1. Putting DSC and PowerShell to Work for You Microsoft Tech Talks
11/7/2018 5:11 AM
Putting DSC and PowerShell to Work for You Microsoft Tech Talks
Jacob Heaton
Premier Field Engineer
WIFI Login: MSTechTalk
Password: N/A
Start 6:30 PM
WELCOME AND PLEASE HELP YOURSELF TO FOOD / DRINKS!
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2. Agenda: 6:15pm – Check-in / Food /Networking 6:30pm – Welcome/Kickoff
6:35pm – Featured Speaker: Jacob Heaton

3. Facilities: Restrooms WiFi Across the Hall from the Training room.
11/7/2018
Facilities:
Restrooms
Across the Hall from the Training room.
WiFi
Username: iT1guest1
Password: iT1guest1
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

4. What are Microsoft Tech Talks?
11/7/2018 5:11 AM
What are Microsoft Tech Talks?
Microsoft Tech Talks is a Technical Community event, designed to bring IT leaders in the local area together at a Microsoft facility, for deep Microsoft-technology based discussions, and 
An opportunity to network and share with local Microsoft Services Professionals and other IT professionals.
A Microsoft Services presenter delivers a technically-rich presentation covering a product, product feature, or service that Microsoft offers, 
Our presenters are world-class Subject Matter Experts and trusted advisors to our highly-valued customers. 
Our meetings are a great opportunity to 'ask the experts' questions about their given field of expertise. 
Subjects vary from session to session and attempt to be at the leading edge, showcasing our latest features and products available.
These communities now collectively have over 2500 members that have joined one of the local meetup groups.  
We are constantly expanding to a region near you, your friends / colleagues…..
   
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5. We are on meetup!!! http://meetup.com/mttttempe Join Us
11/7/2018 5:11 AM
We are on meetup!!!
Join Us
Join Other Groups
RSVP Closed does not mean Closed! Look for the Microsoft Events sign-up link!
We send details of other events out
Look out for poll Qs
Tell all your friends / colleagues
Group Review!!
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6. Meetups http://www.meetup.com https://blogs.technet.microsoft.com/mtt/
11/7/2018 5:11 AM
Meetups
Collab
Redelivery in cities
Tsps
Multiple locations
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7. Survey https://aka.ms/tempesurvey Your feedback is appreciated!
TechReady 23
11/7/2018 5:11 AM
Survey
Your feedback is appreciated!
Microsoft Tech Talks – Tuesday April 17th Event
VERY Short 10 questions!
Please be aware that your feedback is extremely valued and important to us, as in addition to improving the quality of our events, it helps us to justify the time, effort and money in hosting, funding and organizing these events.
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8. TechReady 23
11/7/2018 5:11 AM
Any follow up links and resources will be made available at this link before, during or shortly after the event.
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9. What is your personal experience level with PowerShell?
I avoid it.
Isn’t that the one of the powers of the Ninja Turtles?
I am a master at the copy and paste from the Internet
Daily or Weekly
I live there. Others ask me for PowerShell help.

10. Who am I

11. Problem 1: Deployment & Consistency
11/7/2018 5:11 AM
Problem 1: Deployment & Consistency
Manual deployment is neither repeatable nor consistent
Dev, Test, Prod do not match
Build scripts can break mid-stream
QA scripts must be written separately
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12. Problem 2: Server Outages
11/7/2018 5:11 AM
Problem 2: Server Outages
Change happened somewhere
Configuration drift
Snowflake servers
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13. Why PowerShell DSC? Scale * Complexity > Skill Self-healing systems
Change control automation
Continuous deployment
DevOps & Agile

14. What is PowerShell DSC? Desired State Configuration
Standards-based configuration management
Infrastructure as Code
Declarative language
Idempotent
DSC is a feature, not a solution
DSC enables standards-based DevOps and greater solution development across Microsoft and third-party platforms
Inaugural blog post:
desired-state-configuration.aspx
Links to TechEd 2013 announcement resources:
aspx

15. What about Group Policy?
DSC
No domain needed
Works with no network at all
MOF based (open platform)
Resources drive scalability
Not as simple to deploy
Authentication flexibility
Requires PS v4.0 +
Requires remoting is enabled
New unknown factor
GPO
Only works in domain scenario
Connectivity generally needed
Born from registry control
Fairly easy to setup and deploy
Works everywhere
Well-known and established

16. Unofficial DSC Versions
2012 R2 RTM
WMF 4.0
v1.2 KB
GA Update
Required
v1.5 KB
November 2014 Rollup
v2.0
WMF 5.0 & 5.1

17. Imperative vs. Declarative Language
11/7/2018 5:11 AM
Imperative vs. Declarative Language
Imperative
Declarative
Add-WindowsFeature Windows-Server-Backup
Configuration BaseBuild {
WindowsFeature Backup {
Ensure = "Present"
Name = "Windows-Server-Backup" }
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18. CIM Industry Standard PS v1 & v2 - Get-WMIObject
PS v3 - CIMCmdlets module, Get-CIMInstance
OMI for Unix platform CIM
PS v4 - DSC, based on CIM
Configure cross-platform
PSDesiredStateConfiguration Module
PS v5 - More DSC
Multiple configurations from multiple pull servers
Compare two server configurations
PowerShellGet, OneGet
Much more!
configuration-for-linux.aspx
is-now-available.aspx
is-now-available.aspx

19. Terminology Configuration Node Resource Ensure MOF
11/7/2018 5:11 AM
Terminology
Configuration
Node
Resource
Ensure
MOF
Local Configuration Manager
Push / Pull
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20. Configuration Resources Configuration IISWebsite { Node Server1
11/7/2018 5:11 AM
Configuration
Configuration IISWebsite {
Node Server1
WindowsFeature IIS
Ensure = "Present"
Name = "Web-Server" }
WindowsFeature ASP
Name = "Web-Asp-Net45"
Resources
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21. Default Resources (Settings)
11/7/2018 5:11 AM
Default Resources (Settings)
File
Archive
Environment
Group
Log
Package
Registry
Script
Service
User
WindowsFeature
WindowsProcess
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22. It’s just a text file (.mof)…
Author these files any way you like:
PowerShell
Notepad
VSCode
Third party tool
CIM Industry Standard
Resource
schema.mof
Resource
schema.mof
Configuration
nodename.mof
state-configuration.aspx

23. 11/7/2018 5:11 AM
MOF example
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24. Demo Local Configuration 11/7/2018 5:11 AM
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25. DSC Distribution Modes (Push vs. Pull)
Authoring
Authoring
Staging
Staging
Nodes
Nodes
Config Pushed
Config Pulled
Configs Deployed
Config Pulled
IIS
Authoring
DSC consumes MOF files.
MOF files can be created using any text editor. PowerShell v4 makes it easier to create a MOF file because it has declarative syntax extensions and IntelliSense.
Staging
Pull  DSC Data and custom resources are stored on a central IIS web server with a well defined OData interface that functions as the "Pull Server". Target Nodes connect using a URI and a unique identifier to retrieve its configuration.
Push  DSC Data is pushed to the target nodes. Custom resources must exist on the target nodes.
Nodes
DSC data is pulled or pushed to the "Local Configuration Store" which contains the current, previous and the DSC. The configuration then gets parsed and the relevant WMI provider implements the change.
Configs Deployed

26. Push Configuration quick and simple
Custom resources must be manually deployed
ComputerName
PS>
PS> $cim = New-CimSession –ComputerName s1, s2, w1
PS> Start-DscConfiguration –CimSession $cim
PS> # OR
PS> Start-DscConfiguration –ComputerName s1, s2, w1

27. 11/7/2018 5:11 AM
Demo
Push
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28. Pull Both configuration and custom resources pulled by client
More work involved, but most scalable
{GUID}
environment.aspx
conformance-reporting-series-part-2-deploying-a-pull-service-endpoint-and-automating-the-configuration-of-the- dsc-nodes.aspx
SMB Share
HTTP
HTTPS
Easiest setup, Does not support compliance
Easier setup, IIS
Most secure, encrypted credentials, mutual authentication

29. Pull Client Setup Get-ScheduledTask Consistency
Config.meta.mof
Configuration SetPullMode {
param([string]$guid)
Node srv.contoso.com
LocalConfigurationManager
ConfigurationMode = 'ApplyAndAutoCorrect'
ConfigurationID = $guid
RefreshMode = 'Pull'
DownloadManagerName = 'WebDownloadManager'
DownloadManagerCustomData
ServerUrl = '
AllowUnsecureConnection = 'true' } }
SetPullMode –guid $guid
Set-DSCLocalConfigurationManager -Computer srv.contoso.com -Path .\SetPullMode –Verbose
LocalConfigurationManager
(LCM)
desired-state-configuration.aspx
[guid]::NewGuid()

30. Compliance Reporting Reports on target configuration status
Setup server by applying Compliance and Pull server configurations simultaneously
Use web requests to query the database for node status
Called “Reporting Server” in PS v5
conformance-reporting-series-part-3-working-with-the-conformance-endpoint.aspx

31. Compliance Reporting Continued…
DSC Environment Analyzer (DSCEA) - Ralph Kyttle and Keith Hitchcock

32. Compliance Reporting Continued…
11/7/2018 5:11 AM
Compliance Reporting Continued…
Azure Automation DSC
Forward Azure Automation
DSC reporting data to
Log Analytics
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33. 11/7/2018 5:11 AM
DSC Resources
PowerShell code that tells the machine how to configure settings
Deployed using standard PowerShell modules
Can author resources for your own needs
Stored on the pull server or manually pushed
PS> Get-DSCResource
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

34. Resource Types Default Resource Kit(s)
11/7/2018 5:11 AM
Resource Types
Default
Resource Kit(s)
Community (ex. PowerShell.org GitHub)
Custom
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35. Default Resources – PSDesiredStateConfiguration Module
11/7/2018 5:11 AM
Default Resources – PSDesiredStateConfiguration Module
File
Archive
Environment
Group
Log
Package
Registry
Script
Service
User
WindowsFeature
WindowsProcess
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

36. Resource Kit Examples xActiveDirectory xAzure xBitLocker
xComputerManagement
xDHCPServer
xDNSServer
xExchange
xFailOverCluster
xHyper-V
xNetworking
xSmbShare
xSqlServer
xWindowsUpdate
…and many more…
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

37. Community Resources PowerShell.org GitHub TechNet Script Center
11/7/2018 5:11 AM
Community Resources
PowerShell.org GitHub
TechNet Script Center
Assorted blogs and online repositories
Use the “c” prefix for “community”
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38. 11/7/2018 5:11 AM
Demo
Resources
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

39. Summary Declares server configurations Speeds deployment Self-healing
Prevents configuration drift
Reduces downtime

40. Reading - Microsoft
Microsoft PowerShell Team Blog
TechNet Windows PowerShell Desired State Configuration Overview
Windows PowerShell 4.0 DSC Quick Reference Sheet
Central repository for PowerShell Desired State Configuration (DSC) resources

41. Reading - Community
PowerShell.org DSC Hub, ebook, forum, etc.
The DSC Book “Forever” Edition – Don Jones and Melissa Januszko
Building a DSC Infrastructure, by Steven Murawski
100 Days of DSC Blog Series
Puppet Labs 2014 State of DevOps Report
The Phoenix Project: A Novel about IT, DevOps and Helping Your Business Win

42. Audio / Video Microsoft Virtual Academy
Channel 9 DSC Videos
TechEd NA 2014: A Practical Overview of Desired State Configuration, Don Jones & Jeffrey Snover
PowerScripting Podcasts featuring DSC
PowerShell Summit North America videos

43. Premier Proactive Services
Learn on Demand
Desired State Configuration with PowerShell 5.0
Workshops
Windows_PowerShell_v4_for_IT_Pros_Part_1 WorkshopPLUS
Windows_PowerShell_v4_for_IT_Pros_Part_2 WorkshopPLUS
Windows_PowerShell_Desired_State_Configuration WorkshopPLUS

44. http://aka.ms/tempesurvey http://aka.ms/grabit TechReady 23
11/7/2018 5:11 AM
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.