DSC not accepting values from config file

Welcome Forums DSC (Desired State Configuration) DSC not accepting values from config file

This topic contains 5 replies, has 2 voices, and was last updated by

 
Participant
1 week, 3 days ago.

  • Author
    Posts
  • #113803

    Inactive
    Points: 0
    Rank: Member

    Hi Everyone,

    I have a weird issue with my configuration. I am trying to create RDS environment across 3 servers. My issue is that DSC not accepting value from configuration data. In my configuration data I have both PSDscAllowPlainTextPassword, PSDscAllowDomainUser fields but still I get this issue.

    
    $data = @{
      AllNodes = @(
        @{
            NodeName = '*'
            PSDscAllowPlainTextPassword = $true
            PSDscAllowDomainUser = $true
        },
    
        @{....
    

    Even If I have both PSDscAllowPlainTextPassword, PSDscAllowDomainUser it is not accepting it.

    ConvertTo-MOFInstance : System.InvalidOperationException error processing property 'PsDscRunAsCredential' OF TYPE 'xRDSessionDeployment': Converting and storing encrypted passwords as plain text is not recommended. For m
    ore information on securing credentials in MOF file, please refer to MSDN blog: https://go.microsoft.com/fwlink/?LinkId=393729
    At C:\RDS2016.ps1:109 char:9
    WARNING: It is not recommended to use domain credential for node 'System.Collections.Hashtable'. In order to suppress the warning, you can add a property named 'PSDscAllowDomainUser' with a value of $true to your DSC conf
    iguration data for node 'System.Collections.Hashtable'.

  • #113804

    Participant
    Points: 65
    Published
    Rank: Member

    How are you calling pushing the configuration ? Can you show us the code which is triggering the configuration.

  • #113806

    Inactive
    Points: 0
    Rank: Member

    Hi,

    Here comes the whole config

    $data = @{
      AllNodes = @(
    
        @{
            NodeName = '*'
            PSDscAllowPlainTextPassword = $true
            PSDscAllowDomainUser = $true      
         },
    
        @{
            NodeName = 'rdcb01'
            Role = 'Connection Broker'
        },
    
        @{        
            NodeName = 'rdsh01'
            Role = 'Session Host'
        },
    
        @{
            NodeName = 'rdwa01'
            Role = 'Web Access'
        }
    
      );
    
      RDSData = @{
            ConnectionBroker = 'rdcb01.domain.com'
            SessionHost = 'rdsh01.domain.com'
            WebAccessServer = 'rdwa01.domain.com'
            CollectionName = 'RDS'
            AutomaticReconnectionEnabled = $true
            DisconnectedSessionLimitMin = 300
            IdleSessionLimitMin = 300
            BrokenConnectionAction = 'Disconnect'
            UserGroup = 'Domain Users'
        
       }
    
    }
    
    Configuration RDS {
    
    param ( 
        
         [Parameter(Mandatory=$true)]
         [pscredential]$DomainAdminCred
    )
    
    #region
    
    Import-DscResource -ModuleName PSDesiredStateConfiguration, 
        @{ModuleName='xRemoteDesktopSessionHost';ModuleVersion="1.8.0.0"}
    
    #endregion
    
    Node $AllNodes.Where{$_.Role -eq 'Connection Broker'} {
    $RDData = $data.RDSData
            WindowsFeature RDSConnectionBroker {
            Name = 'RDS-Connection-Broker'
            Ensure = 'Present'
            }
    
            WindowsFeature RSATRDSTools {
            Name = 'RSAT-RDS-Tools'
            Ensure = 'Present'
            IncludeAllSubFeature  = $true
            DependsOn = '[WindowsFeature]RDSConnectionBroker'
            }
            
            WaitForAll SessionHost {
            NodeName = 'rdsh01'
            ResourceName = '[WindowsFeature]SessionHost'
            RetryIntervalSec = 15
            RetryCount = 50
            DependsOn = '[WindowsFeature]RSATRDSTools'
            }
    
            WaitForAll WebAccess {
            NodeName = 'rdwa01'
            ResourceName = '[WindowsFeature]WebAccess'
            RetryIntervalSec = 15
            RetryCount = 50
            DependsOn = '[WaitForAll]SessionHost'
            }
    
            xRDSessionDeployment NewDeployment {
            ConnectionBroker = $RDData.ConnectionBroker
            SessionHost = $RDData.SessionHost
            WebAccessServer = $RDData.WebAccessServer
            DependsOn = '[WaitForAll]WebAccess'
            PsDscRunAsCredential = $DomainAdminCred
            }
    
            xRDSessionCollection collection {    
            CollectionName = $RDData.CollectionName
            SessionHost = $RDData.SessionHost
            ConnectionBroker = $RDData.ConnectionBroker
            DependsOn = '[xRDSessionDeployment]NewDeployment'
            PsDscRunAsCredential = $DomainAdminCred
            }
    } 
    
    Node $AllNodes.Where{$_.Role -eq 'Session Host'}.NodeName {
            WindowsFeature SessionHost {
            Name = 'RDS-RD-Server'
            Ensure = 'Present'
            }
    }
    
    Node $AllNodes.Where{$_.Role -eq 'Web Access'}.NodeName {
            WindowsFeature WebAccess {
            Name = 'RDS-Web-Access'
            Ensure = 'Present'
            }
        }
    }
    
    RDS -OutputPath 'C:\' -DomainAdminCred $DomainAdminCred -ConfigurationData $data -Verbose
  • #113906

    Participant
    Points: 65
    Published
    Rank: Member

    You have missed to take out NodeName from Node $AllNodes.Where{$_.Role -eq 'Connection Broker'}

    it should be Node

    $AllNodes.Where{$_.Role -eq 'Connection Broker'}.NodeName
    • #113924

      Inactive
      Points: 0
      Rank: Member

      Thank you so much. Don't understand how could I miss that but it is wierd that DSC didn't prompt for that.

  • #113929

    Participant
    Points: 65
    Published
    Rank: Member

    DSC won't prompt for that, the condition $AllNodes.Where{$_.Role -eq 'Connection Broker'} does have an output which is a hashtable, it then converts it to a string and will get System.Collections.Hashtable as value and will treat that as a node name. your mof file will get created with this name if you try to execute by commenting the credential part.

    -a----       10/12/2018   7:03 PM           4378 System.Collections.Hashtable.mof

You must be logged in to reply to this topic.