Cloud & Networking
Reader small image

You're reading from  Windows Server 2016 Automation with PowerShell Cookbook - Second Edition

Product typeBook
Published inSep 2017
Reading LevelBeginner
Publisher
ISBN-139781787122048
Edition2nd Edition
Languages
PowerShell
Tools
Windows Server
Concepts
System Administration
Right arrow
Authors (2):
Thomas Lee
Thomas Lee
author image
Thomas Lee

Thomas Lee is a consultant/trainer/writer based in the UK and has been in the IT business since the late 1960s. After graduating from Carnegie Mellon University, Thomas joined ComShare where he was a systems programmer building the Commander II time-sharing operating system, a forerunner of today's cloud computing paradigm. In the mid-1970s, he moved to ICL to work on the VME/K operating system. After a sabbatical in 1980/81, he joined Accenture, leaving in 1988 to run his own consulting and training business, which is still active today. Thomas holds numerous Microsoft certifications, including MCSE (one of the first in the world) and later versions, MCT (25 years), and was awarded Microsoft's MVP award 17 times.
Read more about Thomas Lee

Ed Goad
Ed Goad
author image
Ed Goad

Ed Goad is a systems architect who has been working in various roles in the IT field for 16 years. He first became interested in scripting and automation when presented with a task to uninstall software from over 1,000 systems with limited time and resources. He has worked with scripting and automation on multiple platforms and languages including PowerShell, VBscript, C#, and BASH scripting. Ed currently holds multiple Microsoft certifications, most recently including the Microsoft Certified IT Professional Enterprise Administrator. Additional non-Microsoft certifications include VMware Certified Professional (VCP), Red Hat Certified System Administrator (RHCSA), EMC Proven Professional, Brocade Certified Network Engineer (BCNE), and Cisco Certified Network Associate (CCNA). Ed is currently on a sabbatical and volunteering full time at the Amor Fe y Esperanza school in Honduras(http://www.afehonduras.org). There he is teaching computer and math classes to the kids who live and work in the garbage dump outside of the capital city of Tegucigalpa.
Read more about Ed Goad

View More author details
Right arrow

Chapter 13. Using Desired State Configuration

In this chapter, we will cover the following recipes:

  • Using DSC and built-in resources
  • Parameterizing DSC configuration
  • Finding and installing additional DSC resources
  • Using DSC with PSGallery resources
  • Configuring Local Configuration Manager
  • Implementing a SMB pull server
  • Implementing a DSC web-based pull server
  • Using DSC partial configuration

Introduction

Desired State Configuration (DSC) is management platform within Windows Server and is implemented with Windows PowerShell. DSC enables you to define a computer's desired state declaratively and have PowerShell ensure the computer is configured accordingly and remains so. This is simpler than writing complex scripts to configure a given computer. Microsoft added DSC with PowerShell and delivered improvements V5 and V/5.1 and Server 2016.

With DSC, you define a configuration that describes the details of how a given node (computer) is to be configured. The configuration defines a series of resources to be invoked on the node and how these resources should be configured. A DSC resource is PowerShell code and executable that knows to configure a given object residing on a node. Resources primarily exist as PowerShell modules and you need them both on the computer on which you author DSC configurations and on the target node.

For example, you could define a node and specify that the...

Using DSC and built-in resources

Windows Server 2016 comes with a limited set of built-in DSC resources. In this recipe, you explore the built-in DSC resources and then write and deploy a simple configuration to a single node. The recipe also examines changes in configuration.

Getting ready

In this recipe, you examine the Windows Server 2016 built-in resources and use these to create and compile a configuration statement on server SRV1. You use this configuration statement to then deploy the Web-Server feature on a second server, SRV2.

This recipe relies on two files being created and shared from DC1. The two files are Index.Htm, and Page2.Htm. These two files are created and shared as \\DC1\ReskitApp. The first file, Index.HTM contains the following:

<!DOCTYPE html>
<html>
<head><title>Main Page - ReskitApp Application</title></head>
<body><p><center>
   <b>HOME PAGE FOR RESKITAPP APPLICATION</b></p>
   This is the root...

Parameterizing DSC configuration

As with functions, you can create configuration blocks with parameters. These enable you to produce different MOF files by varying the parameter values used when you execute the configuration.

For example, suppose you wanted to add a feature to a node. You could create a specific configuration where you hard code the feature name and the node name. This is not dissimilar to how you copied specific files from DC1 to SRV1 in the use DSC and built-in resources recipe.

Alternatively, you could create a configuration that takes the node name and the service name as parameters and when you run the configuration, PowerShell creates a MOF file that adds the specified service to the specified node. This recipe demonstrates that approach.

One challenge this approach throws up is that, by default, you can only send a single MOF file to a given node. Thus, if you used the earlier recipe and copied files to SRV2, attempting to send a second MOF file to the system results...

Finding and installing DSC resources

A DSC resource is a specially created PowerShell module that enables DSC to configure various aspects of a node. The WindowsFeature DSC resource, for example, enables you to ensure that a particular node of a particular Windows feature installed. You could also specify that a particular Windows feature should not be present.

As you have seen in this chapter so far, Windows comes with a few DSC resources built in. But these do not provide broad coverage. For example, you can use the built-in File resource to copy the source files for a small web application onto a new server. But the built-in resources do not allow you to specify the application's settings (what the application name is, which application pool it runs in, and so on) which is where add-on DSC resources come in.

The community, which includes various Microsoft teams, has been busy since the release of DSC with PowerShell V4 and has created a large range of additional resources. These resources...

Using DSC with PSGallery resources

In the Finding and installing DSC resources recipe, you downloaded a module, xWebAdministration, which contains a number of DSC resources. In this recipe, you use the resources in this module to create an IIS web application. You create and run this recipe from SRV1 to configure a web application on SRV2. You obtain the source files for the web application from DC1.

Getting ready

With this recipe, you configure IIS on SRV2 to support a simple web application—a similar application. To test this recipe, you need two source files, which you store on the ReskitApp share on your DC1 computer. The first, Index.Htm contains the following:

<!DOCTYPE html> 
<html> 
<head><meta charset="utf-8" /> 
<title>Main Page of The ReskitApp Application</title> 
</head> 
<body></p> 
<br> 
<center> 
<b>Home Page for ReskitApp Application</b></p> 
The home page of the ReskitApp application pushed...

Configuring Local Configuration Manager

The LCM is a key component of DSC that initially shipped within PowerShell V4. LCM is a Windows service that runs on each DSC target node and is responsible for receiving configuration information and ensuring the node is configured in the desired state (and remains that way).

The LCM has two mechanisms for desired state delivery: push and pull. The earlier recipes in this chapter demonstrate the push model: you create a configuration and its related MOF file on one node, and push that configuration to another node. In the pull model, you configure the node with details of where and how to find a pull server. Once configured, a node can pull configurations from the configured pull server.

With this recipe, which you run on SRV2, you configure the LCM based on PowerShell V5/5.1. PowerShell V4 used a different approach to configuring the LCM. In this recipe, you configure the LCM on SRV2 and set up SRV2 to use SRV1 as an SMB pull server. You setup SRV1...

Implementing a SMB pull server

There are two different types of DSC pull server you implement: SMB-based and web-based. The SMB-based pull server approach is most useful on a private routable network, one where all nodes can reach the centralized configuration and resource pull server shares. For high availability, you could set up an SMB pull server on a scale out file server.

In DSC, MOF files are used to communicate the desired state to a node. The LCM on that node, in effect, does anything the MOF file says. MOF files are ,at rest, just plain text documents and are not encrypted or signed. If your private network is secure, then the SMB pull server is easier to set up and configure. If security is an issue, consider using the web server pull server approach and configure it with HTTPS.

In the previous recipe, Configuring Local Configuration Manager, you configured a node, SRV2 to pull configurations from a DSC pull server. In this recipe, you configure another node, SRV1, to be the pull...

Implementing a DSC web-based pull server

Deploying a DSC web-based pull server is more complex than deploying an SMB pull server. The SMB-based pull server is simple: just create a couple of shares and place the relevant files on that share. The web server approach requires you to also load IIS, install the DSC service, and configure the service, as well as placing the MOF files, resources, and any relevant checksums on the web server. Of course, in both cases, you need to configure each node's LCM.

You deploy a web based pull server to provide a pull client with both resources and configuration MOF files. Unlike an SMB-based pull server, a web-based pull server also provides reporting capabilities enabling a pull client to report status back to the reporting server. Reporting is not available using an SMB-based pull server.

To simplify the creation of a web-based DSC pull server, you can use the xPSDesiredStateConfiguration module DSC resource. You download this resource from PSGallery. This...

Using DSC partial configurations

PowerShell V5 introduced a new feature with DSC: partial configurations. A partial configuration, as the name suggests, is part of the configuration you wish to see applied to a given node.

Partial configurations allow you to share the configuration of a node between multiple teams. For example, you might want the central IT team to define the basic configuration of a node. Another team could be responsible for deploying a web application to that same node. With PowerShell 4, you would have needed to put all the configuration components into a single configuration document/MOF file and deploy that to the node.

To support partial configurations, you must configure each node's LCM to define the partial configurations, and how they are to be deployed. Each partial configuration can be either pushed or pulled. Thus, you can deploy partial configurations that direct the node to pull the basic host configuration for an IT central configuration server and to pull...

