PowerShell Desired State Configuration (DSC) Journey – Day 26

Today I am doing some further testing for my own benefit and the DSC Team wanted me to try something as well.  It occurred to me last week at the PowerShell Summit after talking with some people that the Local Configuration Manager on the VM I am using is set to the defaults, which means it doesn’t reboot if needed.  Maybe this is the cause of all my problems so far?

Here is what I am going to test using the Configuration below:

  • I am going to push that Configuration to the VM first, to ensure that it works (after taking a snapshot)
  • Revert the snapshot, inject the .MOF file using default LCM settings, save it as a template and build a VM off of it.  See if it renames the computer, and joins the domain.  This should fail.
  • Rebuild the template with the same injected .MOF file, but configure the LCM to reboot if needed.  Build a VM off of this template, it should rename the computer and join the domain.
  • If for some reason that doesn’t entirely work, I may need to also set the LCM Configuration Mode to Apply and Autocorrect.

Ok. I copied the .MOF file to this VM and run it locally, and got the output below.

DSCTerminatingErrorDefaultLCMConfig

One thing I should mention is that the VM’s I am testing with are getting a DHCP address from the domain. I get the same result when I set the LCM to RebootIfNeeded = $True. What’s happening is that I am setting the IP address, and then it is losing it’s network connection entirely (the Ethernet icon in the bottom right turns to a warning sign, even though the IP is set correctly). Doing some digging in Failover Cluster Manager, come to find out that the VLAN the network adapter defaulted to was not the correct one (and as far as I know there isn’t a way in VMM to set the VLAN, only the virtual switch. Need to do some research on that).

This VLAN that is helping set the DHCP address, doesn’t work when I set the IP. After I set the IP, the VLAN on the Network Adapter setting needs to change so that it can contact the domain. This is going to be a problem for us, and I am not sure how to work around it.

Here is what does work to get this Configuration working:

  • Set the network adapter VLAN to the DHCP VLAN
  • Run my Configuration.  It will set the IP, the rest will fail (can’t contact the domain) with the same terminating errors as above.
  • Change the VLAN to the one that it can now contact the domain with (with its new IP).  I have to restart the VM for this change to pick up.
  • Run the Configuration again (with default LCM settings).  This works like a charm.  It changed the computer name and joined the domain, now it’s just waiting for a restart  and says so.
  • Restart the computer, rename the computer to something random and disjoin it from the domain.  Set the LCM to RebootIfNeeded = $True.  Run my Configuration and….CUE THE MUSIC OF ANGELS SINGING!  It happened too fast for me to get a screenshot, but it came up and said “DSC Needs to Restart Your Computer.  Signing Out”.  That lasted for about 5 seconds and then the reboot happened.  Magical!

So, to summarize, if the LCM is set to reboot (either false or true), and you don’t have any quirky/weird/normal? network setup like I have, then there shouldn’t be any issues joining the domain or renaming the computer.  I will be passing these findings on to the DSC team to see what they have to say about it.  I expect I may have to write a custom resource or two (to change the VLAN on the network adapter, and to restart the VM after doing so) before continuing on with the Config.  I am going to be testing using a Pull Server configuration next (injecting a Configuration to set the LCM) but am going to run into the same issues with the VLAN stuff.