Remove a PowerShell DSC Configuration
Solution 1
Remove-DscConfigurationDocument will do the trick https://technet.microsoft.com/en-us/library/mt143544.aspx
The Remove-DscConfigurationDocument cmdlet removes a configuration document (.mof file) from the DSC configuration store. During configuration, the Start-DscConfiguration cmdlet copies a .mof file into to a folder on the target computer. This cmdlet removes that configuration document and does additional cleanup.
Solution 2
To move the 7zip installation out of scope, you can apply another configuration that does not specify 7zip. The configurations do not "roll back" so, it if was installed, it'll stay installed. If it is removed later, it will not be re-installed.
You can also go the manual route and delete the configuration document from c:\windows\system32\configuration. You'd need to remove Current.mof, backup.mof, and possibly Previous.mof.
Solution 3
Steven is correct. When I run this:
Remove-Item C:\Windows\System32\Configuration\Current.mof, C:\Windows\System32\Configuration\backup.mof, C:\Windows\System32\Configuration\Previous.mof
Now Get-DscConfiguration returns the same error as a clean machine:
Get-DscConfiguration : Current configuration does not exist. Start a DSC configuration first to create a current configuration.
That is what I was looking for. I understand that it doesn't revert the configuration. I just wanted to "undo" the configuration being applied.
Thanks!
Solution 4
A resource can only be Present(required) or Absent(not wanted) in a configuration. To rollback the config later, you need to apply a new configuration. Script resources in DSC doesn't support a Ensure-property, so to reverse a script you need to create a modified script-resource in the new configuration AFAIK.
The configuration should include a TestScript that returns false if 7zip is installed, and a SetScript that uninstalls the software. Pretty much the reverse of what you have now.
You could also modify your configurations to have the script resource download the msi file locally, then have a Package resource to actually install it(or uninstall it), with DependsOn set to the download-script. This would be a more clean approach to the configuration. The only difference beetween the install-config and uninstall-config would be Ensure = Present vs Ensure = Absent in the Package-resource that installs/uninstalls the msi.
Either way you need to apply a new configuration that would specify that the software should not be installed.
If 7zip is only required during your configuration(to execute some of the other script resources), then maybe you could do the following(untested):
configuration ExtractFolder {
Script Download7zip {
GetScript = { }
SetScript = { #downloads msi locally }
TestScript = { }
}
Package Install7zip
{
Ensure = "Present"
Path = "c:\pathToMsi\7zip.msi"
Name = "7Zip"
ProductId = "ACDDCDAF-80C6-41E6-A1B9-8ABD8A05027E" #7zip prodid
DependsOn = [Script]Download7zip
}
Script RunScript{
GetScript = { }
SetScript = { #unpack some file using 7zip }
TestScript = { }
DependsOn = [Package]Install7zip
}
Package Uninstall7zip
{
Ensure = "Absent"
Path = "c:\pathToMsi\7zip.msi"
Name = "7Zip"
ProductId = "ACDDCDAF-80C6-41E6-A1B9-8ABD8A05027E" #7zip prodid
DependsOn = [Script]RunScript
}
}
If the aprroach above works, it may require the ConfigurationMode-settings set to ApplyOnly. Monitoring and auto-apply will probably be confused by the two package resources that's doing the opposite of eachother.
Solution 5
Maybe applying an "empty" configuration might work?
Sounds as if DSC is kind of a one-way street. As soon as you apply a configuration, you have to continue using DSC to manage that server.
Setting the LCM to ApplyOnly wouldn't be the best idea, because you might want to apply something else to that machine at some point?
Admin
Updated on June 08, 2022Comments
-
Admin almost 2 years
Is it possible to remove a DSC configuration from a computer, once it has been applied?
For example, I have a
configurationblock as follows:configuration SevenZip { Script Install7Zip { GetScript = { $7ZipFolder = '{0}\7-Zip' -f $env:ProgramFiles; $Result = @{ Result = ''; } if (Test-Path -Path $7ZipFolder) { $Result.Result = 'Present'; } else { $Result.Result = 'Nonpresent'; } Write-Verbose -Message $Result.Result; $Result; } SetScript = { $7ZipUri = 'http://colocrossing.dl.sourceforge.net/project/sevenzip/7-Zip/9.20/7z920-x64.msi'; $OutputFile = '{0}\7-Zip.msi' -f $env:TEMP; Invoke-WebRequest -Uri $7ZipUri -OutFile $OutputFile; Write-Verbose -Message ('Finished downloading 7-Zip MSI file to {0}.' -f $OutputFile); $ArgumentList = '/package "{0}" /passive /norestart /l*v "{1}\Install 7-Zip 9.20 64-bit.log"' -f $OutputFile, $env:TEMP; $Process = Start-Process -FilePath msiexec.exe -ArgumentList $ArgumentList -Wait -PassThru; Write-Verbose -Message ('Process finished with exit code: {0}' -f $Process.ExitCode); Remove-Item -Path $OutputFile; Write-Verbose -Message ('Removed MSI file: {0}' -f $OutputFile); } TestScript = { $7ZipFolder = '{0}\7-Zip' -f $env:ProgramFiles; if (Test-Path -Path $7ZipFolder) { $true; } else { $false; } } } }This configuration block will generate a MOF that uses a
Scriptresource to install 7-Zip 9.20 64-bit, on the system to which it is applied, if the application is not found.Once this configuration has been applied, using the below commands, how can it be removed from the system, if 7-Zip is no longer required?
SevenZip -OutputPath c:\dsc\7-Zip; Start-DscConfiguration -Wait -Path C:\dsc\7-Zip -Verbose;