Version information
This version is compatible with:
- Puppet Enterprise 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
Start using this module
Add this module to your Puppetfile:
mod 'dsc-psdscresources', '2.12.0-0-9'
Learn more about managing modules with a PuppetfileDocumentation
psdscresources
Table of Contents
Description
This is an auto-generated module, using the Puppet DSC Builder to vendor and expose the psdscresources PowerShell module's DSC resources as Puppet resources. The functionality of this module comes entirely from the vendored PowerShell resources, which are pinned at v2.12.0.0. The PowerShell module describes itself like this:
This module contains the standard DSC resources. Because PSDscResources overwrites in-box resources, it is only available for WMF 5.1. Many of the resource updates provided here are also included in the xPSDesiredStateConfiguration module which is still compatible with WMF 4 and WMF 5 (though that module is not supported and may be removed in the future).
For information on troubleshooting to determine whether any encountered problems are with the Puppet wrapper or the DSC resource, see the troubleshooting section below.
Requirements
This module, like all auto-generated Puppetized DSC modules, relies on two important technologies in the Puppet stack: the Puppet Resource API and the puppetlabs/pwshlib Puppet module.
The Resource API provides a simplified option for writing types and providers and is responsible for how this module is structured. The Resource API ships inside of Puppet starting with version 6. While it is technically possible to add the Resource API functionality to Puppet 5.5.x, the DSC functionality has not been tested in this setup. For more information on the Resource API, review the documentation.
The module also depends on the pwshlib module. This Puppet module includes two important things: the ruby-pwsh library for running PowerShell code from ruby and the base provider for DSC resources, which this module leverages.
All of the actual work being done to call the DSC resources vendored with this module is in this file from the pwshlib module. This is important for troubleshooting and bug reporting, but doesn't impact your use of the module except that the end result will be that nothing works, as the dependency is not installed alongside this module!
Long File Path Support
Several PowerShell modules with DSC Resources end up with very long file paths once vendored, many of which exceed the 260 character limit for file paths. Luckily in Windows 10 (build 1607+), Windows Server 2016 (build 1607+), and Windows Server 2019 there is now an option for supporting long file paths transparently!
We strongly recommend enabling long file path support on any machines using this module to avoid path length issues.
You can set this value using the Puppet registry_value
resource:
registry_value { 'HKLM\System\CurrentControlSet\Control\FileSystem\LongPathsEnabled':
ensure => 'present',
data => [1],
provider => 'registry',
type => 'dword',
}
You can also set this value outside of Puppet by following the Microsoft documentation.
Usage
You can specify any of the DSC resources from this module like a normal Puppet resource in your manifests. The examples below use DSC resources from from the PowerShellGet repository, regardless of what module you're looking at here; the syntax, not the specifics, is what's important.
For reference documentation about the DSC resources exposed in this module, see the Reference Forge tab, or the REFERENCE.md file.
# Include a meaningful title for your resource declaration
dsc_psrepository { 'Add team module repo':
dsc_name => 'foo',
dsc_ensure => present,
# This location is nonsense, can be any valid folder on your
# machine or in a share, any location the SourceLocation param
# for the DSC resource will accept.
dsc_sourcelocation => 'C:\Program Files',
# You must always pass an enum fully lower-cased;
# Puppet is case sensitive even when PowerShell isn't
dsc_installationpolicy => untrusted,
}
dsc_psrepository { 'Trust public gallery':
dsc_name => 'PSGallery',
dsc_ensure => present,
dsc_installationpolicy => trusted,
}
dsc_psmodule { 'Make Ruby manageable via uru':
dsc_name => 'RubyInstaller',
dsc_ensure => present,
}
Credentials
Credentials are always specified as a hash of the username and password for the account. The password must use the Puppet Sensitive type; this ensures that logs and reports redact the password, displaying it instead as <Sensitive [value redacted]>.
dsc_psrepository { 'PowerShell Gallery':
dsc_name => 'psgAllery',
dsc_installationpolicy => 'Trusted',
dsc_psdscrunascredential => {
user => 'apple',
password => Sensitive('foobar'),
},
}
Class-Based Resources
Class-based DSC Resources can be used like any other DSC Resource in this module, with one important note:
Due to a bug in calling class-based DSC Resources by path instead of module name, each call to Invoke-DscResource
needs to temporarily munge the system-level environment variable for PSModulePath
;
the variable is reset prior to the end of each invocation.
CIM Instances
Because the CIM instances for DSC resources are fully mapped, the types actually explain fairly precisely what the shape of each CIM instance has to be - and, moreover, the type definition means that you get checking at catalog compile time. Puppet parses CIM instances are structured hashes (or arrays of structured hashes) that explicitly declare their keys and the valid types of values for each key.
So, for the dsc_accesscontrolentry
property of the dsc_ntfsaccessentry
type, which has a MOF type of NTFSAccessControlList[]
, Puppet defines the CIM instance as:
Array[Struct[{
accesscontrolentry => Array[Struct[{
accesscontroltype => Enum['Allow', 'Deny'],
inheritance => Enum['This folder only', 'This folder subfolders and files', 'This folder and subfolders', 'This folder and files', 'Subfolders and files only', 'Subfolders only', 'Files only'],
ensure => Enum['Present', 'Absent'],
cim_instance_type => 'NTFSAccessControlEntry',
filesystemrights => Array[Enum['AppendData', 'ChangePermissions', 'CreateDirectories', 'CreateFiles', 'Delete', 'DeleteSubdirectoriesAndFiles', 'ExecuteFile', 'FullControl', 'ListDirectory', 'Modify', 'Read', 'ReadAndExecute', 'ReadAttributes', 'ReadData', 'ReadExtendedAttributes', 'ReadPermissions', 'Synchronize', 'TakeOwnership', 'Traverse', 'Write', 'WriteAttributes', 'WriteData', 'WriteExtendedAttributes']]
}]],
forceprincipal => Optional[Boolean],
principal => Optional[String],
}]]
A valid example of that in a puppet manifest looks like this:
dsc_accesscontrollist => [
{
accesscontrolentry => [
{
accesscontroltype => 'Allow',
inheritance => 'This folder only',
ensure => 'Present',
filesystemrights => 'ChangePermissions',
cim_instance_type => 'NTFSAccessControlEntry',
},
],
principal => 'veryRealUserName',
},
]
For more information about using a built module, check out our narrative documentation.
Properties
Note that the only properties specified in a resource declaration which are passed to Invoke-Dsc are all prepended with dsc.
If a property does _not start with dsc_ it is used to control how Puppet interacts with DSC/other Puppet resources - for example,
specifying a unique name for the resource for Puppet to distinguish between declarations or Puppet metaparameters (notifies,
before, etc).
Validation Mode
By default, these resources use the property validation mode, which checks whether or not the resource is in the desired state the same way most Puppet resources are validated;
by comparing the properties returned from the system with those specified in the manifest.
Sometimes, however, this is insufficient;
many DSC Resources return data that does not compare properly to the desired state (some are missing properties, others are malformed, some simply cannot be strictly compared).
In these cases, you can set the validation mode to resource
, which falls back on calling Invoke-DscResource
with the Test
method and trusts that result.
When using the resource
validation mode, the resource is tested once and will then treat all properties of that resource as in sync (if the result returned true
) or not in sync.
This loses the granularity of change reporting for the resource but prevents flapping and unexpected behavior.
# This will flap because the DSC resource never returns name in SecurityPolicyDsc v2.10.0.0
dsc_securityoption { 'Enforce Anonoymous SID Translation':
dsc_name => 'Enforce Anonymous SID Translation',
dsc_network_access_allow_anonymous_sid_name_translation => 'Disabled',
}
# This will idempotently apply
dsc_psrepository { 'PowerShell Gallery':
validation_mode => 'resource',
dsc_name => 'Enforce Anonymous SID Translation',
dsc_network_access_allow_anonymous_sid_name_translation => 'Disabled',
}
It is important to note that this feature is only supported with a version of puppetlabs-pwshlib
equal to or higher than 0.9.0
, in which the supporting code for the DSC Base Provider to implement custom insync was shipped.
Finally, while this module's metadata says that the supported Puppet versions are 6.0.0 and up, the implementation of the validation_mode
parameter relies on the custom_insync
feature of the Puppet Resource API.
The custom_insync
feature first shipped in the puppet-resource_api
version 1.8.14
, which itself is only included in Puppet versions equal to or newer than 6.23.0
and 7.8.0
for the 6x and 7x platforms respectively.
Using this module against older Puppet versions will result in a warning (example below) and only use the default property-by-property change reporting, regardless of the setting of validation_mode
.
Warning: Unknown feature detected: ["custom_insync"]
Troubleshooting
In general, there are three broad categories of problems:
- Problems with the way the underlying DSC resource works.
- Problems with the type definition, where you can't specify a valid set of properties for the DSC resource
- Problems with calling the underlying DSC resource - the parameters aren't being passed correctly or the resource can't be found
Unfortunately, problems with the way the underlying DSC resource works are something we can't help directly with. You'll need to file an issue with the upstream maintainers for the PowerShell module.
Problems with the type definition are when a value that should be valid according to the DSC resource's documentation and code is not accepted by the Puppet wrapper. If and when you run across one of these, please file an issue with the Puppet DSC Builder; this is where the conversion happens and once we know of a problem we can fix it and regenerate the Puppet modules. To help us identify the issue, please specify the DSC module, version, resource, property and values that are giving you issues. Once a fix is available we will regenerate and release updated versions of this Puppet wrapper.
Problems with calling the underlying DSC resource become apparent by comparing <value passed in in puppet>
with <value received by DSC>
.
In this case, please file an issue with the puppetlabs/pwshlib module, which is where the DSC base provider actually lives.
We'll investigate and prioritize a fix and update the puppetlabs/pwshlib module.
Updating to the pwshlib version with the fix will immediately take advantage of the improved functionality without waiting for this module to be reconverted and published.
For specific information on troubleshooting a generated module, check the troubleshooting guide for the puppet.dsc module.
Known Limitations
Currently, because of the way Puppet caches files on agents, use of the legacy puppetlabs-dsc
module is not compatible with this or any auto-generated DSC module.
Inclusion of both will lead to pluginsync conflicts.
Right now, if you have the same version of a PowerShell module with class-based DSC Resources in your PSModulePath as vendored in a Puppetized DSC Module, you cannot use those class-based DSC Resources from inside of Puppet due to a bug in DSC which prevents using a module by path reference instead of name. Instead, DSC will see that there are two DSC Resources for the same module and version and then error out.
Configuring the LCM
In order for a Puppetized DSC module to function, the DSC Local Configuration Manager (LCM) RefreshMode
must be set to either Push
or Disabled
.
The default value for RefreshMode
in WMF 5.0 and WMF 5.1 is Push
- so if it has not been set to anything else then there is no action needed on your part.
However if the value of the LCM has been set to anything other than Push
then the module will not function and so the value must either be changed back or disabled.
The Puppetized DSC modules use the Invoke-DscResource
cmdlet to invoke DSC Resources of the target machine.
If the RefreshMode
is set to Pull
, DSC Resources will only run from a DSC Pull Server - in this setting DSC does not allow any DSC Resources to be run interactively on the host.
Module Installation
If you're using this module with Puppet Enterprise and Code Manager, everything should "just work" - no errors or issues acquiring and deploying this or any Puppetized DSC module to nodes.
Unfortunately, due a bug in minitar which prevents it from unpacking archives with long file paths, both r10k
and serverless Puppet (via puppet module install
) methods of installing modules with long path names will fail.
In short, minitar is unable to unpack modules that contain long file paths (though it can create them).
As a workaround, you can retrieve DSC modules from the forge via PowerShell and 7zip:
$ModuleAuthor = 'dsc'
$ModuleName = 'xremotedesktopsessionhost'
$ModuleVersion = '2.0.0-0-1'
$ArchiveFileName = "$ModuleAuthor-$ModuleName-$ModuleVersion.tar.gz"
$DownloadUri = "https://forge.puppet.com/v3/files/$ArchiveFileName"
# Download the module tar.gz to the current directory
Invoke-WebRequest -Uri $DownloadUri -OutFile ./$ArchiveFileName
# Use 7zip to extract the module to the current directory
& 7z x $ArchiveFileName -so | & 7z x -aoa -si -ttar
Reference
Table of Contents
Resource types
dsc_archive
: The DSC Archive resource type. Automatically generated from version 2.12.0.0dsc_environment
: The DSC Environment resource type. Automatically generated from version 2.12.0.0dsc_group
: The DSC Group resource type. Automatically generated from version 2.12.0.0dsc_groupset
: The DSC resource type. Automatically generated from version 2.12.0.0dsc_msipackage
: The DSC MsiPackage resource type. Automatically generated from version 2.12.0.0dsc_processset
: The DSC resource type. Automatically generated from version 2.12.0.0dsc_registry
: The DSC Registry resource type. Automatically generated from version 2.12.0.0dsc_script
: The DSC Script resource type. Automatically generated from version 2.12.0.0dsc_service
: The DSC Service resource type. Automatically generated from version 2.12.0.0dsc_serviceset
: The DSC resource type. Automatically generated from version 2.12.0.0dsc_user
: The DSC User resource type. Automatically generated from version 2.12.0.0dsc_windowsfeature
: The DSC WindowsFeature resource type. Automatically generated from version 2.12.0.0dsc_windowsfeatureset
: The DSC resource type. Automatically generated from version 2.12.0.0dsc_windowsoptionalfeature
: The DSC WindowsOptionalFeature resource type. Automatically generated from version 2.12.0.0dsc_windowsoptionalfeatureset
: The DSC resource type. Automatically generated from version 2.12.0.0dsc_windowspackagecab
: The DSC WindowsPackageCab resource type. Automatically generated from version 2.12.0.0dsc_windowsprocess
: The DSC WindowsProcess resource type. Automatically generated from version 2.12.0.0
Resource types
dsc_archive
The DSC Archive resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_archive
type.
dsc_checksum
Data type: Optional[Enum['SHA-1', 'sha-1', 'SHA-256', 'sha-256', 'SHA-512', 'sha-512', 'CreatedDate', 'createddate', 'ModifiedDate', 'modifieddate']]
The Checksum method to use to validate whether or not a file at the destination with the same name as a file in the archive actually matches that corresponding file in the archive. An invalid argument exception will be thrown if Checksum is specified while Validate is specified as false. ModifiedDate will check that the LastWriteTime property of the file at the destination matches the LastWriteTime property of the file in the archive. CreatedDate will check that the CreationTime property of the file at the destination matches the CreationTime property of the file in the archive. SHA-1, SHA-256, and SHA-512 will check that the hash of the file at the destination by the specified SHA method matches the hash of the file in the archive by the specified SHA method. The default value is ModifiedDate.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Specifies whether or not the expanded content of the archive file at the specified path should exist at the specified destination. To update the specified destination to have the expanded content of the archive file at the specified path, specify this property as Present. To remove the expanded content of the archive file at the specified path from the specified destination, specify this property as Absent. The default value is Present.
Parameters
The following parameters are available in the dsc_archive
type.
dsc_credential
dsc_destination
dsc_force
dsc_path
dsc_psdscrunascredential
dsc_validate
name
validation_mode
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
The credential of a user account with permissions to access the specified archive path and destination if needed.
dsc_destination
namevar
Data type: String
The path where the specified archive file should be expanded to or removed from.
dsc_force
Data type: Optional[Boolean]
Specifies whether or not any existing files or directories at the destination with the same name as a file or directory in the archive should be overwritten to match the file or directory in the archive. When this property is false, an error will be thrown if an item at the destination needs to be overwritten. The default value is false.
dsc_path
namevar
Data type: String
The path to the archive file that should be expanded to or removed from the specified destination.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_validate
Data type: Optional[Boolean]
Specifies whether or not to validate that a file at the destination with the same name as a file in the archive actually matches that corresponding file in the archive by the specified checksum method. If the file does not match and Ensure is specified as Present and Force is not specified, the resource will throw an error that the file at the desintation cannot be overwritten. If the file does not match and Ensure is specified as Present and Force is specified, the file at the desintation will be overwritten. If the file does not match and Ensure is specified as Absent, the file at the desintation will not be removed. The default value is false.
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_environment
The DSC Environment resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_environment
type.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Specifies if the environment varaible should exist.
dsc_path
Data type: Optional[Boolean]
Indicates whether or not the environment variable is the Path variable.
dsc_target
Data type: Optional[Array[Enum['Process', 'process', 'Machine', 'machine']]]
Indicates the target where the environment variable should be set.
dsc_value
Data type: Optional[String]
The desired value for the environment variable.
Parameters
The following parameters are available in the dsc_environment
type.
dsc_name
namevar
Data type: String
The name of the environment variable for which you want to ensure a specific state.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_group
The DSC Group resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_group
type.
dsc_description
Data type: Optional[String]
The description the group should have.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Indicates if the group should exist or not.
dsc_members
Data type: Optional[Array[String]]
The members the group should have.
dsc_memberstoexclude
Data type: Optional[Array[String]]
The members the group should exclude.
dsc_memberstoinclude
Data type: Optional[Array[String]]
The members the group should include.
Parameters
The following parameters are available in the dsc_group
type.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
A credential to resolve non-local group members.
dsc_groupname
namevar
Data type: String
The name of the group to create, modify, or remove.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_groupset
The DSC resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_groupset
type.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_ensure
Data type: Optional[String]
dsc_memberstoexclude
Data type: Optional[Array[String]]
dsc_memberstoinclude
Data type: Optional[Array[String]]
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
Parameters
The following parameters are available in the dsc_groupset
type.
dsc_groupname
namevar
Data type: Array[String]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_msipackage
The DSC MsiPackage resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_msipackage
type.
dsc_arguments
Data type: Optional[String]
The arguments to be passed to the MSI package during installation or uninstallation.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Specifies whether or not the MSI file should be installed or uninstalled.
dsc_filehash
Data type: Optional[String]
The expected hash value of the MSI file at the given path.
dsc_hashalgorithm
Data type: Optional[Enum['SHA1', 'sha1', 'SHA256', 'sha256', 'SHA384', 'sha384', 'SHA512', 'sha512', 'MD5', 'md5', 'RIPEMD160', 'ripemd160']]
The algorithm used to generate the given hash value.
dsc_installedon
Data type: Optional[String]
The date that the MSI package was installed on or serviced on, whichever is later.
dsc_installsource
Data type: Optional[String]
The path to the MSI package.
dsc_logpath
Data type: Optional[String]
The path to the log file to log the output from the MSI execution.
dsc_name
Data type: Optional[String]
The display name of the MSI package.
dsc_packagedescription
Data type: Optional[String]
The description of the MSI package.
dsc_path
Data type: String
The path to the MSI file that should be installed or uninstalled.
dsc_publisher
Data type: Optional[String]
The publisher of the MSI package.
dsc_servercertificatevalidationcallback
Data type: Optional[String]
PowerShell code that should be used to validate SSL certificates for paths using HTTPS.
dsc_signersubject
Data type: Optional[String]
The subject that should match the signer certificate of the digital signature of the MSI file.
dsc_signerthumbprint
Data type: Optional[String]
The certificate thumbprint that should match the signer certificate of the digital signature of the MSI file.
dsc_size
Data type: Optional[Integer[0, 4294967295]]
The size of the MSI package in MB.
dsc_version
Data type: Optional[String]
The version number of the MSI package.
Parameters
The following parameters are available in the dsc_msipackage
type.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
The credential of a user account to be used to mount a UNC path if needed.
dsc_productid
namevar
Data type: String
The identifying number used to find the package, usually a GUID.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_runascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
The credential of a user account under which to run the installation or uninstallation of the MSI package.
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_processset
The DSC resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_processset
type.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_ensure
Data type: Optional[String]
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_standarderrorpath
Data type: Optional[String]
dsc_standardinputpath
Data type: Optional[String]
dsc_standardoutputpath
Data type: Optional[String]
dsc_workingdirectory
Data type: Optional[String]
Parameters
The following parameters are available in the dsc_processset
type.
dsc_path
namevar
Data type: Array[String]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_registry
The DSC Registry resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_registry
type.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Specifies whether or not the registry key or value should exist. To add or modify a registry key or value, set this property to Present. To remove a registry key or value, set the property to Absent.
dsc_hex
Data type: Optional[Boolean]
Specifies whether or not the specified DWord or QWord registry key data is provided in a hexadecimal format. Not valid for types other than DWord and QWord. The default value is $false.
dsc_valuedata
Data type: Optional[Array[String]]
The data the specified registry key value should have as a string or an array of strings (MultiString only).
dsc_valuetype
Data type: Optional[Enum['String', 'string', 'Binary', 'binary', 'DWord', 'dword', 'QWord', 'qword', 'MultiString', 'multistring', 'ExpandString', 'expandstring']]
The type the specified registry key value should have.
Parameters
The following parameters are available in the dsc_registry
type.
dsc_force
Data type: Optional[Boolean]
Specifies whether or not to overwrite the specified registry key value if it already has a value or whether or not to delete a registry key that has subkeys. The default value is $false.
dsc_key
namevar
Data type: String
The path of the registry key to add, modify, or remove. This path must include the registry hive/drive.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_valuename
namevar
Data type: String
The name of the registry value. To add or remove a registry key, specify this property as an empty string without specifying ValueType or ValueData. To modify or remove the default value of a registry key, specify this property as an empty string while also specifying ValueType or ValueData.
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_script
The DSC Script resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_script
type.
dsc_result
Data type: Optional[String]
The result from the GetScript script block.
ensurable
Data type: Boolean[false]
Default attribute added to all dsc types without an ensure property. This resource is not ensurable.
Parameters
The following parameters are available in the dsc_script
type.
dsc_credential
dsc_getscript
dsc_psdscrunascredential
dsc_setscript
dsc_testscript
name
validation_mode
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
The credential of the user account to run the script under if needed.
dsc_getscript
namevar
Data type: String
A string that can be used to create a PowerShell script block that retrieves the current state of the resource.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_setscript
namevar
Data type: String
A string that can be used to create a PowerShell script block that sets the resource to the desired state.
dsc_testscript
namevar
Data type: String
A string that can be used to create a PowerShell script block that validates whether or not the resource is in the desired state.
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_service
The DSC Service resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_service
type.
dsc_builtinaccount
Data type: Optional[Enum['LocalSystem', 'localsystem', 'LocalService', 'localservice', 'NetworkService', 'networkservice']]
Indicates the sign-in account to use for the service.
dsc_dependencies
Data type: Optional[Array[String]]
An array of strings indicating the names of the dependencies of the service.
dsc_description
Data type: Optional[String]
The description of the service.
dsc_desktopinteract
Data type: Optional[Boolean]
The service can create or communicate with a window on the desktop. Must be false for services not running as LocalSystem. Defaults to False.
dsc_displayname
Data type: Optional[String]
The display name of the service.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Ensures that the service is present or absent. Defaults to Present.
dsc_path
Data type: Optional[String]
The path to the service executable file.
dsc_startuptimeout
Data type: Optional[Integer[0, 4294967295]]
The time to wait for the service to start in milliseconds. Defaults to 30000.
dsc_startuptype
Data type: Optional[Enum['Automatic', 'automatic', 'Manual', 'manual', 'Disabled', 'disabled']]
Indicates the startup type for the service.
dsc_state
Data type: Optional[Enum['Running', 'running', 'Stopped', 'stopped', 'Ignore', 'ignore']]
Indicates the state you want to ensure for the service. Defaults to Running.
dsc_terminatetimeout
Data type: Optional[Integer[0, 4294967295]]
The time to wait for the service to stop in milliseconds. Defaults to 30000.
