Bojan Rajkovic

Hi, I’m Bojan. I’m a technology generalist, with interest areas in engineering systems & culture, API design, and performance engineering.

1 minute read

In Parts 1 and 2, I got started with Chef, knife-ec2 and knife-windows to bootstrap Windows machines. I’ve been slowly chipping away at the required amount of “configuration” as I discover more knife features. This time, I’ve found that you don’t have to set a password on the node—knife can retrieve it from EC2 via the API, as long as you tell it where to look for your identity file.

Step 1: Tell knife where our identity file is. For Windows machines, there’s no SSH, but the identity file is used anyway to encrypt the administrator password. This bit of configuration goes in our knife.rb: 

knife[:identity_file] = "/path/to/foo.pem"

Step 2: Remove the password setting from our Powershell script—we don’t need an explicit password anymore. That means removing these two lines: 

$admin = [adsi]("WinNT://./Administrator, user")
$admin.psbase.invoke("SetPassword", "Ch4ng3m3")

Step 3: Remove the explicit username/password settings from our knife command. Remove these two lines from the knife invocation given at the end of part 2: 

    --winrm-user Administrator \
    --winrm-password <PASSWORD FROM USERDATA FILE>

Rerunning the full command now should provision a Windows machine, just like before, except with a bit of time savings of not having to generate a new password for every machine. :)

Leave a comment

You may also enjoy

Customizing Your Prompt in Powershell

1 minute read

As I’ve been using Windows more and more (Visual Studio <3), I’ve grown to really like Powershell. I was showing my brother around some of the more powerf...