ContainerInfo
It's common to have the configuration definted, as you see above, and also have a call to the configuration in the same file. When you run the configuration, the line . PowerStig -OutputPath "c:\someFolder" actually calls the configuration itself, which then creates the MOF file in the location specified. Since we have a node name in our configuration file, the output file is named localhost.mof. Opening the MOF file with a text editor you will see all of the rules configured. In the case above, with just two products, we have a MOF file that contains 245 rules that will be applied to any system that applies the configuration.
A PowerShell DSC composite resource is a resource that uses other PowerShell DSC resources. A composite resource is not a new resource (get/set/test) but rather a wrapper of sorts for actual DSC resources.
For example, if I have a configuration that requires a registry setting and a file, every one of my configurations would be similar to:
Configuration MyConfig
{
Registry regSection
{
xx = xx
}
File fileSection
{
yy = yy
}
}PowerStig is a utility used to generate MOF files that state how a device should be configured. To create a MOF file, you first create a configuration file, which declares the configuration of the device. For example, what registry values should be set, what ACLs are set, etc.
Once this configuration file is written, you generate a MOF file from the configuration file. The MOF file is what actually is applied to the device to configure it.
Getting Started
- You need to have PowerShell 5.1 installed, PowerStig doesn't support PowerShell 7.
- The PowerShell 5.x installation comes with PowerShell DSC (Desired State Configuration). You can see this by