Documentation

[ricardogaspar2]

Is it possible to provide some documentation and examples?

I want to use the DSC Resource , but is not that easy to understand how to use it (even after checking Get-DscResource -Syntax cAccountAdministrativeTemplateSetting)

I would like to change some setting in Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Session Host\Licensing. How do I do this?

[ricardogaspar2]

Well, since I didn't get any reply I had to dig a bit and figure out how the resources worked. It's IMPORTANT to mention that in order to use these resources properly it's better to have the table with the mappings from GPO settings to the registry keys. Without the table, it wouldn't be easy! It would require trial an error. It's possible to get it here: https://www.microsoft.com/en-us/download/confirmation.aspx?id=25250 My source to get there: http://www.thewindowsclub.com/group-policy-settings-reference-windows

And this is my configuration example script that changes the setting I asked for in my previous post but also another, more complex, setting (with multiple values).

Configuration LocalGPO
{
    param
    (
        [string[]] $NodeName = 'localhost'
    )

    Import-DSCResource -ModuleName PolicyFileEditor

    Node $NodeName
    {
        cAdministrativeTemplateSetting RDPLicensing
        {
            KeyValueName = "SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\LicenseServers"
            PolicyType = "Machine"
            Data = ("server.test.localgpo.dsc.com")
            Ensure = "Present"
            Type = "String"
        }

      ## The next 3 resources are to change the GPO Setting "Set Remote Desktop Services User Home Directory"
        cAdministrativeTemplateSetting "RDP Users Home Directory Path"
        {
        #    SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!WFHomeDirUNC 
        #    SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!WFHomeDir
        #    SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!WFHomeDirDrive
            KeyValueName = "SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\WFHomeDir"
            PolicyType = "Machine"
            Data = "\\servershare\test"
            Ensure = "Present"
            Type = "String"
        }

        cAdministrativeTemplateSetting "RDP Users Home Directory Letter"
        {
            KeyValueName = "SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\WFHomeDirDrive"
            PolicyType = "Machine"
            Data = "X:"
            Ensure = "Present"
            Type = "String"
        }

        cAdministrativeTemplateSetting "RDP Users Home Directory UNC boolean"
        {
            KeyValueName = "SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\WFHomeDirUNC"
            PolicyType = "Machine"
            Data = "1"
            Ensure = "Present"
            Type = "Dword"
        }
    }
}
LocalGPO
Start-DscConfiguration -Path .\LocalGPO -Wait -Force -Verbose

Another IMPORTANT note: in order to view the changes in the GPO editor (gpedit.msc) you must run the command gpupdate.

[dlwyatt]

Wow. You posted two days ago, while I was out of town. It's not like you're paying for support here; have patience.

[ricardogaspar2]

Hi @dlwyatt , I know it's not support ;) I was just asking for help, and then I had to find my way. If you could add documentation it would be a great thing to have.

I would love to use the module properly, and documentation makes it easier.

[dlwyatt]

That spreadsheet is handy; I've never seen it before. Normally I just look in the template files found under C:\Windows\PolicyDefinitions. The text that you'll see in the GUI can be found in the .adml files under your language subfolder (such as en-US), and those strings will map back to entries in the .admx files inside of PolicyDefinitions. For example, if I search the adml files for "Use the specified Remote Desktop license servers", I find this in TerminalServer.adml:

<string id="TS_LICENSE_SERVERS">Use the specified Remote Desktop license servers</string>

So now I open TerminalServer.admx and search for TS_LICENSE_SERVERS, and find this:

<policy name="TS_LICENSE_SERVERS" class="Machine" displayName="$(string.TS_LICENSE_SERVERS)" explainText="$(string.TS_LICENSE_SERVERS_EXPLAIN)" presentation="$(presentation.TS_LICENSE_SERVERS)" key="SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services">
      <parentCategory ref="TS_LICENSING" />
      <supportedOn ref="TS_SUPPORTED_Win2k3_Sp1" />
      <elements>
        <text id="TS_LICENSE_EDIT" valueName="LicenseServers" required="true" />
      </elements>
    </policy>

[dlwyatt]

In this example, I'd have a hard time guessing whether that was supposed to be a String or MultiString value, so I'd probably just set the policy through the GUI and then go look at that spot in the registry to see what it did.

[ricardogaspar2]

Yes, in the case of multiple parameters that was precisely what I did. Bu since your data parameter supports an array of strings I, initially, thought it would be possible to set every field of a GPO there. But it's not. That's why I had to use multiple resources to set one GPO with multiple values.

Will you be able to update the README with some examples of usage?