New Delhi PowerShell User Group.

Friday, May 23, 2014

Configure the Service to run under different account name in , Windows PowerShell Desired State Configuration Service Resource.

1. Introduction of Windows PowerShell “Desired State Configuration”.

2. Installing Windows PowerShell 4.0 [Windows Management Framework 4.0].

3. Getting Started With Desired State Configuration: DSC Syntax.

4. Review of Desired State Configuration: The 3 easy steps.

5. Write your First Desired State Configuration Script using ROLE Resource.

6. Run your first "DSC" PowerShell Script.

7.Configuring Dependencies in "Desired State Configuration" script in PowerShell.

8.PowerShell and DSC : Using File Resource

9.Using Registry Resource

10. Using Archive Resource.

11. Using Group Resource.

12. Using User Resource

13. Using Service Resource.

i-alphabet-kids-coloring-pictures-printable n my previous blog post, I had wrote about , "How to use Service Resource" in "Desired State Configuration".

Sometimes, we have to run some "Windows Services" under a specific user account, the user account can be a domain account or can be a local user account.

Using "Desired State Configuration" "Service Resource" , In our configuration script we can also set and configure services to use other user accounts rather then using the default one.

Today, I am not going in to much details about the "Service Resource", as we had already done the same in the our previous blog post.

Let' start.

In the below screenshot, you can see that, the status of the "Virtual Disk" service is "Stopped", and the "Startup Type" mode is set to "Manual" and the service is running under the "Local System Account".

Below is the "Desired State Configuration" script, which we are going to use in this demonstration.

The most important lines in the below code are:

The $ConfigData variable,

In this variable, we are setting the configuration data for the destination Server, to allow us the use of the plain text passwords.{kindly check the User Resource blog post about the errors you may encounter}.

The PSCredential object. This is the username and password on the account , under which we want our service to run.

We are creating a PSCredential Object by using two things., the password and the username.
In $secPassword, we are converting the plain text password to Secure String
In $myCreads, we are creating a PSCredential object using the domain username and password ($secPassword).

Set the Credential parameter value to the PSCredential Object which we just have created.

Simple.

   1:  $ConfigData = @{

   2:      AllNodes = @(

   3:          @{

   4:              NodeName="Posh-Demo";

   5:              PSDscAllowPlainTextPassword = $true

   6:           }

7:

   8:  )}

9:

  10:  Configuration settingServices

  11:  {

  12:      $secpasswd = ConvertTo-SecureString "Passw0rd" -AsPlainText -Force

  13:      $mycreds = New-Object System.Management.Automation.PSCredential ("domain\YOURaCCOUNT", $secpasswd)

14:

  15:      Node 'Posh-Demo'

  16:      {

  17:          Service virtualDiskService

  18:          {

  19:              Name = 'vds'

  20:              State = 'Running'

  21:              StartupType = 'Automatic'

  22:              Credential = $mycreds

23:

  24:          }

  25:      }

  26:  }

27:

  28:  settingServices -ConfigurationData $ConfigData

In my script, the name of the .PS1 script is "DSC_ServiceResourceDemo_cred.ps1". The name of the DSC configuration is "settingService" . In $ConfigData variable we are configuring our destination server to allow the use of plain text password.

When you run the DSC configuration, please remember to add the -ConfigurationData parameter and the $confiData as the arugument.

Run the script, settingServices -ConfigurationData $ConfigData

and it will export and create the MOF File.

Now, use the Start-DscConfiguration to start pushing the MOF file to the Posh-Demo server.

Start-DscConfiguration -Path .\settingServices -Wait -Verbose

You can see in the below screenshot, that we have run the above command and it has been completed successfully.

It's time to verify the settings.

You, can see in the below screenshot, that the 'Virtual Disk' service is running now, and the start-up mode is set to automatic, and the Logon ON AS account is set to our domain account.

Rather then running under the Local System or Network Account, this service is running under our domain account now.

Cool!

We are almost near the completion of the"Desired State Configuration" tutorial series. In June hopefully I may start a new tutorial series.

That's all for today , Have fun, and have a nice weekend.

Thanks.

Regards

Aman Dhally

If you like, you can follow me on Twitter and Facebook. You can also check my “You Tube” channel for PowerShell video tutorials. You can download all of my scripts from “Microsoft TechNet Gallery”.

Wednesday, May 21, 2014

Learn How to use "Windows PowerShell Desired State Configuration Service Resource"

1. Introduction of Windows PowerShell “Desired State Configuration”.

2. Installing Windows PowerShell 4.0 [Windows Management Framework 4.0].

3. Getting Started With Desired State Configuration: DSC Syntax.

4. Review of Desired State Configuration: The 3 easy steps.

5. Write your First Desired State Configuration Script using ROLE Resource.

6. Run your first "DSC" PowerShell Script.

7.Configuring Dependencies in "Desired State Configuration" script in PowerShell.

8.PowerShell and DSC : Using File Resource

9.Using Registry Resource

10. Using Archive Resource.

11. Using Group Resource.

12. Using User Resource

In my previous post, we have seen , how to use the "User Resource" of the "Desired State Configuration".

Today, we are going to see how to use the "Service Resource" of the "Desired Sate Configuration".

It's a very useful resource, I do like it very much, you can set and and configure services as per you own need, and using this DSC script, you can configure service as you want them on your servers.

The Syntax of the Service Resource is :

What we are going to do today?

By using the "Service Resource", we are going to change the "Virtual Disk" service's start-up mode from "Manual" to "Automatic".

We also changing the "State" of "Virtual Disk" service from "Stopped" to "Running".

You can see that the usage of the "Service Resource" is very straight forward.

In my Script, the name of the script is "DSC_ServiceResourceDemo" .The name of the Configuration block is "settingServices". and the name of the "Service Resource" block is "virtualDiskService".

Name = Actual name of the Service, for example , the actual name of "Virtual Disk" service is "vds".

State : Set the running state of the Service, either it can be "Running" or "Stopped".

StartupType : The Startup type can be either, "Automatic", "Disabled", or "Manual".

Script.



Configuration settingServices
{
  

    Node 'Posh-Demo'
    {
        Service virtualDiskService
        {
            Name = 'vds'
            State = 'Running'
            StartupType = 'Automatic'
            

        }
    }
}

settingServices

Run the script.

It will create a MOF file.

Start pushing the MOF folder using Start-DscConfiguration.

Run

Start-DscConfiguration -Path .\settingServices -Wait -Verbose

In the below screenshot, you can see that ,the command finishes successfully. Let's check, if the changes which we configured in the script, are applied successfully or Not.

Yay! They are applied successfully.

If you want to run the Service using any of these there built-in-account. You can use the "BuiltInAccount" parameter and the provide the below options as a string argument.

LocalService
LocalSystem
NetworkService

BuiltInAccount = "NetworkService"

Now, run the DSC script again, when the MOF file created, deploy it again using the same process like above.

If the pushing of the MOF is successful, you can see that the "Log On As" account of the Service is set to the "Network Service" now.

That's all for today. See you in my next blog post.

Thanks