Author Posts

April 5, 2017 at 9:11 pm

Hi everybody,
I have two servers windows 2016 in wmf5.1.
My dsc pull server is configured in HTTPS and registration keys.
I configured the LCM and made a configuration to pull it to my client.

LCM Configuration:
Node $NodeName
{
Settings
{
RefreshMode = 'Pull'
ConfigurationMode="ApplyAndAutoCorrect"
CertificateID = 'mycertificatethumbprint'
}

ConfigurationRepositoryWeb CORE-O_PullSrv
{
ServerURL = "https://myserver:8080/PSDSCPullServer.svc"
CertificateID = 'mycertificatethumbprint'
RegistrationKey = 'myregistrationKey'
ConfigurationNames = @('Server2016')

}

Mof file are present in ... DscService\Configuration
I renamed my mof file in Server2016.mof

But in the client when i tried to update-dsconfiguration -wait -verbose there is an error:
Configuration Not found.
In Windows Event : ResourceNotFound(404).
Could you give me some advices?

April 6, 2017 at 11:10 am

Hi,

your mof and checksum are directly in dsc/configurations/Server2016.mof ?

Thank's

April 6, 2017 at 12:23 pm

Hi,
My MOF file renamed in Server2016.mof and my checksum are present in dsc/configurations
I tried to rename the checksum file too in Server20106.mof.checksum.
I have the same result.
The client doesn't pull his configuration

April 6, 2017 at 12:55 pm

Try to make first ConfigurationMode="ApplyAndMonitor" and show us the result

April 6, 2017 at 1:21 pm

With ApplyAndMonitor this is the result:


...(AgentId='9FC96A5D-157E-11E7-A0E0-005056951FCF')/GetDscAction 
pour AgentId 9FC96A5D-157E-11E7-A0E0-005056951FCF avec l'erreur serveur «ResourceNotFound(404)».
....
    + CategoryInfo          : ResourceUnavailable: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : WebDownloadManagerGetActionNodeConfigurationNotFound,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscActionCommand
    + PSComputerName        : localhost

The same error

April 6, 2017 at 1:51 pm

ok
I had the same problem when I use dsc pull server HTTPS with a certificate. But when I used with non certificate all was run successfuly.
try this:
Pull server:

configuration DSCPullServer
{
param
(
[string[]]$NodeName = 'localhost'
)

Import-DscResource -ModuleName xPSDesiredStateConfiguration #-ModuleVersion 3.7.0.0
Import-DscResource -ModuleName PSDesiredStateConfiguration

Node $NodeName
{
WindowsFeature DSCServiceFeature
{
Ensure = 'Present'
Name = 'DSC-Service'
}

WindowsFeature IIS
{
Ensure = 'Present'
Name = 'Web-Server'
}

xDscWebService DSCPullSRV
{
Ensure = 'Present'
EndpointName = 'DSCPullSRV'
Port = 8080
PhysicalPath = "$env:SystemDrive\inetpub\DSCPullSRV"
CertificateThumbPrint = "AllowUnencryptedTraffic"
ModulePath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Modules"
ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration"
RegistrationKeyPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService"
AcceptSelfSignedCertificates = $true
State = 'Started'
DependsOn = '[WindowsFeature]DSCServiceFeature'
UseSecurityBestPractices = $false
}
}
}
DSCPullServer -OutputPath c:\dsc\DSCPullServer
Start-DscConfiguration -Path $env:SystemDrive\dsc\DSCPullServer -Wait -Verbose -force

and for LCM in your node:

[DSCLocalConfigurationManager()]
configuration PullClient
{
Node localhost
{
Settings
{
RefreshMode = 'Pull'
RefreshFrequencyMins = 30
RebootNodeIfNeeded = $true
ConfigurationMode = 'ApplyAndAutoCorrect'
ConfigurationModeFrequencyMins = 15
}
ConfigurationRepositoryWeb DSC-Pull
{
ServerURL = 'http://yourserver:8080/PSDSCPullServer.svc'
RegistrationKey = 'your registrationkey'

