Re: [Puppet Users] Puppet windows File permissions
On Thu, Mar 1, 2012 at 9:47 AM, Josh Cooper j...@puppetlabs.com wrote: Hi Marco, On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, thank you for reply, On 29-02-2012 19:12, Josh Cooper wrote: Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.com wrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators AliasS-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAliasS-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level LabelS-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Yeah, I'm using a Windows 7 32 bits box, and it's works fine... in the other hand, I've testing on Windows 2008 R2 64 bits server, I checked on the path tha you said, and your right, the file is changed on c:\windows\SysWOW64\inetsrv\config\applicationHost.config, but IIS uses the file on c:\windows\system32\inetsrv\config\applicationHost.config C:\Windows\SysWOW64\inetsrv\Configdir applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of C:\Windows\SysWOW64\inetsrv\Config 03/01/2012 06:01 AM82,384 applicationHost.config 1 File(s) 82,384 bytes 0 Dir(s) 6,910,136,320 bytes free C:\Windows\SysWOW64\inetsrv\Configdir c:\Windows\System32\inetsrv\config\applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of c:\Windows\System32\inetsrv\config 02/29/2012 11:01 AM82,122 applicationHost.config 1 File(s) 82,122 bytes 0 Dir(s) 6,910,136,320 bytes free How can I tell ruby that don't uses c:\windows\SysWOW64\inetsrv\config path? Is this posible?... You can disable file system redirection using the special 'sysnative' alias: C:\Windows\Sysnative\inetsrv\config\applicationHost.config. But acccording to MS this is not available on 2003[1], which is odd, because then 32-bit processes in 64-bit 2003 can't disable file system redirection on a per-file basis. While working on reboot support, we discovered that there is a hotfix to address this problem on 2003: http://support.microsoft.com/kb/942589 There are APIs for disabling file system redirection for the entire process, but that would probably break 32-bit ruby.exe Perhaps the best option is to create a symlink to the IIS configuration directory[2]. However, 2003 doesn't support symlinks, so again I'm not sure how to do this on 64-bit 2003. Also puppet cannot currently manage symlinks on Windows, so you'd have to use an exec resource to do that. I'll add a note to our troubleshooting guide about 32vs64bit. I'd be curious to
Re: [Puppet Users] Puppet windows File permissions
Hi Marco, On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, thank you for reply, On 29-02-2012 19:12, Josh Cooper wrote: Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators AliasS-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAliasS-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level LabelS-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Yeah, I'm using a Windows 7 32 bits box, and it's works fine... in the other hand, I've testing on Windows 2008 R2 64 bits server, I checked on the path tha you said, and your right, the file is changed on c:\windows\SysWOW64\inetsrv\config\applicationHost.config, but IIS uses the file on c:\windows\system32\inetsrv\config\applicationHost.config C:\Windows\SysWOW64\inetsrv\Configdir applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of C:\Windows\SysWOW64\inetsrv\Config 03/01/2012 06:01 AM82,384 applicationHost.config 1 File(s) 82,384 bytes 0 Dir(s) 6,910,136,320 bytes free C:\Windows\SysWOW64\inetsrv\Configdir c:\Windows\System32\inetsrv\config\applicationHost.config Volume in drive C has no label. Volume Serial Number is F4D5-2946 Directory of c:\Windows\System32\inetsrv\config 02/29/2012 11:01 AM82,122 applicationHost.config 1 File(s) 82,122 bytes 0 Dir(s) 6,910,136,320 bytes free How can I tell ruby that don't uses c:\windows\SysWOW64\inetsrv\config path? Is this posible?... You can disable file system redirection using the special 'sysnative' alias: C:\Windows\Sysnative\inetsrv\config\applicationHost.config. But acccording to MS this is not available on 2003[1], which is odd, because then 32-bit processes in 64-bit 2003 can't disable file system redirection on a per-file basis. There are APIs for disabling file system redirection for the entire process, but that would probably break 32-bit ruby.exe Perhaps the best option is to create a symlink to the IIS configuration directory[2]. However, 2003 doesn't support symlinks, so again I'm not sure how to do this on 64-bit 2003. Also puppet cannot currently manage symlinks on Windows, so you'd have to use an exec resource to do that. I'll add a note to our troubleshooting guide about 32vs64bit. I'd be curious to hear about which approach you end up taking. Josh http://msdn.microsoft.com/en-us/library/aa384187(v=vs.85).aspx
Re: [Puppet Users] Puppet windows File permissions
Hi Josh, Looking in the web, I found the solution that you mentioned,
c:\windows\Sysnative, and works perfect to me! thank you for your help
C:\Users\Administratorpuppet agent --test
notice: Ignoring --listen on onetime run
info: Retrieving plugin
info: Caching catalog for cscltest01.office.com
info: Applying configuration version '1330601351'
notice:
/Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content:
info: FileBucket adding {md5}e32032ed7a6f5cce9895058575ff1997
info:
/Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]:
Filebucketed C:/Windows/Sysnative/inetsrv/config/applicationHost.config
to puppet with sum e32032ed7a6f5cce9895058575ff1997
notice:
/Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content:
content changed '{md5}e32032ed7a6f5cce9895058575ff1997' to
'{md5}a3680ad2f20f19e8c2593feccd0dc5f6'
notice: Finished catalog run in 0.30 seconds
notice:
/File[C:/ProgramData/PuppetLabs/puppet/var/state/last_run_summary.yaml]/content:
Best Regards
On 01-03-2012 14:47, Josh Cooper wrote:
Hi Marco,
On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D.
marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote:
Hi Josh, thank you for reply,
On 29-02-2012 19:12, Josh Cooper wrote:
Hi Marco,
On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D.
marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote:
Hi Josh,
I'm runnig from cmd.exe, I'm using Administrator account on
the windows box, this is the output for the command that you
asked:
C:\Users\Administratorwhoami /groups
GROUP INFORMATION
-
Group Name Type
SID Attributes
===
Everyone Well-known group
S-1-1-0 Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators Alias
S-1-5-32-544 Mandatory group, Enabled by default, Enabled
group, Group owner
This shows that you are running elevated, which is good.
BUILTIN\UsersAlias
S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group
S-1-5-4 Mandatory group, Enabled by default, Enabled group
CONSOLE LOGONWell-known group
S-1-2-1 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group
S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group
S-1-5-15 Mandatory group, Enabled by default, Enabled group
LOCALWell-known group
S-1-2-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication Well-known group
S-1-5-64-10 Mandatory group, Enabled by default, Enabled group
Mandatory Label\High Mandatory Level Label
S-1-16-12288 Mandatory group, Enabled by default, Enabled group
C:\Users\Administrator
I found a page that talks about security on windows 2008, and
I tried changing a configuration for the IIS, On the
Ineternet Information Services Manager, under Management,
Configuration Editor, selecting Providers, click on Edit
Items, selecting DataProtectionConfigurationProvider, I
change useMachineProtection, and save the change.
On Windows 7 the scripts run perfect, but on Windows 2008 R2
still didn't work, still the execution said that the file was
modified, but nothing happens on the file. no errors it's
showed
Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a
64-bit Windows 2008 R2 to edit
C:\Windows\System32\inetsrv\config\applicationHost.config,
Windows may be redirecting you to %windir%\syswow64\inetsrv
instead: http://forums.iis.net/p/1150832/1875622.aspx
Yeah, I'm using a Windows 7 32 bits box, and it's works fine... in
the other hand, I've testing on Windows 2008 R2 64 bits server, I
checked on the path tha you said, and your right, the file is
changed on
c:\windows\SysWOW64\inetsrv\config\applicationHost.config, but IIS
uses the file on
c:\windows\system32\inetsrv\config\applicationHost.config
C:\Windows\SysWOW64\inetsrv\Configdir applicationHost.config
Volume in drive C has no label.
Volume Serial Number is F4D5-2946
Directory of C:\Windows\SysWOW64\inetsrv\Config
03/01/2012 06:01 AM82,384
Re: [Puppet Users] Puppet windows File permissions
Hi Josh, by the way, this is the link that I found to solve my trouble,
works perfect on Windows 2008 R2 64 bits.
http://www.ghisler.ch/wiki/index.php/On_64-bit_Windows_versions,_some_files_and_folders_shown_by_Windows_Explorer_are_not_shown_by_Total_Commander!#Affected_files_and_folders
Regards...!
