Automatically create a checksum and publish DSC MOF configuration files to an SMB pull server

You’ve configured one or more DSC (Desired State Configuration) SMB pull servers in your environment. You’ve also configured the target nodes appropriately. One problem that seems to be a constant problem in your environment when authoring and updating DSC configuration files (MOF files) is keeping track of what GUID belongs to which machine and it’s also a common problem to forget to update the corresponding checksum when a configuration file is updated. Last week, you spent an entire day troubleshooting an issue where a machine wasn’t pulling the updated configuration only to learn that the checksum hadn’t been updated. Sound familiar?

To alleviate this problem, you’ve decided to write a PowerShell function that will be used to automatically determine the appropriate SMB share to copy the MOF configuration files to, determine the correct ConfigurationID (GUID), and generate the necessary checksum. The function to accomplish that task is shown in the following code example:

A very basic configuration will be used to test the function shown in the previous example.

After the configuration is loaded into memory, it’s called as it normally would be to generate the MOF configuration files and then it can simply be piped to the “Publish-MrMOFToSMB” function which will query the target node for the necessary information to automatically generate the required checksum and copy both the MOF configuration and checksum files to the SMB pull server, renaming the files to the GUID name on the destination end:

dscsmb1a

If the MOF files have already been generated and you want to publish all of the ones in the .\TelnetClient folder to the appropriate SMB pull server, just specify that path via the ConfigurationPath parameter:

dscsmb2a

If you only want to publish some of the existing MOF files in that folder, specify one or more computer names via the ComputerName parameter:

dscsmb3a

For preexisting MOF files, the computer names can also be specified via parameter input which allows you to programmatically determine the computer names you want to publish the existing MOF files for by piping the results of some other cmdlet into this one:

dscsmb4a

Parameter validation is performed on the ConfigurationPath parameter which means if the path specified for the MOF files doesn’t exist, the function will stop at that point and not attempt to continue any further:

dscsmb5b

There are various other checks in place as well. Errors will be generated if the target node is offline, if the MOF file doesn’t already exist, if the LCM on the target node is not configured for pull mode or for SMB, if the ConfigurationID hasn’t been set to a GUID, and if the SMB share that’s specified in the target node’s LCM cannot be contacted:

dscsmb6c

Any of the ones that are specified which are valid will complete successfully as shown in the previous set of results where server01 and server02 (the first and last one) completed successfully even though all of the others failed for the specified reasons.

The Publish-MrMOFToSMB PowerShell function shown in this blog article can be downloaded from the TechNet script repository.

µ

Leave a Reply

%d bloggers like this: