Trying to run execute and batch as specified user on Windows with Chef

967 Views Asked by At

I am using Chef resource Execute on Windows. When I set the user attribute of the resource, I get this error:

Mixlib::ShellOut::InvalidCommandOption
--------------------------------------
You must supply both a username and password when supplying a user in windows

That makes sense, but there is not a password attribute. I've tried all sorts of made up ways, but haven't figured out how to pass one in. For this situation, a clear text password is not an issue. Perhaps passing in a password is not actually a feature? Looking here (https://github.com/opscode/mixlib-shellout/blob/master/lib/mixlib/shellout/windows.rb), it seems the option of a password is expected.

I tried using the Batch resource instead. The command runs fine until I set the user attribute. I receive the following error:

NoMethodError
-------------
undefined method `uid' for nil:NilClass

I don't know if these are supposed to work and I'm doing something incorrectly or if they don't work and I need a possible workaround. Any help is appreciated! Thanks!

1

There are 1 best solutions below

1
On

That does appear to be the case. The best resource for Windows+Chef questions is generally the Chef mailing list as several of the major Windows-using folks are active on there. As a workaround, you can easily subclass both the resource and provider to allow passing in password:

class Chef
  class Resource::WindowsExecute < Resource::Execute
    def initialize(name, run_context=nil)
      super
      @resource_name = :windows_execute
    end

    def password(arg=nil)
      set_or_return(:password, arg, :kind_of => String)
    end
  end

  class Provider::WindowsExecute < Provider::Execute
    def shell_out!(cmd, opts)
      opts[:password] = new_resource.password if new_resource.password
      super
    end
  end
end

The above code is entirely untested, but you can try dropping it into libraries/windows_execute.rb and using a windows_execute resource with a password attribute. I would recommend reading over https://coderanger.net/chef-secrets/ for more info on how to store and manage this password.