By default the ArcGIS Module will use WinRM HTTP, port 5985, to make remote connections to the target nodes. However, starting with ArcGIS Module v3.3.0 and above, it is possible to use WinRM HTTPS, port 5986 instead of WinRM HTTP. The purpose or advantage of using WinRM HTTPS over WinRM HTTP, is WinRM HTTPS encrypts the data being sent across the wire.

Prerequisites

• ArcGIS Module v3.3.0 and above.
• WinRM HTTPS must be enabled on the orchestrating node (the machine where Invoke-ArcGISConfiguration command is executed from), and all target nodes within the deployment.
  • For more details on how to enable WinRM HTTPS please refer to Microsoft's guide How to configure WinRM for HTTPS.
• The -Credential and -UseSSL arguments are required. For the -Credential argument, use a universal account that has access the orchestrating node, and the all target nodes within the deployment.

  Note: If using a local account for the -Credential, the username and password must be the same on all the nodes.

• In some situations, You might need to add certain remote computers to the client configuration TrustedHosts. For example, You should set up a trusted hosts list when mutual authentication can't be established. Kerberos allows mutual authentication, but it can't be used in workgroups—only domains. A best practice when setting up trusted hosts for a workgroup is to make the list as restricted as possible.

Prepare your deployment

Before you run the Invoke-ArcGISConfiguration command to start the module in PowerShell DSC, you’ll need to obtain ArcGIS Enterprise Setups, Authorization files, and SSL Certificates, and add them to your target nodes in the deployment.

Note: We recommend using Windows Management Framework 5.x for the best experience.

Log in to the machine(s) on which you'll be installing. You should have administrative authority on the machine.

Use one of the following options to download the ArcGIS Module:

Option 1: Prepare your deployment using GitHub

1. Clone this repository to your orchestrating node and all target nodes.
2. Add the "ArcGIS" module folder to your PsModulePath, or copy the module into the default PowerShell Modules folder (For example, C:\Program Files\WindowsPowerShell\Modules) to your orchestrating node and all target nodes.
3. Optionally use the Install-Preqs.ps1 script to push the module from your orchestrating node to all the target nodes.

Option 2: Prepare your deployment using the PowerShell Gallery

1. Launch PowerShell, as an Administrator, use the command Install-Module arcgis to install the latest ArcGIS module from the PowerShell Gallery.
2. Download the SampleConfigs files from the GitHub repository.

Edit the configuration file

1. Open the BaseDeployment-SingleMachine.json file from the SampleConfigs folder on your orchestrating machine.
2. Replace the placeholder variables in brackets with your deployment properties and parameters. Refer to the Variables reference page for a full list.

Install your deployment

In PowerShell DSC, run the Invoke-ArcGISConfiguration cmdlet and provide the path to the configuration file as an input parameter. The -UseSSL and -Credential are required arguments.

Invoke-ArcGISConfiguration -ConfigurationParametersFile [Path to Configuration JSON File](/Esri/arcgis-powershell-dsc/wiki/Path-to-Configuration-JSON-File) -Mode [Install | InstallLicense | InstallLicenseConfigure | Uninstall | Upgrade] -UseSSL -Credential [Config RunAs] -DebugSwitch

or

Invoke-ArcGISConfiguration -ConfigurationParametersFile C:\SampleConfigs\BaseDeployment-SingleMachine.json -Mode InstallLicenseConfigure -UseSSL -Credential username