##knife windows fails
If you want to use the Chef knife windows, you must be able to run WinRM. WinRM needs to be installed, and then configured correctly.
it is easy to configure winrm quickconfig -q
but that may fail, and on Winodws 8 the fix is non obvious:
PS C:\Windows\system32> winrm quickconfig -q
WinRM service is already running on this machine.
WSManFault
Message
ProviderFault
WSManFault
Message = WinRM firewall exception will not work since one of the network connection types on this machi
ne is set to Public. Change the network connection type to either Domain or Private and try again.
Error number: -2144108183 0x80338169
WinRM firewall exception will not work since one of the network connection types on this machine is set to Public. Chang
e the network connection type to either Domain or Private and try again.
PS C:\Windows\system32>
Check which network interface is set to "public"
PS C:\Windows\system32> Get-netConnectionProfile
Name : Connection #1
InterfaceAlias : Ethernet 4
InterfaceIndex : 8
NetworkCategory : DomainAuthenticated
IPv4Connectivity : Internet
IPv6Connectivity : LocalNetwork
Name : Unidentified network
InterfaceAlias : VirtualBox Host-Only Network #3
InterfaceIndex : 33
NetworkCategory : Public
IPv4Connectivity : NoTraffic
IPv6Connectivity : LocalNetwork
Ok, so we need to set the virtualBox connection to be private:
PS C:\Windows\system32> Set-NetConnectionProfile -InterfaceAlias "VirtualBox Host-Only Network #3" -NetworkCategory priv
ate
and validate the change:
PS C:\Windows\system32> Get-netConnectionProfile
Name : Connection #1
InterfaceAlias : Ethernet 4
InterfaceIndex : 8
NetworkCategory : DomainAuthenticated
IPv4Connectivity : Internet
IPv6Connectivity : LocalNetwork
Name : Unidentified network
InterfaceAlias : VirtualBox Host-Only Network #3
InterfaceIndex : 33
NetworkCategory : Private
IPv4Connectivity : NoTraffic
IPv6Connectivity : LocalNetwork
Now lets try winrm again
PS C:\Windows\system32> winrm quickconfig -q
WinRM service is already running on this machine.
WinRM is not set up to allow remote access to this machine for management.
The following changes must be made:
Create a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.
Enable the WinRM firewall exception.
WinRM has been updated for remote management.
Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.
WinRM firewall exception enabled.
Great! So now WinRM is listening and acceptin requests, we can move on to using knife windows.
The
Get-netConnectionProfile
isn't available in Windows 7 unfortunately, but there is a script that can be used to do this available here: https://blogs.msdn.microsoft.com/dimeby8/2009/06/10/change-unidentified-network-from-public-to-work-in-windows-7/I changed it to be a bit more talkative:
The alternative via the UI is to go into Admin Tools, Local Security Policy, Network List Manager Polices, Unidentified Networks and then set the Location type to Private there.
Hope this is helpful to someone.
Cheers,
Stuart