MSFT File Resource and checksum

Welcome Forums DSC (Desired State Configuration) MSFT File Resource and checksum

This topic contains 1 reply, has 2 voices, and was last updated by

 
Member
4 years, 5 months ago.

  • Author
    Posts
  • #15635

    Participant
    Points: 0
    Rank: Member

    I want to be able to verify the correct version of some files are on a server. The built-in File resource looks like what I should be using. I am usually a bit nervous of using file dates to do this (either createdDate or modifiedDate), so it looks like using something like Checksum="SHA-1" is a better option.

    Would are the pros/cons of using SHA-1 vs SHA-256 vs SHA-512?

    There is also the "MatchSource" Boolean property, that based on my testing seems to need to be set to "True" to even have the Checksum test performed. Can someone conform that is correct? The TechNet documentation on this property is blank.

    There is also a "Force" Boolean property. Can someone explain what this does as the TechNet documentation is also blank.

    Lastly, if using the File resource with Type="Directory", does using a Checksum result in a way to be sure the same version of all files, and files of nested folders (Recurse="True"), are the same so that if any file changes in the source, the destination file will be updated?

    Thanks in advance...

  • #15639

    Member
    Points: 0
    Rank: Member

    Here are the descriptions of the Force and MatchSource properties from the schema files:

    "Perform the file operation even if it will destroy content files, or directories."
    "Always compare the DestinationPath with the SourcePath. The default is false, meaning we will use cached information."

    For hash algorithms, I'd probably just go with SHA-512. The difference in performance between the three algorithms is not that huge, and SHA-1 is being phased out due to security concerns. See http://www.cryptopp.com/benchmarks-amd64.html for a comparison of performance.

    As for the behavior of MatchSource / CheckSum with a Directory, I'm not sure, but that should be easy to test.

The topic ‘MSFT File Resource and checksum’ is closed to new replies.