Skip to content

Get-cScomParameter: Hardcoded defaults override caller-supplied values and usernames lack domain prefix #1

Open
Open
Get-cScomParameter: Hardcoded defaults override caller-supplied values and usernames lack domain prefix#1
@raandree

Description

@raandree
raandree
opened on Mar 12, 2026

Problem description

Get-cScomParameter has two related bugs in its parameter value resolution logic that cause SCOM Setup.exe to fail with exit code -15 ("InvalidCommandLine"):

  1. Hardcoded defaults override caller values: The function defines an internal $parameters hashtable with hardcoded defaults (e.g., ManagementGroupName = 'SCOM2019', DASAccountUser = 'OM19DAS'). The resolution logic only uses $PSBoundParameters when the default is empty:

    if ([string]::IsNullOrWhiteSpace($value) -and $PSBoundParameters.ContainsKey($_.Key))

    This means non-empty defaults like 'SCOM2019' or 'OM19DAS' can never be overridden by the caller. The DSC resource ScomComponent.Set() passes correct values (e.g., ManagementGroupName = 'MG1', DASAccountUser = 'SVCACC_SCOM_DA') but they are silently ignored.

  2. Service account usernames lack DOMAIN\ prefix: SCOM Setup.exe requires account usernames in DOMAIN\Username format. The PSCredential.UserName property and the hardcoded defaults both contain only the short username (e.g., OM19DAS), causing setup to reject them with Invalid DAS account user name format.

Verbose logs

[20:10:38]:   Error:   :Error:Invalid DAS account user name format specified for DAS account user OM19DAS
[20:10:38]:   Error:   :Error:DAS Account information could not be validated correctly.
[20:10:38]:   Error:   :Could not validate Data Access service account information.
[20:10:38]:   Always:  :ManagementGroupName = SCOM2019
[20:10:38]:   Always:  :DASAccount = LocalSystem: False  Account User Name: OM19DAS
[20:10:38]:   Always:  :Application Ended: InvalidCommandLine

DSC configuration

ScomComponents:
  Components:
    - Role: FirstManagementServer
      ManagementGroupName: MG1
      DASAccount: '[x={$Datum.Environment...Credentials...Users.Where({$_.UserName -eq "SVCACC_SCOM_DA"}).Password}=]'
      SqlServerInstance: VPFSQL001.pf.domain.local
      # ... other parameters

Despite ManagementGroupName: MG1 being configured, the setup command line shows SCOM2019. Despite SVCACC_SCOM_DA being the caller-supplied username, setup receives OM19DAS.

Suggested solution

Fix 1: Change the condition to always prefer $PSBoundParameters over defaults:

# Before (broken)
if ([string]::IsNullOrWhiteSpace($value) -and $PSBoundParameters.ContainsKey($_.Key))

# After (fixed)
if ($PSBoundParameters.ContainsKey($_.Key))

Fix 2: Auto-detect and prepend the NetBIOS domain name for *User parameters that lack a backslash:

if ($_.Key -match 'User$' -and $value -and $value -notmatch '\\') {
    $d = (Get-CimInstance Win32_NTDomain |
        Where-Object { $_.DnsForestName -eq (Get-CimInstance Win32_ComputerSystem).Domain }).DomainName
    if ($d) { $value = "$d\$value" }
}

Operating system the target node is running

OsName               : Microsoft Windows Server 2025 Datacenter Evaluation
OSArchitecture       : 64-bit
WindowsVersion       : 2009
WindowsBuildLabEx    : 26100.1.amd64fre.ge_release.240331-1435

PowerShell version and build the target node is running

Name                           Value
----                           -----
PSVersion                      5.1.26100.7462
PSEdition                      Desktop
BuildVersion                   10.0.26100.7462
CLRVersion                     4.0.30319.42000

cScom version

Name  Version Path
----  ------- ----
cScom 1.0.5   C:\Program Files\WindowsPowerShell\Modules\cScom\1.0.5\cScom.psd1

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions