You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This works fine, it creates the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\CustomSD with the SDDL string and it's sister key for the System log, but when we run Test-Dscconfiguration, it report those parts as a ResourcesNotInDesiredState
VERBOSE: []: LCM: [ Start Resource ] [[xWinEventLog]securEvtApplication]
VERBOSE: []: LCM: [ Start Test ] [[xWinEventLog]securEvtApplication]
VERBOSE: []: LCM: [ End Test ] [[xWinEventLog]securEvtApplication] False in 0.0780 seconds.
VERBOSE: []: LCM: [ End Resource ] [[xWinEventLog]securEvtApplication]
VERBOSE: []: LCM: [ Start Resource ] [[xWinEventLog]securEvtSystem]
VERBOSE: []: LCM: [ Start Test ] [[xWinEventLog]securEvtSystem]
VERBOSE: []: LCM: [ End Test ] [[xWinEventLog]securEvtSystem] False in 0.0310 seconds.
VERBOSE: []: LCM: [ End Resource ] [[xWinEventLog]securEvtSystem]
VERBOSE: []: LCM: [ End Test ] Completed processing test operation. The operation returned False.
VERBOSE: []: LCM: [ End Test ] in 0.7650 seconds.
VERBOSE: Operation 'Invoke CimMethod' complete.
PSComputerName ResourcesInDesiredState ResourcesNotInDesiredState InDesiredState
-------------- ----------------------- -------------------------- --------------
localhost {[cNtfsPermissionEntry]Perm... {[xWinEventLog]securEvtAppl... False
VERBOSE: Time taken for configuration job to complete is 0.877 seconds
If we run Start-DscConfiguration -UseExisting -Force -Wait -Verbose then it will do the Set, but it will never see it as in Desire State:
VERBOSE: []: LCM: [ Start Resource ] [[xWinEventLog]securEvtApplication]
VERBOSE: []: LCM: [ Start Test ] [[xWinEventLog]securEvtApplication]
VERBOSE: []: LCM: [ End Test ] [[xWinEventLog]securEvtApplication] in 0.0630 seconds.
VERBOSE: []: LCM: [ Start Set ] [[xWinEventLog]securEvtApplication]
VERBOSE: []: LCM: [ End Set ] [[xWinEventLog]securEvtApplication] in 0.0310 seconds.
VERBOSE: []: LCM: [ End Resource ] [[xWinEventLog]securEvtApplication]
VERBOSE: []: LCM: [ Start Resource ] [[xWinEventLog]securEvtSystem]
VERBOSE: []: LCM: [ Start Test ] [[xWinEventLog]securEvtSystem]
VERBOSE: []: LCM: [ End Test ] [[xWinEventLog]securEvtSystem] in 0.0160 seconds.
VERBOSE: []: LCM: [ Start Set ] [[xWinEventLog]securEvtSystem]
VERBOSE: []: LCM: [ End Set ] [[xWinEventLog]securEvtSystem] in 0.0470 seconds.
VERBOSE: []: LCM: [ End Resource ] [[xWinEventLog]securEvtSystem]
VERBOSE: []: [] Consistency check completed.
The same code works fine on Windows 10...
The text was updated successfully, but these errors were encountered:
I took a look at the code and ran the test condition manually on the server(line 143 ) $log = Get-WinEvent -ListLog application
Then I compared $log.SecurityDescriptor to the string that got created in the registry by DSC, and indeed they are different. That test condition doesn't seem to work.
Also, running wevtutil gl application (which is the command line utility to set SDDL the old way)returns the correct SDDL string.
On Windows 2016 with latest CU installed
DSC Code to secure the Application Log and the System Log
This works fine, it creates the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\CustomSD with the SDDL string and it's sister key for the System log, but when we run Test-Dscconfiguration, it report those parts as a ResourcesNotInDesiredState
If we run
Start-DscConfiguration -UseExisting -Force -Wait -Verbose
then it will do the Set, but it will never see it as in Desire State:The same code works fine on Windows 10...
The text was updated successfully, but these errors were encountered: