Configurations/MultiRole-Server-2016/DC1.mof
|
/*
@TargetNode='DC1' @GeneratedBy=Jeff @GenerationDate=06/06/2020 10:53:14 @GenerationHost=BOVINE320 */ instance of MSFT_RegistryResource as $MSFT_RegistryResource1ref { ResourceID = "[Registry]TLS"; ValueName = "SchUseStrongCrypto"; Key = "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::49::9::registry"; ValueType = "Dword"; ModuleName = "PSDesiredStateConfiguration"; ValueData = { "1" }; ModuleVersion = "1.1"; ConfigurationName = "AutoLab"; }; instance of MSFT_xIPAddress as $MSFT_xIPAddress1ref { ResourceID = "[xIPAddress]PrimaryIPAddress"; InterfaceAlias = "Ethernet"; AddressFamily = "IPv4"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::63::13::xIPAddress"; ModuleName = "xNetworking"; IPAddress = { "192.168.3.10" }; ModuleVersion = "5.7.0.0"; ConfigurationName = "AutoLab"; }; instance of MSFT_xDefaultGatewayAddress as $MSFT_xDefaultGatewayAddress1ref { ResourceID = "[xDefaultGatewayAddress]PrimaryDefaultGateway"; AddressFamily = "IPv4"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::70::17::xDefaultGatewayAddress"; Address = "192.168.3.1"; ModuleName = "xNetworking"; InterfaceAlias = "Ethernet"; ModuleVersion = "5.7.0.0"; ConfigurationName = "AutoLab"; }; instance of MSFT_xDNSServerAddress as $MSFT_xDNSServerAddress1ref { ResourceID = "[xDNSServerAddress]PrimaryDNSClient"; AddressFamily = "IPv4"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::78::17::xDnsServerAddress"; Address = { "192.168.3.10" }; ModuleName = "xNetworking"; InterfaceAlias = "Ethernet"; ModuleVersion = "5.7.0.0"; ConfigurationName = "AutoLab"; }; instance of MSFT_xFirewall as $MSFT_xFirewall1ref { ResourceID = "[xFirewall]FPS-ICMP4-ERQ-In"; Enabled = "True"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::101::13::xFirewall"; Name = "FPS-ICMP4-ERQ-In"; ModuleName = "xNetworking"; ModuleVersion = "5.7.0.0"; ConfigurationName = "AutoLab"; }; instance of MSFT_xFirewall as $MSFT_xFirewall2ref { ResourceID = "[xFirewall]FPS-ICMP6-ERQ-In"; Enabled = "True"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::101::13::xFirewall"; Name = "FPS-ICMP6-ERQ-In"; ModuleName = "xNetworking"; ModuleVersion = "5.7.0.0"; ConfigurationName = "AutoLab"; }; instance of MSFT_xFirewall as $MSFT_xFirewall3ref { ResourceID = "[xFirewall]FPS-SMB-In-TCP"; Enabled = "True"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::101::13::xFirewall"; Name = "FPS-SMB-In-TCP"; ModuleName = "xNetworking"; ModuleVersion = "5.7.0.0"; ConfigurationName = "AutoLab"; }; instance of MSFT_xComputer as $MSFT_xComputer1ref { SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::116::9::xComputer"; ModuleName = "xComputerManagement"; ModuleVersion = "4.1.0.0"; ResourceID = "[xComputer]ComputerName"; Name = "DC1"; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource1ref { ResourceID = "[WindowsFeature]DNS"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::133::13::WindowsFeature"; Name = "DNS"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource2ref { ResourceID = "[WindowsFeature]ADDomainServices"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::133::13::WindowsFeature"; Name = "AD-Domain-Services"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource3ref { ResourceID = "[WindowsFeature]RSATADTools"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::133::13::WindowsFeature"; Name = "RSAT-AD-Tools"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource4ref { ResourceID = "[WindowsFeature]RSATADPowerShell"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::133::13::WindowsFeature"; Name = "RSAT-AD-PowerShell"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource5ref { ResourceID = "[WindowsFeature]GPMC"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::133::13::WindowsFeature"; Name = "GPMC"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential1ref { Password = "P@ssw0rd"; UserName = "Administrator"; }; instance of MSFT_Credential as $MSFT_Credential2ref { Password = "P@ssw0rd"; UserName = "Administrator"; }; instance of MSFT_xADDomain as $MSFT_xADDomain1ref { ResourceID = "[xADDomain]FirstDC"; SysvolPath = "C:\\Sysvol"; LogPath = "C:\\NTDS"; DomainAdministratorCredential = $MSFT_Credential1ref; SafemodeAdministratorPassword = $MSFT_Credential2ref; DatabasePath = "C:\\NTDS"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::140::9::xADDomain"; DomainName = "Company.Pri"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[WindowsFeature]ADDomainServices"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADOrganizationalUnit as $MSFT_xADOrganizationalUnit1ref { ResourceID = "[xADOrganizationalUnit]IT"; Path = "DC=Company,DC=Pri"; Description = NULL; Ensure = "Present"; ProtectedFromAccidentalDeletion = False; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::157::13::xADOrganizationalUnit"; Name = "IT"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADOrganizationalUnit as $MSFT_xADOrganizationalUnit2ref { ResourceID = "[xADOrganizationalUnit]Dev"; Path = "DC=Company,DC=Pri"; Description = NULL; Ensure = "Present"; ProtectedFromAccidentalDeletion = False; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::157::13::xADOrganizationalUnit"; Name = "Dev"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADOrganizationalUnit as $MSFT_xADOrganizationalUnit3ref { ResourceID = "[xADOrganizationalUnit]Marketing"; Path = "DC=Company,DC=Pri"; Description = NULL; Ensure = "Present"; ProtectedFromAccidentalDeletion = False; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::157::13::xADOrganizationalUnit"; Name = "Marketing"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADOrganizationalUnit as $MSFT_xADOrganizationalUnit4ref { ResourceID = "[xADOrganizationalUnit]Sales"; Path = "DC=Company,DC=Pri"; Description = NULL; Ensure = "Present"; ProtectedFromAccidentalDeletion = False; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::157::13::xADOrganizationalUnit"; Name = "Sales"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADOrganizationalUnit as $MSFT_xADOrganizationalUnit5ref { ResourceID = "[xADOrganizationalUnit]Accounting"; Path = "DC=Company,DC=Pri"; Description = NULL; Ensure = "Present"; ProtectedFromAccidentalDeletion = False; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::157::13::xADOrganizationalUnit"; Name = "Accounting"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADOrganizationalUnit as $MSFT_xADOrganizationalUnit6ref { ResourceID = "[xADOrganizationalUnit]JEA_Operators"; Path = "DC=Company,DC=Pri"; Description = NULL; Ensure = "Present"; ProtectedFromAccidentalDeletion = False; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::157::13::xADOrganizationalUnit"; Name = "JEA_Operators"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADOrganizationalUnit as $MSFT_xADOrganizationalUnit7ref { ResourceID = "[xADOrganizationalUnit]Servers"; Path = "DC=Company,DC=Pri"; Description = NULL; Ensure = "Present"; ProtectedFromAccidentalDeletion = False; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::157::13::xADOrganizationalUnit"; Name = "Servers"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential3ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential4ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser1ref { Description = "Main IT"; DisplayName = "Mary Lennon"; ResourceID = "[xADUser]MaryL"; UserName = "MaryL"; Password = $MSFT_Credential3ref; GivenName = "Mary"; DomainAdministratorCredential = $MSFT_Credential4ref; PasswordNeverExpires = True; Department = "IT"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Lennon"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=IT,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential5ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential6ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser2ref { Description = "Backup IT"; DisplayName = "Mike Smith"; ResourceID = "[xADUser]MikeS"; UserName = "MikeS"; Password = $MSFT_Credential5ref; GivenName = "Mike"; DomainAdministratorCredential = $MSFT_Credential6ref; PasswordNeverExpires = True; Department = "IT"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=IT,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential7ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential8ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser3ref { Description = "The Developer"; DisplayName = "Simon Smith"; ResourceID = "[xADUser]SimonS"; UserName = "SimonS"; Password = $MSFT_Credential7ref; GivenName = "Simon"; DomainAdministratorCredential = $MSFT_Credential8ref; PasswordNeverExpires = True; Department = "Dev"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Dev,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential9ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential10ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser4ref { Description = "Accountant"; DisplayName = "Aaron Smith"; ResourceID = "[xADUser]AaronS"; UserName = "AaronS"; Password = $MSFT_Credential9ref; GivenName = "Aaron"; DomainAdministratorCredential = $MSFT_Credential10ref; PasswordNeverExpires = True; Department = "Accounting"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Accounting,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential11ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential12ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser5ref { Description = "Accountant"; DisplayName = "Andrea Smith"; ResourceID = "[xADUser]AndreaS"; UserName = "AndreaS"; Password = $MSFT_Credential11ref; GivenName = "Andrea"; DomainAdministratorCredential = $MSFT_Credential12ref; PasswordNeverExpires = True; Department = "Accounting"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Accounting,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential13ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential14ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser6ref { Description = "Accountant"; DisplayName = "Andy Smith"; ResourceID = "[xADUser]AndyS"; UserName = "AndyS"; Password = $MSFT_Credential13ref; GivenName = "Andy"; DomainAdministratorCredential = $MSFT_Credential14ref; PasswordNeverExpires = True; Department = "Accounting"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Accounting,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential15ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential16ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser7ref { Description = "Sales"; DisplayName = "Sam Smith"; ResourceID = "[xADUser]SamS"; UserName = "SamS"; Password = $MSFT_Credential15ref; GivenName = "Sam"; DomainAdministratorCredential = $MSFT_Credential16ref; PasswordNeverExpires = True; Department = "Sales"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Sales,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential17ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential18ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser8ref { Description = "Sales"; DisplayName = "Sonya Smith"; ResourceID = "[xADUser]SonyaS"; UserName = "SonyaS"; Password = $MSFT_Credential17ref; GivenName = "Sonya"; DomainAdministratorCredential = $MSFT_Credential18ref; PasswordNeverExpires = True; Department = "Sales"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Sales,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential19ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential20ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser9ref { Description = "Sales"; DisplayName = "Samantha Smith"; ResourceID = "[xADUser]SamanthaS"; UserName = "SamanthaS"; Password = $MSFT_Credential19ref; GivenName = "Samantha"; DomainAdministratorCredential = $MSFT_Credential20ref; PasswordNeverExpires = True; Department = "Sales"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Sales,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential21ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential22ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser10ref { Description = "Marketing"; DisplayName = "Mark Smith"; ResourceID = "[xADUser]MarkS"; UserName = "MarkS"; Password = $MSFT_Credential21ref; GivenName = "Mark"; DomainAdministratorCredential = $MSFT_Credential22ref; PasswordNeverExpires = True; Department = "Marketing"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Marketing,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential23ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential24ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser11ref { Description = "Marketing"; DisplayName = "Monica Smith"; ResourceID = "[xADUser]MonicaS"; UserName = "MonicaS"; Password = $MSFT_Credential23ref; GivenName = "Monica"; DomainAdministratorCredential = $MSFT_Credential24ref; PasswordNeverExpires = True; Department = "Marketing"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Marketing,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential25ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential26ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser12ref { Description = "Marketing"; DisplayName = "Matt Smith"; ResourceID = "[xADUser]MattS"; UserName = "MattS"; Password = $MSFT_Credential25ref; GivenName = "Matt"; DomainAdministratorCredential = $MSFT_Credential26ref; PasswordNeverExpires = True; Department = "Marketing"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Smith"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=Marketing,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential27ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential28ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser13ref { Description = "JEA"; DisplayName = "Jim Jea"; ResourceID = "[xADUser]JimJ"; UserName = "JimJ"; Password = $MSFT_Credential27ref; GivenName = "Jim"; DomainAdministratorCredential = $MSFT_Credential28ref; PasswordNeverExpires = True; Department = "IT"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Jea"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=JEA_Operators,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential29ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_Credential as $MSFT_Credential30ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADUser as $MSFT_xADUser14ref { Description = "JEA"; DisplayName = "Jill Jea"; ResourceID = "[xADUser]JillJ"; UserName = "JillJ"; Password = $MSFT_Credential29ref; GivenName = "Jill"; DomainAdministratorCredential = $MSFT_Credential30ref; PasswordNeverExpires = True; Department = "IT"; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::169::13::xADUser"; Surname = "Jea"; ModuleVersion = "3.0.0.0"; ModuleName = "xActiveDirectory"; Path = "OU=JEA_Operators,DC=Company,DC=Pri"; DomainName = "Company.Pri"; Enabled = True; PasswordAuthentication = "Negotiate"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADGroup as $MSFT_xADGroup1ref { ResourceID = "[xADGroup]IT"; Path = "OU=IT,DC=Company,DC=Pri"; Ensure = "Present"; Category = "Security"; Members = { "MikeS", "MaryL" }; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::189::13::xADGroup"; GroupScope = "Global"; GroupName = "IT"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADGroup as $MSFT_xADGroup2ref { ResourceID = "[xADGroup]Sales"; Path = "OU=Sales,DC=Company,DC=Pri"; Ensure = "Present"; Category = "Security"; Members = { "SamanthaS", "SonyaS", "SamS" }; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::189::13::xADGroup"; GroupScope = "Global"; GroupName = "Sales"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADGroup as $MSFT_xADGroup3ref { ResourceID = "[xADGroup]Marketing"; Path = "OU=Marketing,DC=Company,DC=Pri"; Ensure = "Present"; Category = "Security"; Members = { "MattS", "MonicaS", "MarkS" }; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::189::13::xADGroup"; GroupScope = "Global"; GroupName = "Marketing"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADGroup as $MSFT_xADGroup4ref { ResourceID = "[xADGroup]Accounting"; Path = "OU=Accounting,DC=Company,DC=Pri"; Ensure = "Present"; Category = "Security"; Members = { "AaronS", "AndreaS", "AndyS" }; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::189::13::xADGroup"; GroupScope = "Global"; GroupName = "Accounting"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xADGroup as $MSFT_xADGroup5ref { ResourceID = "[xADGroup]JEA Operators"; Path = "OU=JEA_Operators,DC=Company,DC=Pri"; Ensure = "Present"; Category = "Security"; Members = { "JimJ", "JillJ" }; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::189::13::xADGroup"; GroupScope = "Global"; GroupName = "JEA Operators"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential31ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADComputer as $MSFT_xADComputer1ref { ResourceID = "[xADComputer]CompObj_S1"; Path = "OU=Servers,DC=Company,DC=Pri"; Enabled = True; ComputerName = "S1"; DomainAdministratorCredential = $MSFT_Credential31ref; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::209::17::xADComputer"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DisplayName = "S1"; DependsOn = { "[xADOrganizationalUnit]Servers"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential32ref { Password = "P@ssw0rd"; UserName = "Company.Pri\\Administrator"; }; instance of MSFT_xADGroup as $MSFT_xADGroup6ref { ResourceID = "[xADGroup]WebServerGroup"; Path = "OU=IT,DC=Company,DC=Pri"; Credential = $MSFT_Credential32ref; Ensure = "Present"; Category = "Security"; Members = { "S1$" }; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::222::9::xADGroup"; GroupScope = "Global"; GroupName = "Web Servers"; ModuleName = "xActiveDirectory"; ModuleVersion = "3.0.0.0"; DependsOn = { "[xADOrganizationalUnit]IT"}; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource6ref { ResourceID = "[WindowsFeature]DHCP"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::245::13::WindowsFeature"; Name = "DHCP"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xDhcpServerAuthorization as $MSFT_xDhcpServerAuthorization1ref { SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::253::9::xDhcpServerAuthorization"; ModuleName = "xDhcpServer"; ModuleVersion = "2.0.0.0"; ResourceID = "[xDhcpServerAuthorization]DhcpServerAuthorization"; Ensure = "Present"; DependsOn = { "[WindowsFeature]DHCP"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xDhcpServerScope as $MSFT_xDhcpServerScope1ref { ResourceID = "[xDhcpServerScope]DhcpScope"; IPEndRange = "192.168.3.250"; LeaseDuration = "00:08:00"; AddressFamily = "IPv4"; State = "Active"; IPStartRange = "192.168.3.200"; SubnetMask = "255.255.255.0"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::258::9::xDhcpServerScope"; Name = "LabNet"; ModuleName = "xDhcpServer"; ScopeId = "192.168.3.0"; ModuleVersion = "2.0.0.0"; DependsOn = { "[WindowsFeature]DHCP"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xDhcpServerOption as $MSFT_xDhcpServerOption1ref { ResourceID = "[xDhcpServerOption]DhcpOption"; AddressFamily = "IPv4"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::270::9::xDhcpServerOption"; DnsServerIPAddress = { "192.168.3.10" }; Router = { "192.168.3.1" }; ModuleName = "xDhcpServer"; ScopeID = "192.168.3.0"; ModuleVersion = "2.0.0.0"; DependsOn = { "[xDhcpServerScope]DhcpScope"}; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource7ref { ResourceID = "[WindowsFeature]ADCSCertAuthority"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::395::13::WindowsFeature"; Name = "ADCS-Cert-Authority"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource8ref { ResourceID = "[WindowsFeature]ADCSEnrollWebPol"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::395::13::WindowsFeature"; Name = "ADCS-Enroll-Web-Pol"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource9ref { ResourceID = "[WindowsFeature]ADCSEnrollWebSvc"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::395::13::WindowsFeature"; Name = "ADCS-Enroll-Web-Svc"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_RoleResource as $MSFT_RoleResource10ref { ResourceID = "[WindowsFeature]ADCSWebEnrollment"; IncludeAllSubFeature = False; Ensure = "Present"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::395::13::WindowsFeature"; Name = "ADCS-Web-Enrollment"; ModuleName = "PSDesiredStateConfiguration"; ModuleVersion = "1.1"; DependsOn = { "[xADDomain]FirstDC"}; ConfigurationName = "AutoLab"; }; instance of MSFT_xWaitForADDomain as $MSFT_xWaitForADDomain1ref { ResourceID = "[xWaitForADDomain]WaitForADADCSRole"; DomainUserCredential = NULL; RetryCount = 10; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::403::9::xWaitForADDomain"; DomainName = "Company.Pri"; ModuleName = "xActiveDirectory"; RetryIntervalSec = 30; ModuleVersion = "3.0.0.0"; DependsOn = { "[WindowsFeature]ADCSCertAuthority"}; ConfigurationName = "AutoLab"; }; instance of MSFT_Credential as $MSFT_Credential33ref { Password = "P@ssw0rd"; UserName = "Administrator"; }; instance of MSFT_xAdcsCertificationAuthority as $MSFT_xAdcsCertificationAuthority1ref { LogDirectory = "C:\\CA_Logs"; KeyLength = 2048; ResourceID = "[xAdcsCertificationAuthority]ADCSConfig"; DatabaseDirectory = "C:\\windows\\system32\\CertLog"; CACommonName = "Company.Pri"; CAType = "EnterpriseRootCA"; Credential = $MSFT_Credential33ref; CADistinguishedNameSuffix = "C=US,L=Phoenix,S=Arizona,O=Company"; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::411::9::xAdcsCertificationAuthority"; ValidityPeriod = "Years"; ModuleVersion = "1.4.0.0"; ModuleName = "xAdcsDeployment"; ValidityPeriodUnits = 2; HashAlgorithmName = "SHA256"; CryptoProviderName = "RSA#Microsoft Software Key Storage Provider"; DependsOn = { "[xWaitForADDomain]WaitForADADCSRole"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref { ResourceID = "[Script]CreatePKIAEGpo"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n $GPO = (Get-GPO -name \"PKI AutoEnroll\" -domain $Node.DomainName)\n return @{Result = $($GPO.DisplayName)}\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n if ((Get-GPO -name \"PKI AutoEnroll\" -domain $Node.DomainName -ErrorAction SilentlyContinue) -eq $Null) {\n return $False\n }\n else {\n return $True\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::428::9::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n New-GPO -name \"PKI AutoEnroll\" -domain $Node.DomainName\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[xWaitForADDomain]WaitForADADCSRole"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource2ref { ResourceID = "[Script]setAEGPRegSetting1"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n $RegVal1 = (Get-GPRegistryValue -name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"AEPolicy\")\n return @{Result = \"$($RegVal1.FullKeyPath)\\$($RegVal1.ValueName)\\$($RegVal1.Value)\"}\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n if ((Get-GPRegistryValue -name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"AEPolicy\" -ErrorAction SilentlyContinue).Value -eq 7) {\n return $True\n }\n else {\n return $False\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::448::9::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n Set-GPRegistryValue -name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"AEPolicy\" -Value 7 -Type DWord\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]CreatePKIAEGpo"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource3ref { ResourceID = "[Script]setAEGPRegSetting2"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n $Regval2 = (Get-GPRegistryValue -name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"OfflineExpirationPercent\")\n return @{Result = \"$($RegVal2.FullKeyPath)\\$($RegVal2.ValueName)\\$($RegVal2.Value)\"}\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n if ((Get-GPRegistryValue -name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"OfflineExpirationPercent\" -ErrorAction SilentlyContinue).Value -eq 10) {\n return $True\n }\n else {\n return $False\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::468::9::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n Set-GPRegistryValue -Name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"OfflineExpirationPercent\" -value 10 -Type DWord\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]setAEGPRegSetting1"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource4ref { ResourceID = "[Script]setAEGPRegSetting3"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n $RegVal3 = (Get-GPRegistryValue -Name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"OfflineExpirationStoreNames\")\n return @{Result = \"$($RegVal3.FullKeyPath)\\$($RegVal3.ValueName)\\$($RegVal3.Value)\"}\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n if ((Get-GPRegistryValue -Name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"OfflineExpirationStoreNames\" -ErrorAction SilentlyContinue).value -match \"MY\") {\n return $True\n }\n else {\n return $False\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::489::9::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n Set-GPRegistryValue -Name \"PKI AutoEnroll\" -domain $Node.DomainName -Key \"HKLM\\SOFTWARE\\Policies\\Microsoft\\Cryptography\\AutoEnrollment\" -ValueName \"OfflineExpirationStoreNames\" -value \"MY\" -Type String\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]setAEGPRegSetting2"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource5ref { ResourceID = "[Script]SetAEGPLink"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n $GPLink = (Get-GPO -Name \"PKI AutoEnroll\" -Domain $Node.DomainName).ID\n $GPLinks = (Get-GPInheritance -Domain $Node.DomainName -Target $Node.DomainDN).gpolinks | Where-Object {$_.GpoID -like \"*$GPLink*\"}\n return @{Result = \"$($GPLinks.DisplayName) = $($GPLinks.Enabled)\"}\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n try {\n $GPLink = (Get-GPO -Name \"PKI AutoEnroll\" -Domain $Node.DomainName).ID\n $GPLinks = (Get-GPInheritance -Domain $Node.DomainName -Target $Node.DomainDN).gpolinks | Where-Object {$_.GpoID -like \"*$GPLink*\"}\n if ($GPLinks.Enabled -eq $True) {return $True}\n else {return $False}\n }\n catch {\n Return $False\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::509::9::Script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n New-GPLink -name \"PKI AutoEnroll\" -domain $Node.DomainName -Target $Node.DomainDN -LinkEnabled Yes\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]setAEGPRegSetting3"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource6ref { ResourceID = "[Script]CreateWebServer2Template"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n try {\n $WS2 = Get-ADObject -Identity \"CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -Properties * -ErrorAction Stop\n return @{Result = $WS2.DistinguishedName}\n }\n catch {\n return @{Result = $Null}\n }\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n try {\n $WSTemplate = Get-ADObject -Identity \"CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -Properties * -ErrorAction Stop\n return $True\n }\n catch {\n return $False\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::536::9::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n $WebServerTemplate = @{'flags' = '131649';\n 'msPKI-Cert-Template-OID' = '1.3.6.1.4.1.311.21.8.8211880.1779723.5195193.12600017.10487781.44.7319704.6725493';\n 'msPKI-Certificate-Application-Policy' = '1.3.6.1.5.5.7.3.1';\n 'msPKI-Certificate-Name-Flag' = '268435456';\n 'msPKI-Enrollment-Flag' = '32';\n 'msPKI-Minimal-Key-Size' = '2048';\n 'msPKI-Private-Key-Flag' = '50659328';\n 'msPKI-RA-Signature' = '0';\n 'msPKI-Supersede-Templates' = 'WebServer';\n 'msPKI-Template-Minor-Revision' = '3';\n 'msPKI-Template-Schema-Version' = '2';\n 'pKICriticalExtensions' = '2.5.29.15';\n 'pKIDefaultCSPs' = '2,Microsoft DH SChannel Cryptographic Provider', '1,Microsoft RSA SChannel Cryptographic Provider';\n 'pKIDefaultKeySpec' = '1';\n 'pKIExtendedKeyUsage' = '1.3.6.1.5.5.7.3.1';\n 'pKIMaxIssuingDepth' = '0';\n 'revision' = '100'\n }\n\n\n New-ADObject -name \"WebServer2\" -Type pKICertificateTemplate -Path \"CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -DisplayName WebServer2 -OtherAttributes $WebServerTemplate\n $WSOrig = Get-ADObject -Identity \"CN=WebServer,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -Properties * | Select-Object pkiExpirationPeriod, pkiOverlapPeriod, pkiKeyUsage\n Get-ADObject -Identity \"CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" | Set-ADObject -Add @{'pKIKeyUsage' = $WSOrig.pKIKeyUsage; 'pKIExpirationPeriod' = $WSOrig.pKIExpirationPeriod; 'pkiOverlapPeriod' = $WSOrig.pKIOverlapPeriod}\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[xAdcsCertificationAuthority]ADCSConfig"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource7ref { ResourceID = "[Script]CreateDSCTemplate"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n try {\n $dsctmpl = Get-ADObject -Identity \"CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -Properties * -ErrorAction Stop\n return @{Result = $dsctmpl.DistinguishedName}\n }\n catch {\n return @{Result = $Null}\n }\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n try {\n $DSCTemplate = Get-ADObject -Identity \"CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -Properties * -ErrorAction Stop\n return $True\n }\n catch {\n return $False\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::586::9::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n $DSCTemplateProps = @{'flags' = '131680';\n 'msPKI-Cert-Template-OID' = '1.3.6.1.4.1.311.21.8.16187918.14945684.15749023.11519519.4925321.197.13392998.8282280';\n 'msPKI-Certificate-Application-Policy' = '1.3.6.1.4.1.311.80.1';\n 'msPKI-Certificate-Name-Flag' = '1207959552';\n #'msPKI-Enrollment-Flag'='34';\n 'msPKI-Enrollment-Flag' = '32';\n 'msPKI-Minimal-Key-Size' = '2048';\n 'msPKI-Private-Key-Flag' = '0';\n 'msPKI-RA-Signature' = '0';\n #'msPKI-Supersede-Templates'='WebServer';\n 'msPKI-Template-Minor-Revision' = '3';\n 'msPKI-Template-Schema-Version' = '2';\n 'pKICriticalExtensions' = '2.5.29.15';\n 'pKIDefaultCSPs' = '1,Microsoft RSA SChannel Cryptographic Provider';\n 'pKIDefaultKeySpec' = '1';\n 'pKIExtendedKeyUsage' = '1.3.6.1.4.1.311.80.1';\n 'pKIMaxIssuingDepth' = '0';\n 'revision' = '100'\n }\n\n\n New-ADObject -name \"DSCTemplate\" -Type pKICertificateTemplate -Path \"CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -DisplayName DSCTemplate -OtherAttributes $DSCTemplateProps\n $WSOrig = Get-ADObject -Identity \"CN=Workstation,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -Properties * | Select-Object pkiExpirationPeriod, pkiOverlapPeriod, pkiKeyUsage\n [byte[]] $WSOrig.pkiKeyUsage = 48\n Get-ADObject -Identity \"CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" | Set-ADObject -Add @{'pKIKeyUsage' = $WSOrig.pKIKeyUsage; 'pKIExpirationPeriod' = $WSOrig.pKIExpirationPeriod; 'pkiOverlapPeriod' = $WSOrig.pKIOverlapPeriod}\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[xAdcsCertificationAuthority]ADCSConfig"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource8ref { ResourceID = "[Script]PublishWebServerTemplate2"; GetScript = "\n $pubWS2 = Get-CATemplate | Where-Object {$_.Name -match \"WebServer2\"}\n return @{Result = $pubws2.Name}\n "; TestScript = "\n $Template = Get-CATemplate | Where-Object {$_.Name -match \"WebServer2\"}\n if ($Template -eq $Null) {return $False}\n else {return $True}\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::636::9::script"; SetScript = "\n Add-CATemplate -name \"WebServer2\" -force\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]CreateWebServer2Template"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource9ref { ResourceID = "[Script]PublishDSCTemplate"; GetScript = "\n $pubDSC = Get-CATemplate | Where-Object {$_.Name -match \"DSCTemplate\"}\n return @{Result = $pubDSC.Name}\n "; TestScript = "\n $Template = Get-CATemplate | Where-Object {$_.Name -match \"DSCTemplate\"}\n if ($Template -eq $Null) {return $False}\n else {return $True}\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::653::9::script"; SetScript = "\n Add-CATemplate -name \"DSCTemplate\" -force\n Write-Verbose -Message (\"Publishing Template DSCTemplate...\")\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]CreateDSCTemplate"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource10ref { ResourceID = "[Script]Perms_WebCert_0e10c968-78fb-11d2-90d4-00c04f79dc55"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n Import-Module activedirectory -Verbose:$false\n $WebServerCertACL = (Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Web Servers\"}\n if ($WebServerCertACL -ne $Null) {\n return @{Result = $WebServerCertACL}\n }\n else {\n Return @{}\n }\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='0e10c968-78fb-11d2-90d4-00c04f79dc55'\n\n Import-Module activedirectory -Verbose:$false\n $WebServerCertACL = (Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Web Servers\"}\n if ($WebServerCertACL -eq $Null) {\n Write-Verbose -message (\"Web Servers Group does not have permissions on Web Server template...\")\n Return $False\n }\n elseif (($WebServerCertACL.ActiveDirectoryRights -like \"*ExtendedRight*\") -and ($WebServerCertACL.ObjectType -notcontains $P)) {\n Write-Verbose -message (\"Web Servers group has permission, but not the correct permission...\")\n Return $False\n }\n else {\n Write-Verbose -message (\"ACL on Web Server Template is set correctly for this GUID for Web Servers Group...\")\n Return $True\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::683::13::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='0e10c968-78fb-11d2-90d4-00c04f79dc55'\n\n Import-Module activedirectory -Verbose:$false\n $WebServersGroup = Get-ADGroup -Identity \"Web Servers\" | Select-Object SID\n $EnrollGUID = [GUID]::Parse($P)\n $ACL = Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\"\n $ACL.AddAccessRule((New-Object System.DirectoryServices.ExtendedRightAccessRule $WebServersGroup.SID, 'Allow', $EnrollGUID, 'None'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'ReadProperty','Allow'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'GenericExecute','Allow'))\n Set-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -AclObject $ACL\n Write-Verbose -Message (\"Permissions set for Web Servers Group\")\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]CreateWebServer2Template"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource11ref { ResourceID = "[Script]Perms_DSCCert_0e10c968-78fb-11d2-90d4-00c04f79dc55"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n Import-Module activedirectory -Verbose:$false\n $DSCCertACL = (Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Domain Computers\"}\n if ($DSCCertACL -ne $Null) {\n return @{Result = $DSCCertACL}\n }\n else {\n Return @{}\n }\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='0e10c968-78fb-11d2-90d4-00c04f79dc55'\n\n Import-Module activedirectory -Verbose:$false\n $DSCCertACL = (Get-Acl \"AD:CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Domain Computers*\"}\n if ($DSCCertACL -eq $Null) {\n Write-Verbose -Message (\"Domain Computers does not have permissions on DSC template\")\n Return $False\n }\n elseif (($DSCCertACL.ActiveDirectoryRights -like \"*ExtendedRight*\") -and ($DSCCertACL.ObjectType -notcontains $P)) {\n Write-Verbose -Message (\"Domain Computers group has permission, but not the correct permission...\")\n Return $False\n }\n else {\n Write-Verbose -Message (\"ACL on DSC Template is set correctly for this GUID for Domain Computers...\")\n Return $True\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::725::13::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='0e10c968-78fb-11d2-90d4-00c04f79dc55'\n\n Import-Module activedirectory -Verbose:$false\n $DomainComputersGroup = Get-ADGroup -Identity \"Domain Computers\" | Select-Object SID\n $EnrollGUID = [GUID]::Parse($P)\n $ACL = Get-Acl \"AD:CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\"\n $ACL.AddAccessRule((New-Object System.DirectoryServices.ExtendedRightAccessRule $DomainComputersGroup.SID, 'Allow', $EnrollGUID, 'None'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'ReadProperty','Allow'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'GenericExecute','Allow'))\n Set-Acl \"AD:CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -AclObject $ACL\n Write-Verbose -Message (\"Permissions set for Domain Computers...\")\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]CreateWebServer2Template"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource12ref { ResourceID = "[Script]Perms_WebCert_a05b8cc2-17bc-4802-a710-e7c15ab866a2"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n Import-Module activedirectory -Verbose:$false\n $WebServerCertACL = (Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Web Servers\"}\n if ($WebServerCertACL -ne $Null) {\n return @{Result = $WebServerCertACL}\n }\n else {\n Return @{}\n }\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='a05b8cc2-17bc-4802-a710-e7c15ab866a2'\n\n Import-Module activedirectory -Verbose:$false\n $WebServerCertACL = (Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Web Servers\"}\n if ($WebServerCertACL -eq $Null) {\n Write-Verbose -message (\"Web Servers Group does not have permissions on Web Server template...\")\n Return $False\n }\n elseif (($WebServerCertACL.ActiveDirectoryRights -like \"*ExtendedRight*\") -and ($WebServerCertACL.ObjectType -notcontains $P)) {\n Write-Verbose -message (\"Web Servers group has permission, but not the correct permission...\")\n Return $False\n }\n else {\n Write-Verbose -message (\"ACL on Web Server Template is set correctly for this GUID for Web Servers Group...\")\n Return $True\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::683::13::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='a05b8cc2-17bc-4802-a710-e7c15ab866a2'\n\n Import-Module activedirectory -Verbose:$false\n $WebServersGroup = Get-ADGroup -Identity \"Web Servers\" | Select-Object SID\n $EnrollGUID = [GUID]::Parse($P)\n $ACL = Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\"\n $ACL.AddAccessRule((New-Object System.DirectoryServices.ExtendedRightAccessRule $WebServersGroup.SID, 'Allow', $EnrollGUID, 'None'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'ReadProperty','Allow'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'GenericExecute','Allow'))\n Set-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -AclObject $ACL\n Write-Verbose -Message (\"Permissions set for Web Servers Group\")\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]CreateWebServer2Template"}; ConfigurationName = "AutoLab"; }; instance of MSFT_ScriptResource as $MSFT_ScriptResource13ref { ResourceID = "[Script]Perms_DSCCert_a05b8cc2-17bc-4802-a710-e7c15ab866a2"; GetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n\n Import-Module activedirectory -Verbose:$false\n $DSCCertACL = (Get-Acl \"AD:CN=WebServer2,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Domain Computers\"}\n if ($DSCCertACL -ne $Null) {\n return @{Result = $DSCCertACL}\n }\n else {\n Return @{}\n }\n "; TestScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='a05b8cc2-17bc-4802-a710-e7c15ab866a2'\n\n Import-Module activedirectory -Verbose:$false\n $DSCCertACL = (Get-Acl \"AD:CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\").Access | Where-Object {$_.IdentityReference -like \"*Domain Computers*\"}\n if ($DSCCertACL -eq $Null) {\n Write-Verbose -Message (\"Domain Computers does not have permissions on DSC template\")\n Return $False\n }\n elseif (($DSCCertACL.ActiveDirectoryRights -like \"*ExtendedRight*\") -and ($DSCCertACL.ObjectType -notcontains $P)) {\n Write-Verbose -Message (\"Domain Computers group has permission, but not the correct permission...\")\n Return $False\n }\n else {\n Write-Verbose -Message (\"ACL on DSC Template is set correctly for this GUID for Domain Computers...