Author Posts

May 20, 2014 at 11:51 am

CASE:
If I put all my user accountnames in some DSC-MOF file, with their other attributes (homedrive,name,etc.), with a password, because every new users starts with some new random password.
DSC comes along, and adds all users to the AD.
The user login, and changes their password. 15 minutes later, LCM (DSC) comes along, and resets the password to the original, because it is not compliant. The user then calls the helpdesk because he (or she) cannot login anymore.......

How to manage, user changing some user-attributes, in this new world of DSC ?

May 20, 2014 at 12:17 pm

ROFL. That's funny.

So, first, I don't think DSC can actually enforce the password. Keep in mind that Windows doesn't store passwords in clear text; DSC wouldn't really be able to "check" the password.

I'm also not 100% sure Microsoft was thinking of DSC as a way to keep users provisioned. Not that they DIDN'T, but I could see it being a performance dog with a lot of accounts. It might not be the ideal DSC scenario.