Adam, I have ended up doing the mounts via a ruby_block and passing some service account username/password. Even though this is a share that is available to all domain users. This is a workaround for now. Maybe things will work better when I move to 11.6 I have noticed other issues with my remote sessions that I end up fixing in some weird way. For example if I try to execute ‘mklink’ from windows_batch or even from a ruby_block it fails silently. But if I go for windows_powershell then it magically works! I have to admit that there is something rotten in how our group policies are setup and in the end this might be the root cause of all sorts of problems I am having. Cheers, Flo From: Florian Hehlen Adam, Thanks for the response. I have not tried with 11.6. I am using 11.4.4 and would rather not change as I am in the final stages of getting my first cookbooks ready for prod. I am not sure what you mean with the other suggestions. I have tried to apply what I found on the following page but that does not seem to have helped: http://technet.microsoft.com/en-us/library/hh849872.aspx Cheers, Florian From: Adam Edwards [mailto:
Florian, does it work when you supply the user name and password attributes for the mount resource (requires Chef 11.6 for that)? Have you set the credssp option ( WSMan:\localhost\Service\Auth\Credssp from powershell) for winrm on the server? -Adam From: Florian Hehlen <
">
> Hi all, Has anyone used the mount provider on a windows machine successfully? I am having permissions related issues which only occur when mounting remotely. When I run chef I get the following output: Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Cloning resource attributes for mount[Z:] from prior resource (CHEF-3694) Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Previous mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:25:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Current mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:30:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Cloning resource attributes for mount[Z:] from prior resource (CHEF-3694) Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Previous mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:30:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] WARN: Current mount[Z:]: c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:39:in `from_file' Client.foo.com [2013-07-25T13:34:40+02:00] INFO: Processing mount[Z:] action umount (myCookbook::default line 25) Client.foo.com [2013-07-25T13:34:40+02:00] INFO: Processing mount[Z:] action mount (myCookbook::default line 30) Client.foo.com Client.foo.com ================================================================================ Client.foo.com Error executing action `mount` on resource 'mount[Z:]' Client.foo.com ================================================================================ Client.foo.com Client.foo.com ArgumentError Client.foo.com ------------- Client.foo.com Access is denied. Client.foo.com Client.foo.com Resource Declaration: Client.foo.com --------------------- Client.foo.com # In c:/chef/cache/cookbooks/myCookbook/recipes/default.rb Client.foo.com Client.foo.com 30: mount mountDrive do Client.foo.com 31: action :mount Client.foo.com 32: device node['app']['app']['mount'] Client.foo.com 33: end Client.foo.com 34: Client.foo.com Client.foo.com Compiled Resource: Client.foo.com ------------------ Client.foo.com # Declared in c:/chef/cache/cookbooks/myCookbook/recipes/default.rb:30:in `from_file' Client.foo.com Client.foo.com mount("Z:") do Client.foo.com action [:mount] Client.foo.com supports {:remount=>false} Client.foo.com retries 0 Client.foo.com retry_delay 2 Client.foo.com mount_point "Z:" Client.foo.com device "\\\\myhost\\share" Client.foo.com device_type :device Client.foo.com fstype "auto" Client.foo.com options ["defaults"] Client.foo.com dump 0 Client.foo.com pass 2 Client.foo.com cookbook_name "myCookbook" Client.foo.com recipe_name "default" Client.foo.com end I have debugged the issue by checking that I can do the mounts locally from the command line as well as doing a winrs remote sessions. It seems that user impersonation gets in the way in remote sessions, and that some security restrictions require that a user and password be provided again when calling net use: C:\Windows\system32>winrs -r:<myhost> cmd.exe -u:<myuser> -p:<mypassword> Microsoft Windows [Version 6.1.7600] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\bir>net use Z: \\somehost\share The password is invalid for \\somehost\share. Enter the user name for 'somehost': foo Enter the password for somehost: bar I am assuming that this is due to some miss-configuration of winrs and not a permanent restriction. All the obvious checks have been done on share permissions, folder permissions, using an account with enough permissions, etc. Does anyone have any ideas? Cheers, Flo LEGAL DISCLAIMER |
Archive powered by MHonArc 2.6.16.