chef - [chef] RE: Re: RE: Re: Chef User resource Password attribute

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] RE: Re: RE: Re: Chef User resource Password attribute

From: Kapil Shardha < >
To: " " < >
Subject: [chef] RE: Re: RE: Re: Chef User resource Password attribute
Date: Mon, 31 Mar 2014 18:14:52 +0000
Accept-language: en-US

Thanks Daniel! My goal is to use password that I have set in the encrypted
data bag. Is there a way around it to achieve this goal?

-Kapil

-----Original Message-----
From: Daniel DeLeo
[mailto:
On Behalf Of Daniel DeLeo
Sent: Monday, March 31, 2014 2:09 PM
To:

Subject: [chef] Re: RE: Re: Chef User resource Password attribute

This is a compile time/converge time issue. The value of `password
"#{node['temp_pass']}”` is set when the recipes are compiled, and then your
ruby block is setting/changing the value of `node['temp_pass’]` after that,
which will have no effect.

--
Daniel DeLeo

On Monday, March 31, 2014 at 11:05 AM, Kapil Shardha wrote:

> Kenneth,
>
> I am setting the attribute in the same recipe but in an earlier ruby_block.
> The printLocalAdminPass ruby_block prints the right password :
>
> ruby_block "getLocalAdminPass" do
> block do
> secret = Chef::EncryptedDataBagItem.load_secret(secret_file_path)
> app_local_admin_pass =
> Chef::EncryptedDataBagItem.load(node['databag_name'],
> "app_local_admin_pass", secret) node.default['temp_app_pass'] =
> app_local_admin_pass["pass"] end end
>
> ruby_block "printLocalAdminPass" do
> block do
> pass = node['temp_app_pass']
> puts "------> Local Admin password is : " + pass
>
> end
> end
>
>
> When I manually (in GUI) try to create a user with the same password
> (“Password#1”) that is set in the above ruby_block, it works fine. I tried
> removing quotes around it but it does not work.
>
>
> Thanks
>
> -Kapil
>
>
>
> From: Kenneth Barry
> [mailto:
> Sent: Monday, March 31, 2014 1:58 PM
> To:
>
>
> (mailto: )
> Subject: [chef] Re: Chef User resource Password attribute
>
> This might seem like a stupid question, but
> 1) are you setting that attribute some toher palce?
>
> 2) are you trying to set it to a password which would meet the password
> requirements as the warning would give reason to believe it is not?
>
> 3) Have you trying doing things just as you have them now but removing the
> quotes around the password attribute call?
>
>
> On Mon, Mar 31, 2014 at 10:39 AM, Kapil Shardha
> <
>
> (mailto: )>
>  wrote:
> > I am trying to use Chef User resource to create a user on Windows
> > platform. The password attribute is set like following:
> >
> > user "TestUser" do
> > password "#{node['temp_pass']}"
> > action :create
> > end
> >
> > where the ‘node[temp_pass]’ attribute is being set in a prior ruby_block
> > resource. I get following error :
> >
> > Compiled Resource:
> > ------------------
> > # Declared in
> > c:/chef/cache/cookbooks/UserCookbook/recipes/user_creation.rb:86:
> > in `from_file'
> >
> > user("TestUser") do
> > action [:create]
> > supports {:manage_home=>false, :non_unique=>false} retries 0
> > retry_delay 2 username "TestUser"
> > cookbook_name " UserCookbook"
> > recipe_name " user_creation"
> >
> > “ArgumentError: The password does not meet the password policy
> > requirements.Check the minimum password length, password complexity and
> > password history requirements”.
> >
> > I think the node attribute is not being resolved within the user
> > resource. I wanted to confirm if the password attribute can be set to
> > accept password string from a node attribute. Any idea?
> >
> > Thanks
> >
> > -Kapil
> >
> >
> >
> >
> > This email and any accompanying documents may contain privileged or
> > otherwise confidential information of, and/or is the property of
> > Education Management Solutions, Inc. If you are not the intended
> > recipient, please immediately advise the sender by reply email & delete
> > the message & any attachments without using, copying or disclosing the
> > contents. Thank you.
>
>
>
>
>
> This email and any accompanying documents may contain privileged or
> otherwise confidential information of, and/or is the property of Education
> Management Solutions, Inc. If you are not the intended recipient, please
> immediately advise the sender by reply email & delete the message & any
> attachments without using, copying or disclosing the contents. Thank you.

________________________________

This email and any accompanying documents may contain privileged or otherwise
confidential information of, and/or is the property of Education Management
Solutions, Inc. If you are not the intended recipient, please immediately
advise the sender by reply email & delete the message & any attachments
without using, copying or disclosing the contents. Thank you.

[chef] Chef User resource Password attribute, Kapil Shardha, 03/31/2014
- [chef] Re: Chef User resource Password attribute, Kenneth Barry, 03/31/2014
  - [chef] RE: Re: Chef User resource Password attribute, Kapil Shardha, 03/31/2014
    - [chef] Re: RE: Re: Chef User resource Password attribute, Daniel DeLeo, 03/31/2014
      - [chef] RE: Re: RE: Re: Chef User resource Password attribute, Kapil Shardha, 03/31/2014
        
        [chef] RE: RE: Re: RE: Re: Chef User resource Password attribute, Kapil Shardha, 03/31/2014
        
        [chef] Re: RE: Re: RE: Re: Chef User resource Password attribute, Daniel DeLeo, 03/31/2014
        
        [chef] RE: Re: RE: Re: RE: Re: Chef User resource Password attribute, Kapil Shardha, 03/31/2014