DSC Resource Kit Wave 4 is Live!

DSC Resource Kit Wave 4 is Live!

Rate This
  • Comments 3

The value and number of PowerShell Desired State Configuration (DSC) resources coming from Microsoft continues to grow. As of the release of DSC Resource Kit Wave 3, we were up to 50 total.

 

Now, we're happy to announce the DSC Resource Kit Wave 4.  This wave contains 16 new DSC resources, taking us up to 67 total resources between the Resource Kit and what is shipping in Windows 8.1/Server 2012 R2. Here’s a link to the new items in the DSC Resource Kit Wave 4.  You can also find them by using PowerShellGet.

 

Now, you might be thinking, "That is an awful lot of resources.  Am I going to have to download them all individually?"  If you're using PowerShellGet, installation is as easy as running Install-Module.  If you haven't installed the latest WMF 5.0 Preview, you can still download all of the latest DSC resources from this page on TechNet Script Center.  If you want to take a more à la carte approach, you can still search for “DSC Resource Kit” on TechNet Script Center. 

 

In addition to the new resources, we have also made some updates to existing resources based on feedback we have received.

 

Questions, Comments?

If you're looking into using PowerShell DSC, but are blocked by a lack of resources, let us know in the comments or the TechNet QA Section.

 

What's in this Wave?

This wave has adds a number of frequently-requested new resources, along with updates to existing modules.

  • xAzure: includes 6 DSC resources that automate provisioning of resources in Microsoft Azure.
  • xJEA : defines and configures constrained PowerShell Endpoints to enable the Just Enough Admin (JEA) scenarios presented at TechEd 2014.
  • xDnsServer: Enables configuration of a DNS Server.
  • xDhcpServer: Enables configuration of a DHCP Server.
  • xWinEventLog: Adds support for configuring Windows Event Logs.
  • xActiveDirectory: Added the xADDomainTrust resource to the existing xActiveDirectory module.

As always, we must reiterate that these resources come without any guarantees.  The “x” prefix stands for experimental – which means these resources are provided AS IS and are not supported through any Microsoft support program or service. We will monitor the TechNet pages, take feedback, and may provide fixes moving forward.  Also, don’t forget to check out the community versions of many resources on PowerShell.Org's GitHub.

 

Details

After installing the modules, you can discover all of the resources available by using the Get-DSCResource cmdlet.  Here is a brief description of each resource (for more details on a resource, check out the TechNet pages). 

Module

Resource(s) 

Description 

xAzure

xAzureAffinityGroup

Defines the relationship between compute and storage

xAzureQuickVM

Simple resource for creating VMs with limited options

xAzureService

Creates a cloud service for the VMs

xAzureStorageAccount

creates the online storage account where the blobs for the test environment will reside

xAzureSubscription

sets the current Azure subscription context

xAzureVM

creates a virtual machine in Azure including access to VM Guest extensions

xJEA

xJeaEndPoint

Allows creation of PowerShell JEA Endpoints that leverage one or more JEA Toolkits and properties of the endpoints including access control

xJeaToolKit

Allows creation of a JEA Toolkit that defines which applications, scripts, and commands should be available within a PowerShell constrained endpoint configuration

xDnsServer

xDnsServerSecondaryZone

This resource allows setting a Secondary zone on a given DNS server. Secondary zones allow client machine in primary DNS zone to do DNS resolution of machines in the secondary DNS zone.

xDnsServerZoneTransfer

This resource allows a DNS Server zone data to be replicated to another DNS server.

xDhcpServer

xDhcpServerScope

Sets a scope for consecutive range of possible IP addresses that the DHCP server can lease to clients on a subnet.

 

xDhcpServerReservation

Sets lease assignments used to ensure that a specified client on a subnet can always use the same IP address

 

xDhcpServerOption

Supports setting DNS domain and DNS Server IP Address options at a DHCP server scope level.

xWinEventLog

xWinEventLog

Adds support for configuring Windows Event Logs.

xActiveDirectory (updated)

xADDomainTrust

Used to establish a cross-domain trust

Updates

xPSDesiredStateConfiguration, xDscResourceDesigner, xDscDiagnostics

Feature additions and bug fixes

 

The specific changes to existing resources will be noted on the individual TechNet pages.

 

Renaming Guidelines

When making changes to these resources, we urge the following practice:

1.       Update the following names by replacing MSFT with your company/community name and replacing the “x” with "c" (short for "Community") or another prefix of your choice:

a.       Module name (ex: xWebAdministration becomes cWebAdministration)

b.      Folder name (ex: MSFT_xWebsite becomes Contoso_cWebsite)

c.       Resource Name (ex: MSFT_xWebsite becomes Contoso_cWebsite)

d.      Resource Friendly Name (ex: xWebsite becomes cWebsite)

e.      MOF class name (ex: MSFT_xWebsite becomes Contoso_cWebsite)

f.        Filename for the <resource>.schema.mof (ex: MSFT_xWebsite.schema.mof becomes Contoso_cWebsite.schema.mof)

2.       Update module and metadata information in the module manifest

3.       Update any configuration that use these resources

 

We reserve resource and module names without prefixes ("x" or "c") for future use (e.g. "MSFT_WebAdministration" or "Website").  If the next version of Windows Server ships with a "Website" resource, we don't want to break any configurations that use any community modifications.  Please keep a prefix such as "c" on all community modifications.

As specified in the license, you may copy or modify this resource as long as they are used on the Windows Platform.

 

Requirements

The DSC Resource Kit requires Windows 8.1 or Windows Server 2012 R2 with update KB2883200 (aka the GA Update Rollup). You can check whether it is installed by running the following command:

PS C:\WINDOWS\system32> Get-HotFix -Id KB2883200

Source        Description      HotFixID      InstalledBy          InstalledOn             

------        -----------      --------      -----------          -----------             

NANA-TOUCH    Update           KB2883200     NANA-TOUCH\Admini... 9/30/2013 12:00:00 AM   

For most modules, you can use them on supported downlevel versions of Windows by installing WMF 4.0. Refer to these previous blog posts for more information on WMF 4.0 and issues with partial installation.

Note: The xJEA (Just Enough Admin) module requires the use of the Windows Management Framework (WMF) 5.0 preview , which only works with Windows 8.1 or Windows Server 2012 R2.

 

Leave a Comment
  • Please add 8 and 1 and type the answer here:
  • Post
  • maybe somone got a little bit more experience with JEA... how do i controll wich user is actually allowed to the Endpoints? In the demos "everyone" is able to connect to.. but if i create several different endpoints maybe i don't wan't that admin A can use cmdlets that are supposed to be used by admin B. In the dscresource i cannot find a way to set the User.. so maybe somone got a clue for that....

  • maybe somone got a little bit more experience with JEA... how do i controll wich user is actually allowed to the Endpoints? In the demos "everyone" is able to connect to.. but if i create several different endpoints maybe i don't wan't that admin A can use cmdlets that are supposed to be used by admin B. In the dscresource i cannot find a way to set the User.. so maybe somone got a clue for that....

  • The default permissions on the demo endpoint is "Everyone"  You can see by running the following cmd where the endpoints are created.

    Get-PSSessionConfiguration -Name Demo1EP

    The users who are allowed access to the endpoints are controlled by setting the SecurityDescriptorSddl parameter.  Currently, unless you know SDDL strings, it could be a bit hard to construct.  We are looking into ways to improve this while keeping the flexibility that SDDL provides.

Page 1 of 1 (3 items)