Search code examples
powershelldsclcm

Can't change the LCM credential of a DSC pull node

I'm trying to create my first DSC pull configuration. My node server can read its .mof files if I store them in a directory on the node server, but it can't access its configuration .mof from a configuration-repository-folder because it seems to not have read-permissions to that folder where the .mof and .mof.checksum files are. This might be a result of the fact that the LCM of a node server by default uses the local-SYSTEM-credentials, and not the user login credentials. I cannot set the LCM credential value.

The pull server is up and running (confirmed). The .mof and .checklist.mof files are stored in a network shared folder "\myNetworkShares\DSC-Configs".

Here is how I configure the LCM of my node server, where I set the credential of the ConfigurationRepositoryShare 

[DSCLocalconfigurationManager()]
Configuration LCM_CLIENT_PULL 
{           
    Node $AllNodes.NodeName
    {
        Settings {
            AllowModuleOverwrite = $True
            ConfigurationMode = 'ApplyAndAutoCorrect'
            RefreshMode = 'Pull'
            ConfigurationID = $node.Guid
            CertificateID = $node.ThumbPrint
        }
        ConfigurationRepositoryShare DSCSMB {
            Credential = $node.Credential
            Sourcepath = "\\myNetworkShares\DSC-Configs"
        }   
    }
}

I attempt to invoke my node server to run its configs by typing Update-DscConfiguration -ComputerName myNodeServerName -Wait -Verbose

And I receive an error: (NOTE: error doesn't occur when .mof is stored in a directory on my node server, to which it has read permissions!)

The file \\myNetworkShares\DSC-Configs\name.mof is not found. + CategoryInfo : ObjectNotFound: (\\myNetworkSha...name.mof:String) [], CimException + FullyQualifiedErrorId : DSCFileFileNotFound,Microsoft.PowerShell.DesiredStateConfiguration.DownloadManager.FileGetAct ionCommand + PSComputerName : myNodeServerName

I'm trying to change the credential attribute so that my node server can access the config .mof file, by including my credentials in the following line of code:

Set-DSCLocalConfigurationManager -ComputerName myNodeServerName -Path c:\LocationOfMyNodeMetaDataMofFile –Verbose -Credential $myCreds

However, the credential attribute never appear as populated. How can I change the credential attribute of the LCM on my node server???

link to LCM config image

More notes: I'm avoiding the encryption temporarily by allowing plain text password in the pull-node LCM-configuration .meta.mof file. I can see that the credential was written to the myNodeServer.meta.mof file before using Set-DSCLocalConfigurationManager

Solution

  • There is a known issue with the credential parameter in a file based pull server. Can you try setting it up with read access for everyone as described in this blog http://nanalakshmanan.com/blog/Push-Config-Pull-Module/