Parameters
The following parameters are available in the dsc_service
type.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
The credential to run the service under.
dsc_name
namevar
Data type: String
Indicates the service name. Note that sometimes this is different from the display name. You can get a list of the services and their current state with the Get-Service cmdlet.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_serviceset
The DSC resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_serviceset
type.
dsc_builtinaccount
Data type: Optional[String]
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_ensure
Data type: Optional[String]
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_startuptype
Data type: Optional[String]
dsc_state
Data type: Optional[String]
Parameters
The following parameters are available in the dsc_serviceset
type.
dsc_name
namevar
Data type: Array[String]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_user
The DSC User resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_user
type.
dsc_description
Data type: Optional[String]
A description for the user
dsc_disabled
Data type: Optional[Boolean]
Value used to disable/enable a user account
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
An enumerated value that describes if the user is expected to exist on the machine
dsc_fullname
Data type: Optional[String]
The display name of the user
dsc_passwordchangenotallowed
Data type: Optional[Boolean]
Value used to set whether a user can/cannot change their password
dsc_passwordchangerequired
Data type: Optional[Boolean]
Value used to require a user to change their password
dsc_passwordneverexpires
Data type: Optional[Boolean]
Value used to set whether a user's password expires or not
Parameters
The following parameters are available in the dsc_user
type.
dsc_password
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
The password for the user
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_username
namevar
Data type: String
The name of the User to Create/Modify/Delete
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_windowsfeature
The DSC WindowsFeature resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_windowsfeature
type.
dsc_displayname
Data type: Optional[String]
The display name of the retrieved role or feature.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Specifies whether the role or feature should be installed or uninstalled. To install the feature, set this property to Present. To uninstall the feature, set the property to Absent.
dsc_includeallsubfeature
Data type: Optional[Boolean]
Specifies whether the subfeatures of the main feature should also be installed.
dsc_logpath
Data type: Optional[String]
The path to the log file to log this operation.
Parameters
The following parameters are available in the dsc_windowsfeature
type.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
A credential, if needed, to install or uninstall the role or feature.
dsc_name
namevar
Data type: String
The name of the role or feature to install or uninstall.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_windowsfeatureset
The DSC resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_windowsfeatureset
type.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_ensure
Data type: Optional[String]
dsc_includeallsubfeature
Data type: Optional[Boolean]
dsc_logpath
Data type: Optional[String]
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_source
Data type: Optional[String]
Parameters
The following parameters are available in the dsc_windowsfeatureset
type.
dsc_name
namevar
Data type: Array[String]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_windowsoptionalfeature
The DSC WindowsOptionalFeature resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_windowsoptionalfeature
type.
dsc_customproperties
Data type: Optional[Array[String]]
The custom properties retrieved from the Windows optional feature as an array of strings.
dsc_description
Data type: Optional[String]
The description retrieved from the Windows optional feature.
dsc_displayname
Data type: Optional[String]
The display name retrieved from the Windows optional feature.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Specifies whether the feature should be enabled or disabled. To enable the feature, set this property to Present. To disable the feature, set the property to Absent.
dsc_loglevel
Data type: Optional[Enum['ErrorsOnly', 'errorsonly', 'ErrorsAndWarning', 'errorsandwarning', 'ErrorsAndWarningAndInformation', 'errorsandwarningandinformation']]
The maximum output level to show in the log. Accepted values are: ErrorsOnly (only errors are logged), ErrorsAndWarning (errors and warnings are logged), and ErrorsAndWarningAndInformation (errors, warnings, and debug information are logged).
dsc_logpath
Data type: Optional[String]
The path to the log file to log this operation.
dsc_nowindowsupdatecheck
Data type: Optional[Boolean]
Specifies whether or not DISM contacts Windows Update (WU) when searching for the source files to enable the feature. If $true, DISM will not contact WU.
dsc_removefilesondisable
Data type: Optional[Boolean]
Specifies that all files associated with the feature should be removed if the feature is being disabled.
Parameters
The following parameters are available in the dsc_windowsoptionalfeature
type.
dsc_name
namevar
Data type: String
The name of the feature to enable or disable.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_windowsoptionalfeatureset
The DSC resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_windowsoptionalfeatureset
type.
dsc_loglevel
Data type: Optional[String]
dsc_logpath
Data type: Optional[String]
dsc_nowindowsupdatecheck
Data type: Optional[Boolean]
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
dsc_removefilesondisable
Data type: Optional[Boolean]
Parameters
The following parameters are available in the dsc_windowsoptionalfeatureset
type.
dsc_ensure
namevar
Data type: String
dsc_name
namevar
Data type: Array[String]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_windowspackagecab
The DSC WindowsPackageCab resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_windowspackagecab
type.
dsc_ensure
Data type: Enum['Present', 'present', 'Absent', 'absent']
Specifies whether the package should be installed or uninstalled. To install the package, set this property to Present. To uninstall the package, set the property to Absent.
dsc_logpath
Data type: Optional[String]
The path to a file to log the operation to.
dsc_sourcepath
Data type: String
The path to the cab file to install or uninstall the package from.
Parameters
The following parameters are available in the dsc_windowspackagecab
type.
dsc_name
namevar
Data type: String
The name of the package to install or uninstall.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
dsc_windowsprocess
The DSC WindowsProcess resource type. Automatically generated from version 2.12.0.0
Properties
The following properties are available in the dsc_windowsprocess
type.
dsc_ensure
Data type: Optional[Enum['Present', 'present', 'Absent', 'absent']]
Indicates whether the process is present (running) or absent (not running).
dsc_handlecount
Data type: Optional[Integer[-2147483648, 2147483647]]
The number of handles opened by the process.
dsc_nonpagedmemorysize
Data type: Optional[Integer[0, 18446744073709551615]]
The amount of nonpaged memory, in bytes, allocated for the process.
dsc_pagedmemorysize
Data type: Optional[Integer[0, 18446744073709551615]]
The amount of paged memory, in bytes, allocated for the process.
dsc_processcount
Data type: Optional[Integer[-2147483648, 2147483647]]
The number of instances of the given process that are currently running.
dsc_processid
Data type: Optional[Integer[-2147483648, 2147483647]]
The unique identifier of the process.
dsc_standarderrorpath
Data type: Optional[String]
The path to write the standard error stream to.
dsc_standardinputpath
Data type: Optional[String]
The path to receive standard input from.
dsc_standardoutputpath
Data type: Optional[String]
The path to write the standard output stream to.
dsc_virtualmemorysize
Data type: Optional[Integer[0, 18446744073709551615]]
The amount of virtual memory, in bytes, allocated for the process.
dsc_workingdirectory
Data type: Optional[String]
The directory to run the processes under.
Parameters
The following parameters are available in the dsc_windowsprocess
type.
dsc_arguments
namevar
Data type: String
A string of arguments to pass to the process executable. Pass in an empty string if no arguments are needed.
dsc_credential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
The credential to run the process under.
dsc_path
namevar
Data type: String
The full path or file name to the process executable to start or stop.
dsc_psdscrunascredential
Data type: Optional[Struct[{ user => String[1], password => Sensitive[String[1]] }]]
name
namevar
Data type: String
Description of the purpose for this resource declaration.
validation_mode
Data type: Enum[property, resource]
Whether to check if the resource is in the desired state by property (default) or using Invoke-DscResource in Test mode (resource).
Default value: property
Change log for PsDscResources
Unreleased
2.12.0.0
- Ports style fixes that were recently made in xPSDesiredStateConfiguration on test related files.
- Ports most of the style upgrades from xPSDesiredStateConfiguration that have been made in files in the DscResources folder.
- Ports fixes for the following issues: Issue #505 Issue #590 Changes to test helper Enter-DscResourceTestEnvironment so that it only updates DSCResource.Tests when it is longer than 120 minutes since it was last pulled. This is to improve performance of test execution and reduce the likelihood of connectivity issues caused by inability to pull DSCResource.Tests.
- Fixes issue where MsiPackage Integration tests fail if the test HttpListener fails to start. Moves the test HttpListener objects to dynamically assigned, higher numbered ports to avoid conflicts with other services, and also checks to ensure that the ports are available before using them. Adds checks to ensure that no outstanding HTTP server jobs are running before attempting to setup a new one. Also adds additional instrumentation to make it easier to troubleshoot issues with the test HttpListener objects in the future. Specifically fixes Issue #142
- Improved speed of Test-IsNanoServer function
- Remove the Byte Order Mark (BOM) from all affected files
- Opt-in to 'Validate Module Files' and 'Validate Script Files' common meta-tests
- Opt-in to 'Common Tests - Relative Path Length' common meta-test
- Fix README markdownlint validation failures
- Move change log from README.md to CHANGELOG.md
2.11.0.0
- Fix Custom DSC Resource Kit PSSA Rule Failures
2.10.0.0
- Fixed CompanyName typo - Fixes Issue #100
- Update LICENSE file to match the Microsoft Open Source Team standard - Fixes Issue #120.
- Update
CommonResourceHelper
unit tests to meet Pester 4.0.0 standards (issue #129). - Update
ResourceHelper
unit tests to meet Pester 4.0.0 standards (issue #129). - Ported fixes from xPSDesiredStateConfiguration:
- xArchive
- Fix end-to-end tests.
- Update integration tests to meet Pester 4.0.0 standards.
- Update end-to-end tests to meet Pester 4.0.0 standards.
- Update unit and integration tests to meet Pester 4.0.0 standards.
- Wrapped all path and identifier strings in verbose messages with quotes to make it easier to identify the limit of the string when debugging.
- Refactored date/time checksum code to improve testability and ensure tests can run on machines with localized datetime formats that are not US.
- Fix 'Get-ArchiveEntryLastWriteTime' to return
[datetime]
. - Improved verbose logging to make debugging path issues easier.
- xArchive
- Added .gitattributes file to ensure CRLF settings are configured correctly for the repository.
- Updated '.vscode\settings.json' to refer to AnalyzerSettings.psd1 so that custom syntax problems are highlighted in Visual Studio Code.
- Fixed style guideline violations in
CommonResourceHelper.psm1
. - Updated 'appveyor.yml' to meet more recent standards.
- Removed OS image version from 'appveyor.yml' to use default image (Issue #127).
- Removed code to install WMF5.1 from 'appveyor.yml' because it is already installed in AppVeyor images (Issue #128).
- Removed .vscode from .gitignore so that Visual Studio code environment settings can be committed.
- Environment
- Update tests to meet Pester 4.0.0 standards (issue #129).
- Group
- Update tests to meet Pester 4.0.0 standards (issue #129).
- Fix unit tests to run on Nano Server.
- Refactored unit tests to enclude Context fixtures and change functions to Describe fixtures.
- GroupSet
- Update tests to meet Pester 4.0.0 standards (issue #129).
2.9.0.0
- Added Description and Parameter description for composite resources
2.8.0.0
- Archive
- Added handling of directory archive entries that end with a foward slash
- Removed formatting of LastWriteTime timestamp and updated comparison of timestamps to handle dates in different formats
- WindowsProcess
- Fix unreliable tests
- Updated Test-IsNanoServer to return false if Get-ComputerInfo fails
- Registry
- Fixed bug when using the full registry drive name (e.g. HKEY_LOCAL_MACHINE) and using a key name that includes a drive with forward slashes (e.g. C:/)
2.7.0.0
- MsiPackage
- Parse installation date from registry using invariant culture.
- Fix a bug in unit test failing, when regional setting differs from English-US.
2.6.0.0
- Archive
- Fixed a minor bug in the unit tests where sometimes the incorrect DateTime format was used.
- Added MsiPackage
2.5.0.0
- Enable codecov.io code coverage reporting
- Group
- Added support for domain based group members on Nano server.
- Added the Archive resource
- Update Test-IsNanoServer cmdlet to properly test for a Nano server rather than the core version of PowerShell
- Registry
- Fixed bug where an error was thrown when running Get-DscConfiguration if the registry already existed
2.4.0.0
- Cleaned User
- Updated User to have non-dependent unit tests.
- Ported fixes from xPSDesiredStateConfiguration:
- WindowsProcess: Minor updates to integration tests
- Registry: Fixed support for forward slashes in registry key names
- Group:
- Group members in the "NT Authority", "BuiltIn" and "NT Service" scopes should now be resolved without an error. If you were seeing the errors "Exception calling ".ctor" with "4" argument(s): "Server names cannot contain a space character."" or "Exception calling ".ctor" with "2" argument(s): "Server names cannot contain a space character."", this fix should resolve those errors. If you are still seeing one of the errors, there is probably another local scope we need to add. Please let us know.
- The resource will no longer attempt to resolve group members if Members, MembersToInclude, and MembersToExclude are not specified.
- Added Environment
2.3.0.0
- Updated manifest to include both WindowsOptionalFeature and WindowsOptionalFeatureSet instead of just WindowsOptionalFeature twice
2.2.0.0
- WindowsFeature:
- Added Catch to ignore RuntimeException when importing ServerManager module. This solves the issue described here.
- Updated unit tests.
- Added WindowsProcess
- CommonTestHelper:
- Added Get-AppVeyorAdministratorCredential.
- Added Set-StrictMode -'Latest' and $errorActionPreference -'Stop'.
- Service:
- Updated resource module, unit tests, integration tests, and examples to reflect the changes made in xPSDesiredStateConfiguration.
- Group:
- Updated resource module, examples, and integration tests to reflect the changes made in xPSDesiredStateConfiguration.
- Added Script.
- Added GroupSet, ServiceSet, WindowsFeatureSet, WindowsOptionalFeatureSet, and ProcessSet.
- Added Set-StrictMode -'Latest' and $errorActionPreference -'Stop' to Group, Service, User, WindowsFeature, WindowsOptionalFeature, WindowsPackageCab.
- Fixed bug in WindowsFeature in which is was checking the 'Count' property of an object that was not always an array.
- Cleaned Group and Service resources and tests.
- Added Registry.
2.1.0.0
- Added WindowsFeature.
2.0.0.0
- Initial release of PSDscResources.
Dependencies
- puppetlabs/pwshlib (>= 0.9.0 < 2.0.0)