• LocalConfigurationManager RebootIfNeeded: True =
  • Password Encryption Details Required: True =
  • AD Certificate Server Details Certificate Server Name
  • NDES Server Details NDES Server Name
  • Source Location Details SXS Source Required: True =
  • Intune: Required: True =
  • NDES MSI Source Location
  • Instructions and Setup: Can be saved/run on local or remote server




    Download 76.99 Kb.
    Sana25.09.2020
    Hajmi76.99 Kb.
    #11698

    Instructions and Setup:

    • Can be saved/run on local or remote server.

    • Copy the Modules to C:\Program Files\Windows PowerShell on the server your running the script.

    • If required during install - Ensure that shares for source files and ndesconnector.msi are available.

    • Specify the environment information into the XML script

    Server Prerequisites:

    • Windows Server 2012 R2, Domain Joined Member server (Workgroup NDES has not been tested)

    • Ensure Windows Remote Management is enabled.

    • Domain firewall needs to be turned off.

    • Request and install Client and Server Auth Certificates on the NDES Server (Only Internal PKI certs have been tested)

    • If Password Encryption is required in the MOF file then export the Client cert from the NDES box and place in the location specified in the XML.

    XML File Parameters (Also displayed in the XAML check in the script):

    LocalConfigurationManager

    RebootIfNeeded:

      • True = this property will restart the node as soon as the configuration has been completely applies.

      • False = the configuration will be completed, but the node must be restarted manually for the changes to take effect

    ConfigurationMode:

    Specifies how the Local Configuration Manager actually applies the configuration to the target nodes. It can take the following values:



      • ApplyOnly: With this option, DSC applies the configuration and does nothing further unless a new configuration is detected, either by you sending a new configuration directly to the target node (“push”) or if you have configured a “pull” server and DSC discovers a new configuration when it checks with the “pull” server. If the target node’s configuration drifts, no action is taken.

      • ApplyAndMonitor: With this option (which is the default), DSC applies any new configurations, whether sent by you directly to the target node or discovered on a “pull” server. Thereafter, if the configuration of the target node drifts from the configuration file, DSC reports the discrepancy in logs.

      • ApplyAndAutoCorrect: With this option, DSC applies any new configurations, whether sent by you directly to the target node or discovered on a “pull” server. Thereafter, if the configuration of the target node drifts from the configuration file, DSC reports the discrepancy in logs, and then attempts to adjust the target node configuration to bring in compliance with the configuration file.

    Password Encryption Details

    Required:

      • True = Encrypts all passwords in the MOF file at source and decrypts at destination.

      • False = Passwords are stored in the MOF file as plain text.


    Certificate File Location:

    The location of the exported certificate that will be used for encryption/decryption (Public key export only).



    Certificatefile Name:

    The name of the certificate used for encryption/decryption - This is located on the destination server. This is the certificate that should be exported in cer format without private key and placed in the certificate file location

    ------------------------------------------------------------------------------------------------

    AD Certificate Server Details

    Certificate Server Name:

    The name of the issuing certificate authority.



    NDES Template Name:

    The name of the NDES template that was created on the issuing CA.

    ------------------------------------------------------------------------------------------------

    NDES Server Details

    NDES Server Name:

    The name of the NDES Server.



    Server Auth Cert Name:

    The name of the certificate on the NDES server that will be used for Server Authentication.



    Client Auth Cert Name:

    The name of the certificate on the NDES server that will be used for Client Authentication.

    ------------------------------------------------------------------------------------------------

    Source Location Details

    SXS Source Required:


      • True = SXS source is not available on the server and needs to be installed from external source.

      • False= SXS source is available on the server and therefore external source is not required.


    SXS Source location:

    The path to the SXS source (if required)


    Intune:
    Required:

      • True = Intune Standalone connector will be installed as part of the DSC Configuration

      • False= Intune Standalone connector will NOT be installed as part of the DSC Configuration


    NDES MSI Source Location:

    The path to the MSI of the NDESConnector for Intune Standalone (Download and extract from Intune tenant for standalone). To Skip the auto install - Set required to False.
    Download 76.99 Kb.




    Download 76.99 Kb.

    Bosh sahifa
    Aloqalar

        Bosh sahifa



    Instructions and Setup: Can be saved/run on local or remote server

    Download 76.99 Kb.