Re: [Puppet Users] Puppet windows File permissions
On Thu, Mar 1, 2012 at 9:47 AM, Josh Cooper j...@puppetlabs.com wrote: Hi Marco, On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, thank you for reply, On 29-02-2012 19:12, Josh Cooper wrote: Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.com wrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators AliasS-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAliasS-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level LabelS-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Yeah, I'm using a Windows 7 32 bits box, and it's works fine... in the other hand, I've testing on Windows 2008 R2 64 bits server, I checked on the path tha you said, and your right, the file is changed on c:\windows\SysWOW64\inetsrv\config\applicationHost.config, but IIS uses the file on c:\windows\system32\inetsrv\config\applicationHost.config C:\Windows\SysWOW64\inetsrv\Configdir applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of C:\Windows\SysWOW64\inetsrv\Config 03/01/2012 06:01 AM82,384 applicationHost.config 1 File(s) 82,384 bytes 0 Dir(s) 6,910,136,320 bytes free C:\Windows\SysWOW64\inetsrv\Configdir c:\Windows\System32\inetsrv\config\applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of c:\Windows\System32\inetsrv\config 02/29/2012 11:01 AM82,122 applicationHost.config 1 File(s) 82,122 bytes 0 Dir(s) 6,910,136,320 bytes free How can I tell ruby that don't uses c:\windows\SysWOW64\inetsrv\config path? Is this posible?... You can disable file system redirection using the special 'sysnative' alias: C:\Windows\Sysnative\inetsrv\config\applicationHost.config. But acccording to MS this is not available on 2003[1], which is odd, because then 32-bit processes in 64-bit 2003 can't disable file system redirection on a per-file basis. While working on reboot support, we discovered that there is a hotfix to address this problem on 2003: http://support.microsoft.com/kb/942589 There are APIs for disabling file system redirection for the entire process, but that would probably break 32-bit ruby.exe Perhaps the best option is to create a symlink to the IIS configuration directory[2]. However, 2003 doesn't support symlinks, so again I'm not sure how to do this on 64-bit 2003. Also puppet cannot currently manage symlinks on Windows, so you'd have to use an exec resource to do that. I'll add a note to our troubleshooting guide about 32vs64bit. I'd be curious to
Re: [Puppet Users] Puppet windows File permissions
Hi Marco, On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, thank you for reply, On 29-02-2012 19:12, Josh Cooper wrote: Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators AliasS-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAliasS-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level LabelS-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Yeah, I'm using a Windows 7 32 bits box, and it's works fine... in the other hand, I've testing on Windows 2008 R2 64 bits server, I checked on the path tha you said, and your right, the file is changed on c:\windows\SysWOW64\inetsrv\config\applicationHost.config, but IIS uses the file on c:\windows\system32\inetsrv\config\applicationHost.config C:\Windows\SysWOW64\inetsrv\Configdir applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of C:\Windows\SysWOW64\inetsrv\Config 03/01/2012 06:01 AM82,384 applicationHost.config 1 File(s) 82,384 bytes 0 Dir(s) 6,910,136,320 bytes free C:\Windows\SysWOW64\inetsrv\Configdir c:\Windows\System32\inetsrv\config\applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of c:\Windows\System32\inetsrv\config 02/29/2012 11:01 AM82,122 applicationHost.config 1 File(s) 82,122 bytes 0 Dir(s) 6,910,136,320 bytes free How can I tell ruby that don't uses c:\windows\SysWOW64\inetsrv\config path? Is this posible?... You can disable file system redirection using the special 'sysnative' alias: C:\Windows\Sysnative\inetsrv\config\applicationHost.config. But acccording to MS this is not available on 2003[1], which is odd, because then 32-bit processes in 64-bit 2003 can't disable file system redirection on a per-file basis. There are APIs for disabling file system redirection for the entire process, but that would probably break 32-bit ruby.exe Perhaps the best option is to create a symlink to the IIS configuration directory[2]. However, 2003 doesn't support symlinks, so again I'm not sure how to do this on 64-bit 2003. Also puppet cannot currently manage symlinks on Windows, so you'd have to use an exec resource to do that. I'll add a note to our troubleshooting guide about 32vs64bit. I'd be curious to hear about which approach you end up taking. Josh http://msdn.microsoft.com/en-us/library/aa384187(v=vs.85).aspx
Re: [Puppet Users] Puppet windows File permissions
Hi Josh, Looking in the web, I found the solution that you mentioned, c:\windows\Sysnative, and works perfect to me! thank you for your help C:\Users\Administratorpuppet agent --test notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for cscltest01.office.com info: Applying configuration version '1330601351' notice: /Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content: info: FileBucket adding {md5}e32032ed7a6f5cce9895058575ff1997 info: /Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]: Filebucketed C:/Windows/Sysnative/inetsrv/config/applicationHost.config to puppet with sum e32032ed7a6f5cce9895058575ff1997 notice: /Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content: content changed '{md5}e32032ed7a6f5cce9895058575ff1997' to '{md5}a3680ad2f20f19e8c2593feccd0dc5f6' notice: Finished catalog run in 0.30 seconds notice: /File[C:/ProgramData/PuppetLabs/puppet/var/state/last_run_summary.yaml]/content: Best Regards On 01-03-2012 14:47, Josh Cooper wrote: Hi Marco, On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D. marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote: Hi Josh, thank you for reply, On 29-02-2012 19:12, Josh Cooper wrote: Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAlias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level Label S-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Yeah, I'm using a Windows 7 32 bits box, and it's works fine... in the other hand, I've testing on Windows 2008 R2 64 bits server, I checked on the path tha you said, and your right, the file is changed on c:\windows\SysWOW64\inetsrv\config\applicationHost.config, but IIS uses the file on c:\windows\system32\inetsrv\config\applicationHost.config C:\Windows\SysWOW64\inetsrv\Configdir applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of C:\Windows\SysWOW64\inetsrv\Config 03/01/2012 06:01 AM82,384
Re: [Puppet Users] Puppet windows File permissions
Hi Josh, by the way, this is the link that I found to solve my trouble, works perfect on Windows 2008 R2 64 bits. http://www.ghisler.ch/wiki/index.php/On_64-bit_Windows_versions,_some_files_and_folders_shown_by_Windows_Explorer_are_not_shown_by_Total_Commander!#Affected_files_and_folders Regards...! On 01-03-2012 14:57, Marco Parra D. wrote: Hi Josh, Looking in the web, I found the solution that you mentioned, c:\windows\Sysnative, and works perfect to me! thank you for your help C:\Users\Administratorpuppet agent --test notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for cscltest01.office.com info: Applying configuration version '1330601351' notice: /Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content: info: FileBucket adding {md5}e32032ed7a6f5cce9895058575ff1997 info: /Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]: Filebucketed C:/Windows/Sysnative/inetsrv/config/applicationHost.config to puppet with sum e32032ed7a6f5cce9895058575ff1997 notice: /Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content: content changed '{md5}e32032ed7a6f5cce9895058575ff1997' to '{md5}a3680ad2f20f19e8c2593feccd0dc5f6' notice: Finished catalog run in 0.30 seconds notice: /File[C:/ProgramData/PuppetLabs/puppet/var/state/last_run_summary.yaml]/content: Best Regards On 01-03-2012 14:47, Josh Cooper wrote: Hi Marco, On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D. marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote: Hi Josh, thank you for reply, On 29-02-2012 19:12, Josh Cooper wrote: Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAlias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level Label S-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Yeah, I'm using a Windows 7 32 bits box, and it's works fine... in the other hand, I've testing on Windows 2008 R2 64 bits server, I checked on the path tha you said, and your right, the file is changed on
Re: [Puppet Users] Puppet windows File permissions
Hi Marco, On Wed, Feb 29, 2012 at 5:46 AM, mparrad marco.parr...@gmail.com wrote: Hi Guys, I'm recently start working with puppet and mostly puppet for windows, On linux works perfect, but on windows works fine!, but I got a issue working on c:\windows\system32\inetsrv\config folder, I need modify the file applicationHost.config using puppet, to keep centralized the config for IIS, but when I run the puppet agent for windows the behavior it's real weird, The execution finish without errors, also said the file was updated, or created, but when I take a look to the file, it's remain without changes. I'm working with puppet master 2.7.1 on CentOS 5.7 server, and puppet for windows 2.7.1 on Windows 2008 R2 server... Are you running puppet agent from cmd.exe? or as a service? If the former, can you run: whoami /groups I tried changing the permissions to the folder, I put read/write permission, I put Full control, I take ownership, but nothing, when I run the puppet agent I got the next: On puppet master i wrote this init.pp for a module called iisconfig: class iisconfig() { file { 'C:\Windows\System32\drivers\etc\hosts': ensure = present, content = template(/etc/puppet/modules/iisconfig/files/hosts), } file { 'C:\Windows\System32\inetsrv\config\applicationHost.config': ensure = 'present', content = template('/etc/puppet/modules/iisconfig/files/applicationHost.config'), } Can you try changing content = 'some literal string'? I'm curious if this is a templating issue. file { c:/temp/test.txt: ensure = 'file', mode = '660', owner = 'Administrator', group = 'Administrators', content = template('/etc/puppet/modules/iisconfig/files/applicationHost.config'), } } This is the execution C:\temppuppet agent --test notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for test01.office.com info: Applying configuration version '1330497348' notice: /Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content: info: FileBucket adding {md5}f6b9e9fce03e4bbd9952814d55353857 info: /Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]: Filebucketed C:/Windows/System32/drivers/etc/hosts to puppet sum f6b9e9fce03e4bbd9952814d55353857 notice: /Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content: content changed '{md5}f6b9e9fce03e4bbd9952814d55353 to '{md5}32aca7ae45f022642e2f5b0156dcb3ca' notice: /Stage[main]/Iisconfig/File[c:/temp/test.txt]/content: info: FileBucket adding {md5}b3589a284c00ce9a67dd42ccaf15e46d info: /Stage[main]/Iisconfig/File[c:/temp/test.txt]: Filebucketed c:/temp/test.txt to puppet with sum b3589a284c00ce9a67dd42ccaf15e46d notice: /Stage[main]/Iisconfig/File[c:/temp/test.txt]/content: content changed '{md5}b3589a284c00ce9a67dd42ccaf15e46d' to '{md5}881bfbf113937635f5c35241ed2' notice: Finished catalog run in 8.25 seconds notice: /File[C:/ProgramData/PuppetLabs/puppet/var/state/last_run_summary.yaml]/content: The first file and the last one works fine, but the file I need to modify didn't works, but also didn't show any error message or something Yeah, that's no good. Hopefully the above will shed some light on what's going on. Josh -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet windows File permissions
Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators AliasS-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner BUILTIN\UsersAliasS-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level LabelS-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Regards On 29-02-2012 13:43, Josh Cooper wrote: Hi Marco, On Wed, Feb 29, 2012 at 5:46 AM, mparrad marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote: Hi Guys, I'm recently start working with puppet and mostly puppet for windows, On linux works perfect, but on windows works fine!, but I got a issue working on c:\windows\system32\inetsrv\config folder, I need modify the file applicationHost.config using puppet, to keep centralized the config for IIS, but when I run the puppet agent for windows the behavior it's real weird, The execution finish without errors, also said the file was updated, or created, but when I take a look to the file, it's remain without changes. I'm working with puppet master 2.7.1 on CentOS 5.7 server, and puppet for windows 2.7.1 on Windows 2008 R2 server... Are you running puppet agent from cmd.exe? or as a service? If the former, can you run: whoami /groups I tried changing the permissions to the folder, I put read/write permission, I put Full control, I take ownership, but nothing, when I run the puppet agent I got the next: On puppet master i wrote this init.pp for a module called iisconfig: class iisconfig() { file { 'C:\Windows\System32\drivers\etc\hosts': ensure = present, content = template(/etc/puppet/modules/iisconfig/files/hosts), } file { 'C:\Windows\System32\inetsrv\config\applicationHost.config': ensure = 'present', content = template('/etc/puppet/modules/iisconfig/files/applicationHost.config'), } Can you try changing content = 'some literal string'? I'm curious if this is a templating issue. file { c:/temp/test.txt: ensure = 'file', mode = '660', owner = 'Administrator', group = 'Administrators', content = template('/etc/puppet/modules/iisconfig/files/applicationHost.config'), } } This is the execution C:\temppuppet agent --test notice: Ignoring --listen on onetime run info: Retrieving plugin info: Caching catalog for test01.office.com http://test01.office.com info: Applying configuration version '1330497348' notice: /Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content: info: FileBucket adding {md5}f6b9e9fce03e4bbd9952814d55353857 info: /Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]: Filebucketed C:/Windows/System32/drivers/etc/hosts to puppet sum f6b9e9fce03e4bbd9952814d55353857 notice: /Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content: content changed '{md5}f6b9e9fce03e4bbd9952814d55353 to
Re: [Puppet Users] Puppet windows File permissions
Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators AliasS-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAliasS-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level LabelS-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Josh -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.