|
Hi All, I’m trying to run chef-client on many nodes from my chef workstation via
knife winrm command. One of my recipes, needs to access a shared network drive. When I invoke chef-client manually within every node, there is no problem and the run ended successfully. However, when I invoke chef-client on a node from my chef workstation via knife winrm command, I get “Access is denied” error message. Narrowing the problem a little bit more I figured out that: 1)
knife winrm 143.185.0.1 -m -x 'user' -P 'password' 'dir c:\' – works. 2)
knife winrm 143.185.0.1 -m -x 'user' -P 'password' 'dir \\myserver\shares\' – doesn’t work. 3)
winrs -r:143.185.0.1 -u:user -p:password dir
\\ccdsrv01\shares - doesn’t work. 143.185.0.1 Access is denied. 4)
winrs -r:143.185.0.1 -allowDelegate
-u:user -p:password dir \\ccdsrv01\shares - works!!! The –allowDelegate flag allows winrm to delegate the credentials to multiple computers (multi hop).
(One also needs to enable CredSSP support) Is there a way to tell knife winrm to delegate credentials over multi hops? After all, knife winrm encapsulates Microsoft winrm. Is there another way to access network drive via knife winrm? (I found an emails thread called “knife winrm browsing network shares” on chef mailing lists, but there was no solution there) Thanks, Raanan. --------------------------------------------------------------------- This e-mail and any attachments may contain confidential material for |
Archive powered by MHonArc 2.6.16.