\")\n Return $True\n }\n "; SourceInfo = "C:\\scripts\\PSAutoLab\\Configurations\\MultiRole-Server-2016\\VMConfiguration.ps1::725::13::script"; SetScript = "$Node = [System.Management.Automation.PSSerializer]::Deserialize('<Objs Version=\"1.1.0.1\" xmlns=\"http://schemas.microsoft.com/powershell/2004/04\">\n <Obj RefId=\"0\">\n <TN RefId=\"0\">\n <T>System.Collections.Hashtable</T>\n <T>System.Object</T>\n </TN>\n <DCT>\n <En>\n <S N=\"Key\">SecureBoot</S>\n <B N=\"Value\">false</B>\n </En>\n <En>\n <S N=\"Key\">ADCSCryptoProviderName</S>\n <S N=\"Value\">RSA#Microsoft Software Key Storage Provider</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriodUnits</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">ADCSHashAlgorithmName</S>\n <S N=\"Value\">SHA256</S>\n </En>\n <En>\n <S N=\"Key\">AddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">ADCSKeyLength</S>\n <I32 N=\"Value\">2048</I32>\n </En>\n <En>\n <S N=\"Key\">FirewallRuleNames</S>\n <Obj N=\"Value\" RefId=\"1\">\n <TN RefId=\"1\">\n <T>System.Object[]</T>\n <T>System.Array</T>\n <T>System.Object</T>\n </TN>\n <LST>\n <S>FPS-ICMP4-ERQ-In</S>\n <S>FPS-ICMP6-ERQ-In</S>\n <S>FPS-SMB-In-TCP</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">IPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPState</S>\n <S N=\"Value\">Active</S>\n </En>\n <En>\n <S N=\"Key\">Lability_BootDelay</S>\n <I32 N=\"Value\">60</I32>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowDomainUser</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">Lability_BootOrder</S>\n <I32 N=\"Value\">10</I32>\n </En>\n <En>\n <S N=\"Key\">Lability_ProcessorCount</S>\n <I32 N=\"Value\">2</I32>\n </En>\n <En>\n <S N=\"Key\">DHCPDnsServerIPAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">DHCPName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">NodeName</S>\n <S N=\"Value\">DC1</S>\n </En>\n <En>\n <S N=\"Key\">LabPassword</S>\n <S N=\"Value\">P@ssw0rd</S>\n </En>\n <En>\n <S N=\"Key\">SysvolPath</S>\n <S N=\"Value\">C:\\Sysvol</S>\n </En>\n <En>\n <S N=\"Key\">PSDscAllowPlainTextPassword</S>\n <B N=\"Value\">true</B>\n </En>\n <En>\n <S N=\"Key\">DnsServerAddress</S>\n <S N=\"Value\">192.168.3.10</S>\n </En>\n <En>\n <S N=\"Key\">ADCSValidityPeriod</S>\n <S N=\"Value\">Years</S>\n </En>\n <En>\n <S N=\"Key\">CADatabasePath</S>\n <S N=\"Value\">C:\\windows\\system32\\CertLog</S>\n </En>\n <En>\n <S N=\"Key\">DHCPRouter</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">ADCSCAType</S>\n <S N=\"Value\">EnterpriseRootCA</S>\n </En>\n <En>\n <S N=\"Key\">Lability_timeZone</S>\n <S N=\"Value\">US Mountain Standard Time</S>\n </En>\n <En>\n <S N=\"Key\">IPNetwork</S>\n <S N=\"Value\">192.168.3.0/24</S>\n </En>\n <En>\n <S N=\"Key\">CACN</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">CustomBootStrap</S>\n <S N=\"Value\"> # This must be set to handle larger .mof files_x000D__x000A_ Set-Item -path wsman:\\localhost\\maxenvelopesize -value 1000</S>\n </En>\n <En>\n <S N=\"Key\">DCDatabasePath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">CALogPath</S>\n <S N=\"Value\">C:\\CA_Logs</S>\n </En>\n <En>\n <S N=\"Key\">IPNatName</S>\n <S N=\"Value\">LabNat</S>\n </En>\n <En>\n <S N=\"Key\">Lability_Media</S>\n <S N=\"Value\">2016_x005F_x64_Standard_Core_EN_Eval</S>\n </En>\n <En>\n <S N=\"Key\">DCLogPath</S>\n <S N=\"Value\">C:\\NTDS</S>\n </En>\n <En>\n <S N=\"Key\">Role</S>\n <Obj N=\"Value\" RefId=\"2\">\n <TNRef RefId=\"1\" />\n <LST>\n <S>DC</S>\n <S>DHCP</S>\n <S>ADCS</S>\n </LST>\n </Obj>\n </En>\n <En>\n <S N=\"Key\">DHCPAddressFamily</S>\n <S N=\"Value\">IPv4</S>\n </En>\n <En>\n <S N=\"Key\">CADNSuffix</S>\n <S N=\"Value\">C=US,L=Phoenix,S=Arizona,O=Company</S>\n </En>\n <En>\n <S N=\"Key\">Lability_MinimumMemory</S>\n <I64 N=\"Value\">2147483648</I64>\n </En>\n <En>\n <S N=\"Key\">InterfaceAlias</S>\n <S N=\"Value\">Ethernet</S>\n </En>\n <En>\n <S N=\"Key\">Lability_SwitchName</S>\n <S N=\"Value\">LabNet</S>\n </En>\n <En>\n <S N=\"Key\">SubnetMask</S>\n <I32 N=\"Value\">24</I32>\n </En>\n <En>\n <S N=\"Key\">DefaultGateway</S>\n <S N=\"Value\">192.168.3.1</S>\n </En>\n <En>\n <S N=\"Key\">DomainName</S>\n <S N=\"Value\">Company.Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPLeaseDuration</S>\n <S N=\"Value\">00:08:00</S>\n </En>\n <En>\n <S N=\"Key\">DomainDN</S>\n <S N=\"Value\">DC=Company,DC=Pri</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPStartRange</S>\n <S N=\"Value\">192.168.3.200</S>\n </En>\n <En>\n <S N=\"Key\">DHCPSubnetMask</S>\n <S N=\"Value\">255.255.255.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPScopeID</S>\n <S N=\"Value\">192.168.3.0</S>\n </En>\n <En>\n <S N=\"Key\">DHCPIPEndRange</S>\n <S N=\"Value\">192.168.3.250</S>\n </En>\n </DCT>\n </Obj>\n</Objs>')\n$P ='a05b8cc2-17bc-4802-a710-e7c15ab866a2'\n\n Import-Module activedirectory -Verbose:$false\n $DomainComputersGroup = Get-ADGroup -Identity \"Domain Computers\" | Select-Object SID\n $EnrollGUID = [GUID]::Parse($P)\n $ACL = Get-Acl \"AD:CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\"\n $ACL.AddAccessRule((New-Object System.DirectoryServices.ExtendedRightAccessRule $DomainComputersGroup.SID, 'Allow', $EnrollGUID, 'None'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'ReadProperty','Allow'))\n #$ACL.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $WebServersGroup.SID,'GenericExecute','Allow'))\n Set-Acl \"AD:CN=DSCTemplate,CN=Certificate Templates,CN=Public Key Services,CN=Services,CN=Configuration,$($Node.DomainDN)\" -AclObject $ACL\n Write-Verbose -Message (\"Permissions set for Domain Computers...\")\n "; ModuleName = "PSDesiredStateConfiguration"; Credential = NULL; ModuleVersion = "1.1"; DependsOn = { "[Script]CreateWebServer2Template"}; ConfigurationName = "AutoLab"; }; instance of OMI_ConfigurationDocument { Version="2.0.0"; MinimumCompatibleVersion = "1.0.0"; CompatibleVersionAdditionalProperties= {"Omi_BaseResource:ConfigurationName"}; Author="Jeff"; GenerationDate="06/06/2020 10:53:14"; GenerationHost="BOVINE320"; Name="AutoLab"; }; |