Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cluster: When using distinguished naming of cluster, second pass of DSC fails. #256

Open
IlleNilsson opened this issue Apr 12, 2021 · 15 comments
Open

Cluster: When using distinguished naming of cluster, second pass of DSC fails. #256

IlleNilsson opened this issue Apr 12, 2021 · 15 comments
Labels
bug The issue is a bug. help wanted The issue is up for grabs for anyone in the community.

Comments

@IlleNilsson
Copy link

IlleNilsson commented Apr 12, 2021
edited by johlju

I want to create the AD Cluster object in a specific OU

Verbose logs showing the problem

PSComputerName       : SRV70031
RunspaceId           : 83a68bc5-290c-46d9-8521-4b55093d7bb9
ConfigurationName    : QSClusterDsc
DependsOn            : {[WindowsFeature]WSCS}
ModuleName           : xFailoverCluster
ModuleVersion        : 1.16.0
PsDscRunAsCredential :
ResourceId           : [xCluster]PrepareCluster
SourceInfo           : \\tsclient\E\IGEL\Source\Platform\DSC\~Config\QSClusterDSC.ps1::223::13::xCluster
DurationInSeconds    : 9.353
Error                : {
                           "Exception":  {
                                             "Message":  "PowerShell DSC resource MSFT_xCluster  failed to execute
                       Set-TargetResource functionality with error message: There was an error adding node
                       \u0027SRV70031\u0027 to the cluster ",
                                             "Data":  {

                                                      },
                                             "InnerException":  {
                                                                    "SerializedRemoteException":
                       "Microsoft.FailoverClusters.PowerShell.ClusterCmdletException: T**here was an error adding node
                       \u0027SRV70031\u0027 to the cluster ---\u003e**
                       Microsoft.FailoverClusters.PowerShell.ClusterCmdletException: T**he computer
                       \u0027SRV70031.rd01.local\u0027 is joined to a cluster**.\r\n   --- End of inner exception stack
                       trace ---",
                                                                    "SerializedRemoteInvocationInfo":
                       "System.Management.Automation.InvocationInfo",
                                                                    "ErrorRecord":  "There was an error adding node
                       \u0027SRV70031\u0027 to the cluster\n    The computer \u0027SRV70031.rd01.local\u0027 is joined
                       to a cluster.",
                                                                    "WasThrownFromThrowStatement":  false,
                                                                    "Message":  "There was an error adding node
                       \u0027SRV70031\u0027 to the cluster",
                                                                    "Data":
                       "System.Collections.ListDictionaryInternal",
                                                                    "InnerException":  null,
                                                                    "TargetSite":  "Void EndInvoke()",
                                                                    "StackTrace":  "   at
                       System.Management.Automation.Runspaces.AsyncResult.EndInvoke()\r\n   at System.Management.Automa
                       tion.PowerShell.CoreInvokeRemoteHelper[TInput,TOutput](PSDataCollection`1 input,
                       PSDataCollection`1 output, PSInvocationSettings settings)\r\n   at
                       System.Management.Automation.PowerShell.CoreInvoke[TInput,TOutput](PSDataCollection`1 input,
                       PSDataCollection`1 output, PSInvocationSettings settings)\r\n   at
                       System.Management.Automation.PowerShell.Invoke(IEnumerable input, PSInvocationSettings
                       settings)\r\n   at Microsoft.PowerShell.DesiredStateConfiguration.Internal.ResourceProviderAdapt
                       er.ExecuteCommand(PowerShell powerShell, ResourceModuleInfo resInfo, String operationCmd,
                       List`1 acceptedProperties, CimInstance nonResourcePropeties, CimInstance resourceConfiguration,
                       LCMDebugMode debugMode, PSInvocationSettings pSInvocationSettings, UInt32\u0026
                       resultStatusHandle, Collection`1\u0026 result, ErrorRecord\u0026 errorRecord, PSModuleInfo
                       localRunSpaceModuleInfo)",
                                                                    "HelpLink":  null,
                                                                    "Source":  "System.Management.Automation",
                                                                    "HResult":  -2146233087
                                                                },
                                             "TargetSite":  null,
                                             "StackTrace":  null,
                                             "HelpLink":  null,
                                             "Source":  null,
                                             "HResult":  -2146233079
                                         },
                           "TargetObject":  null,
                           "CategoryInfo":  {
                                                "Category":  7,
                                                "Activity":  "",
                                                "Reason":  "InvalidOperationException",
                                                "TargetName":  "",
                                                "TargetType":  ""
                                            },
                           "FullyQualifiedErrorId":  "ProviderOperationExecutionFailure",
                           "ErrorDetails":  null,
                           "InvocationInfo":  null,
                           "ScriptStackTrace":  null,
                           "PipelineIterationInfo":  [

                                                     ]
                       }
FinalState           :
InDesiredState       : False
InitialState         :
InstanceName         : PrepareCluster
RebootRequested      : False
ResourceName         : xCluster
StartDate            : 4/12/2021 11:58:00 AM
StateChanged         : False

Suggested solution to the issue

The DSC configuration that is used to reproduce the issue (as detailed as possible)

        if ($Node.Replica -eq 'Primary') {
            xCluster 'PrepareCluster' {
                PsDscRunAsCredential = $SetupCredential
                DomainAdministratorCredential = $SetupCredential
                Name = $Node.FailoverClusterName
                StaticIPAddress = $Node.FailoverClusterIPAddress
                IgnoreNetwork = $Node.FailoverClusterIgnoreNetwork
                DependsOn = @('[WindowsFeature]WSCS')
            }
         } else {
            $FailoverClusterName = ((($Node.FailoverClusterName -split ',')[0]) -split '=')[1]
            xCluster 'PrepareCluster' {
                PsDscRunAsCredential = $SetupCredential
                DomainAdministratorCredential = $SetupCredential
                Name = $FailoverClusterName
                StaticIPAddress = $Node.FailoverClusterIPAddress
                IgnoreNetwork = $Node.FailoverClusterIgnoreNetwork
                DependsOn = @('[xWaitForCluster]WaitForCluster')
            }
            xWaitForCluster 'WaitForCluster' {
                PsDscRunAsCredential = $SetupCredential
                Name = $FailoverClusterName
                RetryIntervalSec = 5
                RetryCount = 15
                DependsOn = @('[WindowsFeature]WSCS')
            }

--First Nodes MOF

instance of MSFT_xCluster as $MSFT_xCluster1ref
{
ResourceID = "[xCluster]PrepareCluster";
 PsDscRunAsCredential = $MSFT_Credential1ref;
 IgnoreNetwork = {
    "10.50.0.0/16"
};
 StaticIPAddress = "192.168.1.20";
 DomainAdministratorCredential = $MSFT_Credential2ref;
 SourceInfo = "\\\\tsclient\\E\\IGEL\\Source\\Platform\\DSC\\~Config\\QSClusterDSC.ps1::223::13::xCluster";
 Name = "CN=SRV70CLU,OU=Computers,OU=Admin,OU=Resources,DC=rd01,DC=local";
 ModuleName = "xFailoverCluster";
 ModuleVersion = "1.16.0";

DependsOn = {

    "[WindowsFeature]WSCS"};

 ConfigurationName = "QSClusterDsc";

};

--Second Nodes MOF

instance of MSFT_xCluster as $MSFT_xCluster1ref
{
ResourceID = "[xCluster]PrepareCluster";
 PsDscRunAsCredential = $MSFT_Credential1ref;
 IgnoreNetwork = {
    "10.50.0.0/16"
};
 StaticIPAddress = "192.168.1.20";
 DomainAdministratorCredential = $MSFT_Credential2ref;
 SourceInfo = "\\\\tsclient\\E\\IGEL\\Source\\Platform\\DSC\\~Config\\QSClusterDSC.ps1::233::13::xCluster";
 Name = "SRV70CLU";
 ModuleName = "xFailoverCluster";
 ModuleVersion = "1.16.0";

DependsOn = {

    "[xWaitForCluster]WaitForCluster"};

 ConfigurationName = "QSClusterDsc";

};

instance of MSFT_xWaitForCluster as $MSFT_xWaitForCluster1ref
{
ResourceID = "[xWaitForCluster]WaitForCluster";
 PsDscRunAsCredential = $MSFT_Credential3ref;
 RetryCount = 15;
 SourceInfo = "\\\\tsclient\\E\\IGEL\\Source\\Platform\\DSC\\~Config\\QSClusterDSC.ps1::241::13::xWaitForCluster";
 Name = "SRV70CLU";
 ModuleName = "xFailoverCluster";
 RetryIntervalSec = 5;
 ModuleVersion = "1.16.0";

DependsOn = {

    "[WindowsFeature]WSCS"};

 ConfigurationName = "QSClusterDsc";

};

The operating system the target node is running

OsName : Microsoft Windows Server 2019 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture : 64-bit
WindowsVersion : 1809
WindowsBuildLabEx : 17763.1.amd64fre.rs5_release.180914-1434
OsLanguage : en-US
OsMuiLanguages : {en-US}

Version and build of PowerShell the target node is running

SVersion 5.1.17763.1490
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.17763.1490
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

Version of the DSC module that was used

1.16.0
@johlju
Copy link
Member

johlju commented Apr 12, 2021

In the first node you have:

 Name = "CN=SRV70CLU,OU=Computers,OU=Admin,OU=Resources,DC=rd01,DC=local";

In the second node you have:

Name = "SRV70CLU";

@johlju
Copy link
Member

johlju commented Apr 12, 2021

By "second pass" do you mean that the first node creates the CNO in the OU, but when the configuration runs Test-TargetResource it fails (when it enforces the configuration and checks current state against desired state)?

@johlju johlju added the needs more information The issue needs more information from the author or the community. label Apr 12, 2021
@IlleNilsson
Copy link
Author

IlleNilsson commented Apr 12, 2021 via email

@johlju
Copy link
Member

johlju commented Apr 12, 2021

I have used pre-staged accounts so never seen this. Sounds like there is an issue when using the full distinguished name.

@johlju johlju added bug The issue is a bug. help wanted The issue is up for grabs for anyone in the community. and removed needs more information The issue needs more information from the author or the community. labels Apr 12, 2021
@johlju
Copy link
Member

johlju commented Apr 12, 2021

Happy to review a pull request that fixes this.

@IlleNilsson
Copy link
Author

IlleNilsson commented Apr 12, 2021 via email

@IlleNilsson
Copy link
Author

IlleNilsson commented Apr 17, 2021
edited

Well I've made my best, but when i try to push my branch i get this:

E:\IGEL\Source\xFailoverCluster [fix_to_use_distinguised_name]> git push --set-upstream origin fix_to_use_distinguised_name
info: please complete authentication in your browser...
remote: Permission to dsccommunity/xFailOverCluster.git denied to IlleNilsson.
fatal: unable to access 'https://github.com/dsccommunity/xFailOverCluster.git/': The requested URL returned error: 403
E:\IGEL\Source\xFailoverCluster [fix_to_use_distinguised_name]>

And yes i got a browser to autenticate with, and it said, Success :(

@johlju
Copy link
Member

johlju commented Apr 17, 2021

You need to fork the main repository. On the repository page there is a button “Fork” at top right. Once you forked you need to make a remote my to the fork, in the local repository folder. Then you push to the remote. From there you make the pull request.

Read how to do it here https://dsccommunity.org/guidelines/getting-started/#forking-a-repository-on-github

@IlleNilsson
Copy link
Author

IlleNilsson commented Apr 17, 2021 via email

@IlleNilsson
Copy link
Author

Here we go, a fork IlleNilsson/xFailOverCluster. There is at least one thing I'm not happy with. I added a function named Convert-DistinguishedNameToSimpleName. I could not find a common place to put it, so it is in all Resources, not optimal.

@johlju
Copy link
Member

johlju commented Apr 18, 2021

Great! Now you need to go to your fork an create a pull request. Got to https://github.com/IlleNilsson/xFailOverCluster/pulls and click on new pull request. Base repository should be dsccommunity/xFailOverCluster and base should be main. The head repository should be IlleNilsson/xFailOverCluster and compare should be the working branch where you pushed the changes.

I could not find a common place to put it, so it is in all Resources, not optimal.

We could add a new common module FailoverCluster.Common similar to here: https://github.com/dsccommunity/DnsServerDsc/tree/main/source/Modules/DnsServerDsc.Common
We also need to copy it during build by changing build.yaml:
https://github.com/dsccommunity/DnsServerDsc/blob/97f6ef720def5fc0d920c63607f3ed2f8e03f9fb/build.yaml#L8
The we just need to import the module in the resource code like line 2 and 5 here:
https://github.com/dsccommunity/DnsServerDsc/blob/97f6ef720def5fc0d920c63607f3ed2f8e03f9fb/source/DSCResources/DSC_DnsServerADZone/DSC_DnsServerADZone.psm1#L2-L5

@IlleNilsson IlleNilsson mentioned this issue Apr 18, 2021
Open
9 tasks
@IlleNilsson
Copy link
Author

IlleNilsson commented Apr 21, 2021
edited

You said "we could", does that mean me? I'm not up to speed on building DSC Resources. Can we do it togheter?

@johlju
Copy link
Member

johlju commented Apr 22, 2021

We could, as in the community could. That can be resolved in another PR, or I could see if I have time to add an empty module where we can move the code.

@IlleNilsson
Copy link
Author

IlleNilsson commented Apr 22, 2021 via email

@IlleNilsson
Copy link
Author

IlleNilsson commented Apr 23, 2021 via email

@johlju johlju changed the title xCluster: When using distinguished naming of cluster, second pass of DSC fails. Cluster: When using distinguished naming of cluster, second pass of DSC fails. Jun 11, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug The issue is a bug. help wanted The issue is up for grabs for anyone in the community.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@johlju @IlleNilsson