Bird
Raised Fist0
PowerShellscripting~10 mins

Configuration drift detection in PowerShell - Step-by-Step Execution

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Concept Flow - Configuration drift detection
Start: Define desired config
Get current system config
Compare desired vs current
No drift
End: Report
The script defines what the system should look like, checks the current state, compares both, and reports if there is any difference (drift).
Execution Sample
PowerShell
$desired = @{Service='wuauserv'; State='Running'}
$current = Get-Service -Name wuauserv
if ($current.Status -ne $desired.State) {
  Write-Output 'Drift detected'
} else {
  Write-Output 'No drift'
}
This script checks if the Windows Update service is running as desired and reports if there is a configuration drift.
Execution Table
StepActionVariable/ValueConditionOutput
1Define desired config$desired = @{Service='wuauserv'; State='Running'}N/AN/A
2Get current service status$current.Status = 'Stopped'N/AN/A
3Compare current.Status with desired.State'Stopped' -ne 'Running'TrueN/A
4Drift detected branchN/AN/ADrift detected
5EndN/AN/AScript ends
💡 Script ends after reporting drift because current service state differs from desired.
Variable Tracker
VariableStartAfter Step 1After Step 2After Step 3Final
$desiredundefined@{Service='wuauserv'; State='Running'}@{Service='wuauserv'; State='Running'}@{Service='wuauserv'; State='Running'}@{Service='wuauserv'; State='Running'}
$current.StatusundefinedundefinedStoppedStoppedStopped
Key Moments - 2 Insights
Why do we compare $current.Status with $desired.State instead of $current directly?
Because $current is an object with many properties, we only need to compare the specific property 'Status' to the desired 'State'. See execution_table step 3.
What happens if the service is already running?
The condition in step 3 becomes false, so the script outputs 'No drift' instead of 'Drift detected'.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, what is the value of $current.Status after step 2?
ARunning
BPaused
CStopped
DUndefined
💡 Hint
Check the 'Variable/Value' column in row with Step 2.
At which step does the script decide there is a configuration drift?
AStep 1
BStep 4
CStep 2
DStep 3
💡 Hint
Look for the row where output is 'Drift detected' in the execution_table.
If the desired state was 'Stopped' instead of 'Running', what would be the output?
ANo drift
BDrift detected
CError
DScript hangs
💡 Hint
Compare $desired.State and $current.Status values in variable_tracker.
Concept Snapshot
Configuration drift detection:
- Define desired state as a hashtable
- Get current system state
- Compare current vs desired
- If different, report drift
- Else, report no drift
Full Transcript
This script checks if a system configuration matches what we want. First, it sets the desired state for a service. Then, it gets the current state of that service. Next, it compares the current state to the desired state. If they differ, it prints 'Drift detected'. If they match, it prints 'No drift'. This helps keep systems consistent by spotting changes that shouldn't happen.

Practice

(1/5)
1. What is the main purpose of configuration drift detection in PowerShell?
easy
A. To delete temporary files from the system
B. To find unexpected changes in system settings
C. To create new user accounts on a system
D. To install new software updates automatically

Solution

  1. Step 1: Understand configuration drift detection

    Configuration drift detection is about identifying changes that were not planned or expected in system settings.

  2. Step 2: Match the purpose with options

    Among the options, only finding unexpected changes matches the purpose of configuration drift detection.

  3. Final Answer:

    To find unexpected changes in system settings -> Option B

  4. Quick Check:

    Configuration drift detection = find unexpected changes [OK]
Hint: Remember: drift means unexpected changes [OK]
Common Mistakes:
  • Confusing drift detection with software installation
  • Thinking it manages user accounts
  • Assuming it cleans files automatically
2. Which PowerShell command is used to compare baseline and current configurations for drift detection?
easy
A. Compare-Object
B. Get-Content
C. Set-Item
D. New-Item

Solution

  1. Step 1: Identify the command for comparing objects

    PowerShell's Compare-Object command compares two sets of data, perfect for detecting differences.

  2. Step 2: Eliminate unrelated commands

    Get-Content reads files, Set-Item changes values, New-Item creates items. None compare data sets.

  3. Final Answer:

    Compare-Object -> Option A

  4. Quick Check:

    Compare-Object compares configurations [OK]
Hint: Use Compare-Object to spot differences fast [OK]
Common Mistakes:
  • Using Get-Content instead of Compare-Object
  • Confusing Set-Item with comparison
  • Trying New-Item to detect drift
3. Given these two arrays in PowerShell:
$baseline = @('Setting1', 'Setting2', 'Setting3')
$current = @('Setting1', 'Setting2', 'Setting4')

What will be the output of Compare-Object $baseline $current?
medium
A. Setting1 and Setting2 are different
B. No differences found
C. Setting3 is in baseline only; Setting4 is in current only
D. Error: Cannot compare arrays

Solution

  1. Step 1: Compare the two arrays

    Baseline has Setting3; current has Setting4 instead. Setting1 and Setting2 are common.

  2. Step 2: Understand Compare-Object output

    It shows items only in one array with a side indicator. So Setting3 appears only in baseline, Setting4 only in current.

  3. Final Answer:

    Setting3 is in baseline only; Setting4 is in current only -> Option C

  4. Quick Check:

    Compare-Object shows differences = Setting3 is in baseline only; Setting4 is in current only [OK]
Hint: Look for items unique to each list [OK]
Common Mistakes:
  • Assuming no differences when there are
  • Thinking common items show as differences
  • Expecting an error from Compare-Object
4. You run this PowerShell command to detect drift:
Compare-Object $baseline $current -Property Name

But you get an error saying property 'Name' does not exist. What is the likely cause?
medium
A. The objects in $baseline and $current do not have a 'Name' property
B. Compare-Object cannot compare properties
C. You must use -IncludeEqual to avoid errors
D. The arrays are empty

Solution

  1. Step 1: Understand the -Property parameter

    -Property expects objects with that property to compare by it.

  2. Step 2: Check the data type of arrays

    If arrays contain strings, they have no 'Name' property, causing the error.

  3. Final Answer:

    The objects in $baseline and $current do not have a 'Name' property -> Option A

  4. Quick Check:

    Property error means missing property in objects [OK]
Hint: Check object properties before using -Property [OK]
Common Mistakes:
  • Thinking Compare-Object can't compare properties
  • Believing -IncludeEqual fixes property errors
  • Assuming empty arrays cause this error
5. You want to detect configuration drift by comparing two JSON files representing system settings. Which PowerShell approach correctly detects drift?
hard
A. Import both JSON files with Get-Content and compare strings directly
B. Use Get-Content with -Raw and compare with -eq operator
C. Manually open files and visually check for differences
D. Use ConvertFrom-Json on both files, then Compare-Object on resulting objects

Solution

  1. Step 1: Understand JSON comparison needs

    Comparing JSON as strings can fail due to formatting differences; converting to objects is better.

  2. Step 2: Use ConvertFrom-Json and Compare-Object

    ConvertFrom-Json parses JSON into objects; Compare-Object can then detect differences in properties.

  3. Final Answer:

    Use ConvertFrom-Json on both files, then Compare-Object on resulting objects -> Option D

  4. Quick Check:

    Convert JSON to objects before comparing [OK]
Hint: Parse JSON to objects before comparing [OK]
Common Mistakes:
  • Comparing raw JSON strings directly
  • Using -eq operator for complex objects
  • Relying on manual visual checks