Skip to main content

Posts

Showing posts with the label PowerShell DSC

The command was found in the module PowerShellGet, but the module could not be loaded.

While testing a PowerShell DSC script deployed by Azure Automation on an Azure Virtual Machine I ran against the following error message:  The command <command> was found in the module PowerShellGet, but the module could not be loaded. What I tried to accomplish was automatically installing the PowerShell Az modules with the following PowerShell DSC script. # Import DSC modules Import-DscResource -ModuleName "PowerShellGet" -ModuleVersion 2.2.5 Node $AllNodes.NodeName { PSModule "Az" { Ensure = "Present" Name = "Az" Repository = "PSGallery" InstallationPolicy = "Trusted" AllowClobber = $true Force = $true RequiredVersion = 5.6.0 } } To solve this issue you also have to import the PackageManagement module because PowerShellGet has a dependency on this module. The correct version of the script is thus: # Import DSC modules Import...

Creating a managed service account with PowerShell DSC fails: The KDS Root Key was not found

At the moment I am busy with automating the creation of a Windows 2019 server with the Active Directory role enabled. My PowerShell DSC script is hosted in Azure Automation wich acts as the pull server. The script is installing the Active Directory role and configuring the domain. During my initial test I got the following error when the script tries to create a Managed Service Account. System.InvalidOperationException: Error adding group account 'gMSA-ADSync'. The KDS Root Key was not found. (MSA0019) Microsoft.ActiveDirectory.Management.ADException: Key does not exist System.ServiceModel.FaultException: Active Directory returned an error processing the operation. After doing some research I found out what the reason for this is. According the Microsoft documentation  the reason for this behavior is as follows: Domain Controllers (DC) require a root key to begin generating gMSA passwords. The domain controllers will wait up to 10 hours from time of creation to allow all dom...

Automated infrastructure (pre) deployment verification tests

I develop C# based web apps and integration solutions (APIs) for years and nowadays they are hosted in Azure. Most of the time I also create the infrastructure to deploy these kind of applications. In accordance with the Infrastructure as Code principles that I use, I do this using ARM templates supplemented with PowerShell (DSC) scripts. As a developer, I am used to writing unit tests to test my applications. Testing infrastructure is a new area for me. The traditional unit test approach does not work here because you cannot test an infrastructure until it has been rolled out. Recently I have gained experience with the use of the Pester framework for performing (pre) deployment verification testing during the rollout of an IIS website environment. In this blog article I share some experiences I have gained during this project. Case The case in this case is the rollout of a WCF API hosted on an Azure VM on which no IIS web server is installed yet. This web service will run under...