Thursday, November 21, 2013

DSC Sample for FIM MPR and Set Objects

Couldn’t help but share this sample from yesterday’s DSC talk.

Below is the demo script I used to show what a FIM DSC script would look like.  Pretty exciting that there is no imperative stuff going on at all (it all lives in the DSC Custom Resources).

In the example the MPR depends on the Set objects using a string array.  In future examples I will show using DependsOn to link the MPR to workflows as well.

md c:\dsccm

Set-Location c:\dsccm

<#

notepad C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\FimService_Set\FimService_Set.schema.mof

 

notepad C:\Windows\System32\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\DSCResources\FimService_ManagementPolicyRule\FimService_ManagementPolicyRule.schema.mof

#>

 

$fimAdminCredential = New-Object System.Management.Automation.PSCredential ("administrator", (ConvertTo-SecureString 'HoofHearted' -AsPlainText -Force))

 

Configuration FimConfiguration

{

    Node (hostname)

    {

        FimService_Set _DscTestSet1

        {

            Ensure       = "Present" 

            DisplayName  = "_DscTestSet1"

            Credential   = $fimAdminCredential

            SetFilter    = "/Person"

        }

 

        FimService_Set All_People

        {

            Ensure       = "Present" 

            DisplayName  = "All People"

            Credential   = $fimAdminCredential

            SetFilter    = "/Person"

        }

       

        FimService_ManagementPolicyRule _DscTestMpr1

        {

            Ensure                   = "Present"

            DisplayName              = "_DscTestMpr1"

            Description              = "why is this required?"

            Request                  = $true

            Enabled                  = $false

            GrantPermission          = $false

            RequestType              = @('Read','Create')

            RequestorSet             = '_DscTestSet1' 

            ResourceSetBeforeRequest = 'All People' 

            ResourceSetAfterRequest  = 'All People'  

            ResourceAttributeNames   = @('DisplayName','Description')                           

            ActionWorkflowDefinition = @('_TestActionWF','_TestActionWF2')

            Credential               = $fimAdminCredential

            DependsOn                = @('[FimService_Set]_DscTestSet1','[FimService_Set]All_People')

        }

    }

}

 

$Global:AllNodes =

@{

    AllNodes = @(

        @{ 

            NodeName                    = (hostname)

            PSDscAllowPlainTextPassword = $true

        }

    )

}

 

FimConfiguration -ConfigurationData $Global:AllNodes

 

Start-DscConfiguration -Wait -Verbose -Path "C:\dsccm\FimConfiguration"

 

 

No comments: