Errors setting up xDSCWebService for Pull Server

This topic contains 9 replies, has 3 voices, and was last updated by Profile photo of Kyle Berger Kyle Berger 5 months, 2 weeks ago.

  • Author
    Posts
  • #44277
    Profile photo of Kyle Berger
    Kyle Berger
    Participant

    This will probably get really long, so I apologize in advance. I am thorough.

    Steps so far:
    Installed Gui 2012 R2, ran all updates.
    Installed WMF 5.0.
    Running all newest DSC cmdlets and xDSC cmdlets. Everything super clean.
    Followed instructions here: https://msdn.microsoft.com/en-us/powershell/dsc/pullserver
    Specifically, the "configuration Sample_xDscPullServer"

    Result so far:
    The last step (installing DSC Service/IIS) errored out, not good. I'm not sure if it matters or not, but the errors make me nervous, as this is the second time trying to set this thing up, and the first time I ran into a plethora of buggy looking things and I am wondering if they are related to the xDSCWebService resource.

    This is the verbose output logged in a json file:

    [
      {"time": "2016-06-21T21:43:47.579-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Set      ]      "},
      {"time": "2016-06-21T21:43:50.413-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Resource ]  [[WindowsFeature]DSCServiceFeature]  "},
      {"time": "2016-06-21T21:43:50.413-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Test     ]  [[WindowsFeature]DSCServiceFeature]  "},
      {"time": "2016-06-21T21:43:53.312-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] The operation 'Get-WindowsFeature' started: DSC-Service"},
      {"time": "2016-06-21T21:43:53.719-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] The operation 'Get-WindowsFeature' succeeded: DSC-Service"},
      {"time": "2016-06-21T21:43:53.782-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Test     ]  [[WindowsFeature]DSCServiceFeature]  in 3.3680 seconds."},
      {"time": "2016-06-21T21:43:53.782-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Set      ]  [[WindowsFeature]DSCServiceFeature]  "},
      {"time": "2016-06-21T21:43:53.876-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] Installation started... "},
      {"time": "2016-06-21T21:43:54.157-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] Continue with installation?"},
      {"time": "2016-06-21T21:43:54.157-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] Prerequisite processing started..."},
      {"time": "2016-06-21T21:43:57.201-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] Prerequisite processing succeeded."},
      {"time": "2016-06-21T21:46:28.404-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] Installation succeeded."},
      {"time": "2016-06-21T21:46:28.435-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[WindowsFeature]DSCServiceFeature] Successfully installed the feature DSC-Service."},
      {"time": "2016-06-21T21:46:28.466-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Set      ]  [[WindowsFeature]DSCServiceFeature]  in 154.6850 seconds."},
      {"time": "2016-06-21T21:46:28.466-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Resource ]  [[WindowsFeature]DSCServiceFeature]  "},
      {"time": "2016-06-21T21:46:28.466-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Resource ]  [[xDSCWebService]PSDSCPullServer]  "},
      {"time": "2016-06-21T21:46:28.466-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Test     ]  [[xDSCWebService]PSDSCPullServer]  "},
      {"time": "2016-06-21T21:46:36.575-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] Check Ensure"},
      {"time": "2016-06-21T21:46:36.590-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] The Website PSDSCPullServer is not present"},
      {"time": "2016-06-21T21:46:36.590-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Test     ]  [[xDSCWebService]PSDSCPullServer]  in 8.1240 seconds."},
