I need an easy way to let the QA people run chef, they alreay have accounts that are local admins so I wanted a batch file that they can click on that will run chef with admin privileges

the chef documentations suggests using runas

runas /user:Administrator "cmd /C chef-client"

But I don’t want to give the administrator password to the users.

I found this stack overflow posting that worked like a charm

https://stackoverflow.com/questions/7044985/how-can-i-auto-elevate-my-batch-file-so-that-it-requests-from-uac-admin-rights

Speficially

:::::::::::::::::::::::::::::::::::::::::
:: Automatically check & get admin rights
:::::::::::::::::::::::::::::::::::::::::
@echo off
CLS 
ECHO.
ECHO =============================
ECHO Running Admin shell
ECHO =============================

:checkPrivileges 
NET FILE 1>NUL 2>NUL
if '%errorlevel%' == '0' ( goto gotPrivileges ) else ( goto getPrivileges ) 

:getPrivileges 
if '%1'=='ELEV' (shift & goto gotPrivileges)  
ECHO. 
ECHO **************************************
ECHO Invoking UAC for Privilege Escalation 
ECHO **************************************

setlocal DisableDelayedExpansion
set "batchPath=%~0"
setlocal EnableDelayedExpansion
ECHO Set UAC = CreateObject^("Shell.Application"^) > "%temp%\OEgetPrivileges.vbs" 
ECHO UAC.ShellExecute "!batchPath!", "ELEV", "", "runas", 1 >> "%temp%\OEgetPrivileges.vbs" 
"%temp%\OEgetPrivileges.vbs" 
exit /B 

:gotPrivileges 
::::::::::::::::::::::::::::
:START
::::::::::::::::::::::::::::
setlocal & pushd .

REM Run shell as admin (example) - put here code as you like
cmd /k

Just replace cmd /k with your code.

I have a need in our QA Environment to wipe some of the keys from Riak but not all of them before deploying a new build.

I started with using the ruby riak client, and had the following working

require 'riak'

#https://github.com/basho/riak-ruby-client/blob/master/README.markdown
#https://docs.basho.com/riak/latest/dev/taste-of-riak/ruby/

client=Riak::Client.new(:protocol => "pbc")

client = Riak::Client.new(:nodes => [
  {:host => '10.10.10.1', :pb_port => 8098}
])

client.buckets.each do |bucket|
  if bucket.name.start_with?('test')
    puts(bucket.name)
    bucket.keys.each do |key|
      bucket.delete(key)
    end
  end
end

Which gave a little error, but worked till I tired to run it on a windows machines, seem riak uses the ruby expect class which isn’t available on windows.

So then I took a different approach

require 'rest-client'
require 'json'
require 'uri'

host = "https://10.10.10.1:8098"

buckets_url = host + '/riak?buckets=true'
e_buckets_url = URI.escape(buckets_url)

json_object = JSON.parse(RestClient.get(e_buckets_url))
p json_object

json_object["buckets"].each do |bucket|
  if bucket.start_with?('test')
    p bucket 
    keys_url = 'https://10.10.10.1:8098' + '/riak/' + bucket + '?keys=true'
    e_keys_url = URI.escape(keys_url)
    p e_keys_url
    json_object2 = JSON.parse(RestClient.get(e_keys_url))
    p json_object2["keys"]
    json_object2["keys"].each do |key|
      delete_url = 'https://10.10.10.1:8098/riak' + '/' + bucket + '/' + key
      e_delete_url = URI.escape(delete_url)
      p e_delete_url
      response2 = RestClient.delete(e_delete_url)      
    end
  end

Then I wrapped it in ruby block for chef

ruby_block  "wipe riak" do
  block do
    host = "https://#{node['test']['avenger']['riakhostAddress']}:8098"

    buckets_url = host + '/riak?buckets=true'
    e_buckets_url = URI.escape(buckets_url)

    json_object = JSON.parse(RestClient.get(e_buckets_url))
    p json_object

    json_object["buckets"].each do |bucket|
      if bucket.start_with?('test')
        p bucket
        keys_url = host + '/riak/' + bucket + '?keys=true'
        e_keys_url = URI.escape(keys_url)
        p e_keys_url
        json_object2 = JSON.parse(RestClient.get(e_keys_url))
        p json_object2["keys"]
        json_object2["keys"].each do |key|
          delete_url = host + '/riak/' + bucket + '/' + key
          e_delete_url = URI.escape(delete_url)
          p e_delete_url
          response2 = RestClient.delete(e_delete_url)
        end
      end
    end
  end
end

One of the challenges of working with servers remotely is getting the dam DRAC or ILO to work.

I have reverted to using Internet Explorer in a windows VM as my machine of choice for accessing Dell DRACs or HP ILOs. I recently had the pleasure of touching an HP C7000 blade enclosure that adds a new wrinkle to the mix, they have a web interface called the the OA or Onboard Administrator.

One common issue I have, assuming that I can even get the remote console to work is getting keyboard input to work. On the ILO 2 I tried installing Redhat and I could get Tabs to work. My solution on Dell DRACs was to switch from the activeX control to the java control, but on the a ProLiant BL460c G6, I couldn’t get the java version to start. I might have been able to make it work if i installed java 1.4, which is listed as the supported version, but I had challenges finding the correct binary to install, and my security alter ego was shouting in my head “NO” due to all the security issues with an ancient version of java.

The solution actually turned out to be easier.

https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02435928&lang=en&cc=us&taskId=120&prodSeriesId=4012659&prodTypeId=3709945

Make sure you turn off protected mode. I normally do this by telling Internet Explorer that the DRAC or ILO is part of the trusted sites. An easy way to do this is go to internet options, click on security, then trusted sites, then sites. Add an entry for https://10.99.99.* or what ever the subnet is that  contains your ILOs or your DRACs. The option for Protected Mode is at the bottom of the “Security Tab”