search

NetDocuments-Archive / ad-join-cookbook

Chef cookbook to join windows computer to AD
Apache License 2.0
14 stars 12 forks source link

The system cannot find the file specified during Chef-Client run #2

Closed cpressland closed 8 years ago

cpressland commented 8 years ago

Hey,

I've been looking at implementing this into my workflow, currently I use knife vsphere vm clone etc to build out a Windows VM and then bootstrap via

knife bootstrap windows winrm 192.168.153.220 --winrm-user GLPDeploy -N stagadjoin01

This installs Chef-Client 12.6.0 at the moment. I then have a basic cookbook with the following code.

domain_join 'grouplongtail' do
  domain          'grouplongtail.local'
  domain_user     'binduser'
  domain_password 'correct-horse-battery-staple'
  ou              'OU=Computers,DC=grouplongtail,DC=local'
end

During a Chef-Client run I see "The system cannot find the path specified." and get the following stacktrace.

Generated at 2016-01-18 14:43:04 +0000
Mixlib::ShellOut::ShellCommandFailed: domain_join[grouplongtail] (glp-cb-ad-join::default line 10) had an error: Mixlib::ShellOut::ShellCommandFailed: powershell_script[ad-join] (c:/chef/cache/cookbooks/ad-join/resources/domain_join.rb line 49) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of "C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -InputFormat None -File "C:/Users/GLPDEP~1/AppData/Local/Temp/chef-script20160118-2980-166a0c0.ps1" ----
STDOUT: HasSucceeded ComputerName             

------------ ------------             

False        stagadjoin01
STDERR: Skip computer 'stagadjoin01' with new name 'stagadjoin01' because the new name is the same as the current name.Computer 'stagadjoin01' failed to join domain 'grouplongtail.local' from its current workgroup 'WORKGROUP' with following error message: The system cannot find the file specified.
---- End output of "C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -InputFormat None -File "C:/Users/GLPDEP~1/AppData/Local/Temp/chef-script20160118-2980-166a0c0.ps1" ----
Ran "C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -InputFormat None -File "C:/Users/GLPDEP~1/AppData/Local/Temp/chef-script20160118-2980-166a0c0.ps1" returned 1
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/mixlib-shellout-2.2.5-universal-mingw32/lib/mixlib/shellout.rb:289:in `invalid!'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/mixlib-shellout-2.2.5-universal-mingw32/lib/mixlib/shellout.rb:276:in `error!'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/mixin/shell_out.rb:56:in `shell_out!'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/execute.rb:62:in `block in action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/mixin/why_run.rb:52:in `call'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/mixin/why_run.rb:52:in `add_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:175:in `converge_by'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/execute.rb:60:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/script.rb:63:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/windows_script.rb:54:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/powershell_script.rb:35:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:144:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource.rb:596:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:74:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block (2 levels) in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `each'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:83:in `block in execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:81:in `execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:105:in `converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:361:in `compile_and_converge_action'
(eval):2:in `action_join'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:144:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource.rb:596:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:74:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block (2 levels) in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `each'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:83:in `block in execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:81:in `execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:105:in `converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:658:in `block in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:653:in `catch'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:653:in `converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:692:in `converge_and_save'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:271:in `run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:243:in `run_with_graceful_exit_option'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:220:in `block in run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/local_mode.rb:44:in `with_server_connectivity'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:203:in `run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:413:in `block in interval_run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:403:in `loop'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:403:in `interval_run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:393:in `run_application'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:58:in `run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/bin/chef-client:26:in `<top (required)>'
C:/opscode/chef/bin/chef-client:64:in `load'
C:/opscode/chef/bin/chef-client:64:in `<main>'

The generated powershell script looks like this:

# Chef Client wrapper for powershell_script resources

# LASTEXITCODE can be uninitialized -- make it explictly 0
# to avoid incorrect detection of failure (non-zero) codes
$global:LASTEXITCODE = 0

# Catch any exceptions -- without this, exceptions will result
# In a zero return code instead of the desired non-zero code
# that indicates a failure
trap [Exception] {write-error ($_.Exception.Message);exit 1}

# Variable state that should not be accessible to the user code
new-variable -name interpolatedexitcode -visibility private -value $false
new-variable -name chefscriptresult -visibility private

# Initialize a variable we use to capture $? inside a block
$global:lastcmdlet = $null

# Execute the user's code in a script block --
$chefscriptresult =
{
       $adminname = "grouplongtail.local\binduser"
      $password = "correct-horse-battery-staple" | ConvertTo-SecureString -asPlainText -Force
      $credential = New-Object System.Management.Automation.PSCredential($adminname,$password)

      Rename-Computer -NewName stagadjoin01
      sleep 5
      Add-computer -DomainName grouplongtail.local -OUPath "OU=Computers,DC=grouplongtail,DC=local" -Credential $credential -force -Options JoinWithNewName,AccountCreate -PassThru #-Restart

      # Old way, somtimes Domain controller busy error occured
      # Add-Computer  stagadjoin01 -DomainName grouplongtail.local -OUPath OU=Computers,DC=grouplongtail,DC=local -Credential $credential -Restart -PassThru
      # Add-Computer -ComputerName Server01 -LocalCredential Server01Admin01 -DomainName Domain02 -Credential Domain02Admin02 -Restart -Force

 # This assignment doesn't affect the block's return value
 $global:lastcmdlet = $?
}.invokereturnasis()

# Assume failure status of 1 -- success cases
# will have to override this
$exitstatus = 1

# If convert_boolean_return is enabled, the block's return value
# gets precedence in determining our exit status
if ($interpolatedexitcode -and $chefscriptresult -ne $null -and $chefscriptresult.gettype().name -eq 'boolean')
{
  $exitstatus = [int32](!$chefscriptresult)
}
elseif ($lastcmdlet)
{
  # Otherwise, a successful cmdlet execution defines the status
  $exitstatus = 0
}
elseif ( $LASTEXITCODE -ne $null -and $LASTEXITCODE -ne 0 )
{
  # If the cmdlet status is failed, allow the Win32 status
  # in $LASTEXITCODE to define exit status. This handles the case
  # where no cmdlets, only Win32 processes have run since $?
  # will be set to $false whenever a Win32 process returns a non-zero
  # status.
  $exitstatus = $LASTEXITCODE
}

# Print STDOUT for the script execution
Write-Output $chefscriptresult

# If this script is launched with -File, the process exit
# status of PowerShell.exe will be $exitstatus. If it was
# launched with -Command, it will be 0 if $exitstatus was 0,
#1 (i.e. failed) otherwise.
exit $exitstatus

And if I run it, it produces 

HasSucceeded          ComputerName
--------------------  --------------------
False                 Stagadjoin01

I'm not really sure where to begin troubleshooting this as I don't spend much time with Chef on Windows. Currently we're using VMWare to handle the joining to the Domain but I'd like to switch out to using this. Any input / direction you can give me would be awesome.

Obviously I'll change the correct-horse-battery-staple etc in production, lol.

Thanks, Chris Pressland

spuder commented 8 years ago

The key is this line: 

STDERR: Skip computer 'stagadjoin01' with new name 'stagadjoin01' because the new name is the same as the current name.Computer 'stagadjoin01' failed to join domain 'grouplongtail.local' from its current workgroup 'WORKGROUP' with following error message: The system cannot find the file specified.

To make the domain join powershell script more reliable, the VM is first renamed to the name given with the -N option in bootstrap -N foobar

In my usecases, when I first boot a VM, the hostname is always a random set of characters like

WIN-qeor79801

I suspect that because you are renaming the VM to the same name. The powershell command fails.

A few workarounds

Long term the cookbook should probably check for this condition, and skip the rename if the name isn't different

cpressland commented 8 years ago

I guess just commenting out Line 55+56 of domain_join.rb might be enough to get it working for now? May test this later. Otherwise I'll go through the code and suggest some changes when I have time if you're happy with that?

spuder commented 8 years ago

I think I have a fix

      if ( '#{newcomputername}' -eq $(hostname) ) {
        Write-Host "Skipping computer rename since already named: #{newcomputername}"
      }
      else {
        Write-Host "Renaming computer from $($hostname) to #{newcomputername}"
        Rename-Computer -NewName '#{newcomputername}'
      }

This should prevent the powershell error when trying to rename. I'll push this updated cookbook shortly.

cpressland commented 8 years ago

Sweet, I'll test it tomorrow morning, that looks good. Thanks man!

spuder commented 8 years ago

Version v4.1.0 has been pushed to the supermarket. I've verified that there are no regressions for my use case. Please let me know if it fixes the problem for you.

If not, feel free to reopen this issue.

cpressland commented 8 years ago

Hmm, so It looks like it still fails with a similar error:

Generated at 2016-01-19 09:46:24 +0000
Mixlib::ShellOut::ShellCommandFailed: domain_join[grouplongtail] (glp-cb-ad-join::default line 10) had an error: Mixlib::ShellOut::ShellCommandFailed: powershell_script[ad-join] (c:/chef/cache/cookbooks/ad-join/resources/domain_join.rb line 48) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of "C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -InputFormat None -File "C:/Users/GLPDEP~1/AppData/Local/Temp/chef-script20160119-2180-5dzle.ps1" ----
STDOUT: Skipping computer rename since already named: STAGADJOIN01

HasSucceeded ComputerName             

------------ ------------             

False        STAGADJOIN01
STDERR: Computer 'STAGADJOIN01' failed to join domain 'grouplongtail.local' from its current workgroup 'WORKGROUP' with following error message: The system cannot find the file specified.
---- End output of "C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -InputFormat None -File "C:/Users/GLPDEP~1/AppData/Local/Temp/chef-script20160119-2180-5dzle.ps1" ----
Ran "C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -InputFormat None -File "C:/Users/GLPDEP~1/AppData/Local/Temp/chef-script20160119-2180-5dzle.ps1" returned 1
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/mixlib-shellout-2.2.5-universal-mingw32/lib/mixlib/shellout.rb:289:in `invalid!'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/mixlib-shellout-2.2.5-universal-mingw32/lib/mixlib/shellout.rb:276:in `error!'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/mixin/shell_out.rb:56:in `shell_out!'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/execute.rb:62:in `block in action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/mixin/why_run.rb:52:in `call'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/mixin/why_run.rb:52:in `add_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:175:in `converge_by'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/execute.rb:60:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/script.rb:63:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/windows_script.rb:54:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider/powershell_script.rb:35:in `action_run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:144:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource.rb:596:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:74:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block (2 levels) in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `each'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:83:in `block in execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:81:in `execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:105:in `converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:361:in `compile_and_converge_action'
(eval):2:in `action_join'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/provider.rb:144:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource.rb:596:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:74:in `run_action'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block (2 levels) in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `each'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:106:in `block in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:83:in `block in execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/resource_collection/resource_list.rb:81:in `execute_each_resource'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/runner.rb:105:in `converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:658:in `block in converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:653:in `catch'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:653:in `converge'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:692:in `converge_and_save'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/client.rb:271:in `run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:243:in `run_with_graceful_exit_option'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:220:in `block in run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/local_mode.rb:44:in `with_server_connectivity'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:203:in `run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:413:in `block in interval_run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:403:in `loop'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:403:in `interval_run_chef_client'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application/client.rb:393:in `run_application'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/lib/chef/application.rb:58:in `run'
C:/opscode/chef/embedded/lib/ruby/gems/2.0.0/gems/chef-12.6.0-universal-mingw32/bin/chef-client:26:in `<top (required)>'
C:/opscode/chef/bin/chef-client:64:in `load'
C:/opscode/chef/bin/chef-client:64:in `<main>'

Any further ideas?

spuder commented 8 years ago

Do you have a VM you could experiment on?

Try running the following from an elevated powershell window. Make sure you replace everything inside #{} with the appropriate attribute. 

  $adminname = "#{domain}\\#{domain_user}"
  $password = "#{domain_password}" | ConvertTo-SecureString -asPlainText -Force
  $credential = New-Object System.Management.Automation.PSCredential($adminname,$password)
  Add-computer -DomainName #{domain} -OUPath "#{ou}" -Credential $credential -force -Options JoinWithNewName,AccountCreate -PassThru

Also, this cookbook is only tested on Windows 2012 R2.

cpressland commented 8 years ago

So the Powershell script looks like:

$adminname = "grouplongtail.local\\binduser"
$password = "correct-horse-battery-staple" | ConvertTo-SecureString -asPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($adminname,$password)
Add-computer -DomainName grouplongtail.local -OUPath "Computers" -Credential $credential -force -Options JoinWithNewName,AccountCreate -PassThru

I get

PS C:\Users\GLPDeploy\Desktop> .\bind.ps1
Add-computer : Computer 'STAGADJOIN01' failed to join domain 'grouplongtail.local' from its current workgroup
'WORKGROUP' with following error message: The specified username is invalid.
At C:\Users\GLPDeploy\Desktop\bind.ps1:4 char:1
+ Add-computer -DomainName grouplongtail.local -OUPath "Computers" -Credential $cr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (STAGADJOIN01:String) [Add-Computer], InvalidOperationException
    + FullyQualifiedErrorId : FailToJoinDomainFromWorkgroup,Microsoft.PowerShell.Commands.AddComputerCommand

HasSucceeded ComputerName
------------ ------------
False        STAGADJOIN01

Have confirmed the same happens with multiple credentials.

spuder commented 8 years ago

So its not a problem with the cookbook, its a problem with the credentials.

Try this:

The OU should be the full path like this

"OU=Web,OU=Lab,OU=Servers,OU=Foo,DC=grouplongtail,DC=local"

Each user in an OU can bind 10 machines by default. To allow for more 'binds' you need to create a group policy object.

http://serverfault.com/a/665341/169180

Just to verify. This is on windows 2012 R2 right? Also could you try running the commands one at a time from powershell instead of putting them in a script?

cpressland commented 8 years ago

So after persisting on this for a while I managed to get it to work, ultimately the problem was with my "OU=" flow as you suspected. I did however encounter another problem which I will log a new ticket for. Looked like this in the end:

domain_join 'grouplongtail' do
   domain   'grouplongtail.local'
   domain_user   'binduser'
   domain_password   'correct-horse-battery-staple'
   ou   'OU=Staging,OU=Servers,OU=Group Longtail,DC=grouplongtail,DC=local'
end

Thanks for all the help with this.