Benutzer:MovGP0/Powershell/DSC/HTTP Pull Server

aus Wikipedia, der freien Enzyklopädie
   MovGP0        Über mich        Hilfen        Artikel        Weblinks        Literatur        Zitate        Notizen        Programmierung        MSCert        Physik      

HTTP Pull Server

$ConfigurationData = @{
    AllNodes = @( # required key
        @{NodeName = "Server01"; Roles = "WebServer"}, 
        @{NodeName = "ComplianceServer01"; Roles = "WebServer"}, 
        @{NodeName = "Client01"},
        @{NodeName = "*"; Features = "PowerShell-V4"}
    );
    MyData = @{ # optional arbitrarily named key
        MyData = Import-CSV "C:\Development\Translations.csv"
    }
}

Configuration MyConfiguration {
    Import-DscResource -ModuleName xPSDesiredStateConfiguration 

    # ensure all nodes have PowerShell-V4 installed 
    Node $AllNodes.Nodename {
        $Node.Features.foreach({
            WindowsFeature $_ { 
                Name = $_
                Ensure = "Present"
            }
        })
    }

    Node 'HttpPullServer01'{
        WindowsFeature DscServiceFeature {
            Ensure = 'Present';
            Name='DSC-Service';
        }

        # when using a compliance server, enable NTLM auth to make deployment easier 
        WindowsFeature WebWindowsAuth {
            Ensure = 'Present';
            Name = 'web-Windows-Auth';
            DependsOn = "[WindowsFeature]DscServiceFeature";
        }

        xDSCWebService PSDSCPullServer {
            Ensure='Present';
            EndpointName = 'PSDSCPullServer';
            Port = 8080;
            PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\DSCPullServer";
            CertificateThumbPrint = 'AllowUnencryptedTraffic'; # no SSL; insert SSL thumbprint for encryption 
            ModulePath = "$env:ProgramFiles\WindowsPowerShell\DscService\Modules";
            ConfigurationPath = "$env:ProgramFiles\WindowsPowerShell\DscService\Configuration";
            State='Started';
            DependsOn = "[File]DSCFullPath";
        }
    }

    Node 'ComplianceServer01'{
        WindowsFeature DscServiceFeature {
            Ensure = 'Present';
            Name='DSC-Service';
        }

        WindowsFeature WebWindowsAuth {
            Ensure = 'Present';
            Name = 'web-Windows-Auth';
            DependsOn = "[WindowsFeature]DscServiceFeature";
        }

        xDSCWebService PSDSCComplianceServer {
            Ensure='Present';
            EndpointName = 'PSDSCComplianceServer';
            Port = 9080;
            PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\DSCComplianceServer";
            CertificateThumbPrint = 'AllowUnencryptedTraffic'; # no SSL; insert SSL thumbprint for encryption 
            State='Started';
            DependsOn = "[WindowsFeature]DSCServiceFeature";
            # IsComplianceServer = $true;
        }
    }

    Node 'Client01' {
        LocalConfigurationManager {
            AllowModuleOverwrite = $true;
            ConfigurationID = $guid;
            ConfigurationMode = 'ApplyAndMonitor';
            RefreshMode = 'Pull';
            DownloadManagerName = 'WebDownloadManager';
            DownloadManagerCustomData = @{
                ServerUrl = "http://server01.lan:8080/PSDSCPullServer.svc";
                AllowUnsecureConnection = $true;
            };
        }
    }
}
Compliance Server
  • Logs pull status, configuration and node information
  • only with HTTP pull server
  • documentation lacking with PS 4.0
  • query database for compliance using JSON [1]

Quellen

  1. How to retrieve node information from DSC pull server. In: Windows PowerShell Blog. Microsoft, 29. Mai 2014, abgerufen am 28. August 2016.