What Can I Configure Using Desired State Configuration?

Published: Feb 03, 2014

SHARE ARTICLE

As we continue to investigate Desired State Configuration, you may be wondering what you can do with DSC. In short, quite a lot. But the true potential lies in the ability to extend the reach of the tool. Today I’ll go over what you can configure with Desired State Configuration, the resources offered, and we’ll combine these to create a configuration which we can then apply to our nodes to put them in a desired state.

Editor’s note: Need to catch up? Check out our previous articles in this series:

Desired State Configuration and Resource Providers

With the initial release of DSC, Microsoft have included in the package a number of Resource Providers, which define some of the settings which can be managed by the system. Each Resource Provider has a specific purpose, with 12 of these available to be used in our configurations. One of these, the Script provider, allows us to extend the reach of our configuration even further through some simple PowerShell commands:

Resource Name Description
Log Resource to enable easy posting of messages to Logs
Environment Manage environmental variables on the system
Registry Manipulate the local registry settings of the node
File Manipulates files and directories
Archive Unpacks an archive file (.zip) to a specified location.
Package Install and Manage packages, including .MSI and .EXE
Service Change the configuration of services
Process Manage processes on the node
WindowsFeature Manage Windows Roles and Features
Group Manage and Update Local Computer Groups
User Manage and Update Local Computer User Accounts
Script Execute a Windows PowerShell script block – extending the abilities

Using a Provider

To get a better understanding of what each of the providers enables us to configure, we will take a closer look at a simple example for each of the different providers, which we can then leverage to help us generate our initial configuration.

Log

​ Log SampleMessage
{
   # Write a message to Microsoft-Windows-Desired State Configuration/Analytic log
   Message = "This Message is to simply confirm I was here!"
}

Environment

​ Environment MyPath
{
   # Update my Environment Path
   Ensure = "Present"  # You can also set Ensure to "Absent"
   Name = "Path"
   Value = "C:\Windows;C:\Windows\System32;C:\MyPath"
}

Registry

​ Registry IEEnhanchedSecurity
{
   # When "Present" then "IE Enhanced Security" will be "Disabled"
   Ensure = "Present"
   Key = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
   ValueName = "IsInstalled"
   ValueType = "DWord"
   ValueData = "0"
}

File

​ File DirectoryCopy
{
   # Copy Directory content from Source to target
   Ensure = "Present"
   Type = "Directory" 
   Recurse = $true
   SourcePath = "\\Server\Share\MyData"
   DestinationPath = "C:\Installs\MyData"    
}

Archive

​ Archive ZoomItArch
{
   # Unzip the ZoomIT Archive to the Installs Folder on the Node
   Ensure = "Present"
   Path = "\\Server\Share\ZoomIT.zip"
   Destination = "C:\Installs\ZoomIT"
}

Package

​ Package DellOMSABinaries {
   # Ensure that the Dell OpenManage Software is Installed to the Server
   Ensure    = "Present"
   Path      = "\\Server\Share\DellOSMA.msi"
   Name      = "Dell OpenManage Systems Management Software (64-Bit)"
   ProductID = "12345678-1234-12345678-12345678"
   Arguments = "ADDLOCAL=ALL"
}

Service

​ Service RemoteDesktopService
{
   # Ensure the Remote Desktop Service is Set to Automatic and is Running
   Ensure = Present
   Name = "TermService"
   StartupType = "Automatic"
   State = "Running"
}

WindowsFeature

​ WindowsFeature snmp
{
   # Ensure the Windows Feature for SNMP is Installed
   Ensure = "Present"
   Name = 'SNMP-Service'
}

Group

​ Group GroupExample
{
   # Ensure that our user is a member of the group
   Ensure = "Present"
   Name = "Administrators"
   MemberToInclude = "Domain\MyUser"
}

User

​ User UserExample
{
   Ensure = "Present"  # To ensure the user account does not exist, set Ensure to "Absent"
   UserName = "SomeName"
   Password = $passwordCred
}

Script

​ Script InstallZoomIt
{
   DependsOn  = '[Archive]ZoomItArch'
   SetScript  = { & c:\Install\ZoomIT\ZoomIT.exe }
   TestScript = { Test-Path "C:\Program Files (x86)\ZoomIT\ZoomIT.exe" }
   GetScript  = { return @{Name="C:\Program Files (x86)\ZoomIT\ZoomIT.exe"} }
}

Combining the Resources

With a good idea of what we can do, and with the resources offered for our use, all we need to do now is combine these to create a configuration that we can then apply to our nodes and put them in a desired state.

As a quick and simple example:

​ Configuration MyQuickSample
{
   Node LocalHost
   {
      WindowsFeature snmp
      {
         # Ensure the Windows Feature for SNMP is Installed
         Ensure = "Present"
         Name = 'SNMP-Service'
      }

      Package DellOMSABinaries {
         # Ensure that the Dell OpenManage Software is Installed to the Server
         Ensure    = "Present"
         Path      = "\\Server\Share\DellOSMA.msi"
         Name      = "Dell OpenManage Systems Management Software (64-Bit)"
         ProductID = "12345678-1234-12345678-12345678"
         Arguments = "ADDLOCAL=ALL"
      } 
   }
}

There you have it! Join me for the next installment in this series, in which I show you how to create a Desired State Configuration.

SHARE ARTICLE