Loading...

Follow Windows PowerShell Blog | Automating the world .. on Feedspot


Valid
or
Continue with Google
Continue with Facebook

We just released the DSC Resource Kit!

This release includes updates to 12 DSC resource modules. In these past 6 weeks, 52 pull requests have been merged and 63 issues have been closed, all thanks to our amazing community!

The modules updated in this release are:

  • ActiveDirectoryCSDsc (previously xAdcsDeployment)
  • CertificateDsc (previously xCertificate)
  • ComputerManagementDsc (previously xComputerManagement)
  • DFSDsc (previously xDFS)
  • SqlServerDsc
  • xDnsServer
  • xDscResourceDesigner
  • xExchange
  • xNetworking
  • xPendingReboot
  • xSMBShare
  • xWebAdministration

For a detailed list of the resource modules and fixes in this release, see the Included in this Release section below.

Our last community call for the DSC Resource Kit was on April 25. A recording of our updates will be available on YouTube soon. Join us for the next call at 12PM (Pacific time) on June 6 to ask questions and give feedback about your experience with the DSC Resource Kit.

We strongly encourage you to update to the newest version of all modules using the PowerShell Gallery, and don’t forget to give us your feedback in the comments below, on GitHub, or on Twitter (@PowerShell_Team)!

Please see our documentation here for information on the support of these resource modules.

Included in this Release

You can see a detailed summary of all changes included in this release in the table below. For past release notes, go to the README.md or Changelog.md file on the GitHub repository page for a specific module (see the How to Find DSC Resource Modules on GitHub section below for details on finding the GitHub page for a specific module).

Module Name Version Release Notes
ActiveDirectoryCSDsc
(previously xAdcsDeployment)
2.0.0.0
  • BREAKING CHANGE: Renamed module to ActiveDirectoryCSDsc – see issue 38
  • Enabled PSSA rule violations to fail build – Fixes Issue 44.
CertificateDsc
(previously xCertificate)
4.0.0.0
  • BREAKING CHANGE
    • Renamed xCertificate to CertificateDsc – fixes Issue 114.
    • Changed all MSFT_xResourceName to MSFT_ResourceName.
    • Updated DSCResources, Examples, Modules and Tests for new naming.
    • Updated Year to 2018 in License and Manifest.
    • Updated README.md from xCertificate to CertifcateDsc
    • Removed unnecessary code from:
      • CertificateDsc\Modules\CertificateDsc\DSCResources\MSFT_CertReq\MSFT_CertReq.psm1
        • Deleted $rspPath = [System.IO.Path]::ChangeExtension($workingPath, “.rsp”)
ComputerManagementDsc
(previously xComputerManagement)
5.0.0.0
  • BREAKING CHANGE:
    • Renamed ComputerManagement to ComputerManagementDsc – fixes Issue 119.
    • Changed all MSFT_xResourceName to MSFT_ResourceName.
    • Updated DSCResources, Examples, Modules and Tests with new naming.
    • Updated Year to 2018 in License and Manifest.
    • Updated README.md from xComputerManagement to ComputerManagementDsc.
  • OfflineDomainJoin:
    • Cleaned up spacing in strings file to make consistent with other resources.
  • VirtualMemory:
    • Converted strings to single quotes in integration test.
DFSDsc
(previously xDFS)
4.0.0.0
  • BREAKING CHANGE
    • Renamed xDFS to DFSDsc – fixes Issue 55.
    • Changed all MSFT_xResourceName to MSFT_DFSResourceName.
    • Updated DSCResources, Examples, Modules and Tests for new naming.
    • Updated Year to 2018 in License and Manifest.
    • Changed all Modules\DFSDsc\Examples\Resources to DFSResourceName.
  • Added the VS Code PowerShell extension formatting settings that cause PowerShell files to be formatted as per the DSC Resource kit style guidelines.
  • Improve layout of badge area in README.MD.
  • Disabled MD013 rule checking to enable badge table.
  • Updated Year to 2017 in License and Manifest.
  • Added .github support files:
    • CONTRIBUTING.md
    • ISSUE_TEMPLATE.md
    • PULL_REQUEST_TEMPLATE.md
  • Opted into Common Tests “Validate Module Files” and “Validate Script Files”.
  • Converted files with UTF8 with BOM over to UTF8 – fixes Issue 47.
  • Added Documentation and Examples section to Readme.md file – see issue 49.
  • Prevent unit tests from DSCResource.Tests from running during test execution – fixes Issue 51.
  • Updated tests to meet Pester V4 guidelines – fixes Issue 53.
SqlServerDsc 11.2.0.0
  • Changes to SqlServerDsc
    • Added new test helper functions in the CommonTestHelpers module. These are used by the integration tests.
      • New-IntegrationLoopbackAdapter: Installs the PowerShell module “LoopbackAdapter” from PowerShell Gallery and creates a new network loopback adapter.
      • Remove-IntegrationLoopbackAdapter: Removes a new network loopback adapter.
      • Get-NetIPAddressNetwork: Returns the IP network address from an IPv4 address and prefix length.
    • Enabled PSSA rule violations to fail build in the CI environment.
    • Renamed SqlServerDsc.psd1 to be consistent (issue 1116). Glenn Sarti (@glennsarti)
  • Changes to Unit Tests
  • Changes to SqlAlwaysOnService
    • Updated the integration tests to use a loopback adapter to be less intrusive in the build worker environment.
    • Minor code cleanup in integration test, fixed the scope on variable.
  • Changes to SqlSetup
    • Updated the integration tests to stop some services after each integration test. This is to save memory on the AppVeyor build worker.
    • Updated the integration tests to use a SQL Server 2016 Service Pack 1.
    • Fixed Script Analyzer rule error.
  • Changes to SqlRS
    • Updated the integration tests to stop the Reporting Services service after the integration test. This is to save memory on the AppVeyor build worker.
    • The helper function Restart-ReportingServicesService should no longer timeout when restarting the service (issue 1114).
  • Changes to SqlServiceAccount
    • Updated the integration tests to stop some services after each integration test. This is to save memory on the AppVeyor build worker.
  • Changes to SqlServerDatabaseMail
    • Fixed Script Analyzer rule error.
xDnsServer 1.10.0.0
xDscResourceDesigner 1.10.0.0
  • Converted appveyor.yml to install Pester from PSGallery instead of from Chocolatey.
  • Helper function Test-xDscSchemaEncoding now supports PowerShell Core (issue 64).
  • Changed README.md encoding to UTF8.
xExchange 1.20.0.0
  • Fix issue where test of type Microsoft.Exchange.Data.Unlimited fails
xNetworking 5.7.0.0
  • Enabled PSSA rule violations to fail build – Fixes Issue 320.
  • MSFT_xNetAdapterAdvancedProperty:
    • Enabled setting the same property on multiple network adapters – Fixes issue 324.
xPendingReboot 0.4.0.0
  • Converted appveyor.yml to install Pester from PSGallery instead of from Chocolatey.
  • Fixes registry not being evaluated correctly.
  • Fixes failing tests introduced in changes to Pester 4.
  • Change layout of parameters to compile with style guide.
xSMBShare 2.1.0.0
  • Corrected typo on ShareState and ShareType descriptions (Specfies -> Specifies)
xWebAdministration 1.20.0.0
  • Fix Get-DscConfiguration failure with xWebApplication and xWebSite resources (issue 302 and issue 314).
  • Add Codecov support.
  • Added .vscode\settings.json so that code can be easily formatted in VSCode closer according to the style guideline.
  • Updated README.md with a branches section, and added Codecov badges.
  • Fix unit test for helper function Find-Certificate that could not find the test helper function Install-NewSelfSignedCertificateExScript.
  • Fix unit tests for xWebSite that failed because Get-Command and “Stop-WebStie` wasn”t properly mocked.
How to Find Released DSC Resource Modules

To see a list of all released DSC Resource Kit modules, go to the PowerShell Gallery and display all modules tagged as DSCResourceKit. You can also enter a module’s name in the search box in the upper right corner of the PowerShell Gallery to find a specific module.

Of course, you can also always use PowerShellGet (available in WMF 5.0) to find modules with DSC Resources:

# To list all modules that tagged as DSCResourceKit
Find-Module -Tag DSCResourceKit 
# To list all DSC resources from all sources 
Find-DscResource

Please note only those modules released by the PowerShell Team are currently considered part of the ‘DSC Resource Kit’ regardless of the presence of the ‘DSC Resource Kit’ tag in the PowerShell Gallery.

To find a specific module, go directly to its URL on the PowerShell Gallery:
http://www.powershellgallery.com/packages/< module name >
For example:
http://www.powershellgallery.com/packages/xWebAdministration

How to Install DSC Resource Modules From the PowerShell Gallery

We recommend that you use PowerShellGet to install DSC resource modules:

Install-Module -Name < module name >

For example:

Install-Module -Name xWebAdministration

To update all previously installed modules at once, open an elevated PowerShell prompt and use this command:

Update-Module

After installing modules, you can discover all DSC resources available to your local system with this command:

Get-DscResource
How to Find DSC Resource Modules on GitHub

All resource modules in the DSC Resource Kit are available open-source on GitHub.
You can see the most recent state of a resource module by visiting its GitHub page at:
https://github.com/PowerShell/< module name >
For example, for the xCertificate module, go to:
https://github.com/PowerShell/xCertificate.

All DSC modules are also listed as submodules of the DscResources repository in the xDscResources folder.

How to Contribute

You are more than welcome to contribute to the development of the DSC Resource Kit! There are several different ways you can help. You can create new DSC resources or modules, add test automation, improve documentation, fix existing issues, or open new ones.
See our contributing guide for more info on how to become a DSC Resource Kit contributor.

If you would like to help, please take a look at the list of open issues for the DscResources repository.
You can also check issues for specific resource modules by going to:
https://github.com/PowerShell/< module name >/issues
For example:
https://github.com/PowerShell/xPSDesiredStateConfiguration/issues

Your help in developing the DSC Resource Kit is invaluable to us!

Questions, comments?

If you’re looking into using PowerShell DSC, have questions or issues with a current resource, or would like a new resource, let us know in the comments below, on Twitter (@PowerShell_Team), or by creating an issue on GitHub.

Katie Keim
Software Engineer
PowerShell DSC Team
@katiedsc (Twitter)
@kwirkykat (GitHub)

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

In the next Current Branch release of Windows Server a new feature will be released to provide support for SQL Server as the database platform to support Windows Pull Server for DSC.

This capability will open new scenarios:

  • High availability
  • The SQL ecosystem of reporting and analysis tools

If you are a member of Windows Server Insiders you can test this now by downloading a preview build.