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 21 of 21
Next Chapter
You have been reading a chapter from
Windows Server 2016 Automation with PowerShell Cookbook - Second Edition
Published in: Sep 2017Publisher: ISBN-13: 9781787122048
© 2017 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €14.99/month. Cancel anytime

Authors (2)

author image
Thomas Lee

Thomas Lee is a consultant/trainer/writer based in the UK and has been in the IT business since the late 1960s. After graduating from Carnegie Mellon University, Thomas joined ComShare where he was a systems programmer building the Commander II time-sharing operating system, a forerunner of today's cloud computing paradigm. In the mid-1970s, he moved to ICL to work on the VME/K operating system. After a sabbatical in 1980/81, he joined Accenture, leaving in 1988 to run his own consulting and training business, which is still active today. Thomas holds numerous Microsoft certifications, including MCSE (one of the first in the world) and later versions, MCT (25 years), and was awarded Microsoft's MVP award 17 times.
Read more about Thomas Lee

author image
Ed Goad

Ed Goad is a systems architect who has been working in various roles in the IT field for 16 years. He first became interested in scripting and automation when presented with a task to uninstall software from over 1,000 systems with limited time and resources. He has worked with scripting and automation on multiple platforms and languages including PowerShell, VBscript, C#, and BASH scripting. Ed currently holds multiple Microsoft certifications, most recently including the Microsoft Certified IT Professional Enterprise Administrator. Additional non-Microsoft certifications include VMware Certified Professional (VCP), Red Hat Certified System Administrator (RHCSA), EMC Proven Professional, Brocade Certified Network Engineer (BCNE), and Cisco Certified Network Associate (CCNA). Ed is currently on a sabbatical and volunteering full time at the Amor Fe y Esperanza school in Honduras(http://www.afehonduras.org). There he is teaching computer and math classes to the kids who live and work in the garbage dump outside of the capital city of Tegucigalpa.
Read more about Ed Goad

Other recommended products

Related to this chapter

Windows Server 2019 Automation with PowerShell Cookbook

Windows Server 2019 Automation with PowerShell Cookbook

Windows Server 2019 represents the latest version of Microsoft’s flagship server operating system. It also comes with the latest version of Windows PowerShell. This book will help you learn how to use PowerShell to manage the core roles, features, and services of Windows Server 2019.

BookFeb 2019542 pages
Windows Server Automation with PowerShell Cookbook

Windows Server Automation with PowerShell Cookbook

This cookbook will help you gain command of PowerShell 7.1 to manage the core roles, features, and services within Windows Server 2022 and 2019. Thomas Lee provides an expansive view of the functionality made possible in PowerShell’s latest major release.

BookJul 2021674 pages
Learning PowerShell DSC

Learning PowerShell DSC

Windows PowerShell, a scripting language specially designed for system administration, lets you manage computers from the command line. PowerShell DSC enables you to deploy and manage configuration data for software services and also manages the environment in which these services run.

BookSep 2017272 pages
Installation, Storage, and Compute with Windows Server 2016: Microsoft 70-740 MCSA Exam Guide

Installation, Storage, and Compute with Windows Server 2016: Microsoft 70-740 MCSA Exam Guide

This practical guide covers 70-740 exam objectives required for MCSA: Windows Server 2016 certification. Additionally, this certification guide will come in handy when preparing to take the exam 70-743: Upgrading Your Skills to MCSA: Windows Server 2016.

BookFeb 2019330 pages
Powershell Core 6.2 Cookbook

Powershell Core 6.2 Cookbook

PowerShell Core is the open-source edition of PowerShell that works on Linux, macOS, and Windows. This book will be your one stop guide to learning everything new about PowerShell Core and how you can make the most of the changes and upgrades.

BookApr 2019372 pages
Windows Server 2016 Hyper-V Cookbook

Windows Server 2016 Hyper-V Cookbook

This Hyper-V book is designed to help advanced-level administrators benefit fully from the new Windows Server. With over 80 hands-on recipes, the Hyper-V Cookbook gives you tips, tricks and best practices to deploy, maintain and upgrade your virtual machines.

BookJan 2017524 pages
Getting Started with Nano Server

Getting Started with Nano Server

Want to improve your ability to deploy a new VM and install and deploy container apps within minutes? You have come to the right place! The objective of this book is to get you started with Nano Server successfully. The journey is quite exciting, since we are introducing you to a cutting edge technology that will revolutionize today’s data centers.

BookJun 2017406 pages
DevOps with Windows Server 2016

DevOps with Windows Server 2016

BookMar 2017558 pages
Identity with Windows Server 2016: Microsoft 70-742 MCSA Exam Guide

Identity with Windows Server 2016: Microsoft 70-742 MCSA Exam Guide

This practical guide covers Identity with Windows Server 2016: 70-742 exam objectives required for MCSA: Windows Server 2016 certification.

BookJan 2019232 pages
Learn PowerShell Core 6.0

Learn PowerShell Core 6.0

Derived from the .NET Framework, Windows PowerShell is a command-line shell and scripting language designed specifically to automate almost every task. PowerShell helps IT professionals and power users to make system administration simple and handy on Windows. This book will be your end-to-end guide to get up and running with Windows PowerShell Core 6.0.

BookJul 2018552 pages
Windows Server 2019 Cookbook

Windows Server 2019 Cookbook

Windows Server 2019 powers virtually every single large and medium-sized organizations around the glove. This problem-solution guide has over 100 recipes to help you manage simple to complex administrative tasks in Windows Server 2019.

BookJul 2020650 pages
Mastering Windows PowerShell Scripting

Mastering Windows PowerShell Scripting

PowerShell scripts offer a handy way to automate various chores. Working with these scripts effectively can be a difficult task.This comprehensive guide starts from scratch and covers advanced-level topics along with tips to make you a PowerShell scripting expert.

BookOct 2017440 pages

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2