Closed LoudCloudDragon closed 3 years ago
The first thing to recognize is that these configurations are not standing up production-ready systems. They were designed to meet minimum requirements for a given Pluralsight training course. There are a number of settings and services that are admittedly incomplete. For example, the CA role is mostly setup but not completely.The fact that you are finding incomplete settings is to be expected, but the configurations were complete enough to meet their initial demands.
All of that said, you should still have some network connectivity between VMs and the host and VMs. Although the Windows Firewall in the VMs may not be configured for ICMP. When you ran the setup, did the Pester test complete successfully? If you are setting a configuration up for your own use, you very well may have to make changes, which you are welcome to.
Change location to the MultiRole directory and run:
Invoke-Pester .\VMValidate.test.ps1
Does everything still pass? If any of the tests fail for a VM, restart the VM, wait 5 minutes and try the test again.
Describing DC1
[-] [DC1] Should allow a PSSession but got error: The credential is invalid. 5
57ms
Expected $true, but got $false.
85: $false | Should Be $True
at
Describing S1
[-] [S1] Should allow a PSSession but got error: The credential is invalid. 3m
s
Expected $true, but got $false.
112: $false | Should Be $True
at
Describing Cli1
[-] [CLI1] Should allow a PSSession but got error: The credential is invalid.
3ms
Expected $true, but got $false.
193: $false | Should Be $True
at
PS C:\Autolab\Configurations\MultiRole>
I understand that the lab is created in a way to facilitate the curriculum. I am a powershell student who is attempting to create a Small/Med business environment mockup lab (fully functional) for AD (my E3 Microsoft license provides the other env: for powershell). Hyper-V is local on my beefy laptop
I'm assuming this test was 20-30 minutes after you started the setup process. For no reason that I can pinpoint, sometimes configurations don't finish. I would suggest using Hyper-V to shut down each VM and restart them. Change to the MultiRole directory and run Shutdown-Lab
then Run-Lab
. Wait 10 minutes then re-run Invoke-Pester
.
The only thing that makes sense is that the AD configuration is failing to get applied. I'm assuming you didn't change any of the configuration files. If you still have issues, I'd suggest starting over. On occassion, I've found that something fails to run and the best course of action is to try again. Run Wipe-Lab
. Then run Open-PSAutolabHelp
and follow the instructions in the Detailed Setup Instructions to do a manual setup. If you get to this step, post a reply and also include the output of the Get-PSAutoLabSetting
command.
PS C:\Autolab\Configurations\MultiRole> Invoke-Pester Pester v4.10.1 Executing all tests in '.' Tests completed in 0ms Tests Passed: 0, Failed: 0, Skipped: 0, Pending: 0, Inconclusive: 0
At this point I am going to wipe the lap and start over. Please feel free to close the issue or if you wish, await until I rebuild the Lah bore rah tory.
After Wiping and setting up manually; the lab seems better. I am still getting DNS related issues including DFS stuff BUT, for what I need (powershell targets), everything seems to be working. I am able to create PSSessions, invoke commands, and so on.
AutoLab : C:\Autolab PSVersion : 5.1.18362.1171 PSEdition : Desktop OS : Microsoft Windows 10 Enterprise FreeSpaceGB : 714.46 MemoryGB : 32 PctFreeMemory : 79.04 Processor : Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz IsElevated : True RemotingEnabled : True HyperV : 10.0.18362.1049 PSAutolab : {4.18.0, 4.17.0} Lability : 0.19.1 Pester : {4.10.1, 3.4.0} PowerShellGet : 1.0.0.1 PSDesiredStateConfiguration : 1.1
I think the issue is closed now. I will make Checkpoints and try to work out my errors another time. It is not essential right now and my test (MCSA) is fast approaching.
As long as the Pester tests pass, that was our minimum bar of success. I know the configurations didn't do anything with DFS and setup a bare bones minimum AD/DNS.
Thank you for your guidance and expertise.
DNS, DFS, Secure Channel, Can't connect Domain (DC1)
My setup
Progress, status, current config At first I had no internet but I figured out I needed to get rid of 1 - 2 of my NetNat's so I wiped that out and afterwards I started getting different error messages and established internet connection so I am moving in the right direction. All systems, local, remote, virtual, meet or exceed the minimums.
There are two items I feel may be misconfigured during post install config; Root Hints, CA stuff, and service account choice for authentication.
Symptoms Error Codes will be below
Things that I have tried not necessarily in order
Error Codes
From CLI1 evevtvwr
8033 The system failed to update and remove host (A or AAAA) resource records (RRs) for network adapter with settings:
Adapter Name : {CFAC1B88-23D5-4B1F-96BD-A7B2368731BD} Host Name : Cli1 Primary Domain Suffix : Company.Pri DNS server list : 192.168.3.10 Sent update to server : <?> IP Address(es) : 192.168.3.200
From DC1
From S1
**I have not added S1 to DNS config. I have changed very little, if anything, in DNS config.