Chef recipe fails using knife bootstrap but is successful using chef-client in windows target node

Question

I am using Chef-server-11.04 and the chef-client 11.12.4-1 for windows server 2012 r2.I am trying to execute Active directory powershell cmds on the windows client. The recipe execution fails when I use

knife bootstrap windows winrm 10.XX.XXX.XX -x username -P xxxxxxx -r Adpowershell

or

*knife winrm "name:example.co.in" "chef-client -r Adpowershell " -x username -P xxxxxxx

The error is Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running.

The knife command is successful for other powershell cmds other than Active directory powerwshell cmds

But the recipe executed successfully when I try it using chef-client locally on node.

I have refered various links regarding this unable to contact server. But could'nt find any solution for Windows 2012 r2 . Can anyone tell me a solution for this problem

I can't give a final answer but I suspect this is due to credential replay (aka CredSSP in windows documentation). [some documentation about it here](https://msdn.microsoft.com/en-us/library/ee309365(v=vs.85).aspx) — Tensibai, Apr 15 '15 at 07:30

score 0 · Answer 1 · answered May 08 '15 at 15:00

On your server run:

winrm quickconfig -q
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="300"}'
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow
netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow

Chef recipe fails using knife bootstrap but is successful using chef-client in windows target node

1 Answers1