JHP's blog – Random stuff

January 17, 2020February 11, 2020

DSC Configuration data encryption done right

So – you have gained some experience with Desired State Configuration and you have even encrypted credentials in your configurations through certificates. But how do you manage the credentials, and how are they integrated in your automated build process?

The open-source DSC Workshop (https://github.com/automatedlab/dscworkshop) contains great resources to get you started. In this post, I would like to show you how to use the layering to define credentials at different layers, e.g. domain-wide or node-specific.

Continue reading “DSC Configuration data encryption done right”

September 6, 2019February 11, 2020

Converting GPO to DSC – Part 2

Testing the infrastructure

*Update 2020-01-14: Lab Script updated due to new cmdlets*
If you have not yet read about Desired State Configuration, now would be the time. Head to docs.microsoft.com and understand the concepts before reading further.

The configurations we compiled in the previous blog post require two community resources, AuditPolicyDsc and SecurityPolicyDsc. Registry settings are built-in. Both resources contain the necessary code that your clients need to test the configuration. If you don’t trust external code or are not able to get code in your environment, why not create a test environment instead?

August 23, 2019February 11, 2020

Converting Group Policies to DSC configurations

Desired State Configuration is a powerful tool in any Windows environment when it comes to automation. In customer projects, I personally like to do a greenfield approach whenever possible.

However, there are certainly situations where taking something that already exists might be beneficial. This was the case at one customer, who wanted to convert Group Policies to DSC configurations in order to test them. Suffice to say, my interest was piqued.

August 15, 2019August 27, 2019

Add telemetry to your PowerShell module

Ah, telemetry. Very ubiquitous today, telemetry is collected from many software companies, device vendors and so on. Often telemetry includes PII, personally identifiable information, which of course is a no-go.

This post aims to explain how you can responsibly collect telemetry for your PowerShell module to track its usage, version distribution and much more. I will show you the steps you need to take to use Azure ApplicationInsights to collect and Power BI to visualize your telemetry.

October 4, 2018October 4, 2018

Automating Windows Admin Center

We all know that Windows Admin Center, formerly known as Project Honolulu, provides excellent and modern management methods for Windows operating systems. Administrators can easily customize their own dashboard and add connections to servers, workstations and storage as well as compute clusters.

However, this is a manual task. As a PowerShell aficionado I cannot abide by that. But let’s start at the beginning.

June 6, 2018

That blog is being updated…

Since I’ve not written anything for YEARS it is time to upgrade my blog. The old content will make it after a while.