![]() ![]() $capName = "RD-CAP-$(Get-Date -Format FileDateTimeUniversal)" Might be worth tightening up in terms of security. # Create RD-CAP with two user groups defaults permit all device redirection. If you need to find additional items, sl to the GatewayServer location you are interested in $x509Obj | Export-Certificate -FilePath "C:\Temp\$DomainName.cer" -Force -Type CERT # Export the cert to the desktop for use on clients $x509Obj = New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName $DomainName $DomainName = Get-Content -Path "C:\Temp\FQDN.txt" -Raw This MUST installed in the LocalMachine Trusted Root store for RDP clients to see it. # Get the FQDN from the file created in the File resource # FQDN parm to disk on this node and read it in in the Script resource below # Because the DSC Script resources does _not_ accept parameters in its GetScript statement, we will write the compile-time ![]() Name = "NPAS-Policy-Server", "Web-ISAPI-Ext", "Web-Mgmt-Compat", "RSAT-NPAS", "RPC-over-HTTP-Proxy", "RSAT-RDS-Gateway", "RDS-Gateway", "Telnet-client") WindowsFeatureSet InstallRemoteDesktopGatewayFeatures MatchSource = $false # Only create the temp directory the first time the configuration is run Import-DscResource -ModuleName PSDesiredStateConfigurationįile LoggingDirectory # Create a directory for log files and for the cert $configText = InstallConfigureRemoteDesktopGateway # Note that parameters for the DSC configuration are initialized in the script below and passed to Azure DSC via Start-AzureRmAutomationDscCompilationJob # In the here-string that follows DO NOT USE any single quotes (') as this will mess up the here string. # DSC configuration script follows as a PowerShell "here string". But it sure was fun and I leave it to you to decide where on the POS-elegant spectrum it falls. I can’t decide, frankly, if it’s the worst POS code I’ve ever produced or the most elegant. So, to pass the FQDN to the DSC script when it is run on the target node, I used a DSC File resource whose only purpose is to write the incoming parm to disk so a Get-Content cmdlet in the Script resource can retrieve it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |