I have a recipe to install my msi package. It is working fine when my package in my local machine.
If I given the shared folder url . it is giving me a permission error. but I have the permission as well I am able to access the folder from my file explore.
Can anyone tell how to resolve this issue .
Thanks in advance.
What’s the format of the “URL” you are passing? I believe you would need to pass a UNC path in the format:
Also beware of the security context that Chef Client runs under on your Windows system. If installed as a service it will be running as the local System account by default, meaning you may have to provide machine level permissions (i.e. MACHINENAME$) when running in a real environment.
Yes I need to pass the UNC path.
I have tried , but it is giving me a _" There is no file directory such this "_.
Yes . I have given the machine level permission.
@ramaduraiu under which account is chef running ? LocalSystem account has no right to access network shares in windows reality (windows behavior, not chef related).
@Tensibai I do not know How to check in which account the chef is running . Can you assist me .
Am able to access the shared folder in file explorer. but not through recipe.
I have attached the error screen shot . please have a look on it
We're switching to Windows administration here and I'll be guessing how chef is launched
What I suspect is that you have chef installed as a service, configured to run with LocalSystem account ([win key]+R -> services.msc -> locate the chef service and right click -> properties -> Connection
If Use LocalSystem is checked, then it's your problem, here there's two way to go:
Move to networkservice, a little long to describe here (and I'll probably miss some security warnings, so I prefer to let you search on google about it)
Use a normal account, within a domain use a domain account to avoid cross trusts between windows boxes (and anyway if you can't log on on domain account, you can't access an external share anyway, debatable for system enforcing but it will be too long here)
I would go with the 2, it gives you full control over what the chef client will have access too.
Another problem I did encounter but I'm unsure it is not fixed now is starting chef via WinRM, it needs some configuration on the node to allow replaying credentials.
So that said, if you can describe how you start the chef client run with one or two short sentences it may help narrow the advices, the error code is obviously a no access error, either a typo in the URI or a denied access.
Put a something like “whoami” (find the equivalent in windows) in your
recipe, to find the user.
Thank you @Tensibai… The issue is resolved once I have installed the Knife windows. Now its working fine.
Thank you once again.