Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Node information sent to Compliance after first audit run are not accurate #40
Windows 7 Enterprise
When a Windows node initiates a chef-client run with the audit cookbook, certain information is sent back to Chef Compliance such as hostname/IP and WinRM account. However the hostname/IP field is not filled in and WinRM account name is listed as Administrator even though node is a domain account with a domain administrative account. This prevents reconnection to the node until this information is entered in manually.
Steps to Reproduce:
Run the audit cookbook for the first time on a Win7 client. View the node information result in Chef Compliance after the chef-client run is complete.
Hostname/IP of machine and account used to run chef-client command remotely through winrm should be sent back to Chef Compliance and listed in the node details on Chef Compliance page.
Hostname/IP field is empty and account is listed as generic Administrator
Is this because when you use the audit cookbook, its actually using the Chef client keys.
So it is node -> chef server -> chef compliance
node -> chef server is handled by the client.pem file on the machine via HTTPS to Server
I wouldn't expect the username and password that Chef Client ran as to populate in Compliance, however it should provide the ability to scan / provide information to scan from within compliance.
The ability to scan/provide information to scan from within Compliance doesn't exist because the parameters used to connect to the node (via winrm) are not filled in properly/at all
Even disregarding the username/password, the hostname/ip should populate in Compliance which it is not doing either.
@chef09210 We refactored the audit cookbook to make it easier to maintain and improve the quality. Is that issues still persistent with the version 2.0 of the audit cookbook.
We retrieve the information from Chef