This topic contains 3 replies, has 2 voices, and was last updated by
January 6, 2017 at 11:54 pm #61468ParticipantPoints: 0Rank: Member
I have a requirement to remove ALL traces of any DSC runs. Currently all iam doing is the following
1. clear DSC configuration documents (previous.mof, current.mof, backup.mof) using the following command
Remove-DscConfigurationDocument -Stage Current, Pending, Previous -Verbose
2. clear DSC event logs
wevtutil cl Microsoft-Windows-DSC/Operational
3. clear all JSON files containing DSC runs log information using the command
However when i run the command "Get-DscConfigurationStatus -All" I still see the information about the previous DSC runs. I want to know how do i clear this information from the system? Where is this information stored?
January 9, 2017 at 2:49 pm #61542KeymasterPoints: 1,811Rank: Community Hero
I'm not sure I've ever needed to do this before. The information is in the WMI/CIM repository, but I'm not sure if there's a supported way of erasing it entirely. Can you share more about your use case, here?
January 19, 2017 at 8:09 pm #62173ParticipantPoints: 0Rank: Member
Here is the background:
We install Windows stock OS on the box and make lots of modifications to it. Modifications include things like, turning of some options in Settings, applying local policies using gpedit etc.
We need to do this because of various reasons that are not important now. These modifications usually were done manually and used to take lot of time (weeks) and were error prone.
So I am tasked with creating DSC script that automates all these modifications. All is good until here. I am able to automate these modifications using DSC.
But the caveat is that we ship these images to our customers and we want to make sure there are no DSC traces anywhere in the machine when we ship these images.
That is the reason why i need to clear all the DSC logs/DSC events etc.
January 19, 2017 at 8:12 pm #62178KeymasterPoints: 1,811Rank: Community Hero
So... I think you just might be outside the realm of what DSC was intended to do. The team never envisioned it as an OEM prep tool. I mean, obviously it can implement a lot of those things, but it doesn't have a "sanitize" mode. I'm not even sure it's _possible_ to clear out the Repository bits, for example, without writing some native code to do so, and I don't know if clearing it would break something or not.
I'm not sure DSC is a good choice for this task.
The topic ‘where is the information about DSC configuration runs stored on the computer’ is closed to new replies.