Hello,
I can’t find a way to solve my issue so I’m posting here.
I’ve installed chef12 from scratch and created some users using (replacing
by good values of source):
root@chef-server# chef-server-ctl user-create USER_NAME FIRST_NAME
LAST_NAME EMAIL PASSWORD -f USER_NAME.pem -o ORGANIZATION
root@chef-server# chef-server-ctl org-user-add ORGANIZATION USER_NAME
–admin
And then, I deleted the initial ‘pivotal’ user thinking that I did not
need it anymore using:
chef-server-ctl user-delete pivotal
But now I can’t create any more users or do any operations:
root@chef-server# chef-server-ctl user-list
ERROR: Failed to authenticate to https://127.0.0.1:443 as pivotal with key
/etc/opscode/pivotal.pem
Response: Failed to authenticate as ‘pivotal’. Ensure that your node_name
and client key are correct.
And if I try with the key I created earlier: permission error (though as
admin I thought I could do it).
Same thing with the original admin user:
root@chef-server:~# chef-server-ctl user-list -V -u admin -k
/etc/chef-server/admin.pem
INFO: Using configuration from /etc/opscode/pivotal.rb
INFO: HTTP Request Returned 403 Forbidden: error
ERROR: You authenticated successfully to https://127.0.0.1:443 as admin
but you are not authorized for this action
Any idea on how to restore this pivotal user ?
Thanks
Fanny
Your best bet is to recover from a backup or nuke and pave 
Since Pivotal is the first user, I think it’s bootstrapped by inserting directly into the database. Also it owns many things in the authorization database (separate DB) which would be very difficult to manually repair.
--
Daniel DeLeo
On Wednesday, September 16, 2015 at 3:58 PM, Fanny Strudel wrote:
Hello,
I can't find a way to solve my issue so I'm posting here.
I've installed chef12 from scratch and created some users using (replacing
by good values of source):
root@chef-server# chef-server-ctl user-create USER_NAME FIRST_NAME
LAST_NAME EMAIL PASSWORD -f USER_NAME.pem -o ORGANIZATION
root@chef-server# chef-server-ctl org-user-add ORGANIZATION USER_NAME
--admin
And then, I deleted the initial 'pivotal' user thinking that I did not
need it anymore using:
chef-server-ctl user-delete pivotal
But now I can't create any more users or do any operations:
root@chef-server# chef-server-ctl user-list
ERROR: Failed to authenticate to https://127.0.0.1:443 as pivotal with key
/etc/opscode/pivotal.pem
Response: Failed to authenticate as 'pivotal'. Ensure that your node_name
and client key are correct.
And if I try with the key I created earlier: permission error (though as
admin I thought I could do it).
Same thing with the original admin user:
root@chef-server:~# chef-server-ctl user-list -V -u admin -k
/etc/chef-server/admin.pem
INFO: Using configuration from /etc/opscode/pivotal.rb
INFO: HTTP Request Returned 403 Forbidden: error
ERROR: You authenticated successfully to https://127.0.0.1:443 as admin
but you are not authorized for this action
Any idea on how to restore this pivotal user ?
Thanks
Fanny
Not that hard to recover, actually. Someone’s done it and posted instructions: https://github.com/chef/chef-server/issues/544#issuecomment-142966484