-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
xWebapppool will not compile using identitytype gMSA #581
Comments
For a resource to be able to support (g)MSA it needs to ignore the password part of the credential object (discussed and documented in the SqlServerDsc specific guidelines, credentials-that-does-not-have-password. I see this resource do expect to set the password for the credential object so I suspect the resource need to be modified to handle (g)MSA. |
This scenario is documented in another issue from a few years ago #80, the workaround discussed there of passing a random password as part of the credential object for the gMSA does work to get the config to compile and config the server. It's just a bit wonky. |
ISSUE TITLE:
'xwebapppool: Short description of my issue'
ISSUE DESCRIPTION (this template):
I would like to create an App Pool for a DSC Pull server running on Server 2019 that's connecting to a SQL Server 2019 backend that's running on Server 2019 as well. I want to authenticate to the DB using a gMSA, not SQL Authentication. I don't see a way to compile a configuration with the xwebapppool resource using the gMSA username format. I keep getting the error below.
I can manually edit the LCM mof and set the identitytype to "mylab\SQLsvcAccount$", reapply the LCM config and everything works fine.
xWebAdministration\xWebAppPool : At least one of the values 'mylab\SQLsvcAccount$' is not supported or valid for property 'identityType' on class 'xWebAppPool'. Please
specify only supported values:
ApplicationPoolIdentity, LocalService, LocalSystem, NetworkService, SpecificUser.
At line:78 char:9
xWebAppPool DSCPool
CategoryInfo : InvalidOperation: (:) [Write-Error], ParentContainsErrorRecordException
FullyQualifiedErrorId : UnsupportedValueForProperty,xWebAdministration\xWebAppPool
Details of the scenario you tried and the problem that is occurring
Verbose logs showing the problem
Suggested solution to the issue
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The operating system the target node is running
Version and build of PowerShell the target node is running
Version of the DSC module that was used
PSDesiredStateConfiguration 1.1
xPSDesiredStateConfiguration 9.1.0
xWebAdministration 3.1.1
The text was updated successfully, but these errors were encountered: