Skip to content

Instantly share code, notes, and snippets.

@Zuldan

Zuldan/Sample_ConfigurationIDs.ps1

Last active May 19, 2017 17:16
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Zuldan/c0fd292838b8d35c6383 to your computer and use it in GitHub Desktop.
Save Zuldan/c0fd292838b8d35c6383 to your computer and use it in GitHub Desktop.
Download ZIP
Sample_ConfigurationIDs
Raw
Sample_ConfigurationIDs.ps1
######################################################################################
# Assumes the following
# - Firewall on all servers is disabled
# - All servers are part of the same domain
# - xPSDesiredStateConfiguration (v3.7.0.0) exists in C:\Program Files\WindowsPowerShell\Modules\ on the Pull Server
# - Powershell v5.0.10586.117 is installed on all servers
# - OS on all servers is Windows 2012 R2
#region References
# https://github.com/PowerShell/PowerShell-Docs/blob/live/dsc/pullClientConfigNames.md
# https://msdn.microsoft.com/en-us/powershell/dsc/pullserver
# https://msdn.microsoft.com/en-us/powershell/dsc/reportserver
# https://msdn.microsoft.com/en-us/powershell/dsc/pullclientconfigid
#endregion
#region Variables to modify
$PullServer = 'LABSERVER01'
$NodeServer = 'LABSERVER02'
$PullServerConfigPath = 'c:\Configs\PullServer'
$NodeServerConfigPath = 'c:\Configs\TargetNodes'
#$RegKey = '140a952b-b9d6-406b-b416-e0f759c9c0e4'
$ConfigID = '1d545e3b-60c3-47a0-bf65-5afc05182fd0'
#endregion
#Get-WindowsFeature Web-Mgmt-Console | Install-WindowsFeature
#region Pull Server Config
configuration Sample_xDscWebService
{
param
(
[string[]]$NodeName = 'localhost',
[ValidateNotNullOrEmpty()]
[string] $certificateThumbPrint#,
#[Parameter(Mandatory)]
#[ValidateNotNullOrEmpty()]
#[string] $RegistrationKey
)
Import-DSCResource -ModuleName xPSDesiredStateConfiguration
Node $NodeName
{
WindowsFeature DSCServiceFeature
{
Ensure = "Present"
Name = "DSC-Service"
}
xDscWebService PSDSCPullServer
{
Ensure = "Present"
EndpointName = "PSDSCPullServer"
Port = 8080
PhysicalPath = "$env:SystemDrive\inetpub\PSDSCPullServer"
CertificateThumbPrint = $certificateThumbPrint
ModulePath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Modules"
ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration"
State = "Started"
DependsOn = "[WindowsFeature]DSCServiceFeature"
}
<#
File RegistrationKeyFile
{
Ensure ='Present'
Type = 'File'
DestinationPath = "$env:ProgramFiles\WindowsPowerShell\DscService\RegistrationKeys.txt"
Contents = $RegistrationKey
}
#>
}
}
New-SelfSignedCertificate -CertStoreLocation 'CERT:\LocalMachine\MY' -DnsName "PSDSCPullServerCert"
$myCert = (Get-ChildItem CERT:\LocalMachine\My | Where-Object {$_.Subject -eq 'CN=PSDSCPullServerCert'} | Select-Object -First 1).Thumbprint
New-Item -Path $PullServerConfigPath -ItemType Directory -Force
Sample_xDscWebService -certificateThumbprint $myCert -OutputPath $PullServerConfigPath #-RegistrationKey $RegKey
Start-DscConfiguration -Path $PullServerConfigPath -Wait -Verbose
#endregion
#region Node LCM Config
[DSCLocalConfigurationManager()]
configuration PullClientConfigID
{
Node $NodeServer
{
Settings
{
RefreshMode = 'Pull'
ConfigurationID = $ConfigID
RefreshFrequencyMins = 30
RebootNodeIfNeeded = $true
}
ConfigurationRepositoryWeb CONTOSO-PullSrv
{
ServerURL = "https://$($PullServer):8080/PSDSCPullServer.svc"
#RegistrationKey = $RegKey
}
ReportServerWeb CONTOSO-PullSrv
{
ServerURL = "https://$($PullServer):8080/PSDSCPullServer.svc"
}
}
}
New-Item -Path $NodeServerConfigPath -ItemType Directory -Force
PullClientConfigID -OutputPath $NodeServerConfigPath
Set-DSCLocalConfigurationManager $NodeServer –Path $NodeServerConfigPath –Verbose
#endregion
#region Node Config
Configuration IisWebServer
{
Node $ConfigID
{
WindowsFeature IIS
{
Ensure="Present"
Name="Web-Server"
}
}
}
IisWebServer -OutputPath 'C:\Program Files\WindowsPowerShell\DscService\Configuration'
New-DSCChecksum -ConfigurationPath 'C:\Program Files\WindowsPowerShell\DscService\Configuration' -OutPath 'C:\Program Files\WindowsPowerShell\DscService\Configuration' -Verbose -Force
Update-DscConfiguration -ComputerName $NodeServer -wait -verbose
#endregion
#region TrustAllCertsPolicy
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
#endregion
#region Generate report
function GetReport
{
#param($AgentId = "$((glcm).AgentId)", $serviceURL = "https://$($PullServer):8080/PSDSCPullServer.svc")
param($ConfigurationId = "$((glcm).ConfigurationId)", $serviceURL = "https://$($PullServer):8080/PSDSCPullServer.svc")
#$requestUri = "$serviceURL/Nodes(AgentId= '$AgentId')/Reports"
$requestUri = "$serviceURL/Node(ConfigurationId= '$ConfigurationId')/StatusReports"
$request = Invoke-WebRequest -Uri $requestUri -ContentType "application/json;odata=minimalmetadata;streaming=true;charset=utf-8" `
-UseBasicParsing -Headers @{Accept = "application/json";ProtocolVersion = "2.0"}
$object = ConvertFrom-Json $request.content
return $object.value
}
#$reports = GetReport -AgentId (Invoke-Command -ComputerName $NodeServer -ScriptBlock {(glcm).AgentId})
$reports = GetReport -ConfigurationId (Invoke-Command -ComputerName $NodeServer -ScriptBlock {(glcm).ConfigurationId})
$reports[0]
$reports[0].StatusData | ConvertFrom-Json
($reports[0].StatusData | ConvertFrom-Json).MetaConfiguration
#endregion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment