Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RegistryPolicyFile: Resource fails to set due to file in use exception. #28

Open
General-Fault opened this issue Jun 22, 2021 · 0 comments
Open

RegistryPolicyFile: Resource fails to set due to file in use exception. #28

General-Fault opened this issue Jun 22, 2021 · 0 comments

Comments

@General-Fault
Copy link

Details of the scenario you tried and the problem that is occurring

The resource occasionally fails to set with the error "The process cannot access the file 'C:\windows\System32\GroupPolicy\Machine\registry.pol' because it is being used by another process."

This appears to be part of a race condition and I have encountered it several times, but on different registry policy values on each occurrence. I cannot reliably reproduce the problem.

I am using DSC as part of a "Microsoft Deployment Toolkit" (MDT) deployment, and have not found a good way to test which process is accessing registry.pol at the time of this error. Suggestions welcome!

Verbose logs showing the problem

[OBFUSCATED]: LCM: [ Start Resource ] [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer]
[OBFUSCATED]: LCM: [ Start Test ] [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer]
[OBFUSCATED]: [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer] Retrieving current for Key SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services ValueName SecurityLayer. (RPF04)
[OBFUSCATED]: [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer] Expected to find an array value for property ValueData in the current values, but it was either not present or was null. This has caused the test method to return false.
[OBFUSCATED]: [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer] String value for property ValueType does not match. Current state is '' and desired state is 'Dword'.
[OBFUSCATED]: LCM: [ End Test ] [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer] in 0.2510 seconds.
[OBFUSCATED]: LCM: [ Start Set ] [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer]
[OBFUSCATED]: [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer] Retrieving current for Key SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services ValueName SecurityLayer. (RPF04)
[OBFUSCATED]: [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer] Adding policy with Key: SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services, ValueName: SecurityLayer, ValueData: System.String[], ValueType: Dword. (RPF001)
[OBFUSCATED]: LCM: [ End Set ] [[RegistryPolicyFile]Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer] in 1.1090 seconds.
PowerShell DSC resource MSFT_RegistryPolicyFile failed to execute Set-TargetResource functionality with error message: The running command stopped because the preference variable "ErrorActionPreference" or common parameter is set to Stop: The process cannot access the file 'C:\windows\System32\GroupPolicy\Machine\registry.pol' because it is being used by another process.
InvalidOperation: (:) [], CimException

Suggested solution to the issue

The solution likely depends on which process is accessing the file. If it is the "Group Policy Client" service, perhaps RegistryPolicyFile should stop the service first, or at least check to see if the group policy is being updated.
Otherwise perhaps the RegistryPolicyFile could test access to the file, and wait for a short period if it is in use.

The DSC configuration that is used to reproduce the issue (as detailed as possible)

Configuration Win10Lockdown {
  RegistryPolicyFile 'Win10Lockdown\CVE-2016-2183\Terminal Services - Security Layer' {
      TargetType = 'ComputerConfiguration'
      Key = 'SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services'
      ValueName = 'SecurityLayer'
      ValueType = 'Dword'
      ValueData = '2'
  }
}

The operating system the target node is running

The operating system the target node is running

Name Value
OsName Microsoft Windows 10 Enterprise LTSC
OsOperatingSystemSKU 125
OsArchitecture 64-bit
WindowsVersion 1809
WindowsBuildLabEx 17763.1.amd64fre.rs5_release.180914-1434
OsLanguage en-US
OsMuiLanguages {en-US}

Version and build of PowerShell the target node is running

Name Value
PSVersion 5.1.17763.1852
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.17763.1852
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

Version of the DSC module that was used

Name Version Path
GPRegistryPolicyDsc 1.2.0 C:\Program Files\WindowsPowerShell\Modules\GPRegistryPolicyDsc\1.2.0\GPRegistryPolicyDsc.psd1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@General-Fault