Search code examples
powershelldscpowershell-5.0

PowerShell DSC Script Resources Fail

This doesn't seem to work properly

I have the following Script Resource.

 Script RDGatewayCreateRAP
        {
            SetScript = {
                $localhost = $using:localhost
                $forest = $using:forest
                Import-Module RemoteDesktopServices            
                New-Item -Path 'RDS:/GatewayServer/RAP' -Name 'RAP' -UserGroups "Domain Users@$forest" -ComputerGroupType 1 -ComputerGroup "Domain Computers@$forest"
            }
            GetScript = {
                return @{
                    GetScript = $GetScript
                    SetScript = $SetScript
                    TestScript = $TestScript
                    Result = ""
                }

            }
            TestScript = {
                Import-Module RemoteDesktopServices
                return [boolean](Get-ChildItem 'GatewayServer/RAP')
            }
            DependsOn = "[Script]RDDeploymentGatewayConfiguration"
        }

Using Start-DscConfiguration -Wait -Verbose for the configuration with this script, it errors out at

VERBOSE: [WIN-EEK1CL8BED9]:                            [[Script]RDGatewayCreateRAP::[cRdsServer]RdsServer] Importing cmdlet '
Convert-License'.
Cannot find path 'C:\Windows\system32\GatewayServer\RAP' because it does not exist.
    + CategoryInfo          : ObjectNotFound: (C:\Windows\system32\GatewayServer\RAP:) [], CimException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand
    + PSComputerName        : localhost

Presumably this is because the RDS: path isn't found because the Import-Module RemoteDesktopServices isn't working correctly. That said, immediately above the failure, I see the verbose logging from the Import-Module RemoteDesktopServices occurring.

If I change my script resource so SetScript, GetScript, and TestScript all invoke powershell as a new process, it works.

powershell -NoProfile -ExecutionPolicy Bypass -Command "$using:commandStoredAsAString"

If I use Invoke-Command or Invoke-Expression, it blows up, so it seems like running a separate process is the key. Is there a way to make Script Resources work properly without this kind of hack or are they just useless/poorly implemented?

Solution

  • The issue is in TestScript where it is trying to get 'Get-ChildItem 'GatewayServer/RAP''. Import-Module RemoteDesktopServices is working fine. If you want to check the presence of gatewayServer\RAP change TestScript implementation to (Test-Path RDS:GatewayServer\RAP). Script RDGatewayCreateRAP { SetScript = { $localhost = $using:localhost $forest = $using:forest Import-Module RemoteDesktopServices
    #New-Item -Path 'RDS:/GatewayServer/RAP' -Name 'RAP' -UserGroups "Domain Users@$forest" -ComputerGroupType 1 -ComputerGroup "Domain Computers@$forest" } GetScript = { return @{ GetScript = $GetScript SetScript = $SetScript TestScript = $TestScript Result = "" }

            }
        TestScript = {
            Import-Module RemoteDesktopServices
            return (Test-Path RDS:GatewayServer\RAP)
        }
    }