the problem. The thing bothering me is the "property does not exist," which happens when you send a v5 meta-config to a v4 node. We've also seen that error a LOT when it comes to partial configurations (which is when configuration names come into play the most often) – e.g., https://powershell.org/forums/topic/trouble-setting-lcm-for-partial-configurations/.

Versioning here can be crucial. Like, if the node ever had pre-release v5 code on it, it needs extra mitigation to work again. In fact, that MI 12 error was the key trigger for that – see Justin's comment at https://windowsserver.uservoice.com/forums/301869-powershell/suggestions/11225886-bug-trouble-setting-lcm-for-partial-configuration. And at https://social.msdn.microsoft.com/Forums/sqlserver/en-US/b4332cb5-1abb-4301-9e84-a479684bc2f6/dsc-registering-nonazure-vms-or-azure-arm-vms-that-cannot-use-extension?forum=azureautomation, you'll see the same error in a similar "upgraded the node" scenario.

Any of that applicable?

August 9, 2016 at 6:31 pm

I have checked all the links out and still no joy. I'll play around with it and let you know what I come up with it. Also, switching back to ConfigurationID worked just fine.

August 9, 2016 at 6:34 pm

That sounds for all the world like WMF v5 not being installed properly on the node, then. The local CIM repo is missing some of the new bits that let it save configuration names.

August 10, 2016 at 10:03 am

Hi,

I did something similar this morning following a guide from Flynn Bundy, check it out!
https://www.youtube.com/watch?v=GyDbWeqxS6w

August 10, 2016 at 1:01 pm

I did a brand new server that has never had an LCM before and this is my new error:

Registration of the Dsc Agent with the server https://PullServername:8080/PSDSCPullServer.svc failed. The underlying error is: The attempt to register Dsc Agent with AgentId 19E48570-5EF5-11E6-813A-12F4B1052F27 with 
the server https://PullServerName:8080/PSDSCPullServer.svc/Nodes(AgentId='19E48570-5EF5-11E6-813A-12F4B1052F27') returned unexpected response code NotFound. .
    + CategoryInfo          : InvalidResult: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : RegisterDscAgentUnsuccessful,Microsoft.PowerShell.DesiredStateConfiguration.Commands.RegisterDscAgentCommand
    + PSComputerName        : NodeName

The video was good, but didn't get me there. I made sure my web.config points to the RegistrationKeys.txt and that the GUID used for the key is present.

August 10, 2016 at 1:08 pm

Paul that looks like the error we were seeing when xPSDesiredStateConfiguration was broken and you couldn't use Server Core and whatnot. Can you confirm your versions?

August 10, 2016 at 1:15 pm

Here you go:

ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Script     3.12.0.0   xPSDesiredStateConfiguration        {Publish-DSCModuleAndMof, Publish-ModuleToPullServer, Publ...

August 10, 2016 at 1:18 pm

Also, $PSVersiontable, and what version and edition of Windows?

August 10, 2016 at 1:28 pm

Node

PS C:\> $PSVersionTable

Name                           Value
----                           -----
PSVersion                      5.0.10586.117
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.10586.117
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

PS C:\> Get-WmiObject -Class win32_operatingsystem

SystemDirectory : C:\Windows\system32
Organization    : CompanyName
BuildNumber     : 9600
RegisteredUser  : CompanyName
SerialNumber    : 
Version         : 6.3.9600

Pull Server

PS C:\> $psversiontable

Name                           Value
----                           -----
PSVersion                      5.0.10586.117
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.10586.117
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

PS C:\> Get-WmiObject -Class win32_operatingsystem

SystemDirectory : C:\Windows\system32
Organization    : CompanyName
BuildNumber     : 9600
RegisteredUser  : CompanyName
SerialNumber    : 
Version         : 6.3.9600

They are both Windows 2012r2

August 10, 2016 at 2:01 pm

Yeah, that one – I don't know about. You may want to (seriously) considering opening a Product Support ticket with Microsoft. I'll ping the team and see if someone can look at it, but this'll likely get into debugging.

Meantime, enable debugging on both machines, try again, and see what the Debug event log says.

August 11, 2016 at 1:48 am

Could you send me the client (LCM) and pull server logs please? Below is a script to collect the logs from the client (LCM) and pull server logs. Make sure to run your scenario one more time before capturing the logs.

 
$filePath = "C:\DSCLogs.txt"
$numberOfLogs = 50

"##########DSCClient LOGS##############" > $filePath
Get-WinEvent -ProviderName Microsoft-Windows-DSC -MaxEvents $numberOfLogs | select TimeCreated, Id, Message | fl *  >> $filePath

"############PULLSERVER LOGS#############"  >> $filePath
Get-WinEvent -ProviderName Microsoft-Windows-Powershell-DesiredStateConfiguration-PullServer -MaxEvents $numberOfLogs | select TimeCreated, Id, Message | fl *  >> $filePath

August 11, 2016 at 7:31 pm

Can you send the zip file that is generated using
New-xDscDiagnosticsZip cmdlet from xDscDiagnostics module (github.com/PowerShell/xdscdiagnostics)?
If you can upload the file somewhere and paste the URL, that would be great. Or if you want to send me the zip file – insivara@microsoft.com is my email.

August 12, 2016 at 5:19 pm

This a pre-prod network that is inside my companies enterprise. What I shared previously is all that I am allowed to share without ISRM approval. Thank you but I cannot provide logs or zip files. Which is what makes this job so difficult. 🙁

August 15, 2016 at 7:46 am

In your configuration scripts, make sure you use localhost as the node name

[DSCLocalConfigurationManager()]
Configuration PullClientConfigName
{
Node localhost {
Settings

When using ConfigurationNames, always use localhost as the node name in your configuration scripts.
This will yield in a localhost.mof
when you then have to rename to say BaseOS.mof and create a checksum for it.

The reason you use localhost is the fact that 'BaseOS' can now be the value in the LCM ConfigurationNames for various servers and it will still apply it to the servers as localhost is the server the script is running on.