- From: o haya <
>
- To:
- Cc:
- Subject: [chef] Getting "Access denied" when use mount in recipe and run chef-client remotely via winrm
- Date: Wed, 1 Jul 2015 19:54:03 -0700
Hi,
I have been implementing some recipes/cookbooks for deploying and configuring
Sharepoint and Exchange onto our Windows servers. These servers would be
domain mmembers.
I was originally testing by logging into one of the Windows server and then
running "chef-client -o myCookbook" and was finally able to get them working
this past week.
Both sets of recipes expect the respective installation files to be shared
out from the domain controller and the recipes do a "mount" to "Z:" drive,
and then the recipes do "cd z:\" and then execute the appropriate .exe inside
a powershell_script resource.
As I said, I got these recipes working this week, but in the real world, we
would want to trigger the cookbook/recipe execution remotely using like
"knife winrm", so I started testing the recipes using "knife winrm" this
weekend, and, in both cases, I ran into similar problems with both sets of
recipes.
The first problem was that the "mount" would fail with "access denied", so
I've since tried (a) pre-creating the mapped drive outside of Chef and also
(b) physically copying the entire directories of installation software to the
local C: drive and running the installations off of the local files.
Unfortunately, neither (a) nor (b) approach worked either. These failures
occur at different points of the installation, but my impression is that all
the failures are coming down to some kind of access denied or violation.
So, I've spent most of this weekend testing and researching, which lead me to
find some older threads and information on things like credssp an "2-hop"
that seem to indicate that these problems have been around for awhile, so I
was wondering if there's some mechanism or configuration that should fix he
problem nowadays?
Also, I should mention that I'm tried setting the WinRM CredSSP to "true" on
both the server side and on my client (Chef workstation) side, but that
hasn't made any difference.
Can anyone here tell me how I can get these cookbooks/recipes to work using
"knife winrm"?
Thanks,
Jim
- [chef] Getting "Access denied" when use mount in recipe and run chef-client remotely via winrm, o haya, 07/01/2015
Archive powered by MHonArc 2.6.16.