AllowUnsecureConnection = $true #Use this parameter only if you do not have a certificate installed on the pull server
}

ReportServerWeb DSC-Pull
{
ServerURL = 'http://yourserver:8080/PSDSCPullServer.svc'
RegistrationKey = 'your registrationkey'
AllowUnsecureConnection = $true
}
}
}
PullClient
Set-DSCLocalConfigurationManager localhost –Path .\PullClient –Verbose -force

April 6, 2017 at 5:11 pm

I tried.
I make a update-dscconfiguration -wait -verbose
So no error but the client doesn't find a configuration for him so no update.
In dscservice\configuration on my pull server i have my computername.mof and computername.mof.checksum, is it correct or must i use a guid for the mof file???

April 6, 2017 at 8:43 pm

Hi
-on your node
do: new-guid (copy this guid)

– on pull server
rename your mof and checksume with this guid

rerun your LCM and wait untill "ConfigurationModeFrequencyMins = 15"

April 6, 2017 at 9:25 pm

Ok Thanks.
But how the client knows it's his configuration?
Must i precise a configurationID in the LCM configuration with this Guid?

April 6, 2017 at 10:48 pm

With Guid and configurationID in the LCM:

http://myserver:8080///PSDSCPullServer.svc/Action(ConfigurationId='5e5f465e-10f0-4281-8a6f-b80a9da9ee48')/GetAction : configuration 5e5f465e-10f0-4281-8a6f-b80a9da9ee48 valide 
introuvable.
    + CategoryInfo          : ResourceUnavailable: (root/Microsoft/...gurationManager:String) [], CimException
    + FullyQualifiedErrorId : WebDownloadManagerGetActionConfigurationNotFound,Microsoft.PowerShell.DesiredStateConfiguration.Commands.GetDscActionCommand
    + PSComputerName        : localhost
 

With the GUID and without configuratioID in the LCM:
result of update-dscconfiguration -wait -verbose
No error but he can't find a configuration

    [] Configuration not found on the pull server, so no action.

Really i don't understand

April 7, 2017 at 7:02 am

Excuse me. use this for your LCM on your node

[DSCLocalConfigurationManager()]
configuration PullClient
{
Node localhost
{
Settings
{
RefreshMode = 'Pull'
RefreshFrequencyMins = 30
RebootNodeIfNeeded = $true
ConfigurationMode = 'ApplyAndAutoCorrect'
ConfigurationModeFrequencyMins = 15
}
ConfigurationRepositoryWeb DSC-Pull
{
ServerURL = 'http://Your_server:8080/PSDSCPullServer.svc'
RegistrationKey = 'your_registrationkey'
ConfigurationNames = @('service')
AllowUnsecureConnection = $true #Use this parameter only if you do not have a certificate installed on the pull server
}

ReportServerWeb DSC-Pull
{
ServerURL = 'http://Your_server:8080/PSDSCPullServer.svc'
RegistrationKey = 'your_registrationkey'
AllowUnsecureConnection = $true
}
}
}
PullClient
Set-DSCLocalConfigurationManager localhost –Path .\PullClient –Verbose

where "service" will be the same on your pull server in dsc/configurations (service.mof and service.mof.checksum) . make sure this two files are directly in dsc/configurations not in a directory like (dsc/configurations/service/service.mof or .checksum)

April 7, 2017 at 12:47 pm

Thanks you Arnold.
It works fine !
Now i'll search for configure it in https

April 7, 2017 at 12:51 pm

Ok good.
Let's me know if you fix it in https. Are you french?

April 7, 2017 at 1:17 pm

Ok no problem.
Yes i'm french.
Sorry for my poor english (lol)

April 7, 2017 at 1:24 pm

Je parle pas bien anglais non plus. Je suis Français et actuellement en stage sur le sujet de l'automatisation avec Powershell DSC

April 7, 2017 at 1:45 pm

Ok.
Bon stage alors !
Je réalise pour ma part un poc.
Merci encore pour ton aide sur le sujet.

April 8, 2017 at 4:20 pm

Done in HTTPS too.
I'll post my configuration files soon