I'm new to DSC and trying to figure out how can I implement it to mimic server settings we currently do through GPO. While I understand how to do that for single machine with single huge MOF file, I can not understand how to do that for hundreds of machines it's eventually will be rolled out to. Namely what confuses me is how to retain similar hierarchical structure which GPO has which worked very well for us.
My plan is to create one big DSC config which applies to all servers via PULL and configure it's as a first partial config.
Thing is, DSC doesn't really yet come with any tooling that makes this model easy. There's no database a la Active Directory. So while you can do what you're asking, it's going to require YOU to come up with a way of tracking and assigning everything.
I think you're going to be very disappointed with partial configurations. They look great, but it's very easy to get them to explode and crash when they hit the client, because only the LCM is doing any kind of validation on them. There's no central merging-and-validation logic, and DSC isn't as simple as "last in wins" like GPO.
And DSC doesn't have a "first or second" partial concept. It retrieves ALL the partials and combines them into one MOF, and then executes that MOF. There's no precedence.
If you're CAREFUL, then what you're talking about – a partial everyone gets, a partial some people get, and a third partial that is maybe per-computer, then yes, you can do this. Setting up the code to produce it all may be time-consuming, but overall you CAN, technically, do this.
But you don't use GUIDs in v5 for partials, you use ConfigurationNames. For each Pull server, you specify the Configuration Names (essentially, MOF filenames) you want that node to pull from that Pull server. So whether servers share a GUID or not isn't important.
You'd just tell everyone to pull "AllServers.mof," and then whatever other MOFs you want them to pull. You don't need a MOF-per-server.
You must be logged in to reply to this topic.