      {"time": "2016-06-21T21:46:36.590-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Set      ]  [[xDSCWebService]PSDSCPullServer]  "},
      {"time": "2016-06-21T21:46:36.700-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] Create the IIS endpoint"},
      {"time": "2016-06-21T21:46:37.075-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] Setting up endpoint at - https://KYLE-DSC:8080/PSDSCPullServer.svc"},
      {"time": "2016-06-21T21:46:37.122-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] Verify that the certificate with the provided thumbprint exists in CERT:\\LocalMachine\\MY\\"},
      {"time": "2016-06-21T21:46:37.263-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] Checking IIS requirements"},
      {"time": "2016-06-21T21:46:37.748-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] Delete the App Pool if it exists"},
      {"time": "2016-06-21T21:46:38.563-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[xDSCWebService]PSDSCPullServer] Remove the site if it already exists"},
      {"time": "2016-06-21T21:46:43.098-7:00", "type": "error", "message": "The expression after '&' in a pipeline element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo object."},
      {"time": "2016-06-21T21:46:43.301-7:00", "type": "error", "message": "The expression after '&' in a pipeline element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo object."},
      {"time": "2016-06-21T21:46:43.317-7:00", "type": "error", "message": "The expression after '&' in a pipeline element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo object."},
      {"time": "2016-06-21T21:46:46.464-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Set      ]  [[xDSCWebService]PSDSCPullServer]  in 9.8730 seconds."},
      {"time": "2016-06-21T21:46:46.479-7:00", "type": "error", "message": "The PowerShell DSC resource '[xDSCWebService]PSDSCPullServer' with SourceInfo '::20::10::xDscWebService' threw one or more non-terminating errors while running the Set-TargetResource functionality. These errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details."},
      {"time": "2016-06-21T21:46:46.511-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Resource ]  [[File]RegistrationKeyFile]  "},
      {"time": "2016-06-21T21:46:46.526-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Test     ]  [[File]RegistrationKeyFile]  "},
      {"time": "2016-06-21T21:46:46.667-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[File]RegistrationKeyFile] The system cannot find the file specified.\r\n"},
      {"time": "2016-06-21T21:46:46.683-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[File]RegistrationKeyFile] The related file/directory is: C:\\Program Files\\WindowsPowerShell\\DscService\\RegistrationKeys.txt. "},
      {"time": "2016-06-21T21:46:46.683-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Test     ]  [[File]RegistrationKeyFile]  in 0.1560 seconds."},
      {"time": "2016-06-21T21:46:46.683-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ Start  Set      ]  [[File]RegistrationKeyFile]  "},
      {"time": "2016-06-21T21:46:46.698-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[File]RegistrationKeyFile] The system cannot find the file specified.\r\n"},
      {"time": "2016-06-21T21:46:46.698-7:00", "type": "verbose", "message": "[KYLE-DSC]:                            [[File]RegistrationKeyFile] The related file/directory is: C:\\Program Files\\WindowsPowerShell\\DscService\\RegistrationKeys.txt. "},
      {"time": "2016-06-21T21:46:46.714-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Set      ]  [[File]RegistrationKeyFile]  in 0.0320 seconds."},
      {"time": "2016-06-21T21:46:46.714-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Resource ]  [[File]RegistrationKeyFile]  "},
      {"time": "2016-06-21T21:46:46.714-7:00", "type": "verbose", "message": "[KYLE-DSC]: LCM:  [ End    Set      ]      "}
    ]
    

    Also, here are the Events Logged by DSC as Windows Events; some of the information is the same as above. also, these events are in Reverse order. Sorry.

    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} : Details logging completed for C:\Windows\System32\Configuration\Configurati
    onStatus\{E4AC7EF6-3833-11E6-80B5-00155D058C04}-0.details.json.
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    MIResult: 1
    Error Message: The SendConfigurationApply function did not succeed.
    Message ID: MI RESULT 1
    Error Category: 0
    Error Code: 1
    Error Type: MI
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    MIResult: 1
    Error Message: The PowerShell DSC resource '[xDSCWebService]PSDSCPullServer' with SourceInfo '::20::10::xDscWebService'
    threw one or more non-terminating errors while running the Set-TargetResource functionality. These errors are logged to
    the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
    Message ID: NonTerminatingErrorFromProvider
    Error Category: 7
    Error Code: 1
    Error Type: MI
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    This event indicates that failure happens when LCM is processing the configuration. Error Id is 0x1. Error Detail is The
     SendConfigurationApply function did not succeed.. Resource Id is [xDSCWebService]PSDSCPullServer and Source Info is ::2
    0::10::xDscWebService. Error Message is The PowerShell DSC resource '[xDSCWebService]PSDSCPullServer' with SourceInfo ':
    :20::10::xDscWebService' threw one or more non-terminating errors while running the Set-TargetResource functionality. Th
    ese errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more detail
    s..
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    MIResult: 1
    Error Message: The expression after '&' in a pipeline element produced an object that was not valid. It must result in a
     command name, a script block, or a CommandInfo object.
    Message ID: BadExpression
    Error Category: 7
    Error Code: 7
    Error Type: MI
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    This event indicates that a non-terminating error was thrown when DSCEngine was executing Set-TargetResource on MSFT_xDS
    CWebService DSC resource. FullyQualifiedErrorId is BadExpression. Error Message is The expression after '&' in a pipelin
    e element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo obje
    ct..
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    MIResult: 1
    Error Message: The expression after '&' in a pipeline element produced an object that was not valid. It must result in a
     command name, a script block, or a CommandInfo object.
    Message ID: BadExpression
    Error Category: 7
    Error Code: 7
    Error Type: MI
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    This event indicates that a non-terminating error was thrown when DSCEngine was executing Set-TargetResource on MSFT_xDS
    CWebService DSC resource. FullyQualifiedErrorId is BadExpression. Error Message is The expression after '&' in a pipelin
    e element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo obje
    ct..
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    MIResult: 1
    Error Message: The expression after '&' in a pipeline element produced an object that was not valid. It must result in a
     command name, a script block, or a CommandInfo object.
    Message ID: BadExpression
    Error Category: 7
    Error Code: 7
    Error Type: MI
    
    Job {E4AC7EF6-3833-11E6-80B5-00155D058C04} :
    This event indicates that a non-terminating error was thrown when DSCEngine was executing Set-TargetResource on MSFT_xDS
    CWebService DSC resource. FullyQualifiedErrorId is BadExpression. Error Message is The expression after '&' in a pipelin
    e element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo obje
    ct..
    

    I'm not sure if this means that the Resource is broken, or simply throwing errors due to not having fit and finish checks in place to avoid unneeded error messages. I'll probably be digging into the project page and looking at the code pretty soon. In the meantime, I wanted to post what I'm seeing, in case it helps anyone else in the future.

    I'll try to register an Agent, which did not work correctly the last time I tried. I eventually got it sort of working, but after undocumented troubleshooting steps, so I'm starting over from scratch. This time, I have a Hyper-V checkpoint, so it won't be so much trouble to go back.

  • #44285
    Profile photo of Kyle Berger
    Kyle Berger
    Participant

    So,

    I'm still getting the same error I got last time, on the IIS side, where it says this is an Unauthorized response to Register a Node/Agent,

    PS C:\DSC\Configs> Set-DscLocalConfigurationManager -Path .\DefaultLCMConfig -ComputerName kyle-ipam
    Registration of the Dsc Agent with the server https://Kyle-DSC.home.local:8080/PSDSCPullServer.svc failed. The
    underlying error is: The attempt to register Dsc Agent with AgentId D556460A-376D-11E6-80B5-00155D058C05 with the
    server https://kyle-dsc.home.local:8080/PSDSCPullServer.svc/Nodes(AgentId='D556460A-376D-11E6-80B5-00155D058C05')
    returned unexpected response code Unauthorized. .
        + CategoryInfo          : InvalidResult: (root/Microsoft/...gurationManager:String) [], CimException
        + FullyQualifiedErrorId : RegisterDscAgentUnsuccessful,Microsoft.PowerShell.DesiredStateConfiguration.Commands.Reg
       isterDscAgentCommand
        + PSComputerName        : kyle-ipam
    

    I do get the XML output from navigating to https://kyle-dsc.home.local:8080/PSDSCPullServer.svc/ , so the server is up and GET requests seem successful (Cert is also good). The PUT requests for adding the Node/Agent fail, and I have no idea what is going on internally.

    I have to add some more details now.

    This is my LCM config I'm pushing from the Pull Server:

    [DSCLocalConfigurationManager()]
    configuration DefaultLCMConfig
    {
        param(
            [Parameter()]
            [ValidateScript({$_ -match "^[a-zA-Z0-9-]+$"})]
            [string]$Hostname="localhost"
        )
    
        Node $Hostname
        {
            Settings
            {
                ConfigurationModeFrequencyMins = 15
                RebootNodeIfNeeded = $true
                ConfigurationMode = 'ApplyAndAutoCorrect'
                ActionAfterReboot = 'ContinueConfiguration'
                RefreshMode = 'Pull'
                RefreshFrequencyMins = 30
                AllowModuleOverwrite = $true
                DebugMode = 'ForceModuleImport'
                StatusRetentionTimeInDays = 14
            }
    
            ConfigurationRepositoryWeb DSCRepo
            {
                AllowUnsecureConnection = $false
                RegistrationKey = 'ed231766-f20e-4cf3-93d3-a90ab23bd4f5'
                ServerURL = 'https://Kyle-DSC.home.local:8080/PSDSCPullServer.svc'
                ConfigurationNames = @('test')
            }
    
            ReportServerWeb DSCRepo
            {
                ServerURL = 'https://Kyle-DSC.home.local:8080/PSDSCPullServer.svc'
            }
        }
    }
    

    Also, to let you know, I also tried "AllowUnsecureConnection = $true", with no change.

    Further details:

    PowerShell Version – 5.0.10586.117
    xPSDesiredStateConfiguration Version – 3.10.0.0 – xDSCWebService was updated like 19 days ago?

    Am I missing something? Am I a complete idiot?

    I can sort of fix this by fiddling with IIS, but I don't want to do that because it didn't fix everything reliably.

    I also noticed there are a lot of commits recently to xPSDesiredStateConfiguration recently, so maybe that's part of my issue and others might not have seen it in the past?

    • This reply was modified 5 months, 2 weeks ago by Profile photo of Kyle Berger Kyle Berger.
  • #44299
    Profile photo of Arie H
    Arie H
    Participant

    Hi,

    can you also post your pull server creation script and the commands you used to create it as well, please ?

    I assume you already have a mof and checksum for the configurationname value residing in the configuration subfolder ?

  • #44497
    Profile photo of Kyle Berger
    Kyle Berger
    Participant

    "can you also post your pull server creation script and the commands you used to create it as well, please ?"

    I did, by mentioning this:

    Followed instructions here: https://msdn.microsoft.com/en-us/powershell/dsc/pullserver
    Specifically, the "configuration Sample_xDscPullServer"

    I could have been more clear, though. The command is simply running the configuration and supplying the Cert thumbprint and GUID registration key, then compiling the configuration and an mof and applying the configuration. It is the same as on the Documentation.

    I captured this in my personal notes: "Start-DscConfiguration -Path .\Sample_xDscPullServer -Wait -Verbose -ComputerName localhost"

    "I assume you already have a mof and checksum for the configurationname value residing in the configuration subfolder ?"

    Yes, but that shouldn't affect the Registration of a node, right? Hopefully not, anyway. (As a side note: I got pulls sort of working on the first Pull server attempt, put the checksum failed, so that is probably another bug to tackle later)

    The problem I'm running into is I think there are some bugs in the IIS configuration, but difficult to prove, as the configuration is quite complex and I haven't been able to entirely follow the code on Github. I get to the general area, but my lack of IIS knowledge sort of hinders my investigation.

  • #44499
    Profile photo of Kyle Berger
    Kyle Berger
    Participant

    Well, I finally figured out how to setup trace logs for IIS. Here comes the info!

    
    I posted some XML here earlier, and it didn't like that...
    
    

    This is what I'm seeing that is telling:

    remoteUserName="PSDSCUser"
    userName="PSDSCUser"
    tokenUserName="HOME\KYLE-DSC$"
    authenticationType="PSDSCAuthentication"

    I'm not familiar with what is meant by that Authentication Type.

    I have no idea what or where PSDSCUser is.

    It confirms I'm indeed getting a 401.3 error, which normally means the issue is local NTFS rights. I would concur, because I can make some changes and sort of get it working, although I haven't done that this time just yet.

    https://support.microsoft.com/en-us/kb/942042

    The PSWS Application Pool is configured to run as LocalSystem.

    The PSDSCPullServer Site is configured only with Anonymous Authentication set to use IUSR locally.

    I'm thinking something is up with the authentication settings, and perhaps other issues as well. I will continue to investigate further.

    • This reply was modified 5 months, 2 weeks ago by Profile photo of Kyle Berger Kyle Berger.
  • #44502
    Profile photo of Kyle Berger
    Kyle Berger
    Participant

    So,

    I'm getting different responses after messing with the IIS rights. I've changed the user Identity of the PSWS Application Pool to run as ApplicationPoolIdentity, so I can then setup the rights to the Site based upon the PSWS Identity User as Full Permissions. I'm still running into issues, but they aren't the same 401.3 error as before. Registration of the node appears to still be sort of broken. Instead of erroring out quickly, it sits and runs for a good long time (401 seconds). It throws an error. The output is this:

    
    PS C:\DSC\Configs> Set-DscLocalConfigurationManager -Path .\DefaultLCMConfig -ComputerName kyle-ipam -Verbose
    VERBOSE: Performing the operation "Start-DscConfiguration: SendMetaConfigurationApply" on target
    "MSFT_DSCLocalConfigurationManager".
    VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' =
    SendMetaConfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' =
    root/Microsoft/Windows/DesiredStateConfiguration'.
    VERBOSE: An LCM method call arrived from computer KYLE-DSC with user sid
    S-1-5-21-3149736864-2278915772-2866003438-1107.
    VERBOSE: [KYLE-IPAM]: LCM:  [ Start  Set      ]
    VERBOSE: [KYLE-IPAM]: LCM:  [ Start  Resource ]  [MSFT_DSCMetaConfiguration]
    VERBOSE: [KYLE-IPAM]: LCM:  [ Start  Set      ]  [MSFT_DSCMetaConfiguration]
    VERBOSE: [KYLE-IPAM]: LCM:  [ End    Set      ]  [MSFT_DSCMetaConfiguration]  in 0.0160 seconds.
    VERBOSE: [KYLE-IPAM]: LCM:  [ End    Resource ]  [MSFT_DSCMetaConfiguration]
    VERBOSE: [KYLE-IPAM]: LCM:  [ End    Set      ]
    Registration of the Dsc Agent with the server https://Kyle-DSC.home.local:8080/PSDSCPullServer.svc failed. The
    underlying error is: Failed to register Dsc Agent with AgentId D556460A-376D-11E6-80B5-00155D058C05 with the server
    https://kyle-dsc.home.local:8080/PSDSCPullServer.svc/Nodes(AgentId='D556460A-376D-11E6-80B5-00155D058C05'). .
        + CategoryInfo          : InvalidResult: (root/Microsoft/...gurationManager:String) [], CimException
        + FullyQualifiedErrorId : RegisterDscAgentCommandFailed,Microsoft.PowerShell.DesiredStateConfiguration.Commands.Re
       gisterDscAgentCommand
        + PSComputerName        : kyle-ipam
    
    VERBOSE: Operation 'Invoke CimMethod' complete.
    VERBOSE: Set-DscLocalConfigurationManager finished in 401.33 seconds.
    
    

    It pulls the 'test' configuration, but doesn't seem to apply it correctly, as it is for some odd reason set to "Ensure = 'absent'" on the Pull client.

    The failure does not appear to be registered in the event logs:

    PS C:\DSC\Configs> Get-xDscOperation
    
    ComputerName   SequenceId TimeCreated           Result   JobID                                 AllEvents
    ------------   ---------- -----------           ------   -----                                 ---------
    KYLE-DSC       1          6/22/2016 8:08:18 PM  Success                                        {@{Message=; TimeC...
    KYLE-DSC       2          6/22/2016 8:07:19 PM  Success                                        {@{Message=; TimeC...
    KYLE-DSC       3          6/22/2016 8:07:19 PM  Success  96e05508-38ef-11e6-80b7-00155d058c04  {@{Message=Operati...
    KYLE-DSC       4          6/22/2016 7:52:25 PM  Success  7e72b1f0-38ed-11e6-80b7-00155d058c04  {@{Message=Running...
    KYLE-DSC       5          6/22/2016 7:52:24 PM  Success                                        {@{Message=; TimeC...
    KYLE-DSC       6          6/22/2016 7:52:24 PM  Success  7e72b1ef-38ed-11e6-80b7-00155d058c04  {@{Message=Running...
    KYLE-DSC       7          6/22/2016 7:37:24 PM  Success  65fb96c2-38eb-11e6-80b7-00155d058c04  {@{Message=Running...
    KYLE-DSC       8          6/22/2016 7:22:27 PM  Success  4d8330de-38e9-11e6-80b7-00155d058c04  {@{Message=Running...
    KYLE-DSC       9          6/22/2016 7:22:26 PM  Success  4d8330dd-38e9-11e6-80b7-00155d058c04  {@{Message=Running...
    KYLE-DSC       10         6/22/2016 7:07:19 PM  Success  350ba6bf-38e7-11e6-80b7-00155d058c04  {@{Message=Operati...
    

    After all of that, I decided to set the Site's Anonymous Authentication to use the Application Pool Identity user instead of IUSR to see what would happen, because I already set the Application Pool to use that same user. Figured, why not try it?

    Doesn't work, same stuff.

    I decided to change the PSWS Identity back to LocalSystem, and I'm directly back to Unauthorized. Ok, the original symptom is directly related to this setting.

    I decided to set it to "Network Service" instead, and add NTFS Full Access Permissions to the Site for Network Service.

    Now I'm back to the same thing about it being really slow to apply the LCM configuration and it sits there for a long time, and sort of kind of works but doesn't work.

    Ok, I'm basically back to where I started and I have no idea what the hell is going on. I set the Identity and Authentication back to original settings, and Unauthorized is back. :'(

  • #44504
    Profile photo of Kyle Berger
    Kyle Berger
    Participant

    OMG,

    I decided to take a look at my RegistrationKeys.txt after looking through the IIS trace again and realizing it also told me (very long file) that the Registration Key was not valid...

    I check the file, and find out it is filled with the contents of the Certificate Thumbprint! The certificate thumbprint is also set correctly, so I didn't think anything of it previously.

    I had these same issue on my last server, where I did set the RegistrationKeys.txt correctly (I checked), but for some reason this one is now apparently registering correctly. What in da heck?

    I'm obviously totally mental. Well, I can't argue with the results. I'm still having issues with 'test' config, so I'll open another forum post for that if I can't figure it out myself. Until then, I suppose this is resolved by me making some kind of mistake that I didn't notice until now.

  • #44512
    Profile photo of Arie H
    Arie H
    Participant

    For future reference:

    Dont change the application pool identity of PSWS. It has to be LocalSystem. That's how it was designed to work.
    At least until a point in the future when or if they change it.

  • #44552
    Profile photo of Ed O'Connor
    Ed O’Connor
    Participant

    Hi Kyle,

    Did you make any headway into the error:

    Error Message: The expression after '&' in a pipeline element produced an object that was not valid. It must result in a
    command name, a script block, or a CommandInfo object.
    Message ID: BadExpression
    Error Category: 7
    Error Code: 7
    Error Type: MI

    I am getting the same exact error when trying to create my pull server. I have gone to the extent of totally rebuilding the machine from a ISO so I know there are no remnants of old settings haunting me. I don't want to even try to set node configurations until I get a clean Pull Server build. If you figured anything out I would greatly appreciate your insights.

    Thanks,

    Ed

    • #44826
      Profile photo of Kyle Berger
      Kyle Berger
      Participant

      Ed,

      So far, they seem to be errors we can ignore. At least as far as I have seen.

      I re-ran the configuration after rebuilding the mof, and it created the registration key file correctly, so I must have stupidly pasted the Thumbprint twice. Other than that, most everything is working. I am having an issue with "ConfigurationNames = " when there is more than one configuration, which I'll post about shortly. I doubt that is related to the non-terminating errors associated with the Pull Server setup resources.

You must be logged in to reply to this topic.