My Profile Photo

duffney.io


DevOps Engineer | Pluralsight Author | Speaker | Blogger | PowerShell Advocate


  1. Create Scheduled Tasks with Secure Passwords

    Applies to: Windows PowerShell 3.0,4.0,5.0 While writing the DSC configuration for some Jenkins slaves, I discovered the Register-ScheduledTask cmdlet only accepts string variables. This forced me to store my service account password as clear text, which made me cringe. I knew there had to be a better way, even if the cmdlet did not allow a credential object to be passed to it. In this post you’ll learn how to extract the password from a...…


  2. CovertTo MofInstance Certificate Cannot be used for Encryption

    Applies to: Windows PowerShell 5.0 You probably ran into this error while using a Windows 10 or Windows Server 2016 Technical Preview when attempting to encrypt DSC configuratiosn, as I did. For some reason, the certificates I had been using no loneger worked. When I attempted to ecnrypt my DSC configurations I got the above error saying the the function ConvertTo-MofInstance failed and that the certificate that I was using could not be used for...…


  3. Configuring an HTTPS Pull Server for Desired State Configuration

    Applies to: Windows PowerShell 4.0, Windows PowerShell 5.0 This blog post will guide you through the process of setting up and configuring an HTTPS Pull Server to deploy Desired State Configurations to nodes. It will also walk you through the process of requesting the cert from the CA (Certificate Authority)! That is the main reason I’m taking the time to write the post, almost all the DSC training I’ve watched skips that step and leaves...…


  4. Encrypting Credentials with DSC Configurations

    Applies to: Windows PowerShell 4.0, Windows PowerShell 5.0 In this blog post we’ll be covering how to encrypt credentials stored in Desired State Configuration (DSC) .mof files. This is a secure alternative to secure plain text passwords in the .mof files. Before we begin I’m assuming a few things, such as an existing Active Directory domain environment and a PKI (Public Key Infrastructure) has been setup. Below is a summarized list of things you need...…


  5. Build Active Directory Certificate Services with DSC

    Applies to: Windows PowerShell 5.0, Windows Server 2012r2+ Today we will be standing up a Public Key Infrastructure (PKI) with Active Directory Certificate Services, but not the manual click click way. We’ll be applying a desired state configuration that will set it up for us! The end result will be a standalone PKI server, perfect for lab environments. This post won’t be to helpful if you’re looking to stand up a production ready PKI environment....…