Skip to content

Latest commit

 

History

History
617 lines (510 loc) · 13.7 KB

Wds.adoc

File metadata and controls

617 lines (510 loc) · 13.7 KB
Raw

DSC Resource 'Wds'

Wds contains the Windows Deployment Services DSC Resource Module.

Fully administration of a Windows Deployment Services server requires the following permissions:

  • Local administrator of the Windows Deployment Services server.
    This gives you the following rights:

    • File permissions and permissions to the RemoteInstall folder (the management tools interact with the image store using UNC paths).

    • Registry hive permissions.
      Many settings for the Windows Deployment Services server are stored in HKEY_LOCAL_MACHINE\System, and you need appropriate permissions to these locations to change them.

  • Domain administrator of the domain that contains the Windows Deployment Services server.
    This gives you permissions on the Service Control Point (SCP) in Active Directory Domain Services (AD DS) for the Windows Deployment Services server. Some configuration settings for the server are stored here.

  • Enterprise administrator (optional).
    This gives you Dynamic Host Configuration Protocol (DHCP) authorization permissions. If DHCP authorization is enabled, the Windows Deployment Services server must be authorized in AD DS before it will be allowed to answer incoming client PXE requests. DHCP authorization is stored in the Configuration container in AD DS.

Check these links for more details:

Source

DSC Resource

Documentation
Important

Use of this DSC Resource on a Windows Server Core installation is not supported.
Important

This DSC resource requires an updated version (> 0.11.0) of the WDSDsc resource.

Until the next release of WDSDsc you can patch the version 0.11.0 with latest commit on dev branch on GitHub.
Table 1. Attributes of category 'Wds'
Parameter Attribute DataType Description Allowed Values

RemInstPath

Mandatory

String

Path to RemInst share on the host

RunAsUser

PSCredential

Run WDS initialization and WDS device reservation under a specified set of credentials

WDS requires for initialization and device reservation a valid domain user account with administrator privileges.

The specified user will be assigned to local administrators group to get the sufficient privileges.

AnswerClients

String

Specifies which clients this server will answer.

If you set this value to Known, a computer must be prestaged in active directory Domain Services (AD DS) before it will be answered by the Windows Deployment Services server.

  • None

  • All

  • Known

UseExistingDhcpScope

Boolean

Use existing DHCP Scope defined outside of this DSC resource.

Must be set to True if the DHCP server should not installed on the computer WDS server is running.

  • True

  • False (default)

ScopeId

String

ScopeId of the new DHCP scope of WDS clients

ScopeStart

String

Starting address to set for this scope

ScopeEnd

String

Ending address to set for this scope

SubnetMask

String

Subnet mask for the scope specified in IP address format

SubnetMask

String

Subnet mask for the scope specified in IP address format

DomainName

String

Name of the domain the devices join to

DefaultDeviceOU

String

Default device OU for domain join

BootImages

Hashtable[]

List of boot images

ImageGroups

Hashtable[]

List of image groups

InstallImages

Hashtable[]

List of installation images

DeviceReservations

Hashtable[]

List of device reservations
Table 2. Attributes of category 'Wds/BootImages'
Parameter Attribute DataType Description Allowed Values

NewImageName

Key

String

The new name of the boot image

Path

String

The relative path to the boot image

NewDescription

String

The new description of the boot image

NewFileName

String

The new file name of the boot image

TransmissionName

String

The name of the multicast transmission. Valid if Multicast is set to true

DisplayOrder

Uint32

The order in which PXE entries are displayed

Architecture

String

Architecture of the image, only valid and required if Ensure equals Absent

  • X86

  • Ia64

  • X64

  • Arm

Multicast

Boolean

Indicates that AutoCast or ScheduledCast should be used

  • True

  • False

SkipVerify

Boolean SkipVerify

Indicates that image verification will be skipped

  • True

  • False

Ensure

String

An enumerated value that describes if the boot image exists.

  • Present (default)

  • Absent
Table 3. Attributes of category 'Wds/ImageGroups'
Parameter Attribute DataType Description Allowed Values

Name

Key

String

The name of the image group

SecurityDescriptor

String

Specifies the security descriptor for the image group in SDDL format.

Ensure

String

An enumerated value that describes if the image group exists.

  • Present (default)

  • Absent
Table 4. Attributes of category 'Wds/InstallImages'
Parameter Attribute DataType Description Allowed Values

NewImageName

Key

String

The new name of the imported image

ImageName

Mandatory

String

The name of the image inside the WIM file. Not supported with VHD files.
You can display the ImageName with Get-WindowsImage -ImagePath <image.wim>.

Path

String

The path to the install image (wim, vhdx)

UnattendFile

String

The unattend file associated with this image

NewDescription

String

The new description of the installation image

NewFileName

String

The new file name of the installation image

DisplayOrder

Uint32

The display order in the PXE menu

ImageGroup

String

The name of the image group to add the image to

ClientCount

Uint32

The minimum client count to start a multicast transmission

StartTime

Datetime

The start time for a scheduled transmission

TransmissionName

String

The name of the transmission

ManualStart

Boolean

Indicates that the transmission will be manually started.

  • True

  • False

Multicast

Boolean

Indicates that AutoCast or ScheduledCast should be used

  • True

  • False

SkipVerify

Boolean

Indicates that image verification will be skipped

  • True

  • False

Ensure

String

An enumerated value that describes if the installation image exists.

  • Present (default)

  • Absent
Table 5. Attributes of category 'Wds/DeviceReservations'
Parameter Attribute DataType Description Allowed Values

DeviceID

Key

String

Unique identifier of the device

Should be empty if a MAC-Address is used as device identifier.

MacAddress

Key
(only if DeviceID is empty)

String

MAC address of the device

DeviceName

Mandatory

String

The name of the device

IpAddress

String

IPv4 Address to reserve for this device in DHCP server.

If the DHCP Server is not running on the current computer leave this field empty and make the IP reservation manually.

PxePromptPolicy

String

Specifies the prompt policy for this computer to boot in PXE.

  • Abort

  • NoPrompt (default)

  • OptIn

  • OptOut

Group

String

Specifies the group name of the device associated with the pre-staged client.

WdsClientUnattend

String

The relative path of the unattend file to configure

BootImagePath

String

The relative path of the boot image

ReferralServer

String

Specifies the name of a referral server.
If you specify a referral server, the computer connects to this Windows Deployment Services server to download the network boot program and boot image by using Trivial File Transfer Protocol (TFTP).

JoinDomain

Boolean

Indicates whether to join the computer to a domain as the account specified by the User parameter.

  • True

  • False

OU

String

Specifies the distinguished name of an OU.
The cmdlet creates the computer account object in this location. If you do not specify this parameter, Windows Deployment Services creates the account in the default computer container in the domain of the server that runs Windows Deployment Services.

User

String

User name to join the domain with

JoinRights

String

Specifies the rights to assign to the account. The acceptable values for this parameter are:

  • Full → Assigns full access rights, which includes the right to join the computer to the domain at any time.

  • JoinOnly Requires the administrator to reset the computer account before the user can join the computer to the domain.

  • Full

  • JoinOnly

Ensure

String

  • Present (default)

  • Absent
Example
Wds:
  RemInstPath: C:\RemInst
  RunAsUser: "[ENC=PE9ianM...=]"
  ScopeStart: 2.1.32.1
  ScopeEnd: 2.1.33.254
  ScopeId: 2.1.32.0
  SubnetMask: 255.255.254.0
  UseExistingDhcpScope: false
  DomainName: contoso.com
  DefaultDeviceOU: OU=Clients,OU=Computer,OU=Contoso,DC=contoso,DC=com
  BootImages:
    - NewImageName: contoso boot
      Path:         D:\sources\boot.wim
    - NewImageName: contoso second boot
      Path:         D:\sources\boot2.wim
      NewDescription: New boot image
      NewFileName:  boot_arm.wim
      TransmissionName: BootTransmission
      DisplayOrder: 2
      Ensure: Present
      Multicast: false
      SkipVerify: false
  ImageGroups:
    - Name: Fabrikam LOB Images
      SecurityDescriptor: O:BAG:DUD:(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;0x1200a9;;;AU)(A;OICI;FA;;;S-1-5-80-1688844526-3235337491-1375791646-891369040-3692469510)
      Ensure: Present
    - Name: Windows 10
    - Name: Windows 7
      Ensure: Absent
  InstallImages:
    - NewImageName: Contoso custom Windows 10
      ImageName: Windows 10
      Path: D:\sources\install_win10.wim
      SkipVerify: false
      ImageGroup: Windows 10
      DisplayOrder: 1
      UnattendFile: D:\sources\unattend.xml
      NewDescription: My New Description
      NewFileName: NewFileName
      ClientCount: 2
      StartTime: 08:00:00
      TransmissionName: Win10Transmission
      Multicast: true
      ManualStart: false
      Ensure: Present
    - NewImageName: Contoso custom Windows Server
      ImageName:    Windows Server SERVERDATACENTERACORE
      Path:         D:\sources\install.wim
      ImageGroup:   Fabrikam LOB Images
  DeviceReservations:
    - DeviceName:      Client01
      MacAddress:      00-15-5D-02-28-37
      IPAddress:       192.168.12.22
      PxePromptPolicy: NoPrompt
      JoinDomain:      true
      OU:              OU=SpecialClients,OU=Clients,OU=Computer,OU=Contoso,DC=contoso,DC=com
      JoinRights:      JoinOnly
      User:            contoso\joinuser
      Ensure:          Present
    - DeviceName:      Server02
      DeviceID:        123456781234-567812345678
Recommended Lookup Options in Datum.yml (Excerpt)
default_lookup_options: MostSpecific

lookup_options:

  Wds:
    merge_hash: deep
  Wds\BootImages:
    merge_hash_array: UniqueKeyValTuples
    merge_options:
      tuple_keys:
        - NewImageName
  Wds\ImageGroups:
    merge_hash_array: UniqueKeyValTuples
    merge_options:
      tuple_keys:
        - Name
  Wds\InstallImages:
    merge_hash_array: UniqueKeyValTuples
    merge_options:
      tuple_keys:
        - NewImageName
  Wds\DeviceReservations:
    merge_hash_array: UniqueKeyValTuples
    merge_options:
      tuple_keys:
        - DeviceName