On 01-03-2012 14:57, Marco Parra D. wrote:
Hi Josh, Looking in the web, I found the solution that you mentioned,
c:\windows\Sysnative, and works perfect to me! thank you for your help
C:\Users\Administratorpuppet agent --test
notice: Ignoring --listen on onetime run
info: Retrieving plugin
info: Caching catalog for cscltest01.office.com
info: Applying configuration version '1330601351'
notice:
/Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content:
info: FileBucket adding {md5}e32032ed7a6f5cce9895058575ff1997
info:
/Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]:
Filebucketed
C:/Windows/Sysnative/inetsrv/config/applicationHost.config to puppet
with sum e32032ed7a6f5cce9895058575ff1997
notice:
/Stage[main]/Iisconfig/File[C:\Windows\Sysnative\inetsrv\config\applicationHost.config]/content:
content changed '{md5}e32032ed7a6f5cce9895058575ff1997' to
'{md5}a3680ad2f20f19e8c2593feccd0dc5f6'
notice: Finished catalog run in 0.30 seconds
notice:
/File[C:/ProgramData/PuppetLabs/puppet/var/state/last_run_summary.yaml]/content:
Best Regards
On 01-03-2012 14:47, Josh Cooper wrote:
Hi Marco,
On Thu, Mar 1, 2012 at 6:17 AM, Marco Parra D.
marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote:
Hi Josh, thank you for reply,
On 29-02-2012 19:12, Josh Cooper wrote:
Hi Marco,
On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D.
marco.parr...@gmail.com mailto:marco.parr...@gmail.com wrote:
Hi Josh,
I'm runnig from cmd.exe, I'm using Administrator account on
the windows box, this is the output for the command that you
asked:
C:\Users\Administratorwhoami /groups
GROUP INFORMATION
-
Group Name Type
SID Attributes
===
Everyone Well-known group
S-1-1-0 Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators Alias
S-1-5-32-544 Mandatory group, Enabled by default, Enabled
group, Group owner
This shows that you are running elevated, which is good.
BUILTIN\UsersAlias
S-1-5-32-545 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group
S-1-5-4 Mandatory group, Enabled by default, Enabled group
CONSOLE LOGONWell-known group
S-1-2-1 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group
S-1-5-11 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group
S-1-5-15 Mandatory group, Enabled by default, Enabled group
LOCALWell-known group
S-1-2-0 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication Well-known group
S-1-5-64-10 Mandatory group, Enabled by default, Enabled group
Mandatory Label\High Mandatory Level Label
S-1-16-12288 Mandatory group, Enabled by default, Enabled group
C:\Users\Administrator
I found a page that talks about security on windows 2008,
and I tried changing a configuration for the IIS, On the
Ineternet Information Services Manager, under Management,
Configuration Editor, selecting Providers, click on Edit
Items, selecting DataProtectionConfigurationProvider, I
change useMachineProtection, and save the change.
On Windows 7 the scripts run perfect, but on Windows 2008 R2
still didn't work, still the execution said that the file
was modified, but nothing happens on the file. no errors
it's showed
Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a
64-bit Windows 2008 R2 to edit
C:\Windows\System32\inetsrv\config\applicationHost.config,
Windows may be redirecting you to %windir%\syswow64\inetsrv
instead: http://forums.iis.net/p/1150832/1875622.aspx
Yeah, I'm using a Windows 7 32 bits box, and it's works fine...
in the other hand, I've testing on Windows 2008 R2 64 bits
server, I checked on the path tha you said, and your right, the
file is changed on
Re: [Puppet Users] Puppet windows File permissions
Hi Marco,
On Wed, Feb 29, 2012 at 5:46 AM, mparrad marco.parr...@gmail.com wrote:
Hi Guys, I'm recently start working with puppet and mostly puppet for
windows, On linux works perfect, but on windows works fine!, but I got a
issue working on c:\windows\system32\inetsrv\config folder, I need modify
the file applicationHost.config using puppet, to keep centralized the
config for IIS, but when I run the puppet agent for windows the behavior
it's real weird, The execution finish without errors, also said the file
was updated, or created, but when I take a look to the file, it's remain
without changes.
I'm working with puppet master 2.7.1 on CentOS 5.7 server, and puppet for
windows 2.7.1 on Windows 2008 R2 server...
Are you running puppet agent from cmd.exe? or as a service? If the former,
can you run: whoami /groups
I tried changing the permissions to the folder, I put read/write
permission, I put Full control, I take ownership, but nothing, when I run
the puppet agent I got the next:
On puppet master i wrote this init.pp for a module called iisconfig:
class iisconfig()
{
file { 'C:\Windows\System32\drivers\etc\hosts':
ensure = present,
content = template(/etc/puppet/modules/iisconfig/files/hosts),
}
file { 'C:\Windows\System32\inetsrv\config\applicationHost.config':
ensure = 'present',
content =
template('/etc/puppet/modules/iisconfig/files/applicationHost.config'),
}
Can you try changing content = 'some literal string'? I'm curious if this
is a templating issue.
file { c:/temp/test.txt:
ensure = 'file',
mode = '660',
owner = 'Administrator',
group = 'Administrators',
content =
template('/etc/puppet/modules/iisconfig/files/applicationHost.config'),
}
}
This is the execution
C:\temppuppet agent --test
notice: Ignoring --listen on onetime run
info: Retrieving plugin
info: Caching catalog for test01.office.com
info: Applying configuration version '1330497348'
notice:
/Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content:
info: FileBucket adding {md5}f6b9e9fce03e4bbd9952814d55353857
info: /Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]:
Filebucketed C:/Windows/System32/drivers/etc/hosts to puppet sum
f6b9e9fce03e4bbd9952814d55353857
notice:
/Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content:
content changed '{md5}f6b9e9fce03e4bbd9952814d55353 to
'{md5}32aca7ae45f022642e2f5b0156dcb3ca'
notice: /Stage[main]/Iisconfig/File[c:/temp/test.txt]/content:
info: FileBucket adding {md5}b3589a284c00ce9a67dd42ccaf15e46d
info: /Stage[main]/Iisconfig/File[c:/temp/test.txt]: Filebucketed
c:/temp/test.txt to puppet with sum b3589a284c00ce9a67dd42ccaf15e46d
notice: /Stage[main]/Iisconfig/File[c:/temp/test.txt]/content: content
changed '{md5}b3589a284c00ce9a67dd42ccaf15e46d' to
'{md5}881bfbf113937635f5c35241ed2'
notice: Finished catalog run in 8.25 seconds
notice:
/File[C:/ProgramData/PuppetLabs/puppet/var/state/last_run_summary.yaml]/content:
The first file and the last one works fine, but the file I need to modify
didn't works, but also didn't show any error message or something
Yeah, that's no good. Hopefully the above will shed some light on what's
going on.
Josh
--
Josh Cooper
Developer, Puppet Labs
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Puppet windows File permissions
Hi Josh,
I'm runnig from cmd.exe, I'm using Administrator account on the windows
box, this is the output for the command that you asked:
C:\Users\Administratorwhoami /groups
GROUP INFORMATION
-
Group Name Type SID
Attributes
===
Everyone Well-known group S-1-1-0
Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators AliasS-1-5-32-544
Mandatory group, Enabled by default, Enabled group, Group owner
BUILTIN\UsersAliasS-1-5-32-545
Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4
Mandatory group, Enabled by default, Enabled group
CONSOLE LOGONWell-known group S-1-2-1
Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users Well-known group S-1-5-11
Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization Well-known group S-1-5-15
Mandatory group, Enabled by default, Enabled group
LOCALWell-known group S-1-2-0
Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10
Mandatory group, Enabled by default, Enabled group
Mandatory Label\High Mandatory Level LabelS-1-16-12288
Mandatory group, Enabled by default, Enabled group
C:\Users\Administrator
I found a page that talks about security on windows 2008, and I tried
changing a configuration for the IIS, On the Ineternet Information
Services Manager, under Management, Configuration Editor, selecting
Providers, click on Edit Items, selecting
DataProtectionConfigurationProvider, I change useMachineProtection, and
save the change.
On Windows 7 the scripts run perfect, but on Windows 2008 R2 still
didn't work, still the execution said that the file was modified, but
nothing happens on the file. no errors it's showed
Regards
On 29-02-2012 13:43, Josh Cooper wrote:
Hi Marco,
On Wed, Feb 29, 2012 at 5:46 AM, mparrad marco.parr...@gmail.com
mailto:marco.parr...@gmail.com wrote:
Hi Guys, I'm recently start working with puppet and mostly puppet
for windows, On linux works perfect, but on windows works fine!,
but I got a issue working on c:\windows\system32\inetsrv\config
folder, I need modify the file applicationHost.config using
puppet, to keep centralized the config for IIS, but when I run the
puppet agent for windows the behavior it's real weird, The
execution finish without errors, also said the file was updated,
or created, but when I take a look to the file, it's remain
without changes.
I'm working with puppet master 2.7.1 on CentOS 5.7 server, and
puppet for windows 2.7.1 on Windows 2008 R2 server...
Are you running puppet agent from cmd.exe? or as a service? If the
former, can you run: whoami /groups
I tried changing the permissions to the folder, I put read/write
permission, I put Full control, I take ownership, but nothing,
when I run the puppet agent I got the next:
On puppet master i wrote this init.pp for a module called iisconfig:
class iisconfig()
{
file { 'C:\Windows\System32\drivers\etc\hosts':
ensure = present,
content =
template(/etc/puppet/modules/iisconfig/files/hosts),
}
file { 'C:\Windows\System32\inetsrv\config\applicationHost.config':
ensure = 'present',
content =
template('/etc/puppet/modules/iisconfig/files/applicationHost.config'),
}
Can you try changing content = 'some literal string'? I'm curious if
this is a templating issue.
file { c:/temp/test.txt:
ensure = 'file',
mode = '660',
owner = 'Administrator',
group = 'Administrators',
content =
template('/etc/puppet/modules/iisconfig/files/applicationHost.config'),
}
}
This is the execution
C:\temppuppet agent --test
notice: Ignoring --listen on onetime run
info: Retrieving plugin
info: Caching catalog for test01.office.com http://test01.office.com
info: Applying configuration version '1330497348'
notice:
/Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content:
info: FileBucket adding {md5}f6b9e9fce03e4bbd9952814d55353857
info:
/Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]:
Filebucketed
C:/Windows/System32/drivers/etc/hosts to puppet sum
f6b9e9fce03e4bbd9952814d55353857
notice:
/Stage[main]/Iisconfig/File[C:\Windows\System32\drivers\etc\hosts]/content:
content changed '{md5}f6b9e9fce03e4bbd9952814d55353 to
Re: [Puppet Users] Puppet windows File permissions
Hi Marco, On Wed, Feb 29, 2012 at 10:52 AM, Marco Parra D. marco.parr...@gmail.comwrote: Hi Josh, I'm runnig from cmd.exe, I'm using Administrator account on the windows box, this is the output for the command that you asked: C:\Users\Administratorwhoami /groups GROUP INFORMATION - Group Name Type SID Attributes === Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators AliasS-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner This shows that you are running elevated, which is good. BUILTIN\UsersAliasS-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGONWell-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group LOCALWell-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level LabelS-1-16-12288 Mandatory group, Enabled by default, Enabled group C:\Users\Administrator I found a page that talks about security on windows 2008, and I tried changing a configuration for the IIS, On the Ineternet Information Services Manager, under Management, Configuration Editor, selecting Providers, click on Edit Items, selecting DataProtectionConfigurationProvider, I change useMachineProtection, and save the change. On Windows 7 the scripts run perfect, but on Windows 2008 R2 still didn't work, still the execution said that the file was modified, but nothing happens on the file. no errors it's showed Is your Windows 7 box 32-bit? If you're using 32-bit ruby on a 64-bit Windows 2008 R2 to edit C:\Windows\System32\inetsrv\config\applicationHost.config, Windows may be redirecting you to %windir%\syswow64\inetsrv instead: http://forums.iis.net/p/1150832/1875622.aspx Josh -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups Puppet Users group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
