PowerShell Desired State Configuration

Overview

PowerShell DSC is different than PowerShell scripting which ensures the remote windows systems are in the desired state and it is the declarative method unlike PowerShell Scripting and other programming languages which are considered imperative methods.

In this article, we will go through the Push Method of the DSC which is a commonly used method for beginners and doesn’t require the Pull server. Pull server which polls the remote servers at some intervals and set the desired configuration for them and it is kind of automated.

For the Push configuration, we will consider the below aspects.

• Get the DSC resource to Configure.

• Create the Node Configuration.

• Compile the Node Configuration.

• Push the Node configuration on remote nodes.

• Test the Node configuration.

Get the DSC resource to configure

Windows servers are shipped with the default DSC resources. To check the available resources for DSC run the Get-DSCResource command.

These are the built-in resources, you can check the DSC community page for more information about other resources and repositories.

https://github.com/dsccommunity

To get the specific resource information with their properties,

Example

Get-DscResource -Name File | Select -ExpandProperty Properties

Output

In this File DSC resource, DestinationPath property is mandatory.

In this article, we will work with the file resource.

Create the Node Configuration

To create the node configuration, we will take the example of the File Resource and first, we will stop the Spooler service and we will then copy the FileSearchOut.csv to the destination server’s folder that we created. (Both are not related, it is just for the example purpose).

Here the destination server is Win2k16, You can pass the multiple nodes in an array or loop as well.

Configuration CopyFile{
   Node Win2k16{
      Service SpoolerStop{
         Name = 'Spooler'
         State = 'Stopped'
         StartupType = 'Disabled'
      }
      File CopyOutputFile{
         SourcePath = "\adserver\Shared\Filesearchout.csv"
         DestinationPath = "C:\Temp\"
         DependsOn = '[Service]SpoolerStop'
         Force = $true
      }
   }
}

You can load this configuration by executing the script. It won’t return anything but will store the code in memory.

Compile the Node Configuration

Once we have the configuration in memory, we first need to compile the configuration to push it on the remote server. To compile the configuration, we need to run that configuration and it will generate the Managed Object Format (MOF) file for each node.

This is how you can compile configuration and it will store the MOF file in the TestDSC folder.

Example

CopyFile -OutputPath C:\Temp\TestDSC

Output

The MOF file name would be NodeName.mof. This file stores the configuration for that node and every time you run this configuration file, it makes sure that the node should be in the desired state.

Running the Node Configuration

To run the configuration for this node, we need to run the Start-DscConfiguration command and need to provide the path where this configuration is stored as shown below.

Start-DscConfiguration -Path C:\Temp\TestDSC -Wait -Force -Verbose

So we can see that the configuration has been sent to the remote node and it is completed.

Testing the Node configuration

You can log in and check on the remote nodes and validate if these resources are in the desired state.

The alternate option you can directly use the DSC command line to check which resources are in the desired state. Test-DSCConfiguration command is used for it.

Example

Test-DscConfiguration -Path C:\Temp\TestDSC | ft -AutoSize

Output

Or you can directly query the computer if that is in desired state or not.

PS C:\Users\Administrator> Test-DscConfiguration -ComputerName Win2k16 True