Open FiservSean opened 2 years ago
Hi @FiservSean - thanks for raising this.
Unfortunately, this is a behavior of the DSC LCM. As you point out the PsDscRunAsCredential
is not considered part of the key for the resource, so applying the resource twice with only the PsDscRunAsCredential
differing is going to fail compilation.
There isn't an easy way around this issue, but there are possibilities:
@gaelcolas - not sure if you know any workaround to this? I've not seen anything that can address this.
Details of the scenario you tried and the problem that is occurring
I have a single certificate that needs to be provided to two service account users. The Key fields on Location, Store, and Thumbprint flag the second import as a duplicate, but notice that the PsDscRunAsCredential is different. This is because I'm running the import as the service user and installing the cert to the CurrentUser\My store.
Verbose logs showing the problem
Identifying details changed: Test-ConflictingResources : A conflict was detected between resources '[PfxImport]MyDomain\ServiceAccount1_Cert (C:\MyDscScript.ps1::556::13::PfxImport)' and '[PfxImport]MyDomain\ServiceAccount2_Cert (C:\MyDscScript::568::13::PfxImport)' in node 'Node1'. Resources have identical key properties but there are differences in the following non-key properties: 'PsDscRunAsCredential'. Values 'System.Management.Automation.PSCredential' don't match values 'System.Management.Automation.PSCredential'. Please update these property values so that they are identical in both cases. At line:289 char:9
Suggested solution to the issue
Maybe add the Path as a Key to allow two copies of the same file to be imported?
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The operating system the target node is running
Version and build of PowerShell the target node is running
Version of the DSC module that was used ('dev' if using current dev branch)
5.1.0