Cooking on Windows Sever..

Hi guys!

I have to manage Windows Server 2008 using Chef..

First of all, I need to choose the strategy for bootstrapping the new node and I am going to use an unattended bootstrap..

Configuring network card to talk with (my Chef server)

Screen Shot 2016-08-04 at 18.19.09

Download and install  chef-client for Windows from

Screen Shot 2016-08-04 at 15.41.06.png

Copy client.rb and validation.pem to c:\chef and launch chef-client from the command line.

This my new Windows node!

Screen Shot 2016-08-04 at 18.09.15

Let’s prepare a simple cookbook named mywindows:

knife cookbook create mywindows

Let’s insert the following resources in recipes/default.rb

#Modify the hosts file
template "C:\\Windows\\System32\\drivers\\etc\\hosts" do
  source "hosts.erb"
  action :create


#Restart an array of services
[ "Dnscache" , "UxSms" ].each do |s|
 service s do
    action :restart


#Update Group Policy
execute 'gpupdate' do
  command "gpupdate.exe"


#Create a key into the registry
windows_registry 'HKCU\Software\Test' do
  values 'MySuperKEy' =>
  action :create


#Install Putty
windows_package 'Putty' do
  source 'C:\\putty-0.60-installer.exe'
  installer_type :inno
  action :install


#Enable a Windows Feature
windows_feature "WindowsServerBackup" do
  action :install

Run chef-client and all works fine!

Screen Shot 2016-08-04 at 18.34.08.png



Configure Samba with Active Directory integration (Centos 6)

Let’s see how to integrate your samba server with Microsoft Active Diretory.

Domain: NOODLES   (NETBIOS name)
Domain controller 1:
Domain controller 2:
Local Unix account: puppet
Domain Account: NOODLES\puppet

Packages to install via yum: [ krb5-libs , krb5-devel , samba , samba-common , samba-winbind , samba-client , samba-winbind-client ]

  • create unix local user named “puppet”
  • Install package using yum
  • map “puppet” with “NOODLES\puppet” editing /etc/samba/smbusers:
  • puppet = NOODLES\puppet

  • Make sure that you can reach the domain controllers by the Linux server
  • Configure Kerberos.  Example:[root@mylinuxbox puppet]# cat /etc/krb5.conf

default_realm = NOODLES.FOO.ORG[realms]
kdc =
kdc =

admin_server =

  • Configure Samba (/etc/samba/smb.conf)

  • [global]
    nameresolveorder = hosts wins bcast
    maxlogsize = 1500
    passwordserver = dc01 dc02
    usernamemap = /etc/samba/smbusers
    clientntlmv2auth = yes
    dnsproxy = no
    disablespoolss = yes
    printcapname = /dev/null
    realm = NOODLES.FOO.ORG
    logfile = /var/log/samba/smbd.log
    preferredmaster = no
    loadprinters = no
    printing = bsd
    socketoptions = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
    localmaster = no
    workgroup = NOODLES
    serverstring = Samba Server
    security = ADS
    # auth methods = guest, sam, winbind
    restrict anonymous = 2

    follow symlinks = yes
    wide links = yes
    unix extensions = no

    create mask = 0766
    valid users= puppet
    force user = puppet

  • Join Linux server to the domain
  • net ads join -U puppetadmin@NOODLES.FOO.ORG

    print details of connection with active directory

    [puppet@mylinuxbox puppet]# net ads info

    LDAP server: [ ip address of dc01]
    LDAP server name:
    Bind Path: dc=NOODLES,dc=FOO,dc=ORG
    LDAP port: 389
    Server time: Thu, 10 Apr 2014 10:52:59 CEST
    KDC server: [ ip address of dc01]
    Server time offset: 0

    restart samba
    Try access to //mylinuxbox/share using NOODLES\puppet