As we continue to investigate Desired State Configuration, you may be wondering what you can do with DSC. In short, quite a lot. But the true potential lies in the ability to extend the reach of the tool. Today I’ll go over what you can configure with Desired State Configuration, the resources offered, and we’ll combine these to create a configuration which we can then apply to our nodes to put them in a desired state.
Editor’s note: Need to catch up? Check out our previous articles in this series:
Desired State Configuration and Resource Providers
With the initial release of DSC, Microsoft have included in the package a number of Resource Providers, which define some of the settings which can be managed by the system. Each Resource Provider has a specific purpose, with 12 of these available to be used in our configurations. One of these, the Script provider, allows us to extend the reach of our configuration even further through some simple PowerShell commands:
Resource Name |
Description |
Log |
Resource to enable easy posting of messages to Logs |
Environment |
Manage environmental variables on the system |
Registry |
Manipulate the local registry settings of the node |
File |
Manipulates files and directories |
Archive |
Unpacks an archive file (.zip) to a specified location. |
Package |
Install and Manage packages, including .MSI and .EXE |
Service |
Change the configuration of services |
Process |
Manage processes on the node |
WindowsFeature |
Manage Windows Roles and Features |
Group |
Manage and Update Local Computer Groups |
User |
Manage and Update Local Computer User Accounts |
Script |
Execute a Windows PowerShell script block – extending the abilities |
Using a Provider
To get a better understanding of what each of the providers enables us to configure, we will take a closer look at a simple example for each of the different providers, which we can then leverage to help us generate our initial configuration.
Log
Log SampleMessage
{
# Write a message to Microsoft-Windows-Desired State Configuration/Analytic log
Message = "This Message is to simply confirm I was here!"
}
Environment
Environment MyPath
{
# Update my Environment Path
Ensure = "Present" # You can also set Ensure to "Absent"
Name = "Path"
Value = "C:\Windows;C:\Windows\System32;C:\MyPath"
}
Registry
Registry IEEnhanchedSecurity
{
# When "Present" then "IE Enhanced Security" will be "Disabled"
Ensure = "Present"
Key = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
ValueName = "IsInstalled"
ValueType = "DWord"
ValueData = "0"
}
File
File DirectoryCopy
{
# Copy Directory content from Source to target
Ensure = "Present"
Type = "Directory"
Recurse = $true
SourcePath = "\\Server\Share\MyData"
DestinationPath = "C:\Installs\MyData"
}
Archive
Archive ZoomItArch
{
# Unzip the ZoomIT Archive to the Installs Folder on the Node
Ensure = "Present"
Path = "\\Server\Share\ZoomIT.zip"
Destination = "C:\Installs\ZoomIT"
}
Package
Package DellOMSABinaries {
# Ensure that the Dell OpenManage Software is Installed to the Server
Ensure = "Present"
Path = "\\Server\Share\DellOSMA.msi"
Name = "Dell OpenManage Systems Management Software (64-Bit)"
ProductID = "12345678-1234-12345678-12345678"
Arguments = "ADDLOCAL=ALL"
}
Service
Service RemoteDesktopService
{
# Ensure the Remote Desktop Service is Set to Automatic and is Running
Ensure = Present
Name = "TermService"
StartupType = "Automatic"
State = "Running"
}
WindowsFeature
WindowsFeature snmp
{
# Ensure the Windows Feature for SNMP is Installed
Ensure = "Present"
Name = 'SNMP-Service'
}
Group
Group GroupExample
{
# Ensure that our user is a member of the group
Ensure = "Present"
Name = "Administrators"
MemberToInclude = "Domain\MyUser"
}
User
User UserExample
{
Ensure = "Present" # To ensure the user account does not exist, set Ensure to "Absent"
UserName = "SomeName"
Password = $passwordCred
}
Script
Script InstallZoomIt
{
DependsOn = '[Archive]ZoomItArch'
SetScript = { & c:\Install\ZoomIT\ZoomIT.exe }
TestScript = { Test-Path "C:\Program Files (x86)\ZoomIT\ZoomIT.exe" }
GetScript = { return @{Name="C:\Program Files (x86)\ZoomIT\ZoomIT.exe"} }
}
Combining the Resources
With a good idea of what we can do, and with the resources offered for our use, all we need to do now is combine these to create a configuration that we can then apply to our nodes and put them in a desired state.
As a quick and simple example:
Configuration MyQuickSample
{
Node LocalHost
{
WindowsFeature snmp
{
# Ensure the Windows Feature for SNMP is Installed
Ensure = "Present"
Name = 'SNMP-Service'
}
Package DellOMSABinaries {
# Ensure that the Dell OpenManage Software is Installed to the Server
Ensure = "Present"
Path = "\\Server\Share\DellOSMA.msi"
Name = "Dell OpenManage Systems Management Software (64-Bit)"
ProductID = "12345678-1234-12345678-12345678"
Arguments = "ADDLOCAL=ALL"
}
}
}
There you have it! Join me for the next installment in this series, in which I show you how to create a Desired State Configuration.