Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


ad-join (25) Versions 4.12.0

Joins windows computers to Active Directory (LDAP) Domain

cookbook 'ad-join', '= 4.12.0', :supermarket
cookbook 'ad-join', '= 4.12.0'
knife supermarket install ad-join
knife supermarket download ad-join
Quality 29%

ad-join Cookbook

This is a library cookbook that will join a windows computer to a windows AD domain


Chef >= 12.5.1

This leverages custom resources so it will not work on chef versions older than 12.5.1

Tested on:

Windows 2012R2


default['ad-join']['windows']['update_hostname'] = true

Set to false if you want the domain name/hostname to be different from the chef node name. (see #5).

default['ad-join']['windows']['double_reboot'] = true

Will continue to reboot windows until joined to domain and breadcrumb c:\\Windows\\chef-ad-join.txt exists.

default['ad-join']['windows']['visual_warning'] = false

If visual_warning = true, windows will display a login warning to anyone who connects via RDP to the machine before chef has finished the reboots and the converge. This will override any group policy your company might have in place for displaying custom login messages.


This cookbook is a library cookbook and is intended to be used by your own wrapper cookbook. See the [recipes directory](./recipes) for examples.


  • join
  • leave

It contains a custom resource named domain_join that takes 5 properties

  • domain
  • domain_user
  • domain_password
  • ou
  • server (optional)


domain_join 'foobar' do
  domain          ''
  domain_user     'binduser'
  domain_password 'correct-horse-battery-staple'
  ou              'OU=US,OU=West,OU=Web,DC=example,DC=com'
  server          'DC01' #Optional
  action :join

The ou must be formatted with OU= before each organizational unit and DC= before each domain component. see [recipes/example_complex.rb](./recipes/example_complex.rb) for an example of how to derive the OU from attributes.

Behind the scenes

If you bootstrapped the node with the name option; e.g.

knife bootstrap -N us-web01

Then that is the name that will be used to join the domain (not the hostname since windows randomly generates it on first boot)

The name cannot include control characters, leading or trailing spaces, or any of the following characters: / \ [ ].

In most cases, Windows hostnames must be 15 characters or less.

The cookbook creates a windows scheduled task that runs chef as soon as the VM is started. The scheduled task is deleted after all the reboots.

The cookbook will restart windows twice since some group policy objects (like the time zone) are not applied on first boot. You can change this behavior by changing the following attribute to false.

default['ad-join']['windows']['double_reboot'] = true  

License and Authors


Volodymyr Babchynskyy

Spencer Owen

Dependent cookbooks

windows >= 1.36.0

Contingent cookbooks

There are no cookbooks that are contingent upon this one.


Fixes issue #19
Fixes deprecation warning for chef 13


Fix berkshelf supermarket url


Abort if hostname is longer than 15 characters on windows


Adds domain leave functionality (#16 metalseargolid)


Fix: Scheduled task wont run if time zone changes on reboot (#13)


Fix: No longer gives deprecation warnings if 'server' is nil. (#9)


Improvement: Adds name to scheduled task, removing need for workaround
Change: Changes c:\windows\chef-ad-join.txt to windows friendly path c:/windows/chef-ad-join.txt


Fix: Warning registry key not cleaned up


Add: 'server' parameter to allow for specifying a specific domain controller
Fix: Warning message wouldn't be displayed (#4)


Fix: Passwords with special characters now work properly (#7 Thanks opsline-radek)
Fix: OU Parameter is now truly optional (#6 Thanks opsline-radek)


Adds new attribute default['ad-join']['windows']['update_hostname']


Adds warning attribute


Fixes incorrect CWD in sched task (issue #3)
Fixes incorrect ohai fact "node['os']"


Fixes powershell error when vm name is same as bootstrap name. issue #2


Updates metadata for supermarket


Fixes attribute name for double reboot


Created new git repo for public release on github


Create breadcrumb only if missing


Fixes OU not having quotes


Complete rewrite to make it a library cookbook


More verbose logging in scheduled task


Reduces timeout to 30 seconds


general cleanup, removed private domain name and so on, prepared for public release


removed private usernames and passwords


rubocop convention alerts accepted


changed databag name


rubocop check for line length now is 120 symbols


rubocop and foodcritic inspections added


icon added


tests added


Added possibility to run it on teamcity CI


Fixed, directory server is unavailable issue, code commented for future use


Passwords moved into databag


added ohai reload for new fqdn resolution in chef


Initial release of ad-join

Collaborator Number Metric

4.12.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric

4.12.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of, and your repo must contain a file

Foodcritic Metric

4.12.0 failed this metric

FC064: Ensure issues_url is set in metadata: ad-join/metadata.rb:1
FC065: Ensure source_url is set in metadata: ad-join/metadata.rb:1
FC066: Ensure chef_version is set in metadata: ad-join/metadata.rb:1
FC069: Ensure standardized license defined in metadata: ad-join/metadata.rb:1
Run with Foodcritic Version 10.3.1 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

License Metric

4.12.0 failed this metric

ad-join does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.

No Binaries Metric

4.12.0 passed this metric

Testing File Metric

4.12.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of, and your repo must contain a file

Version Tag Metric

4.12.0 passed this metric