PowerShell DSC Credential Decryption Error -


i have created pull server configuration. pull server, being used compile mof files , client both windows server 2016, updated azure image.

i kept getting errors when passing in credentials. therefore wrote tiny custom dsc resource displays password clear txt when run start-dscconfiguration -wait -verbose

you can find here: https://gist.github.com/aboersch/65e846a4966fe2c4708ed21d655a54a7

the client not correctly decrypt credentials. password receiving

-----begin cms----- <long multi-line base64 string> -----end cms-----

if pass unprotect-cmsmessage receive correct password.

the certificate passes $.privatekey.keyexchangealgorithm , $.verify

i have tried changing certificate provider to'"microsoft enhanced cryptographic provider v1.0"', '"legacy cryptographic service provider"', , '"microsoft rsa schannel cryptographic provider"'.

i have tried xdscutils new-xselfsigneddscencryptioncertificate.

if use same certificates , compile , execute on same server there no problems.

i have tried these: dsc problems credentials , build 10586 https://wespoint.wordpress.com/2017/01/19/powershell-dsc-encryption-issue/

here cert properties:

enhancedkeyusagelist     : {client authentication (1.3.6.1.5.5.7.3.2), server authentication (1.3.6.1.5.5.7.3.1)} dnsnamelist              : {computerfqdn} sendastrustedissuer      : false archived                 : false enhancedkeyusage         : document encryption (1.3.6.1.4.1.311.80.1) friendlyname             :  issuername               :  notafter                 : 4/14/2018 1:09:37 pm notbefore                : 4/14/2017 1:09:37 pm hasprivatekey            : true privatekey               :  publickey                : rsa (2048 bits) rawdata                  :  serialnumber             : 19000000115fcb3c2e4c71ba69000000000011 subjectname              :  signaturealgorithm       : sha256rsa thumbprint               : f4238e74bfb238dee89c78c13b5c2c8182674801 version                  : 3 handle                   : 1362382910512 issuer                   : ca subject                  : cn=computerfqdn

the problem related partial configurations , believe genuine bug in wmf 5.1 on windows server 2016.

essentially if have partial configurations (push or pull doesn't matter), , 1 of configuration functions not contain resource has credential, forcing credential serialised using certificate mof, decryption fail.

you can reproduce on windows server 2016 or windows 10 wmf 5.1:

  1. add folder called dsctest c:\program files\windowspowershell\modules , add files gist it.

  2. execute this script. first 2 pass while last 1 fail.

the workaround include resource (even if dummy one) uses credential every partial configuration function. dsccredentialhole resource in module first gist for.


-

Comments

Post a Comment

Popular posts from this blog

php - Permission denied. Laravel linux server -

when try register , send email user got error. working till yesterday. today gives me , cant figure out why. way on local testing work's. i'm stuck. please errorexception in compiled.php line 7512: file_put_contents(/var/www/html/storage/framework/views/53de219dee4f11a2db4f64a2c574ad02db5613f4.php): failed open stream: permission denied in compiled.php line 7512 @ handleexceptions->handleerror('2', 'file_put_contents(/var/www/html/storage/framework/views/53de219dee4f11a2db4f64a2c574ad02db5613f4.php): failed open stream: permission denied', '/var/www/html/bootstrap/cache/compiled.php', '7512', array('path' => '/var/www/html/storage/framework/views/53de219dee4f11a2db4f64a2c574ad02db5613f4.php', 'contents' => 'please activate account clicking on following link. <a href="<?php echo e(route('auth.activate', $token)); ?>"><?php echo e(route('auth.activate', $token)); ?...
Read more

google bigquery - Delta between query execution time and Java query call to finish -

context our container cluster located @ us-east1-c we using following java library: google-cloud-bigquery, 0.9.2-beta our dataset has around 26m rows , represents ~10g all of our queries return less 100 rows grouping on specific column question we analyzed last 100 queries executed in bigquery, these executed in 2-3 seconds (we analyzed calling bq --format=prettyjson show -j jobid , end time - creation time). in our java logs though, of calls bigquery.query blocking 5-6 seconds (and 10 seconds not out of ordinary). explain systematic gap between query finish in bigquery cluster , results being available in java? know 5-6 seconds isn't astronomic, curious see if normal behaviour when using java bigquery cloud library. i didn't dig point analyzed outbound call using wireshark. our tests executed in our container cluster (kubernetes). code queryrequest request = queryrequest.newbuilder(sql) .setmaxwaittime(30000l) .setuselega...
Read more

python - Pandas two dataframes multiplication? -

i have 2 data frames (a , b) a: column 1, column 2, column 3 0.1 0.5 0.7 b: row 1 5 row 2 6 row 3 7 how perform multiplication like (0.1)*5, (0.5)* 6, , (0.7)*7? in other words, how multiply value in first row of b value in first column of a, second row of b value in second column of b, , etc? you want multiply values without respect whether rows or columns. pd.series(a.values.ravel() * b.values.ravel()) 0 0.5 1 3.0 2 4.9 dtype: float64
Read more