This release of knife-windows includes new features to improve authentication, simplify use of the WinRM SSL transport, and addresses compatibility issues with Chef Client 12.0.
You can install the new features using the gem command:
gem install knife-windows
Due to dependency conflicts, to use knife-windows 1.0.0+ with ChefDK 0.6.2, you must also upgrade chef-provisioning to 1.2.0+ and update the line referencing chef-provisioning in c:\opscode\chefdk\bin\chef. ChefDK 0.7.0+ will include the latest versions of both knife-windows and chef-provisioning.
chef gem install knife-windows
chef gem install chef-provisioning
knife-windows issues like those addressed in this release should be reported in the ticketing system at https://github.com/chef/knife-windows/issues. You can learn more about how to contribute features and bug fixes to knife-windows in the Chef Contributions document.
With this release, the default authentication protocol for WinRM
communication is negotiate, which is the same as that for tools built-in to
the Windows operating system. Prior to this release, the protocol depended
on the format of the --winrm-user option -- the basic authentication
protocol would be assumed unless that option had the format domain\user.
To revert to the behavior of previous releases or otherwise force knife-windows to use a specific authentication protocol such as
basic, use the --winrm-authentication-protocol option.
The default port for WinRM communication is now 5986 when the SSL transport is used (the transport is
configured by the winrm_transport option), otherwise it is 5985. In
previous releases, if the port was not specified, it was always 5985.
To override this behavior, explicitly specify the desired port using the
winrm_port (-p) option.
The short option flag for --keytab-file is now -T to fix a conflict with the --identity-file option.
- New
--winrm-authentication-protocoloption for explicit control of WinRM authentication knife windows cert generatesubcommand: Generates a certificate and related public key file for use in configuring a WinRM listener and validating communication involving it.knife windows cert installsubcommand: Installs a certificate such as one generated by thecert generatesubcommand into the Windows certificate store's LocalMachine personal store so that it can be used as part of the configuration for a WinRM SSL listenerknife windows listener createsubcommand: Creates a WinRM SSL listener on a Windows system- Added
--hintoption for creating Ohai hints on bootstrap - Validatorless bootstrapping is now supported
- New
--install-as-serviceoption will have Chef Client be installed as a service on bootstrap - Added
--msi_urloption for providing an alternate URL to the Chef Client installation package knife wsman testsubcommaned: Verifies winrm functionality on a remote system, e.g.knife wsman test 192.168.1.10 -m --winrm-transport ssl
- knife-windows #159
winrm_portoption should default to 5986 ifwinrm_transportoption isssl - knife-windows #139 Force dev dependency on Chef 11 for test scenarios to avoid Ohai 8 conflict on Ruby 1.9.x
- knife-windows #133 Bootstrap failure -- unable to validate SSL chef server endpoints
- knife-windows #125 knife-windows should use PowerShell first before cscript to download the Chef Client msi
- knife-windows #92 EventMachine issue: knife bootstrap windows winrm error
- knife-windows #94 Remove Eventmachine dependency
- knife-windows #213 Search possibilities of HOME for bootstrap templates
- knife-windows #227 Exception: NoMethodError: undefined method 'gsub' for false:FalseClass
https://rubygems.org/gems/knife-windows https://github.com/chef/knife-windows