Adam,
Thanks for the response.
I have not tried with 11.6. I am using 11.4.4 and would rather not change as I am in the final stages of getting my first cookbooks ready for prod.
I am not sure what you mean with the other suggestions. I have tried to apply what I found on the following page but that does not seem to have helped: http://technet.microsoft.com/en-us/library/hh849872.aspx
Cheers, Florian
From: Adam Edwards [mailto:
Florian, does it work when you supply the user name and password attributes for the mount resource (requires Chef 11.6 for that)?
Have you set the credssp option ( WSMan:\localhost\Service\Auth\Credssp from powershell) for winrm on the server?
-Adam
From:
Florian Hehlen <
">
>
Hi all,
Has anyone used the mount provider on a windows machine successfully? I am having permissions related issues which only occur when mounting remotely.
When I run chef I get the following output:
Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Cloning resource attributes for mount[Z:] from prior resource (CHEF-3694) Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Previous mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:25:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Current mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:30:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Cloning resource attributes for mount[Z:] from prior resource (CHEF-3694) Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Previous mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:30:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Current mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:39:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] INFO: Processing mount[Z:] action umount (myCookbook::default line 25) Client.foo.com [2013-07-25T13:34:40+02:00] INFO: Processing mount[Z:] action mount (myCookbook::default line 30) Client.foo.com Client.foo.com ================================================================================ Client.foo.com Error executing action `mount` on resource 'mount[Z:]' Client.foo.com ================================================================================ Client.foo.com Client.foo.com ArgumentError Client.foo.com ------------- Client.foo.com Access is denied. Client.foo.com Client.foo.com Resource Declaration: Client.foo.com --------------------- Client.foo.com # In c:/chef/cache/cookbooks/myCookbook/recipes/default.rb Client.foo.com Client.foo.com 30: mount mountDrive do Client.foo.com 31: action :mount Client.foo.com 32: device node['app']['app']['mount'] Client.foo.com 33: end Client.foo.com 34: Client.foo.com Client.foo.com Compiled Resource: Client.foo.com ------------------ Client.foo.com # Declared in c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:30:in `from_file' Client.foo.com Client.foo.com mount("Z:") do Client.foo.com action [:mount] Client.foo.com supports {:remount=>false} Client.foo.com retries 0 Client.foo.com retry_delay 2 Client.foo.com mount_point "Z:" Client.foo.com device "\\\\myhost\\share" Client.foo.com device_type :device Client.foo.com fstype "auto" Client.foo.com options ["defaults"] Client.foo.com dump 0 Client.foo.com pass 2 Client.foo.com cookbook_name "myCookbook" Client.foo.com recipe_name "default" Client.foo.com end
I have debugged the issue by checking that I can do the mounts locally from the command line as well as doing a winrs remote sessions. It seems that user impersonation gets in the way in remote sessions, and that some security restrictions require that a user and password be provided again when calling net use:
C:\Windows\system32>winrs -r:<myhost> cmd.exe -u:<myuser> -p:<mypassword> Microsoft Windows [Version 6.1.7600] Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\bir>net use Z: \\somehost\share The password is invalid for \\somehost\share.
Enter the user name for 'somehost': foo Enter the password for somehost: bar
I am assuming that this is due to some miss-configuration of winrs and not a permanent restriction. All the obvious checks have been done on share permissions, folder permissions, using an account with enough permissions, etc. Does anyone have any ideas?
Cheers, Flo
LEGAL DISCLAIMER LEGAL DISCLAIMER
This communication and any attached documents are strictly confidential and/or legally privileged and they may not be used or disclosed by someone who is not a named recipient. If you have received this electronic communication in error please notify the sender by replying to this electronic communication inserting the word "misdirected" as the subject and delete this communication from your system. |
Archive powered by MHonArc 2.6.16.