Issues with a new DSC Pull Server

Welcome Forums DSC (Desired State Configuration) Issues with a new DSC Pull Server

This topic contains 2 replies, has 1 voice, and was last updated by

 
Participant
3 months, 2 weeks ago.

  • Author
    Posts
  • #110242

    Participant
    Points: 1
    Rank: Member

    Hello Experts,

    I have configured a Secure DSC Pull Server using the script available at this link.

    I didn't receive any errors during the configuration. However, after finishing the configuration when I ran Get-DscConfiguration command I am getting below error:

    Get-DscConfiguration -Verbose
    VERBOSE: An LCM method call arrived from computer TestPullServer with user sid S-1-5-21-96684026-1888757961-1698245536-547389.
    VERBOSE: [TestPullServer]: LCM:  [ Start  Get      ]      
    VERBOSE: [TestPullServer]:                            [[WindowsFeature]DSCServiceFeature] The operation 'Get-WindowsFeature' started: DSC-Service
    VERBOSE: [TestPullServer]:                            [[WindowsFeature]DSCServiceFeature] The operation 'Get-WindowsFeature' succeeded: DSC-Service
    VERBOSE: [TestPullServer]: LCM:  [ End    Get      ]  [[WindowsFeature]DSCServiceFeature]  in 0.5320 seconds.
    Get-DscConfiguration : Method invocation failed because [System.Collections.ObjectModel.Collection`1[[System.Management.Automation.PSObject, System.Management.Automation, Version=3.0.0.0, Culture=neutral, 
    PublicKeyToken=31bf3856ad364e35]]] does not contain a method named 'Format'.
    At line:1 char:1
    + Get-DscConfiguration -Verbose
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (MSFT_DSCLocalConfigurationManager:root/Microsoft/...gurationManager) [Get-DscConfiguration], CimException
        + FullyQualifiedErrorId : MethodNotFound,Get-DscConfiguration
     
    Get-DscConfiguration : The PowerShell DSC resource '[xDSCWebService]PSDSCPullServer' with SourceInfo 'C:\Temp\Create-PullServerV2.ps1::89::9::xDscWebService' threw one or more non-terminating errors while running 
    the Get-TargetResource functionality. These errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
    At line:1 char:1
    + Get-DscConfiguration -Verbose
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (MSFT_DSCLocalConfigurationManager:root/Microsoft/...gurationManager) [Get-DscConfiguration], CimException
        + FullyQualifiedErrorId : NonTerminatingErrorFromProvider,Get-DscConfiguration
    
  • #110435

    Participant
    Points: 1
    Rank: Member

    I have performed few steps found at random forums on the internet and found that the issue is related to the Certificate that I have used with the Pull Server. I added the certificate to the Root certificate store and also ran below code to resolve some other issue I started facing. Below is the code:

    Add-Type @"
        using System.Net;
        using System.Security.Cryptography.X509Certificates;
        public class TrustAllCertsPolicy : ICertificatePolicy {
            public bool CheckValidationResult(
                ServicePoint srvPoint, X509Certificate certificate,
                WebRequest request, int certificateProblem) {
                return true;
            }
        }
    "@
    [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
    
    # If still getting below error:
    # Invoke-WebRequest : The request was aborted: Could not create SSL/TLS secure channel.
    #
    # Run below commands:
    #
    [System.Net.ServicePointManager]::SecurityProtocol += [System.Net.SecurityProtocolType]::Tls11
    [System.Net.ServicePointManager]::SecurityProtocol += [System.Net.SecurityProtocolType]::Tls12
    

    However, any configuration is working fine locally on the pull server but it is failing on any other node with below error:

    WinRM cannot process the request. The following error occurred while using Kerberos authentication: 
    Cannot find the computer testNode.contoso.com. Verify that the computer exists on the 
    network and that the name provided is spelled correctly.
        + CategoryInfo          : NotSpecified: (root/Microsoft/...gurationManager:String) [], CimExceptio 
       n
        + FullyQualifiedErrorId : HRESULT 0x80070035
        + PSComputerName        : testNode.contoso.com
    

    I am able to ping the target node, I am able to test the WinRM connection using Test-WSMan. Not sure how to resolve this error.

    • #110459

      Participant
      Points: 1
      Rank: Member

      The WINRM Kerberos Authentication issue is also resolved after I used below method:

      Start-DscConfiguration -Path .\WebServerConfig -Verbose -Wait -CimSession (New-CimSession -ComputerName localhost -Credential "contoso\adminuser")

      However, when I run

      Get-DSCConfiguration

      on PullServer, I am still getting below error:

      Get-DscConfiguration : Method invocation failed because [System.Collections.ObjectModel.Collection`1[[System.Management.Automation.PSObject, System.Management.Automation, Version=3.0.0.0, Culture=neutral, 
      PublicKeyToken=31bf3856ad364e35]]] does not contain a method named 'Format'.
      At line:1 char:1
      + Get-DscConfiguration
      + ~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidOperation: (MSFT_DSCLocalConfigurationManager:root/Microsoft/...gurationManager) [Get-DscConfiguration], CimException
          + FullyQualifiedErrorId : MethodNotFound,Get-DscConfiguration
       
      Get-DscConfiguration : The PowerShell DSC resource '[xDSCWebService]PSDSCPullServer' with SourceInfo 'C:\Temp\Create-PullServerV2.ps1::89::9::xDscWebService' threw one or more non-terminating errors while running 
      the Get-TargetResource functionality. These errors are logged to the ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
      At line:1 char:1
      + Get-DscConfiguration
      + ~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidOperation: (MSFT_DSCLocalConfigurationManager:root/Microsoft/...gurationManager) [Get-DscConfiguration], CimException
          + FullyQualifiedErrorId : NonTerminatingErrorFromProvider,Get-DscConfiguration
       
      

The topic ‘Issues with a new DSC Pull Server’ is closed to new replies.