Script: Getting, install, or update some default DSC Resources I want to have available

I want to transfer more and more logic away from Group Policies towards Windows PowerShell Desired State Configuration (DSC). There are several reasons why i think that DSC is much better than my old (and complex) group policy constructs, but the main reason (at least for me): I can manage DSC clients that are domain joined, not domain joined, or even Azure Active Directory domain joined the same way.

This is also something I use for Edge servers (like Skype or Exchange); they are not domain joined. And if you have more than one that should do exactly the same, this is where DSC could become a life saver and make your life very easy.

I play around with several DSC Push and Pull server instances, but I wanted to have the same set of DSC resources available on all of them. At least until I know which to keep to reduce my own logic.

I use the DSC Script Resource a lot. I do a lot of checks and implemented a lot of logic and flexibility within a lot of Script Resources. However, this is the wrong way to use DSC! At least, in my opinion!

There are some very cool ready to use DSC resources available, and this reduces the script resource usage (or what I did: abuse). Why should I keep my own logic when someone else created nearly the same as a central and maintained DSC resource? I know: I’m lazy!

So I created myself the following initial script:

#requires -Version 2.0 -Modules PowerShellGet -RunAsAdministrator

<#
        .SYNOPSIS
      Install some DSC Resources

        .DESCRIPTION
      Getting, install, or update DSC Resources I want to have.
      It could be used to install every Module from the Gallery.
      However, this is something I do with DSC afterwards!

        .EXAMPLE
      PS C:\> .\invoke-GetDSCResources.ps1

        .EXAMPLE
      PS C:\> .\invoke-GetDSCResources.ps1 -verbose
      VERBOSE: Populating RepositorySourceLocation property for module PSDscResources.
      VERBOSE: Try to update PSDscResources
      VERBOSE: Updated PSDscResources

        .NOTES
      Small script I created for myself.
      I have to prepare DSC systems from time to time, and I want to have the same set of DSC resources on all of them.
      Mainly because I'm lazy, but I'm an old-school Unix guy: Never type something more than two times: AUTOMATE.

      I install the resources system wide!
      That is why we have the Elevated Shell requirement (#Requires -RunAsAdministrator).
      If you want to use it just for the current user, change the Scope in $paramInstallModule from 'AllUsers' to 'CurrentUser'.

      TODO: Pester Test is missing
      DONE: Make it more robust

      Disclaimer: The code is provided 'as is,' with all possible faults, defects or errors, and without warranty of any kind.

      Author: Joerg Hochwald

      License: http://unlicense.org

        .LINK
      Author http://jhochwald.com

        .Link
      License http://unlicense.org
#>
[CmdletBinding()]
param ()

begin
{
	# Define some defaults
	$STP = 'Stop'
	$SC = 'SilentlyContinue'

	# Suppressing the PowerShell Progress Bar
	$script:ProgressPreference = $SC

	# Create a list of the DSC Resources I want
	$NewDSCModules = @(
		'PSDscResources',
		'xNetworking',
		'xPSDesiredStateConfiguration',
		'xWebAdministration',
		'xCertificate',
		'xComputerManagement',
		'xActiveDirectory',
		'SystemLocaleDsc',
		'xRemoteDesktopAdmin',
		'xPendingReboot',
		'xSmbShare',
		'xWindowsUpdate',
		'xDscDiagnostics',
		'xCredSSP',
		'xDnsServer',
		'xWinEventLog',
		'xDhcpServer',
		'xHyper-V',
		'xStorage',
		'xWebDeploy'
		'xRemoteDesktopSessionHost',
		'xDismFeature',
		'xSystemSecurity',
		'WebAdministrationDsc',
		'OfficeOnlineServerDsc',
		'AuditPolicyDsc',
		'xDFS',
		'SecurityPolicyDsc',
		'xReleaseManagement',
		'xExchange',
		'xDefender',
		'xWindowsEventForwarding',
		'cHyper-V'
	)
}

process
{
	foreach ($NewDSCModule in $NewDSCModules)
	{
		# Cleanup
		$ModuleIsAvailable = $null

		# Check: Do I have the resource?
		$paramGetModule = @{
			ListAvailable = $true
			Name			  = $NewDSCModule
			ErrorAction   = $SC
			WarningAction = $SC
		}
		$ModuleIsAvailable = (Get-Module @paramGetModule)

		if (-not ($ModuleIsAvailable))
		{
			# Nope: Install the resource
			try
			{
				Write-Verbose -Message "Try to install $NewDSCModule"

				$paramInstallModule = @{
					Name			  = $NewDSCModule
					Scope		     = AllUsers
					Force		     = $true
					ErrorAction   = $STP
					WarningAction = $SC
				}
				$null = (Install-Module @paramInstallModule)

				Write-Verbose -Message "Installed $NewDSCModule"
			}
			catch
			{
				# Whoopsie
				$paramWriteWarning = @{
					Message = "Sorry, unable to install $NewDSCModule"
					ErrorAction = $SC
				}
				Write-Warning @paramWriteWarning
			}
		}
		else
		{
			try
			{
				Write-Verbose -Message "Try to update $NewDSCModule"

				# TODO: Implement the check from invoke-ModuleUpdates.ps1 to prevent the unneeded update tries.
				$paramUpdateModule = @{
					Name			  = $NewDSCModule
					Confirm		  = $false
					ErrorAction   = $STP
					WarningAction = $SC
				}
				$null = (Update-Module @paramUpdateModule)

				Write-Verbose -Message "Updated $NewDSCModule"
			}
			catch
			{
				# Whoopsie
				$paramWriteWarning = @{
					Message = "Sorry, unable to update $NewDSCModule"
					ErrorAction = $SC
				}
				Write-Warning @paramWriteWarning
			}
		}
	}
}

end
{
	# No longer suppressing the PowerShell Progress Bar
	$script:ProgressPreference = 'Continue'
}

You could use the same logic to install nearly all modules from the Gallery (or any another valid PowerShellGet Source).

This is something I do via DSC later and based upon the group that the DSC client belongs to; this could be a long list, or even a very short one.

Disclaimer: The code is provided ‘as is,' with all possible faults, defects or errors, and without warranty of any kind.