Open Wheels387 opened 3 months ago
Hello @wheels387,
Thanks for creating the issue. I confirmed that rule 'v-254254.c' produces the error. The security group "Server Operators" should not be in this 'MS' STIG because it only exists on DomainControllers.
Temp workaround - skip that rule ( you could also use the exception format with PowerSTIG to update that rule to still apply without the "Server Operator" group
configuration Example
{
param
(
[parameter()]
[string]
$NodeName = 'localhost'
)
Import-DscResource -ModuleName PowerStig
Node $NodeName
{
WindowsServer BaseLine
{
OsVersion = '2022'
OsRole = 'MS'
DomainName = 'sample.test'
ForestName = 'sample.test'
SkipRules = @('V-254254.c')
}
}
}
Example
Fix needed Update converted STIG for MemberServer 2022, to not include 'Server Operators'
Thanks Eric
Created a PR to fix your issue, which will be released with the next version of PowerSTIG https://github.com/microsoft/PowerStig/pull/1361
Thank you, Eric
Adding SkipRule = @('V-254254.c')
to the configuration allowed everything to run as expected. Thank you for the quick response!
Describe the bug Attempting to run "Test-DSCConfiguration -ComputerName "localhost" -ReferenceConfiguration ".\localhost.mof" fails with the following errors:
To Reproduce
Install Windows Server 2022 Standard - Desktop Experience
Download / Install PowerShell 7.4.x LTS
Download / Install Terminal
Perform Windows Updates
Open Windows PowerShell as Admin (NOT PowerShell 7.4.x)
Run commands:
NOTE: Issue occurs with or without running the final command to install the modules. Unsure if that's just supposed to be executed on remote machines when you're running this from another machine. Seems like the error message I'm seeing is coming from the submodules inside of the PowerStig module.
Close Windows PowerShell
Create C:\temp\conf.ps1 with contents:
Example