If you are unfamiliar with the pull service role for DSC, the documentation page has been updated with details regarding how to setup Windows Pull Server environments using the latest versions of the xDSCWebService resource. The key changes are introduction of properties SQLProvider and SQLConnectionString (link to code). There is no other change to the deployment and configuration process other than using the latest version of the resource and of course, having a SQL instance available. You do not have to pre-stage any tables, the resource handles that on the first request, and both SQL authentication and Windows authentication are supported.

Plans for DSC pull service

Previously I blogged about the plans we have for the DSC platform and committed to providing more information about the direction of DSC as a solution, including pull service.

Following this release of Windows Pull Server, there are no additional plans to release new features to the pull service capability in Windows Server. Support for Windows Pull Server in production environments will continue following the Windows Server support lifecycle. This does not change our plans to further invest in the DSC platform (detailed here).

The focus for new features in DSC pull service will be delivered in Azure Automation DSC.

Azure Automation DSC

The service already offers many features not available in Windows Pull Server including:

  • All data is encrypted in transit and at rest
  • Client certificates are created and managed automatically
  • Secrets store for centrally managing assets such as secrets, variables, and service connections
  • Centrally manage node LCM configuration
  • Centrally assign configurations to client nodes
  • Release configuration changes to “canary groups” for testing before reaching production
  • Graphical reporting
  • Status detail at the DSC resource level of granularity
  • Verbose error messages from client machines for troubleshooting
  • Integration with Azure Log Analytics for alerting, automated tasks, and a mobile app for reporting and alerting

We are working hard on new capabilities of this service and plan to introduce new features based on User Voice feedback, including:

  • Managing Configuration Data at scale
  • Simplify the onboarding experience and the process of authoring, especially for new users of DSC
  • Integrate the Azure Automation DSC and Change Tracking / Inventory services in to a Azure Configuration Management platform
  • Integrate Azure Automation DSC with Visual Studio Online

For customers who can leverage a cloud service for managing server nodes, this platform provides the highest degree of scalability and frequency of new features/capabilities.

With the latest licensing update, this service is available to manage server nodes on Azure for no additional charge, and for on-premises nodes the pricing is flexible based on the LCM configuration.

Also, on-premises nodes do not require broadly scoped open Internet access to be managed by Azure Automation DSC. Customers can whitelist only the Azure public IP endpoints We also plan to ship the ability to use http proxy in future releases of Local Configuration Manager.

Community maintained solutions for pull service

We have documented the pull service protocol and encourage continued development of open source implementations of DSC pull service maintained by the community.

There are two open source projects currently implementing pull service in unique approaches:

  • Tug provides a web service backed by PowerShell scripting so any action can be taken as a result of a request.
  • Traek is an implementation of pull service in Node.js with intention to host the solution on Kubernetes.

There is no intention at this time to publish the source code for the Windows Pull Server that is shipping in Windows Server.

Using DSC in isolated environments

For customers that require total isolation from public cloud service, there are options available to continue using the existing skillset and custom resources.

  • The implementation of pull service in Windows Server 2012 R2 and 2016 will continue to be supported
  • A release pipeline environment working with DSC in push mode, possibly combined with Windows Pull Server to deliver modules and reporting
  • Contribute to community implementations of pull service protocol such as Tug and Traek
  • We will continue to work with DSC partners such as Chef, Puppet, and Ansible, who offer a rich ecosystems of tools and can utilize DSC resources

Thank you,
Michael Greene
Principal Program Manager
Microsoft Desired State Configuration
@migreene

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

We just released the DSC Resource Kit!

This release includes updates to 7 DSC resource modules. In these past 7 weeks, 43 pull requests have been merged and 37 issues have been closed, all thanks to our amazing community!

The modules updated in this release are:

  • SharePointDsc
  • SqlServerDsc
  • xActiveDirectory
  • xComputerManagement
  • xFailOverCluster
  • xNetworking
  • xPSDesiredStateConfiguration

For a detailed list of the resource modules and fixes in this release, see the Included in this Release section below.

Our last community call for the DSC Resource Kit was on March 14. A recording of our updates will be available on YouTube soon. Join us for the next call at 12PM (Pacific time) on April 25 to ask questions and give feedback about your experience with the DSC Resource Kit.

We strongly encourage you to update to the newest version of all modules using the PowerShell Gallery, and don’t forget to give us your feedback in the comments below, on GitHub, or on Twitter (@PowerShell_Team)!

Please see our new documentation here for information on the support of these resource modules.

Included in this Release

You can see a detailed summary of all changes included in this release in the table below. For past release notes, go to the README.md or Changelog.md file on the GitHub repository page for a specific module (see the How to Find DSC Resource Modules on GitHub section below for details on finding the GitHub page for a specific module).

Module Name Version Release Notes
SharePointDsc 2.2.0.0
  • SPAlternateURL
    • If resource specifies Central Admin webapp and Default Zone, the existing AAM will be updated instead of adding a new one
  • SPContentDatabase
    • Fixed issue where mounting a content database which had to be upgraded resulted in a reboot.
  • SPDistributedCacheClientSettings
    • Added the new resource
  • SPFarmAdministrators
    • Fixed issue where member comparisons was case sensitive. This had to be case insensitive.
  • SPManagedMetadataServiceApp
    • Fixed issue with creating the Content Type Hub on an existing MMS service app without Content Type Hub.
  • SPManagedMetadataServiceAppDefault
    • Fixed issue where .GetType().FullName and TypeName were not used properly.
  • SPTimerJobState
    • Updated description of WebAppUrl parameter to make it clear that N/A has to be used to specify a global timer job.
  • SPUserProfileServiceApp
    • Fixed issue introduced in v2.0, where the Farm Account had to have local Administrator permissions for the resource to function properly.
    • Updated resource to retrieve the Farm account from the Managed Accounts instead of requiring it as a parameter.
  • SPUserProfileSyncService
    • Fixed issue introduced in v2.0, where the Farm Account had to have local Administrator permissions for the resource to function properly.
    • Updated resource to retrieve the Farm account from the Managed Accounts instead of requiring it as a parameter.
    • The FarmAccount parameter is deprecated and no longer required. Is ignored in the code and will be removed in v3.0.
  • SPVisioServiceApp
    • Fixed an issue where the proxy is not properly getting created
SqlServerDsc 11.1.0.0
  • Changes to SqlServerDsc
    • Updated the PULL_REQUEST_TEMPLATE with an improved task list and modified some text to be clearer (issue 973).
    • Updated the ISSUE_TEMPLATE to hopefully be more intuitive and easier to use.
    • Added information to ISSUE_TEMPLATE that issues must be reproducible in SqlServerDsc resource module (if running the older xSQLServer resource module) (issue 1036).
    • Updated ISSUE_TEMPLATE.md with a note about sensitive information (issue 1092).
  • Changes to SqlServerLogin
  • Changes to SqlSetup
    • Michael Fyffe (@TraGicCode): Clarify usage of “SecurityMode” along with adding parameter validations for the only 2 supported values (issue 1010).
    • Now accounts containing “$” will be able to be used for installing SQL Server. Although, if the account ends with “$” it is considered a Managed Service Account (issue 1055).
  • Changes to Integration Tests
  • Changes to Unit Tests
xActiveDirectory 2.18.0.0
  • xADReplicationSite: Resource added.
  • Added xADReplicationSubnet resource.
  • Fixed bug with group members in xADGroup
xComputerManagement 4.1.0.0
  • xScheduledTask:
    • Update existing Scheduled Task using SetScheduleTask instead of UnRegister/Register – See Issue 134.
  • Fix master branch AppVeyor badge link URL in README.MD – See Issue 140.
  • Fix deletion of scheduled task with unknown or empty task trigger. Get-TargetResource returns an empty ScheduleType string if the task trigger is empty or unknown – See Issue 137.
  • Added dependency information for xScheduledTask to README.MD.
xFailOverCluster 1.10.0.0
  • Changes to xFailOverCluster
  • Changes to xClusterNetwork
    • Fix the test for the network role never in desired state (issue 175).
xNetworking 5.6.0.0
  • Reordered resource list in README.MD to be alphabetical and added missing resource xNetAdapterAdvancedProperty – Fixes issue 309.
  • MSFT_xNetworkTeamInterface:
    • Corrected style and formatting to meet HQRM guidelines.
    • Updated tests to meet Pester v4 guidelines.
    • Converted exceptions to use ResourceHelper functions.
    • Changed unit tests to output Verbose logs.
  • MSFT_xNetAdapterAdvancedProperty:
    • Added a number of additional advanced properties.
    • Fixes issue 314.
  • MSFT_xNetBIOS:
    • Corrected style and formatting to meet HQRM guidelines.
    • Ensured CommonTestHelper.psm1 is loaded before running unit tests.
  • MSFT_xNetworkTeam:
    • Corrected style and formatting to meet HQRM guidelines.
    • Added missing default from MOF description of Ensure parameter.
    • Fixed Get-TargetResource to always output Ensure parameter.
    • Changed unit tests to output Verbose logs.
  • MSFT_xNetConnectionProfile:
    • Corrected style and formatting to meet HQRM guidelines.
  • Updated tests to meet Pester V4 guidelines – Fixes Issue 272.
xPSDesiredStateConfiguration 8.1.0.0
  • xDSCWebService: Enable SQL provider configuration
How to Find Released DSC Resource Modules

To see a list of all released DSC Resource Kit modules, go to the PowerShell Gallery and display all modules tagged as DSCResourceKit. You can also enter a module’s name in the search box in the upper right corner of the PowerShell Gallery to find a specific module.

Of course, you can also always use PowerShellGet (available in WMF 5.0) to find modules with DSC Resources:

# To list all modules that tagged as DSCResourceKit
Find-Module -Tag DSCResourceKit 
# To list all DSC resources from all sources 
Find-DscResource

Please note only those modules released by the PowerShell Team are currently considered part of the ‘DSC Resource Kit’ regardless of the presence of the ‘DSC Resource Kit’ tag in the PowerShell Gallery.

To find a specific module, go directly to its URL on the PowerShell Gallery:
http://www.powershellgallery.com/packages/< module name >
For example:
http://www.powershellgallery.com/packages/xWebAdministration

How to Install DSC Resource Modules From the PowerShell Gallery

We recommend that you use PowerShellGet to install DSC resource modules:

Install-Module -Name < module name >

For example:

Install-Module -Name xWebAdministration

To update all previously installed modules at once, open an elevated PowerShell prompt and use this command:

Update-Module

After installing modules, you can discover all DSC resources available to your local system with this command:

Get-DscResource
How to Find DSC Resource Modules on GitHub

All resource modules in the DSC Resource Kit are available open-source on GitHub.
You can see the most recent state of a resource module by visiting its GitHub page at:
https://github.com/PowerShell/< module name >
For example, for the xCertificate module, go to:
https://github.com/PowerShell/xCertificate.

All DSC modules are also listed as submodules of the DscResources repository in the DscResources and the xDscResources folders.

How to Contribute

You are more than welcome to contribute to the development of the DSC Resource Kit! There are several different ways you can help. You can create new DSC resources or modules, add test automation, improve documentation, fix existing issues, or open new ones.
See our contributing guide for more info on how to become a DSC Resource Kit contributor.

If you would like to help, please take a look at the list of open issues for the DscResources repository.
You can also check issues for specific resource modules by going to:
https://github.com/PowerShell/< module name >/issues
For example:
https://github.com/PowerShell/xPSDesiredStateConfiguration/issues

Your help in developing the DSC Resource Kit is invaluable to us!

Questions, comments?

If you’re looking into using PowerShell DSC, have questions or issues with a current resource, or would like a new resource, let us know in the comments below, on Twitter (@PowerShell_Team), or by creating an issue on GitHub.

Katie Keim
Software Engineer
PowerShell DSC Team
@katiedsc (Twitter)
@kwirkykat (GitHub)

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

We just released the DSC Resource Kit!

This release includes updates to 10 DSC resource modules. In these past 7 weeks, 83 pull requests have been merged and 70 issues have been closed, all thanks to our amazing community!

The modules updated in this release are:

  • SqlServerDsc
  • StorageDsc (previously xStorage)
  • xActiveDirectory
  • xCertificate
  • xComputerManagement
  • xDatabase
  • xExchange
  • xFailOverCluster
  • xHyper-V
  • xNetworking

For a detailed list of the resource modules and fixes in this release, see the Included in this Release section below.

Our last community call for the DSC Resource Kit was on January 31. A recording of our updates is coming soon. Join us for the next call at 12PM (Pacific time) on March 14 to ask questions and give feedback about your experience with the DSC Resource Kit.

We strongly encourage you to update to the newest version of all modules using the PowerShell Gallery, and don’t forget to give us your feedback in the comments below, on GitHub, or on Twitter (@PowerShell_Team)!

Please see our new documentation here for information on the support of these resource modules.

Included in this Release

You can see a detailed summary of all changes included in this release in the table below. For past release notes, go to the README.md or Changelog.md file on the GitHub repository page for a specific module (see the How to Find DSC Resource Modules on GitHub section below for details on finding the GitHub page for a specific module).

Module Name Version Release Notes
SqlServerDsc 11.0.0.0
  • Changes to SqlServerDsc
    • BREAKING CHANGE: Resource SqlRSSecureConnectionLevel was remove (issue 990). The parameter that was set using that resource has been merged into resource SqlRS as the parameter UseSsl. The UseSsl parameter is of type boolean. This change was made because from SQL Server 2008 R2 this value is made an on/off switch. Read more in the article ConfigurationSetting Method – SetSecureConnectionLevel.
    • Updated so that named parameters are used for New-Object cmdlet. This was done to follow the style guideline.
    • Updated manifest and license to reflect the new year (issue 965).
    • Added a README.md under Tests\Integration to help contributors to write integration tests.
    • Added “Integration tests” section in the CONTRIBUTING.md.
    • The complete examples were removed. They were no longer accurate and some referenced resources that no longer exist. Accurate examples can be found in each specific resource example folder. Examples for installing Failover Cluster can be found in the resource examples folders in the xFailOverCluster resource module (issue 462).
    • A README.md was created under the Examples folder to be used as reference how to install certain scenarios (issue 462).
    • Removed the local specific common test for compiling examples in this repository and instead opted-in for the common test in the “DscResource.Tests” repository (issue 669).
    • Added new resource SqlServerDatabaseMail for configuring SQL Server Database Mail (issue 155).
    • Updated the helper function Test-SQLDscParameterState to handle the data type UInt16.
    • Fixed typo in SqlServerDscCommon.Tests.
    • Updated README.md with known issue section for each resource.
    • Resources that did not have a description in the README.md now has one.
    • Resources that missed links to the examples in the README.md now has those links.
    • Style changes in all examples, removing type [System.Management.Automation.Credential()] from credential parameters (issue 1003), and renamed the credential parameter so it is not using abbreviation.
    • Updated the security token for AppVeyor status badge in README.md. When we renamed the repository the security token was changed (issue 1012).
    • Now the helper function Restart-SqlService, after restarting the SQL Server service, does not return until it can connect to the SQL Server instance, and the instance returns status “Online” (issue 1008). If it fails to connect within the timeout period (defaults to 120 seconds) it throws an error.
    • Fixed typo in comment-base help for helper function Test-AvailabilityReplicaSeedingModeAutomatic.
    • Style cleanup in helper functions and tests.
  • Changes to SqlAG
    • Fixed typos in tests.
    • Style cleanup in code and tests.
  • Changes to SqlAGDatabase
    • Style cleanup in code and tests.
  • Changes to SqlAGListener
    • Fixed typo in comment-based help.
    • Style cleanup in code and tests.
  • Changes to SqlAGReplica
    • Minor code style cleanup. Removed unused variable and instead piped the cmdlet Join-SqlAvailabilityGroup to Out-Null.
    • Fixed minor typos in comment-based help.
    • Fixed minor typos in comment.
    • Style cleanup in code and tests.
    • Updated description for parameter Name in README.md and in comment-based help (issue 1034).
  • Changes to SqlAlias
    • Fixed issue where exception was thrown if reg keys did not exist (issue 949).
    • Style cleanup in tests.
  • Changes to SqlAlwaysOnService
    • Refactor integration tests slightly to improve run time performance (issue 1001).
    • Style cleanup in code and tests.
  • Changes to SqlDatabase
    • Fix minor Script Analyzer warning.
  • Changes to SqlDatabaseDefaultLocation
    • Refactor integration tests slightly to improve run time performance (issue 1001).
    • Minor style cleanup of code in tests.
  • Changes to SqlDatabaseRole
    • Style cleanup in tests.
  • Changes to SqlRS
    • Replaced Get-WmiObject with Get-CimInstance to fix Script Analyzer warnings (issue 264).
    • Refactored the resource to use Invoke-CimMethod.
    • Added parameter UseSsl which when set to $true forces connections to the Reporting Services to use SSL when connecting (issue 990).
    • Added complete example for SqlRS (based on the integration tests) (issue 634).
    • Refactor integration tests slightly to improve run time performance (issue 1001).
    • Style cleanup in code and tests.
  • Changes to SqlScript
    • Style cleanup in tests.
    • Updated examples.
    • Added integration tests.
    • Fixed minor typos in comment-based help.
    • Added new example based on integration test.
  • Changes to SqlServerConfiguration
    • Fixed minor typos in comment-based help.
    • Now the verbose message say what option is changing and to what value (issue 1014).
    • Changed the RestartTimeout parameter from type SInt32 to type UInt32.
    • Added localization (issue 605).
    • Style cleanup in code and tests.
  • Changes to SqlServerEndpoint
    • Updated README.md with links to the examples (issue 504).
    • Style cleanup in tests.
  • Changes to SqlServerLogin
    • Added integration tests (issue 748).
    • Minor code style cleanup.
    • Removed unused variable and instead piped the helper function Connect-SQL to Out-Null.
    • Style cleanup in tests.
  • Changes to SqlServerMaxDop
    • Minor style changes in the helper function Get-SqlDscDynamicMaxDop.
  • Changes to SqlServerMemory
    • Style cleanup in code and tests.
  • Changes to SqlServerPermission
    • Fixed minor typos in comment-based help.
    • Style cleanup in code.
  • Changes to SqlServerReplication
    • Fixed minor typos in verbose messages.
    • Style cleanup in tests.
  • Changes to SqlServerNetwork
    • Added sysadmin account parameter usage to the examples.
  • Changes to SqlServerReplication
  • Changes to SqlServerRole
    • Added localization (issue 621).
    • Added integration tests (issue 756).
    • Updated example to add two server roles in the same configuration.
    • Style cleanup in tests.
  • Changes to SqlServiceAccount
    • Default services are now properly detected (issue 930).
    • Made the description of parameter RestartService more descriptive (issue 960).
    • Added a read-only parameter ServiceAccountName so that the service account name is correctly returned as a string (issue 982).
    • Added integration tests (issue 980).
    • The timing issue that the resource returned before SQL Server service was actually restarted has been solved by a change in the helper function Restart-SqlService (issue 1008). Now Restart-SqlService waits for the instance to return status “Online” or throws an error saying it failed to connect within the timeout period.
    • Style cleanup in code and tests.
  • Changes to SqlSetup
    • Added parameter ASServerMode to support installing Analysis Services in Multidimensional mode, Tabular mode and PowerPivot mode (issue 388).
    • Added integration tests for testing Analysis Services Multidimensional mode and Tabular mode.
    • Cleaned up integration tests.
    • Added integration tests for installing a default instance of Database Engine.
    • Refactor integration tests slightly to improve run time performance (issue 1001).
    • Added PSSA rule “PSUseDeclaredVarsMoreThanAssignments” override in the function Set-TargetResource for the variable $global:DSCMachineStatus.
    • Style cleanup in code and tests.
  • Changes to SqlWaitForAG
    • Style cleanup in code.
  • Changes to SqlWindowsFirewall
    • Fixed minor typos in comment-based help.
    • Style cleanup in code.
StorageDsc 4.0.0.0
  • BREAKING CHANGE:
    • Renamed xStorage to StorageDsc
    • Renamed MSFT_xDisk to MSFT_Disk
    • Renamed MSFT_xDiskAccessPath to MSFT_DiskAccessPath
    • Renamed MSFT_xMountImage to MSFT_MountImage
    • Renamed MSFT_xOpticalDiskDriveLetter to MSFT_OpticalDiskDriveLetter
    • Renamed MSFT_xWaitForDisk to MSFT_WaitForDisk
    • Renamed MSFT_xWaitForVolume to MSFT_WaitforVolume
    • Deleted xStorage folder under StorageDsc/Modules
    • See [Issue 129](https://github.com/PowerShell/xStorage/issues/129)
xActiveDirectory 2.17.0.0
  • Converted AppVeyor.yml to use DSCResource.tests shared code.
  • Opted-In to markdown rule validation.
  • Readme.md modified resolve markdown rule violations.
  • Added CodeCov.io support.
  • Added xADServicePrincipalName resource.
xCertificate 3.2.0.0
  • Get-CertificateTemplateName: Fix missing template name
xComputerManagement 4.0.0.0
  • BREAKING CHANGE: xScheduledTask:
    • Breaking change because Get-TargetResource no longer outputs ActionExecutable and ScheduleType properties when the scheduled task does not exist. It will also include TaskPath in output when scheduled task does not exist.
  • xScheduledTask:
    • Add support to disable built-in scheduled tasks – See Issue 74.
    • Fix unit test mocked schedule task object structure.
    • Fix error message when trigger type is unknown – See Issue 121.
    • Moved strings into separate strings file.
    • Updated to meet HQRM guidelines.
  • xComputer:
    • Resolved bug in Get-ComputerDomain where LocalSystem doesn”t have rights to the domain.
  • Updated tests to meet Pester V4 guidelines – See Issue 106.
  • Converted module to use auto documentation format.
xDatabase 1.7.0.0
  • Added support SQL Server 2016
xExchange 1.19.0.0
  • Added missing parameters to xExchActiveSyncVirtualDirectory
  • Added missing parameters to xExchAutoDiscoverVirtualDirectory
  • Added missing parameters to xExchWebServicesVirtualDirectory
xFailOverCluster 1.9.0.0
  • Changes to xFailoverCluster
    • Update Pester syntax to v4
    • Updated year to 2018 in license file and module manifest (issue 167).
  • Changes to xClusterNetwork
    • Updated readme to describe process for adding and removing additional networks on clusters
  • Changes to xCluster
    • Allow the cluster to be assigned an IP address from a DHCP (issue 109). When the parameter StaticIPAddress is not specified then the cluster will be configured to use an IP address from a DHCP.
    • Get-TargetResource now correctly returns the IP address instead of throwing and error (issue 28).
    • Added -IgnoreNetwork parameter (issue 143).
  • Changes to xClusterQuorum
    • When using NodeAndFileShareMajority on Windows Server 2016 any subsequent run failed when Test-TargetResource validated the configuration.
    • Cleaned up tests which was using over complicated evaluation code.
    • Added cloud witness (Azure storage) functionality on Windows 2016 (issue 37).
xHyper-V 3.11.0.0
  • Added the following resources:
    • MSFT_xVMHardDiskDrive to manage additional attached VHD/Xs.
    • MSFT_xVMScsiController to manage virtual machine SCSI controllers.
  • MSFT_xVMSwitch:
    • Added parameter ot specify the Load Balancing Algorithm of a vSwitch with Switch Embedded Teaming (SET)
xNetworking 5.5.0.0
  • MSFT_xNetAdapterAdvancedProperty:
    • Created new resource configuring AdvancedProperties for NetAdapter
  • MSFT_xNetAdapterLso:
    • Corrected style and formatting to meet HQRM guidelines.
    • Updated tests to meet Pester v4 guidelines.
  • MSFT_xNetAdapterName:
    • Corrected style and formatting to meet HQRM guidelines.
    • Updated tests to meet Pester v4 guidelines.
  • MSFT_xNetAdapterRDMA:
    • Corrected style and formatting to meet HQRM guidelines.
    • Updated tests to meet Pester v4 guidelines.
    • Converted exceptions to use ResourceHelper functions.
    • Improved integration tests to preserve system status and run in more scenarios.
  • MSFT_xNetBIOS:
    • Corrected style and formatting to meet HQRM guidelines.
    • Updated tests to meet Pester v4 guidelines.
    • Converted exceptions to use ResourceHelper functions.
    • Improved integration tests to preserve system status, run in more scenarios and more effectively test the resource.
    • Changed to report back error if unable to set NetBIOS setting.
  • MSFT_xWinsSetting:
    • Created new resource for enabling/disabling LMHOSTS lookup and enabling/disabling WINS name resoluton using DNS.
  • MSFT_xNetworkTeam:
    • Corrected style and formatting to meet HQRM guidelines.
    • Updated tests to meet Pester v4 guidelines.
    • Converted exceptions to use ResourceHelper functions.
How to Find Released DSC Resource Modules

To see a list of all released DSC Resource Kit modules, go to the PowerShell Gallery and display all modules tagged as DSCResourceKit. You can also enter a module’s name in the search box in the upper right corner of the PowerShell Gallery to find a specific module.

Of course, you can also always use PowerShellGet (available in WMF 5.0) to find modules with DSC Resources:

# To list all modules that tagged as DSCResourceKit
Find-Module -Tag DSCResourceKit 
# To list all DSC resources from all sources 
Find-DscResource

Please note only those modules released by the PowerShell Team are currently considered part of the ‘DSC Resource Kit’ regardless of the presence of the ‘DSC Resource Kit’ tag in the PowerShell Gallery.

To find a specific module, go directly to its URL on the PowerShell Gallery:
http://www.powershellgallery.com/packages/< module name >
For example:
http://www.powershellgallery.com/packages/xWebAdministration

How to Install DSC Resource Modules From the PowerShell Gallery

We recommend that you use PowerShellGet to install DSC resource modules:

Install-Module -Name < module name >

For example:

Install-Module -Name xWebAdministration

To update all previously installed modules at once, open an elevated PowerShell prompt and use this command:

Update-Module

After installing modules, you can discover all DSC resources available to your local system with this command:

Get-DscResource
How to Find DSC Resource Modules on GitHub

All resource modules in the DSC Resource Kit are available open-source on GitHub.
You can see the most recent state of a resource module by visiting its GitHub page at:
https://github.com/PowerShell/< module name >
For example, for the xCertificate module, go to:
https://github.com/PowerShell/xCertificate.

All DSC modules are also listed as submodules of the DscResources repository in the xDscResources folder.

How to Contribute

You are more than welcome to contribute to the development of the DSC Resource Kit! There are several different ways you can help. You can create new DSC resources or modules, add test automation, improve documentation, fix existing issues, or open new ones.
See our contributing guide for more info on how to become a DSC Resource Kit contributor.

If you would like to help, please take a look at the list of open issues for the DscResources repository.
You can also check issues for specific resource modules by going to:
https://github.com/PowerShell/< module name >/issues
For example:
https://github.com/PowerShell/xPSDesiredStateConfiguration/issues

Your help in developing the DSC Resource Kit is invaluable to us!

Questions, comments?

If you’re looking into using PowerShell DSC, have questions or issues with a current resource, or would like a new resource, let us know in the comments below, on Twitter (@PowerShell_Team), or by creating an issue on GitHub.

Katie Keim
Software Engineer
PowerShell DSC Team
@katiedsc (Twitter)
@kwirkykat (GitHub)

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

In September 2017 we communicated some of our plans for PowerShell Desired State Configuration (DSC). Over the past few months, we have been executing on these plans and collecting feedback from customers and partners. The intent of this blog is to provide an update on the plans we shared back in September. I will have additional posts in the near future to discuss updates for Azure DSC Extension and Windows Pull Server.

Specifically:

  • What is the relationship between the next version of DSC and PowerShell Core?
  • Will the DSC be Open Source?
  • What does this mean for my skillset and my existing projects?

We appreciate the continued feedback and look forward to working with the DSC community to make incremental improvements as we progress together.

What Are We Trying to Achieve?

The mission for DSC is to provide a platform for server configuration management that is maintained together with the community, releasing at an agile cadence, to meet the demands of hybrid cloud environments.

Local Configuration Manager (LCM)

LCM is the engine that runs DSC so it is a logical place for us to start work on a new version. For DSC in Windows, this shipped in Windows Server 2012 R2 and later and has been updated through the WMF release cycle.

The work going on by the DSC team since the last major update has been focused on making LCM a small, lightweight, cross-platform, and portable engine that can meet the requirements for cloud management capabilities long term. In fact, the new codebase is already in use by some of the Management services available in Azure such as Inventory and Change Tracking, and is scaling to hundreds of thousands of servers.

The team’s plan is to make LCM an open source project in GitHub within the next 12 months. We want to make sure we are prepared when we reach that milestone. Our team has gained experience through management of many open source projects including the DSC Resource community and from shipping PowerShell Core as an open source language. We understand that the onramp to open source projects includes a complex set of requirements, so we can be respectful and responsive to community contributions. We are working through creation of the repository with the appropriate assets such as governance and documentation.  I will have more to share in a few months at the PowerShell Summit events happening around the world.

Initially, the new LCM would be distributed as compiled binaries via GitHub releases and through Azure Services. It will need to be installed on systems where the current DSC platform exists today, and we will need to offer conflict detection across versions.

To be crystal clear, we do not plan for LCM to require .NET, .NET Core, or PowerShell Core. The project is written in C++ and will be able to be compiled for multiple platforms.

Provider Model

The community has been providing valuable feedback regarding backward compatibility with existing DSC Resources. To deliver DSC provided by LCM, we anticipate a provider model with the ability to work with multiple languages.

To make sure we are not creating unnecessary work for community maintainers, the first implementation of the provider model for LCM will be Windows PowerShell. This means that in the future a new open source LCM would be able to manage configurations that include the existing community-maintained DSC Resources authored using Windows PowerShell. Our intention is that no changes to the resources will be required.

We also expect to have LCM providers for PowerShell Core, C++, and Python. These providers will introduce the ability to Get/Set/Test across Windows, Linux, and MacOS, by a common LCM.  Leveraging cross-platform languages, authors will have the opportunity to create DSC resources that can be used on multiple operating systems. For resources written in PowerShell Core, there are built-in Boolean variables $IsWindows, $IsLinux, and $IsMacOS that will simplify OS detection for resource authors.

Feature Backlog

The feedback in User Voice will not be lost as we transition to the new project. Examples of top requests include support for maintenance windows, intermediate state, sharing information between resources, and support for managed service accounts. These will be moved to GitHub to be the top items in the new DSC project and we will carry forward any existing work in these areas.

What is The Impact?

By following a provider model that can leverage Windows PowerShell and multiple other languages, we honor our commitment to existing versions of Windows, while introducing new choices such as the latest versions of PowerShell.  The development of your skillset around DSC and the investment you have made in custom resources will carry forward, while enabling more agility to releasing incremental updates and the features you have requested.

Feedback

We look forward to hearing your feedback and suggestions. Please leave blog comments here, or via Twitter using tag #PSDSC. I look forward to more in depth conversation in the DSC forum, PowerShell User Groups, and the community-led PowerShell Summits in 2018.

Michael Greene
@migreene
Principal Program Manager
Microsoft PowerShell DSC and Azure Configuration Management

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The release of PowerShell Core 6.0 is only the beginning and we are already thinking about the next leg of our journey.

Most of the effort of the team with PowerShell Core 6.0 was in these areas:

  • Learning how to work in an Open Source project (and we are still learning)
  • Complete the port of PowerShell to CoreCLR
  • Add test coverage for PowerShell Core
  • Build/integrate tooling for automating builds, packaging, test execution, and releases

The community did some amazing work to add new capabilities in both the engine as well as cmdlets!

If you participated in the January 2018 Community Call you already got an early preview of this content.

Timeline

First, we’re publishing PowerShell Core 6.0.1 as a servicing release by the end of January in order to update to .NET Core 2.0.5.  There are no other changes in the 6.0.1 release.

After that, the plan going forward is to have new supported minor releases every 6 months.  This means that we’re targeting a late June,  early July 2018 release for PSCore 6.1.

We will continue to have preview releases approximately every 3 weeks.

RFCs for new features we plan to deliver will be published in February.

Milestone Quality

There’s some work that we deferred and will be a focus to be completed in February:

  • Complete PowerShell Standard SDK – including guidance on converting Windows PowerShell modules to portable modules that are also PowerShell Core compatible
  • Author documentation in the Docs Repo for issues/PRs labeled with Documentation Needed
  • Backport changes in PowerShell Core 6.0 to Windows PowerShell 5.1 for issues/PRs labeled with Consider-WindowsPowerShell51
    • Note that depending on the risk of the change,
      even if an issue/PR has this labeled,
      it doesn’t guarantee it’ll be backported
  • Enable automated test runs for all supported distros/platforms
  • Build infrastructure and tooling for cross system remoting tests
  • Have consistency and meet compliance requirements for the following repos:
New Features

Being an open source project means that different people can invest in different priorities and submit their changes via pull requests,  these are the areas that the PowerShell team will be focusing on.  Some of these will be complete while others may be just the start of something bigger.

Security Parity with Windows PowerShell

The original port of PowerShell stubbed out support for DeviceGuard/AppLocker because those APIs were not available on Nano Server.  This work will ensure that DeviceGuard/AppLocker policies are enforced in PowerShell Core 6.0 on Windows systems.

Run Signed Script Blocks Remotely

PowerShell supports restricting access using constrained language mode and only allowing signed scripts with a trusted certificate to run with Full Language mode.  This new capability will allow using Invoke-Command to remotely execute a signed script block on a target locked down system with Full Language mode.

Windows PowerShell Compatibility Pack

With the announcement of the Windows Compatibility Pack for .NET Core for .NET Core, PowerShell Core will regain some APIs that had been dropped in the transition to .NET Core.  This means we can re-enable some cmdlets that weren’t part of the PowerShell Core 6.0 release: WMI, EventLog, and PerfCounters.  In addition, some highly requested APIs will be available which means that some existing Windows PowerShell modules might just work in PowerShell Core 6.0.  This module will replace the WindowsPSModulePath module to add the Windows PowerShell $env:PSModulePath to PowerShell Core 6.0.  Finally, we can use this module to optionally add back some aliases that we removed from PowerShell Core 6.0 that exist in Windows PowerShell.

Concurrency in PowerShell Script

You can do threading today in PowerShell using runspaces, however, it may be complex for some users.  Rather than spend time creating something from scratch, we’re evaluating two existing modules that might already meet our needs:

PSReadLine 2.0 GA

PSReadLine is our default interactive experience on Windows PowerShell 5.1 and PowerShell Core 6.0.  This is a side project by Jason Shirk who recently put out a Beta1 release of 2.0. Some of my engineers will be spending time contributing to this project to get it to production quality so we can include it in PowerShell Core 6.0.

Machine Learning and PowerShell

A new area that we want to explore is leveraging the cloud and machine learning to provide inline suggestions at the interactive command-line.  The two primary scenarios I want to target is to support both local and cloud based suggestions. This is a completely new area for the team so expect the initial release to be limited, but something we can build upon going forward.

An RFC will be published for this feature.

Experimental Feature Flags

As we build new capabilities, some features may not be fully complete where we don’t have sufficient community feedback. Being experimental, we may make large design changes that would not be backwards compatible. Users can choose to not use these features by not opting into turning on these feature flags.  Feature flags can also allow us to have two different implementations of the same feature (that could not work side-by-side) and collect feedback that way.

An RFC will be published for this feature.

HelpSystem as a Module

This is the start of a bigger work item to componentize PowerShell so that we can have a smaller distribution of PowerShell Core for managed targets that don’t need all of the interactive experience components.

PowerShell help content today is written in XML.  However, our docs are maintained as Markdown and we have platyPS that converts the Markdown to XML.  We want to remove the need to convert to XML and have the HelpSystem use Markdown natively.  After this work is done, the help system would still be included with the general distribution of PowerShell Core as an independent module.

An RFC for this has already been published.

Markdown Rendering Support

In addition to help being in Markdown natively, we would like to be able to render in the console any Markdown.  For example, error messages or script output can leverage Markdown to provide emphasis.  Initially there will be limited rendering support, but this is something we can improve over time.  For example, eventually supporting plug-able syntax highlighting for code fencing.

An RFC will be published for this feature.

Enable sudo to Work Over PowerShell Remoting (for non-Windows)

On Unix-based systems, administrators use sudo to elevate themselves to run administrator tasks requiring higher privilege.  Due to how sudo works, PowerShell remoting is not able to pass the request for the administrator password prompt from sudo.  Note that sudo works perfectly fine locally in PowerShell Core 6.0.

Enable-SSHRemoting

PowerShell includes a Enable-PSRemoting command on Windows to make it easy to enable PowerShell remoting over WSMan using WinRM.  This feature adds a new Enable-SSHRemoting command that would initially identify missing dependencies (like OpenSSH) and also configure sshd_config to enable PowerShell remoting over SSH.

An RFC for this has already been published.

PowerShell Module for IoT (Internet of Things)

PowerShell Core 6.0 has experimental support for ARM systems running Windows 10 IoT or Raspbian (Stretch).

To help bootstrap the community to develop more interesting uses for IoT using PowerShell, we want to provide the start of a module to enable using PowerShell script to interact with sensors attached to your IoT device.  We would then work with the community to increase capability of this module over time.

An RFC will be published for this feature.

Closing

As you can see, we have a large set of work ahead of us for the 6.1 release.

The feature set was decided based on:

  • Existing customer feedback or known customer pain points
  • Driving towards longer goals through strategic investments
  • Specific partner/customer asks
  • Interests within the PSCore engineering team

The next 6 months will be lots of work, but it’ll also be fun.  I also expect the community to continue to contribute new features beyond this list for 6.1.  My team will continue to fix bugs, respond to issues, review PRs, and merge PRs while working on 6.1.

Please feel free to provide feedback on the PowerShell Core 6.1 Roadmap via GitHub!

Steve Lee
Principal Engineering Manager
PowerShell

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

PowerShell Core 6.0 is a new edition of PowerShell that is cross-platform (Windows, macOS, and Linux), open-source, and built for heterogeneous environments and the hybrid cloud.

First and foremost, thank you to all of our amazing community, especially our open-source contributors (the most recent of which you can find on our community dashboard at https://aka.ms/PSGitHubBI) for donating your time and energy to PowerShell Core. Whether you contributed code, tests, documentation, issues, or even just your feedback and opinions, we are extremely grateful for the sweat and tears that you’ve invested in PowerShell. (For those interested in contributing, hop and over to our Contribution Guide on GitHub. You don’t have to be a guru to help out!)

FAQ Where do I get PowerShell Core 6.0?

To download PowerShell Core on Windows, see https://aka.ms/getps6-windows.
To download PowerShell Core on macOS and Linux, see https://aka.ms/getps6-linux.

I already had PowerShell Core on my Linux machine, and it’s not updating. How do I get the latest version?

We’re currently working through a known issue where powershell-6.0.0 is viewed by package managers as a lower version than powershell-6.0.0-rc2.

In the meantime, a clean install will get you the latest version:

sudo apt remove powershell && sudo apt-get install powershell

sudo yum remove powershell && sudo yum install powershell

What’s the difference between Windows PowerShell and PowerShell Core?

There are now two editions of PowerShell:

Windows PowerShell is the edition of PowerShell built on top of .NET Framework
(sometimes referred to as “FullCLR”):

  • This is the PowerShell that has been in widespread use for the last ~10 years.
  • Because of it’s dependency on the .NET Framework, Windows PowerShell is only available on Windows (hence the name).
  • The released versions of Windows PowerShell include 1.0, 2.0, 3.0, 4.0, 5.0, and 5.1.
  • Windows PowerShell is available as a built-in component in Windows client and Windows Server.
  • Windows PowerShell is launched as powershell.exe.
  • On Windows PowerShell 5.0/5.1, $PSVersionTable.PSEdition is set to Desktop.
  • Any usage of .NET-based functionality (e.g. C# cmdlets, Add-Type, and the invocation of static .NET Methods), relies on the .NET Framework runtime. This means Windows PowerShell’s .NET usage is limited to the functionality exposed by the .NET Framework and .NET Standard.
  • Continues to be supported via critical bug fixes in the newest releases of Windows and Windows Server

PowerShell Core is the edition of PowerShell built on top of .NET Core
(sometimes simplified to “CoreCLR”).

  • PowerShell Core is cross-platform, available on Windows, macOS, and Linux, thanks to the cross-platform nature of .NET Core.
  • PowerShell Core is launched as pwsh.exe on Windows and pwsh on macOS and Linux
  • On PowerShell Core, $PSVersionTable.PSEdition is set to Core.
    Note: while PowerShell Core 6.0 is cross-platform, there is also a PowerShell Core 5.0/5.1 released exclusively as part of Microsoft Nano Server.
  • Any usage of .NET-based functionality (e.g. C# cmdlets, Add-Type, and the invocation of static .NET Methods), relies on the .NET Core runtime. This means PowerShell Core is limited to the functionality exposed by .NET Core and .NET Standard.
What platforms are supported?

PowerShell Core is officially supported on the following platforms:

  • Windows 7, 8.1, and 10
  • Windows Server 2008 R2, 2012 R2, 2016
  • Windows Server Semi-Annual Channel
  • Ubuntu 14.04, 16.04, and 17.04
  • Debian 8.7+, and 9
  • CentOS 7
  • Red Hat Enterprise Linux 7
  • OpenSUSE 42.2
  • Fedora 25, 26
  • macOS 10.12+

Our community has also contributed packages for the following platforms,
but they are not officially supported:

  • Arch Linux
  • Kali Linux
  • AppImage (works on multiple Linux platforms)

We also have experimental (unsupported) releases for the following platforms:

  • Windows on ARM32/ARM64
  • Raspbian (Stretch)
What’s new in PowerShell Core? Why should I use it?

Check out What’s New in PowerShell Core 6.0 for a complete list!

Does PowerShell Core affect my Windows PowerShell installation?

Nope! PowerShell Core is completely side-by-side with Windows PowerShell. In fact, an awesome feature of PowerShell Core is that you can test new versions without affecting existing workloads. Whether it’s installed via an MSI or installed portably from the ZIP package, your Windows PowerShell installation is not affected by PowerShell Core.

What modules work with PowerShell Core?

Today, we ship the following set of “built-in” modules as part of PowerShell Core:

  • CimCmdlets
  • Microsoft.PowerShell.Archive
  • Microsoft.PowerShell.Diagnostics
  • Microsoft.PowerShell.Host
  • Microsoft.PowerShell.Management
  • Microsoft.PowerShell.Security
  • Microsoft.PowerShell.Utility
  • Microsoft.WSMan.Management
  • PackageManagement
  • PowerShellGet
  • PSDesiredStateConfiguration
  • PSDiagnostics
  • PSReadLine

You can browse the reference for these modules via the PowerShell Module Browser. To see the commands available in these modules you can run Get-Command:

Get-Command -Module Microsoft.PowerShell.Management

Some cmdlets that shipped as part of these modules in Windows PowerShell are not available today in PowerShell Core. For a complete list of these cmdlets, the most up-to-date list is currently maintained in this cmdlet discovery test.

What about other 1st-party Microsoft modules?

1st-party Microsoft modules are generally in one of three categories:

  • Modules that ship as part of Windows client or Windows Server:
    these are the modules you see after installing Windows and running Get-Module -ListAvailable (less the modules that in the “built-in” list above).
  • Modules that ship as a part of a Microsoft product. For example, System Center applications include PowerShell modules as part of their installation.
  • Modules that ship on the PowerShell Gallery. For example, Azure PowerShell is delivered via the Gallery.

For all of these categories, unless a module is explicitly supported in PowerShell Core by Windows or by the product group, there is no guarantee that it will work with PowerShell Core.

However, because of the guarantees of .NET Standard and CDXML,
many modules designed for Windows PowerShell are highly compatible with Windows PowerShell. For more information on how to add Windows PowerShell modules to your PSModulePath for usage in PowerShell Core,
see Backwards compatibility with Windows PowerShell.

How do I know which modules on the PowerShell Gallery work with PowerShell Core?

The PowerShell Gallery is the community repository for PowerShell modules.

You can find modules that have been tagged with PowerShell Core support by searching for the tag PSEdition_Core.

You can learn more about PSEditions on the Gallery with our doc on Items with compatible PowerShell Editions

How do I build modules and scripts that are compatible with PowerShell Core?

If you’re building a C#-based cmdlet, you should build your cmdlets against .NET Standard 2.0 and PowerShell Standard. For more info on how to do this, check out:

Note: PowerShell Standard is currently in preview with a 3.0 version for PowerShell versions 3 through 6. We will soon have a version 5.0 that supports a wider set of APIs included PowerShell versions 5 through 6.

If you’re building a PowerShell-based cmdlet or script, you should make sure you’re using .NET types/assemblies, and that you’re using cmdlets and modules available on the platform you’re targeting. We’ll be adding PSScriptAnalyzer rules soon that will help you target sets of operating systems and PowerShell editions/versions.

Can I host PowerShell Core in a .NET Core application?

Absolutely! For more information, check out this doc on Hosting PowerShell Core in .NET Core Applications.

Does PowerShell Core support remoting?

Yes! PowerShell Core supports remoting over the PowerShell Remoting Protocol (PSRP) via both WSMan and SSH, and is interoperable with Windows PowerShell over WSMan. However, some authentication types are not supported for WSMan-based remoting clients on non-Windows platforms. Also, hosting a WSMan-based server on non-Windows platforms is still currently an experimental scenario.

For more information on setting this up, see:

How is PowerShell Core supported?

PowerShell Core is adopting the Microsoft Modern Lifecycle Policy, a new support lifecycle intended to keep customers up-to-date with the latest versions.

In general, Microsoft support agreements cover support for PowerShell Core. You can read more about the specifics of this policy and how it applies to PowerShell Core at https://aka.ms/pslifecycle.

What’s missing from PowerShell Core?

As part of the move to .NET Core and other operating systems,
we were forced to leave behind some technologies that were being used by Windows PowerShell.

In other cases, we took the opportunity of PowerShell being refactored to stop supporting lesser used technologies. Some of these technologies may eventually return to PowerShell Core, but many will not.

At a high-level, these include:

  • PowerShell Workflows
  • PowerShell Snap-ins
  • WMIv1 cmdlets (Get-WmiObject, Invoke-WmiMethod, etc.)
    • We recommend using the CIM/WMIv2 cmdlets (Get-CimInstance, Invoke-CimMethod, etc.)
  • Executing Desired State Configuration (DSC) resources using PowerShell Core

We’ve also made a longer tail of small changes to the PowerShell language, engine, and cmdlets that technically qualify as breaking changes.

For more information on why we made these changes/removals, see our document on Breaking Changes in PowerShell Core.

What’s happening to Windows PowerShell?

The short answer is that it’s still useful and supported!

Windows PowerShell 3.0, 4.0, and 5.1 will continue to be supported on supported versions of Windows and Windows Server.
(Note: While Windows PowerShell 2.0 is still in support, it has been deprecated, and it’s recommend that workloads be migrated to newer versions of PowerShell.)

However, there are currently no plans to introduce new functionality to Windows PowerShell. This means that the risk of regression will be very low for Windows PowerShell, so you can count on it as a stable platform for your existing workloads. There are also no plans to provide a new Windows Management Framework (WMF) package for downlevel operating systems.

Where can I provide feedback?

First, we’re having an “Ask Me Anything” (AMA) with Jeffrey Snover and the PowerShell Team at https://aka.ms/powershellama on Microsoft Tech Communities on Thursday, January 11th at 9:00 AM PST (GMT-8).

You can also file issues on GitHub where we track, prioritize, and discus all our work on PowerShell Core. We’re usually very good about responding to issues there, as are many of the contributors outside Microsoft that help out in our repository.

Thanks!

Thanks again to everyone for all the contributions and support. I hope you enjoy PowerShell Core 6.0 as much as we do.

Joey Aiello
Program Manager, PowerShell

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

We just released the DSC Resource Kit!

This release includes updates to 16 DSC resource modules. In these past 5 weeks, 68 pull requests have been merged and 59 issues have been closed, all thanks to our amazing community!

The modules updated in this release are:

  • OfficeOnlineServerDsc
  • SecurityPolicyDsc
  • SharePointDsc
  • SqlServerDsc (previously xSqlServer)
  • SystemLocaleDsc
  • xAdcsDeployment
  • xCertificate
  • xComputerManagement
  • xExchange
  • xHyper-V
  • xNetworking
  • xPowerShellExecutionPolicy
  • xRemoteDesktopSessionHost
  • xStorage
  • xSystemSecurity
  • xTimeZone

For a detailed list of the resource modules and fixes in this release, see the Included in this Release section below.

Our last community call for the DSC Resource Kit was today on December 20. A recording of our updates as well as summarizing notes will be available soon. Join us for the next call at 12PM (Pacific time) on January 31 to ask questions and give feedback about your experience with the DSC Resource Kit.

We strongly encourage you to update to the newest version of all modules using the PowerShell Gallery, and don’t forget to give us your feedback in the comments below, on GitHub, or on Twitter (@PowerShell_Team)!

All resources with the ‘x’ prefix in their names are still experimental – this means that those resources are provided AS IS and are not supported through any Microsoft support program or service. If you find a problem with a resource, please file an issue on GitHub.

Included in this Release

You can see a detailed summary of all changes included in this release in the table below. For past release notes, go to the README.md or Changelog.md file on the GitHub repository page for a specific module (see the How to Find DSC Resource Modules on GitHub section below for details on finding the GitHub page for a specific module).

Module Name Version Release Notes
OfficeOnlineServerDsc 1.1.0.0
  • Added support for Language Packs installation;
SecurityPolicyDsc 2.2.0.0
  • Fixed bug in UserRightAssignment where Get-DscConfiguration would fail if it returns $Identity as single string
SharePointDsc 2.0.0.0
  • General
    • Added VSCode workspace settings to meet coding guidelines
    • Corrected comment in CodeCov.yml
    • Fixed several PSScriptAnalyzer warnings
  • SPAppManagementServiceApp
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPBCSServiceApp
    • Added custom Proxy Name support
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPBlobCacheSettings
    • Update to set non-default or missing blob cache properties
  • SPContentDatabase
    • Fixed localized issue
  • SPDesignerSettings
    • Fixed issue where URL with capitals were not accepted correctly
  • SPDistributedCacheService
    • Fixed issue where reprovisioning the Distributed Cache did not work
  • SPFarm
    • Implemented ToDo to return Central Admin Auth mode
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPInstall
    • Updated to document the requirements for an English ISO
  • SPInstallPrereqs
    • Updated to document which parameter is required for which version of SharePoint
    • Added SharePoint 2016 example
  • SPLogLevel
    • New resource
  • SPMachineTranslationServiceApp
    • Added custom Proxy Name support
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPManagedMetadataAppDefault
    • New resource
  • SPManagedMetadataServiceApp
    • Update to allow the configuration of the default and working language
    • Fixed issue where the termstore could not be retrieved if the MMS service instance was stopped
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPMinRoleCompliance
    • New resource
  • SPPerformancePointServiceApp
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPProjectServer
    • New resources to add Project Server 2016 support: SPProjectServerLicense, SPProjectServerAdditionalSettings, SPProjectServerADResourcePoolSync, SPProjectServerGlobalPermissions, SPProjectServerGroup, SPProjectServerTimeSheetSettings, SPProjectServerUserSyncSettings, SPProjectServerWssSettings
  • SPSearchContentSource
    • Fixed examples
  • SPSearchIndexPartition
    • Fixed to return the RootFolder parameter
  • SPSearchServiceApp
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPSearchTopology
    • Updated to better document how the resource works
    • Fixed issue to only return first index partition to prevent conflicts with SPSearchIndexPartition
  • SPSecureStoreServiceApp
    • Fixed issue with not returning AuditEnabled parameter in Get method
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPServiceAppSecurity
    • Fixed issue with NullException when no accounts are configured in SharePoint
  • SPStateServiceApp
    • Added custom Proxy Name support
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPSubscriptionSettings
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPTrustedRootAuthority
    • Updated to enable using private key certificates.
  • SPUsageApplication
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPUserProfileProperty
    • Fixed two NullException issues
  • SPUserProfileServiceApp
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPUserProfileSynConnection
    • Fix an issue with ADImportConnection
  • SPWeb
    • Update to allow the management of the access requests settings
  • SPWebAppGeneralSettings
    • Added DefaultQuotaTemplate parameter
  • SPWebApplicationExtension
    • Update to fix how property AllowAnonymous is returned in the hashtable
  • SPWebAppPeoplePickerSettings
    • New resource
  • SPWebAppPolicy
    • Fixed issue where the SPWebPolicyPermissions couldn’t be used twice with the exact same values
  • SPWebAppSuiteBar
    • New resource
  • SPWebApplication.Throttling
    • Fixed issue with where the RequestThrottling parameter was not applied
  • SPWordAutomationServiceApp
    • Fixed an issue where the instance name wasn’t detected correctly
  • SPWorkflowService
    • New resource

The following changes will break 1.x configurations that use these resources:

  • SPAlternateUrl
    • Added the Internal parameter, which implied a change to the key parameters
  • SPCreateFarm
  • SPJoinFarm
  • SPManagedMetadataServiceApp
    • Changed implementation of resource. This resource will not set any defaults for the keyword and site collection term store. The new resource SPManagedMetadataServiceAppDefault has to be used for this setting.
  • SPShellAdmin
    • Updated so it also works for non-content databases
  • SPTimerJobState
    • Updated to make the WebAppUrl parameter a key parameter. The resource can now be used to configure the same job for multiple web applications. Also changed the Name parameter to TypeName, due to a limitation with the SPTimerJob cmdlets
  • SPUserProfileProperty
    • Fixed an issue where string properties were not created properly
  • SPUSerProfileServiceApp
    • Updated to remove the requirement for CredSSP
  • SPUserProfileSyncService
    • Updated to remove the requirement for CredSSP
  • SPWebAppAuthentication
    • New resource
  • SPWebApplication
    • Changed implementation of the Web Application authentication configuration. A new resource has been added and existing properties have been removed
  • SPWebApplicationExtension
    • Updated so it infers the UseSSL value from the URL
    • Changed implementation of the Web Application authentication configuration. A new resource has been added and existing properties have been removed
SqlServerDsc (previously xSqlServer) 10.0.0.0
  • BREAKING CHANGE: Resource module has been renamed to SqlServerDsc (issue 916).
  • BREAKING CHANGE: Significant rename to reduce length of resource names
    • See issue 851 for a complete table mapping rename changes.
    • Impact to all resources.
  • Changes to CONTRIBUTING.md
    • Added details to the naming convention used in SqlServerDsc.
  • Changes to SqlServerDsc
    • The examples in the root of the Examples folder are obsolete. A note was added to the comment-based help in each example stating it is obsolete. This is a temporary measure until they are replaced (issue 904).
    • Added new common test (regression test) for validating the long path issue for compiling resources in Azure Automation.
    • Fix resources in alphabetical order in README.md (issue 908).
  • Changes to SqlAG
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
    • BREAKING CHANGE: The read-only property SQLServerNetName was removed in favor of EndpointHostName (issue 924). Get-TargetResource will now return the value of property NetName for the property EndpointHostName.
  • Changes to SqlAGDatabase
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
    • Changed the Get-MatchingDatabaseNames function to be case insensitive when matching database names (issue 912).
  • Changes to SqlAGListener
    • BREAKING CHANGE: Parameter NodeName has been renamed to ServerName (issue 308).
  • Changes to SqlAGReplica
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
    • BREAKING CHANGE: Parameters PrimaryReplicaSQLServer and PrimaryReplicaSQLInstanceName has been renamed to PrimaryReplicaServerName and PrimaryReplicaInstanceName respectively (issue 922).
    • BREAKING CHANGE: The read-only property SQLServerNetName was removed in favor of EndpointHostName (issue 924). Get-TargetResource will now return the value of property NetName for the property EndpointHostName.
  • Changes to SqlAlwaysOnService
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlDatabase
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes SqlDatabaseDefaultLocation
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlDatabaseOwner
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlDatabasePermission
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlDatabaseRecoveryModel
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlDatabaseRole
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlRS
    • BREAKING CHANGE: Parameters RSSQLServer and RSSQLInstanceName has been renamed to DatabaseServerName and DatabaseInstanceName respectively (issue 923).
  • Changes to SqlServerConfiguration
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlServerEndpoint
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlServerEndpointPermission
    • BREAKING CHANGE: Parameter NodeName has been renamed to ServerName (issue 308).
    • Now the examples files have a shorter name so that resources will not fail to compile in Azure Automation (issue 934).
  • Changes to SqlServerEndpointState
    • BREAKING CHANGE: Parameter NodeName has been renamed to ServerName (issue 308).
  • Changes to SqlServerLogin
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlServerMaxDop
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlServerMemory
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlServerNetwork
    • BREAKING CHANGE: Parameters SQLServer has been renamed to ServerName (issue 308).
  • Changes to SqlServerPermission
    • BREAKING CHANGE: Parameter NodeName has been renamed to ServerName (issue 308).
  • Changes to SqlServerRole
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
  • Changes to SqlServerServiceAccount
    • BREAKING CHANGE: Parameters SQLServer and SQLInstanceName has been renamed to ServerName and InstanceName respectively (issue 308).
SystemLocaleDsc 1.2.0.0
  • Added resource helper module.
  • Change examples to meet HQRM standards and optin to Example validation tests.
  • Replaced examples in README.MD to links to Example files.
  • Added the VS Code PowerShell extension formatting settings that cause PowerShell files to be formatted as per the DSC Resource kit style guidelines.
  • Opted into Common Tests “Validate Module Files” and “Validate Script Files”.
  • Converted files with UTF8 with BOM over to UTF8.
  • Updated Year to 2017 in License and Manifest.
  • Added .github support files:
    • CONTRIBUTING.md
    • ISSUE_TEMPLATE.md
    • PULL_REQUEST_TEMPLATE.md
  • Resolved all PSScriptAnalyzer warnings and style guide warnings.
xAdcsDeployment 1.4.0.0
  • xAdcsCertificateAuthority: CertFilePassword invalid type – fixes issue 36
xCertificate 3.1.0.0
  • xCertReq:
    • Fixed behaviour to allow certificate templates with spaces in the name
  • Added Documentation and Examples section to Readme.md file – see issue 98.
  • Changed description in Credential parameter of xPfxImport resource to correctly generate parameter documentation in Wiki – see Issue 103.
  • Changed description in Credential parameter of xCertReq resource to clarify that a PSCredential object should be used.
  • Updated tests to meet Pester V4 guidelines – fixes Issue 105.
  • Add support for Windows Server 2008 R2 which does not contain PKI module so is missing Import-PfxCertificate and Import-Certificate cmdlets – fixes Issue 46.
xComputerManagement 3.2.0.0
  • xScheduledTask:
    • Enable Execution Time Limit of task to be set to indefinite by setting ExecutionTimeLimit to “00:00:00” – See Issue 115
  • xPowerPlan:
    • Updated to meet HQRM guidelines.
    • Converted calls to throw to use New-InvalidOperationException in CommonResourceHelper.
  • Move Common Resource Helper functions into modules folder.
  • Changed resources to use Common Resource Helper functions.
  • Moved strings for Common Resource Helper functions into separate strings file.
  • Added unit tests for Common Helper functions.
xExchange 1.18.0.0
  • Fix issue 203 and add additional test for invalid ASA account format
xHyper-V 3.10.0.0
  • MSFT_xVMHyperV:
    • Added support for configuring automatic snapshots
xNetworking 5.4.0.0
  • MSFT_xIPAddressOption:
    • Added a new resource to set the SkipAsSource option for an IP address.
  • MSFT_xWeakHostSend:
    • Created the new Weak Host Send resource.
  • MSFT_xWeakHostReceive:
    • Created the new Weak Host Receive resource.
  • MSFT_xRoute:
    • Corrected style and formatting to meet HQRM guidelines.
    • Converted exceptions to use ResourceHelper functions.
    • Changed unit tests so that they can be run in any order.
    • Included default values in MOF file so that they are displayed in Wiki documentation.
    • Converted tests to meet Pester V4 standards.
xPowerShellExecutionPolicy 2.0.0.0
  • Converted appveyor.yml to install Pester from PSGallery instead of from Chocolatey.
  • Added optional -Scope parameter
xRemoteDesktopSessionHost 1.5.0.0
  • Fix issue where DSC configuration gets into a reboot loop because sessionhost does not match (casing) and RDMS service is not started in time
xStorage 3.4.0.0
  • xDisk:
    • Removed duplicate integration tests for Guid Disk Id type.
    • Added new contexts to integration tests improve clarity.
    • Fix bug when size not specified and disk partitioned and formatted but not assigned drive letter – See Issue 103.
  • xDiskAccessPath:
    • Added new contexts to integration tests improve clarity.
    • Fix bug when size not specified and disk partitioned and formatted but not assigned to path – See Issue 103.
xSystemSecurity 1.3.0.0
  • Updated FileSystemACL Set
xTimeZone 1.7.0.0
  • Added resource helper module.
  • Changed resource file names to include MSFT_*.
  • Added MSFT_ to MOF file classname.
  • Change examples to meet HQRM standards and optin to Example validation tests.
  • Replaced examples in README.MD to links to Example files.
  • Added the VS Code PowerShell extension formatting settings that cause PowerShell files to be formatted as per the DSC Resource kit style guidelines.
  • Opted into Common Tests “Validate Module Files” and “Validate Script Files”.
  • Converted files with UTF8 with BOM over to UTF8.
  • Updated Year to 2017 in License and Manifest.
  • Added .github support files:
    • CONTRIBUTING.md
    • ISSUE_TEMPLATE.md
    • PULL_REQUEST_TEMPLATE.md
  • Resolved all PSScriptAnalyzer warnings and style guide warnings.
How to Find Released DSC Resource Modules

To see a list of all released DSC Resource Kit modules, go to the PowerShell Gallery and display all modules tagged as DSCResourceKit. You can also enter a module’s name in the search box in the upper right corner of the..

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

I’m thrilled to share that a Beta OpenSSH client and server daemon are available as a Feature-on-Demand in Windows 10 Fall Creators Update and Windows Server 1709. Since our last update blog, we’ve been working hard on a Win32 port of OpenSSH and working closely with members of the OpenSSH Portable and OpenBSD projects with the eventual goal of bringing Win32 support upstream into OpenSSH Portable.

Until then, you should expect OpenSSH support in Windows to continue to improve in future updates of Windows, including upcoming Windows Insider builds. You can track our progress on GitHub where you can find our wiki and the latest builds that include tons of fixes and support for operating systems downlevel to Windows 7 and Server 2008 R2.

Overview

OpenSSH is a collection of client/server utilities that enable secure remote login, remote file transfer, and public/private key pair management. It’s an extremely powerful tool that originated as part of the OpenBSD project, and has been used for many years across the BSD, Linux, macOS, and Unix ecosystems.

Note: The OpenSSH client and server are still very much in Beta, so we do not recommend using them in production environments.

Installation

Great! So how do I install the bits?

Installing with the Settings UI

To install it using the Settings UI, go to Apps -> Apps and Features -> Manage optional features -> Add a feature:

Then select OpenSSH Client (Beta) or OpenSSH Server (Beta) and Install:

Installing with PowerShell

To install OpenSSH using PowerShell, first launch PowerShell as an Administrator.

To make sure that the OpenSSH features are available for install:

Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

This should return the following output:

Name  : OpenSSH.Client~~~~0.0.1.0
State : NotPresent

Name  : OpenSSH.Server~~~~0.0.1.0
State : NotPresent

Then, install the server and/or client features:

# Install the OpenSSH Client
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

# Install the OpenSSH Server
Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

Both of these should return the following output:

Path          :
Online        : True
RestartNeeded : False
Installing with DISM.exe

To install OpenSSH with DISM.exe, first open CMD as an Administrator.

To make sure that OpenSSH features are available for install:

dism /Online /Get-Capabilities | findstr OpenSSH

This should return the following output:

Capability Identity : OpenSSH.Client~~~~0.0.1.0
Capability Identity : OpenSSH.Server~~~~0.0.1.0

Then, install the server and/or client features:

dism /Online /Add-Capability /CapabilityName:OpenSSH.Client~~~~0.0.1.0
dism /Online /Add-Capability /CapabilityName:OpenSSH.Server~~~~0.0.1.0
Configuration

Great! You’ve installed OpenSSH. What now?

Configuring the SSH Client (ssh.exe) Password-based authentication

If you want to use the SSH client with password authentication, no configuration is necessary. Just pop open PowerShell or cmd, and use ssh to connect to your SSH server:

ssh user1@contoso.com

# You can also use domain accounts to login

# UPN syntax works...
ssh user1@domain1@contoso.com
# ...as does NetBIOS syntax
ssh user1\domain1@contoso.com
Key-based authentication

If you want to use key-based authentication, you first need to generate some public/private key pairs for your client. From PowerShell or cmd, use ssh-keygen to generate some key files.

cd ~\.ssh\
ssh-keygen

This should output something like:

Generating public/private ed25519 key pair.
Enter file in which to save the key (C:\Users\user1\.ssh\id_ed25519):

You can hit Enter to accept the default or specify a path where you’d like your keys to be generated. At this point, you’ll be prompted to use a passphrase to encrypt your private key files.

Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\user1\.ssh\id_ed25519.
Your public key has been saved in C:\Users\user1\.ssh\id_ed25519.pub.
The key fingerprint is:
SHA256:OIzc1yE7joL2Bzy8/gS0j8eGK7bYaH1FmF3sDuMeSj8 user1@CONTOSO@LOCAL-HOSTNAME
The key's randomart image is:
+--[ED25519 256]--+
|        .        |
|         o       |
|    . + + .      |
|   o B * = .     |
|   o= B S .      |
|   .=B O o       |
|  + =+% o        |
| *oo.O.E         |
|+.o+=o. .        |
+----[SHA256]-----+

Now you have a public/private ED25519 key pair
(the .pub files are public keys and the rest are private keys):

Mode                LastWriteTime         Length Name
----                -------------         ------ ----
-a----        11/8/2017  11:09 AM           1679 id_ed25519
-a----        11/8/2017  11:09 AM            414 id_ed25519.pub

Your private key files are the equivalent of a password. You should protect them under any and all circumstances. If someone acquires your private key, they can log in to any SSH server as an identity that authorizes the corresponding public key to log in.

For that reason, we should take advantage of ssh-agent to securely store the private keys within a Windows security context. To do that, we simply start the ssh-agent service (as Administrator) and use ssh-add to store our private key. Then, whenever a private key is needed for authentication, ssh-agent will automatically retrieve your local user’s private key and pass it to your SSH client.

# Make sure you're running as an Administrator
Start-Service ssh-agent

# This should return a status of Running
Get-Service ssh-agent

# Now load your key files into ssh-agent
ssh-add ~\.ssh\id_ed25519

# Now that it's loaded into ssh-agent,
# we don't have to keep the key file anymore
Remove-Item ~\.ssh\id_ed25519

Move the contents of your public key (~\.ssh\id_ed25519.pub) into a text file called authorized_keys in ~\.ssh\ on your server/host.

Note: these directions assume your sshd server is a Windows-based machine using our OpenSSH-based server, and that you’ve properly configured it based on the instructions below (including the installation of the OpenSSHUtils PowerShell module). If you’re using a non-Windows machine, you should replace all remote instances of C:\users\user1 with something like /home/user1. Additionally, the ACL line should be unnecessary that uses PowerShell should be unnecessary.

# Make sure that the .ssh directory exists in your server's home folder
ssh user1@domain1@contoso.com mkdir C:\users\user1\.ssh\

# Copy your public key file to authorized_keys on your server
scp C:\Users\user1\.ssh\id_ed25519.pub user1@domain1@contoso.com:C:\Users\user1\.ssh\authorized_keys

# Appropriately ACL the authorized_keys file on your server
ssh --% user1@domain1@contoso.com powershell -c $ConfirmPreference = 'None'; Repair-AuthorizedKeyPermission C:\Users\user1\.ssh\authorized_keys

Congrats! You should no longer need a password when authenticating as User1 against contoso.com.

Configuring the OpenSSH Server (sshd)

First, it’s worth noting again that this OpenSSH for Windows is still very much in beta form. It should only be used in safe, testing environments.

To enable authentication into an SSH server on Windows, you first have to generate host keys. As an Administrator:

Start-Service ssh-agent

cd C:\Windows\System32\OpenSSH
.\ssh-keygen -A
# C:\Windows\System32\OpenSSH\ssh-keygen.exe: generating new host keys: ED25519
.\ssh-add ssh_host_ed25519_key
# Identity added: .\ssh_host_ed25519_key (User1@CONTOSO@LOCAL-HOSTNAME)

Due to certain security requirements, you will also have to install our OpenSSHUtils helper module to appropriately ACL your host keys. As an Administrator:

Install-Module -Force OpenSSHUtils

Repair-SshdHostKeyPermission -FilePath C:\Windows\System32\OpenSSH\ssh_host_ed25519_key

# Use A or Y as your response to the prompts to set file owners

Then you can start sshd and your server is ready to go:

Start-Service sshd

# This should return a Status of Running
Get-Service sshd

Note: currently only the built-in ED25519 authentication key type is supported. In the future, we plan to add support for LibreSSL which will enable additional authentication key types. In the meantime, you can experiment with LibreSSL builds on GitHub.

You may also need to add a firewall rule like this one that allows traffic on port 22 (though your requirements may vary based on your environment, e.g. Domain might be Private):

New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Service sshd -Enabled True -Direction Inbound -Protocol TCP -Action Allow -Profile Domain
Stay tuned!

Enjoy playing with OpenSSH on Windows, and keep your eyes peeled on the PowerShell blog for upcoming news.

Read Full Article
Visit website
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

When DSC was announced at TechEd 2013, one of the goals was to “Create an ecosystem”.

The ecosystem for DSC has grown tremendously in the last 4 years.

At worldwide events for PowerShell (PowerShell + DevOps Global SummitPowerShell Conference EUPowerShell Conference Asia) there have been presentations lead by people actively using DSC to discuss real world, success, challenges, and community projects to resolve common issues. In addition there are community projects to build solutions for DSC entirely driven by the community, such as Datum to manage configuration data at scale, BaselineManagement to convert Group Policy to DSC configurations, and ReverseDSC to replicate known environments.

The PowerShell Gallery includes 1100 DSC Resources across 254 unique modules. Of those 1100 DSC Resources, 411 are currently released by the DSC team from the DSC Resource Kit.

During events and the monthly DSC Resource Kit community calls over the past year, I have heard consistently that the naming convention for DSC Resources is ready for an update. Most notably, the experimental “x” prefix and HQRM guidance could be confusing and does not match the approach used in other similar community ecosystems.

The Old Naming Convention

The original recommendation was to name resources using the following prefixes:

  • “x” to identify a resource that is experimental and not supported
  • “c” to identify a community modification

Resources that met a community agreed upon quality bar, or “High Quality Resource Modules”, have been using a naming suffix “Dsc”.

The New Naming Convention

The community has discussed and agreed upon a new simplified standard, explained in a recent update to the documentation.

DSC Resources going forward are no longer required to use the “x” or “c” naming conventions.

Instead, the guideline is that resources should use either the existing module name (if DSC Resources are combined with an existing module containing PowerShell functions) or the “Dsc” suffix. The best practices for finding a DSC Resource module is to search the PowerShell Gallery using the “DSC Resource” filter, or use the cmdlet:

Find-DscResource

The project name will not have any relationship with how or whether the project is supported. The documentation merged today also addresses this topic.

Why is it the right time to make this change

This is only possible because the DSC community, especially the DSC Resource project maintainers, are so passionate and actively working with DSC users to make the ecosystem better for everyone. The maintainers hold each other accountable to quality and technically enforce this through test automation.

The first community contributions to the DSC Resource Kit contained only the PowerShell code for the DSC module. The expectation for a contribution today includes following best practices, style guidelines, documentation, and test automation to demonstrate quality. As an example, the SharePointDsc module includes 2102 tests that must pass to accept a new contribution, and anyone can review the results of a new build. Similarly, SQLServerDsc includes 2507 tests (and has already adopted the new naming standard), xWebAdministration has 1032, and xActiveDirectory includes 653.

How do I know if a DSC Resource is supported

The old naming convention using “x” and “c” prefixes required users to modify their code when switching from experimental to stable versions of a module.  Support for DSC Resources should come from the organization supporting the technology that is being managed. The best way to make that clear is to express it in the project Readme. Just as someone interested in consuming the resource should review the project code and make sure it is suitable for their environment, they should review the entire project documentation.

When will this change happen

Finally, this change does not need to be implemented “overnight”. As maintainers release future versions of their projects and determine they are ready, they can choose to retire the “x” convention. The PowerShell Gallery will provide access to future releases by the new name and the history of previous releases by the old name. The project repository will be the source of truth.

Thank you! 
Michael Greene @migreene 
Principal Program Manager 
PowerShell DSC, Azure Automation DSC, and Azure Management Community

Read Full Article
Visit website

Read for later

Articles marked as Favorite are saved for later viewing.
close
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview