GithubHelp home page GithubHelp logo

Comments (4)

michaeltlombardi avatar michaeltlombardi commented on June 15, 2024 1

Hello again @ethanhou99! I reached out to the team and while I can't find any documentation or feature request to point you at, it looks like this is a specific known limitation for Guest Configuration.

The *-MpComputerStatus cmdlets you're using are part of the built-in module for Defender. Unfortunately, Guest Configuration does not support calling built-in Windows modules (i.e. shipped with the OS rather than in PowerShell itself) right now.

Since this issue is specific to Guest Configuration, I'm closing this issue for now. Sorry, I hope this info helps!

from powershell-docs-dsc.

ethanhou99 avatar ethanhou99 commented on June 15, 2024 1

Hello again @ethanhou99! I reached out to the team and while I can't find any documentation or feature request to point you at, it looks like this is a specific known limitation for Guest Configuration.

The *-MpComputerStatus cmdlets you're using are part of the built-in module for Defender. Unfortunately, Guest Configuration does not support calling built-in Windows modules (i.e. shipped with the OS rather than in PowerShell itself) right now.

Since this issue is specific to Guest Configuration, I'm closing this issue for now. Sorry, I hope this info helps!

Thanks for your help @michaeltlombardi , that's really helpful!

from powershell-docs-dsc.

michaeltlombardi avatar michaeltlombardi commented on June 15, 2024

@ethanhou99 thanks for reporting this! Can you help me out with a minimal repro using only DSC (leaving Guest Configuration out for a bit)?

I attempted to repro locally with this TestExample.ps1 file defining my configuration:

Import-Module -Name PSDesiredStateConfiguration -MaximumVersion 1.2

configuration TestExample {
    Import-Module -Name PSDesiredStateConfiguration -MaximumVersion 1.2
    Import-DscResource -ModuleName 'PSDscResources' -ModuleVersion 2.12.0.0
    Node localhost {
        Script VerifyScript {
            GetScript = {
                $null = Get-MpComputerStatus
                return @{ Result = 'Success' }
            }
            TestScript =  {
                $null = [scriptblock]::Create($GetScript).Invoke()
                return $false
            }
            SetScript = {
                $null = Get-MpComputerStatus
            }
        }
    }
}

TestExample

Note
This example purposefully does nothing, it's just a way to call commands from that module non-destructively using the Script DSC Resource.

I ran:

.\TestExample.ps1
Start-DscConfiguration .\TestExample\ -Wait -Verbose

and got:

    Directory: C:\code\pwsh\TestExample

Mode                 LastWriteTime         Length Name
----                 -------------         ------ ----
-a----         6/10/2022  11:32 AM           2520 localhost.mof

VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = SendConfigurationApply,'className'  = MSFT_DSCLocalConfigurationManager,'namespaceName' = root/Microsoft/Windows/DesiredStateConfiguration'.                   VERBOSE: An LCM method call arrived from computer DESKTOP-KFLGVVP with user sid                                             <SID>.
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ Start  Set      ]
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ Start  Resource ]  [[Script]VerifyScript]
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ Start  Test     ]  [[Script]VerifyScript]
VERBOSE: [DESKTOP-ABC1234]:                            [[Script]VerifyScript] Begin executing test script.
VERBOSE: [DESKTOP-ABC1234]:                            [[Script]VerifyScript] Executing script:
                return $false
VERBOSE: [DESKTOP-ABC1234]:                            [[Script]VerifyScript] End executing test script.
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ End    Test     ]  [[Script]VerifyScript]  in 0.6930 seconds.
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ Start  Set      ]  [[Script]VerifyScript]
VERBOSE: [DESKTOP-ABC1234]:                            [[Script]VerifyScript] Begin executing set script.
VERBOSE: [DESKTOP-ABC1234]:                            [[Script]VerifyScript] Executing script:
                $null = Get-MpComputerStatus
VERBOSE: [DESKTOP-ABC1234]:                            [[Script]VerifyScript] End executing set script.
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ End    Set      ]  [[Script]VerifyScript]  in 0.0770 seconds.
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ End    Resource ]  [[Script]VerifyScript]
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ End    Set      ]
VERBOSE: [DESKTOP-ABC1234]: LCM:  [ End    Set      ]    in  1.3000 seconds.
VERBOSE: Operation 'Invoke CimMethod' complete.
VERBOSE: Time taken for configuration job to complete is 1.493 seconds

So for me, I'm not getting any failing errors to find the command or module.

from powershell-docs-dsc.

ethanhou99 avatar ethanhou99 commented on June 15, 2024

Hi @michaeltlombardi ,

Thanks for your reply!

I followed your suggestion and your code worked perfectly.

After that, I tried my code using the same strategy:

Configuration EnableRealtimeMonitoring
{
    Import-DscResource -ModuleName 'PSDscResources'
    Import-Module -Name PSDesiredStateConfiguration -MaximumVersion 1.2
    Import-Module -Name Defender

    Node localhost
    {
        Script EnableRealtimeMonitoring
        {
            GetScript = {
                $RealtimeMonitoringEnabled = Get-MpComputerStatus | select -expandproperty RealTimeProtectionEnabled
                return @{ 'Result' = "$RealtimeMonitoringEnabled" }
            }
            TestScript = {
                # Create and invoke a scriptblock using the $GetScript automatic variable, which contains a string representation of the GetScript.
                $state = [scriptblock]::Create($GetScript).Invoke()

                if( $state.Result -eq 1 )
                {
                    Write-Verbose -Message ('Current state of RealtimeMonitoringEnabled is {0}' -f $state.Result)
                    return $true
                }
                Write-Verbose -Message ('Current state of RealtimeMonitoringEnabled is {0}' -f $state.Result)
                return $false
            }
            SetScript = {
                Set-MpPreference -DisableRealtimeMonitoring $false
            }
        }
    }
}

EnableRealtimeMonitoring -OutputPath:"./EnableRealtimeMonitoring"

and get the result successfully:

VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' =                                SendConfigurationApply,'className' = MSFT_DSCLocalConfigurationManager,'namespaceName' =                                root/Microsoft/Windows/DesiredStateConfiguration'.                                                                      VERBOSE: An LCM method call arrived from computer win100611 with user sid S-1-5-21-3863100528-447737396-1203617270-500. VERBOSE: [win100611]: LCM:  [ Start  Set      ]                                                                         VERBOSE: [win100611]: LCM:  [ Start  Resource ]  [[Script]EnableRealtimeMonitoring]                                     VERBOSE: [win100611]: LCM:  [ Start  Test     ]  [[Script]EnableRealtimeMonitoring]
VERBOSE: [win100611]:                            [[Script]EnableRealtimeMonitoring] Begin executing test script.
VERBOSE: [win100611]:                            [[Script]EnableRealtimeMonitoring] Executing script:
                # Create and invoke a scriptblock using the $GetScript automatic variable, which contains a string
representation of the GetScript.
                $state = [scriptblock]::Create($GetScript).Invoke()

                if( $state.Result -eq 1 )
                {
                    Write-Verbose -Message ('Current state of RealtimeMonitoringEnabled is {0}' -f $state.Result)
                    return $true
                }
                Write-Verbose -Message ('Current state of RealtimeMonitoringEnabled is {0}' -f $state.Result)
                return $false
VERBOSE: [win100611]:                            [[Script]EnableRealtimeMonitoring] Current state of
RealtimeMonitoringEnabled is True
VERBOSE: [win100611]:                            [[Script]EnableRealtimeMonitoring] End executing test script.
VERBOSE: [win100611]: LCM:  [ End    Test     ]  [[Script]EnableRealtimeMonitoring]  in 0.9150 seconds.
VERBOSE: [win100611]: LCM:  [ Start  Set      ]  [[Script]EnableRealtimeMonitoring]
VERBOSE: [win100611]:                            [[Script]EnableRealtimeMonitoring] Begin executing set script.
VERBOSE: [win100611]:                            [[Script]EnableRealtimeMonitoring] Executing script:
                Set-MpPreference -DisableRealtimeMonitoring $false
VERBOSE: [win100611]:                            [[Script]EnableRealtimeMonitoring] End executing set script.
VERBOSE: [win100611]: LCM:  [ End    Set      ]  [[Script]EnableRealtimeMonitoring]  in 0.6770 seconds.
VERBOSE: [win100611]: LCM:  [ End    Resource ]  [[Script]EnableRealtimeMonitoring]
VERBOSE: [win100611]: LCM:  [ End    Set      ]
VERBOSE: [win100611]: LCM:  [ End    Set      ]    in  3.2100 seconds.
VERBOSE: Operation 'Invoke CimMethod' complete.
VERBOSE: Time taken for configuration job to complete is 3.359 seconds

So, I believe the DSC script is working.

The problem still happened in the Guest configuration part; I still got the same error after the command Get-GuestConfigurationPackageComplianceStatus:

Get-GuestConfigurationPackageComplianceStatus -Path ./WindowsMachineRealtimeMonitoring/WindowsMachineRealtimeMonitoring.zip
WARNING: Job 0140c31f-8026-44b9-839a-073ed69398fc : Displaying messages from built-in DSC resources:
         WMI channel 1
         ResourceID:
         Message : [win100611]:                            [] LCM is running in MonitorOnly mode and will only test the configuration.
WARNING: Job 0140c31f-8026-44b9-839a-073ed69398fc : Displaying messages from built-in DSC resources:
         WMI channel 1
         ResourceID:
         Message : [win100611]:                            [] Configuration document successfully saved to pending state.
Worker process is running consistency for assignment WindowsMachineRealtimeMonitoringWorker process waiting to finish the consistency operation., solution type
inguest
Error: Failed to Run Consistency for 'WindowsMachineRealtimeMonitoring' Error : PowerShell DSC resource MSFT_ScriptResource  failed to execute Test-TargetResource functionality with error message: System.InvalidOperationException: The test script threw an error.
 ---> System.Management.Automation.MethodInvocationException: Exception calling "Invoke" with "0" argument(s): "The term 'Get-MpComputerStatus' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again."
 ---> System.Management.Automation.CommandNotFoundException: The term 'Get-MpComputerStatus' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
   at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
   at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.Interpreter.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.LightLambda.RunVoid1[T0](T0 arg0)
   at System.Management.Automation.ScriptBlock.InvokeWithPipeImpl(ScriptBlockClauseToInvoke clauseToInvoke, Boolean createLocalScope, Dictionary`2 functionsToDefine, List`1 variablesToDefine, ErrorHandlingBehavior errorHandlingBehavior, Object dollarUnder, Object input, Object scriptThis, Pipe outputPipe, InvocationInfo invocationInfo, Object[] args)
   at System.Management.Automation.ScriptBlock.InvokeWithPipeImpl(Boolean createLocalScope, Dictionary`2 functionsToDefine, List`1 variablesToDefine, ErrorHandlingBehavior errorHandlingBehavior, Object dollarUnder, Object input, Object scriptThis, Pipe outputPipe, InvocationInfo invocationInfo, Object[] args)
   at System.Management.Automation.ScriptBlock.InvokeWithPipe(Boolean useLocalScope, ErrorHandlingBehavior errorHandlingBehavior, Object dollarUnder, Object input, Object scriptThis, Pipe outputPipe, InvocationInfo invocationInfo, Boolean propagateAllExceptionsToTop, List`1 variablesToDefine, Dictionary`2 functionsToDefine, Object[] args)
   at System.Management.Automation.ScriptBlock.DoInvoke(Object dollarUnder, Object input, Object[] args)
   at System.Management.Automation.ScriptBlock.Invoke(Object[] args)
   at CallSite.Target(Closure , CallSite , Object )
   --- End of inner exception stack trace ---
   at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
   at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
   --- End of inner exception stack trace ---

Worker process exiting with exit code : 1
WARNING: Job ec0c5837-684f-466e-8587-cbd5c1fe71ef : Displaying messages from built-in DSC resources:
         WMI channel 0
         ResourceID:
         Message : [win100611]:                            [] The TEST operation will be carried against a pending configuration since the latest configuration has not converged yet.
WARNING: Job ec0c5837-684f-466e-8587-cbd5c1fe71ef : WarningMessage The TEST operation will be carried against a pending configuration since the latest configuration has not converged yet.
WARNING: Job ec0c5837-684f-466e-8587-cbd5c1fe71ef : Message System.InvalidOperationException: The test script threw an error.
 ---> System.Management.Automation.MethodInvocationException: Exception calling "Invoke" with "0" argument(s): "The term 'Get-MpComputerStatus' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again."
 ---> System.Management.Automation.CommandNotFoundException: The term 'Get-MpComputerStatus' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
   at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
   at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
   at System.Management.Automation.Interpreter.E
Write-Error: C:\Program Files\WindowsPowerShell\Modules\GuestConfiguration\3.5.4\Modules\DscOperations\DscOperations.psm1:36
Line |
  36 |      Write-GCOperationConsoleMessages -Verbose:($PSCmdlet.MyInvocation …
     |      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | Job ec0c5837-684f-466e-8587-cbd5c1fe71ef : MIResult: 1 Error Message: PowerShell DSC resource
     | MSFT_ScriptResource  failed to execute Test-TargetResource functionality with error message:
     | System.InvalidOperationException: The test script threw an error.  --->
     | System.Management.Automation.MethodInvocationException: Exception calling "Invoke" with "0"
     | argument(s): "The term 'Get-MpComputerStatus' is not recognized as a name of a cmdlet, function,
     | script file, or executable program. Check the spelling of the name, or if a path was included, verify
     | that the path is correct and try again."  ---> System.Management.Automation.CommandNotFoundException:
     | The term 'Get-MpComputerStatus' is not recognized as a name of a cmdlet, function, script file, or
     | executable program. Check the spelling of the name, or if a path was included, verify that the path is
     | correct and try again.    at
     | System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext,
     | Exception exception)    at System

from powershell-docs-dsc.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.