Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

The windows cookbook has been deprecated

Author provided reason for deprecation:

The windows cookbook has been deprecated and is no longer being maintained by its authors. Use of the windows cookbook is no longer recommended.


windows (131) Versions 5.2.4

Provides a set of useful Windows-specific primitives.

cookbook 'windows', '= 5.2.4', :supermarket
cookbook 'windows', '= 5.2.4'
knife supermarket install windows
knife supermarket download windows
Quality 100%

Windows Cookbook

Build status Cookbook Version

Provides a set of Windows-specific resources to aid in the creation of cookbooks/recipes targeting the Windows platform.



  • Windows 7
  • Windows Server 2008 R2
  • Windows 8, 8.1
  • Windows Server 2012 (R1, R2)
  • Windows Server 2016


  • Chef 13.4+


Deprecated Resources Note

As of Chef Client 14.0+ the auto_run, feature, feature_dism, feature_powershell, font, pagefile, printer_port, printer, and shortcut resources are now included in the Chef Client. If you are running Chef 14+ the resources in Chef client will take precedence over the resources in this cookbook. In April 2019 we will release a new major version of this cookbook that removes these resources.

As of Chef 14.7+ the windows_share and windows_certificate resources are now included in the Chef Client. If you are running Chef 14.7+ the resources in Chef client will take precedence over the resources in this cookbook. In November 2019 we will release a new major version of this cookbook that removes these resources.


Note: This resource is now included in Chef 14 and later. There is no need to depend on the Windows cookbook for this resource.


  • :create - Create an item to be run at login
  • :remove - Remove an item that was previously setup to run at login


  • program_name - Name property. The name of the value to be stored in the registry
  • path - The program to be run at login. This property was previous named program. Cookbooks using the program property will continue to function, but should be updated.
  • args - The arguments for the program
  • root - The registry root key to put the entry under--:machine (default) or :user


Run BGInfo at login

windows_auto_run 'BGINFO' do
  program 'C:/Sysinternals/bginfo.exe'
  args    '\'C:/Sysinternals/Config.bgi\' /NOLICPROMPT /TIMER:0'
  action  :create


Note: This resource is now included in Chef 14.7 and later. There is no need to depend on the Windows cookbook for this resource.

Installs a certificate into the Windows certificate store from a file, and grants read-only access to the private key for designated accounts. Due to current limitations in WinRM, installing certificated remotely may not work if the operation requires a user profile. Operations on the local machine store should still work.


  • :create - creates or updates a certificate.
  • :delete - deletes a certificate.
  • :acl_add - adds read-only entries to a certificate's private key ACL.
  • :verify - logs whether or not a certificate is valid


  • source - name attribute. The source file (for create and acl_add), thumbprint (for delete and acl_add) or subject (for delete).
  • pfx_password - the password to access the source if it is a pfx file.
  • private_key_acl - array of 'domain\account' entries to be granted read-only access to the certificate's private key. This is not idempotent.
  • store_name - the certificate store to manipulate. One of:
    • MY (Personal)
    • CA (Intermediate Certification Authorities)
    • ROOT (Trusted Root Certification Authorities)
    • TRUSTEDPUBLISHER (Trusted Publishers)
    • CLIENTAUTHISSUER (Client Authentication Issuers)
    • REMOTE DESKTOP (Remote Desktop)
    • TRUSTEDDEVICES (Trusted Devices)
    • WEBHOSTING (Web Hosting)
    • AUTHROOT (Third-Party Root Certification Authorities)
    • TRUSTEDPEOPLE (Trusted People)
    • SMARTCARDROOT (Smart Card Trusted Roots)
    • TRUST (Enterprise Trust)
    • DISALLOWED (Untrusted Certificates)
  • user_store - if false (default) then use the local machine store; if true then use the current user's store.


# Add PFX cert to local machine personal store and grant accounts read-only access to private key
windows_certificate "c:/test/mycert.pfx" do
    pfx_password    "password"
    private_key_acl    ["acme\fred", "pc\jane"]
# Add cert to trusted intermediate store
windows_certificate "c:/test/mycert.cer" do
    store_name    "CA"
# Remove all certificates matching the subject
windows_certificate "" do
    action :delete


Binds a certificate to an HTTP port in order to enable TLS communication.


  • :create - creates or updates a binding.
  • :delete - deletes a binding.


  • cert_name - name attribute. The thumbprint(hash) or subject that identifies the certificate to be bound.
  • name_kind - indicates the type of cert_name. One of :subject (default) or :hash.
  • address - the address to bind against. Default is (all IP addresses). One of:
    • IP v4 address
    • IP v6 address [::1]
    • Host name
  • port - the port to bind against. Default is 443.
  • app_id - the GUID that defines the application that owns the binding. Default is the values used by IIS.
  • store_name - the store to locate the certificate in. One of:
    • MY (Personal)
    • CA (Intermediate Certification Authorities)
    • ROOT (Trusted Root Certification Authorities)
    • TRUSTEDPUBLISHER (Trusted Publishers)
    • CLIENTAUTHISSUER (Client Authentication Issuers)
    • REMOTE DESKTOP (Remote Desktop)
    • TRUSTEDDEVICES (Trusted Devices)
    • WEBHOSTING (Web Hosting)
    • AUTHROOT (Third-Party Root Certification Authorities)
    • TRUSTEDPEOPLE (Trusted People)
    • SMARTCARDROOT (Smart Card Trusted Roots)
    • TRUST (Enterprise Trust)


# Bind the first certificate matching the subject to the default TLS port
windows_certificate_binding "" do
# Bind a cert from the CA store with the given hash to port 4334
windows_certificate_binding "" do
    cert_name    "d234567890a23f567c901e345bc8901d34567890"
    name_kind    :hash
    store_name    "CA"
    port        4334


Configures A and CNAME records in Windows DNS. This requires the DNSCMD to be installed, which is done by adding the DNS role to the server or installing the Remote Server Admin Tools.


  • :create: creates/updates the DNS entry
  • :delete: deletes the DNS entry


  • host_name: name attribute. FQDN of the entry to act on.
  • dns_server: the DNS server to update. Default is local machine (.)
  • record_type: the type of record to create. One of A (default) or CNAME
  • target: for A records an array of IP addresses to associate with the host; for CNAME records the FQDN of the host to alias
  • ttl: if > 0 then set the time to live of the record


# Create A record linked to 2 addresses with a 10 minute ttl
windows_dns "m1.chef.test" do
    target         ['', '']
    ttl            600
# Delete records. target is mandatory although not used
windows_dns "m1.chef.test" do
    action    :delete
    target    []
# Set an alias against the node in a role
nodes = search( :node, "role:my_service" )
windows_dns "myservice.chef.test" do
    record_type    'CNAME'
    target        nodes[0]['fqdn']


Note: This resource is now included in Chef 14 and later. There is no need to depend on the Windows cookbook for this resource.

BREAKING CHANGE - Version 3.0.0

This resource has been moved from using LWRPs and multiple providers to using Custom Resources. To maintain functionality, you'll need to change provider to install_method.

Windows Roles and Features can be thought of as built-in operating system packages that ship with the OS. A server role is a set of software programs that, when they are installed and properly configured, lets a computer perform a specific function for multiple users or other computers within a network. A Role can have multiple Role Services that provide functionality to the Role. Role services are software programs that provide the functionality of a role. Features are software programs that, although they are not directly parts of roles, can support or augment the functionality of one or more roles, or improve the functionality of the server, regardless of which roles are installed. Collectively we refer to all of these attributes as 'features'.

This resource allows you to manage these 'features' in an unattended, idempotent way.

There are two underlying resources that power windows_feature which map to the available installation systems on supported releases of Windows: Deployment Image Servicing and Management (DISM) and PowerShell. Chef will set the default method to :windows_feature_dism if dism.exe is present on the system being configured and otherwise use :windows_feature_powershell.

For more information on Roles, Role Services and Features see the Microsoft TechNet article on the topic. For a complete list of all features that are available on a node type either of the following commands at a command prompt:

For Dism:

dism /online /Get-Features

For PowerShell:



  • :install - install a Windows role/feature
  • :remove - remove a Windows role/feature
  • :delete - remove a Windows role/feature from the image


  • feature_name - name of the feature/role(s) to install. The same feature may have different names depending on the underlying resource being used (ie DHCPServer vs DHCP; DNS-Server-Full-Role vs DNS).
  • all - Boolean. Optional. Default: false. For DISM this is the equivalent of specifying the /All switch to dism.exe, forcing all parent dependencies to be installed. With the PowerShell install method, the -InstallAllSubFeatures switch is applied. Note that these two methods may not produce identical results.
  • management_tools - Boolean. Optional. Default: false. PowerShell only. Includes the -IncludeManagementTools switch. Installs all applicable management tools of the roles, role services, or features specified by the feature name.
  • source - String. Optional. Uses local repository for feature install.
  • timeout - Integer. Optional. Default: 600. Specifies a timeout (in seconds) for feature install.
  • install_method - Symbol. Optional. If not supplied, Chef will determine which method to use (in the order of :windows_feature_dism, :windows_feature_servercmd, :windows_feature_powershell)


Install the DHCP Server feature

windows_feature 'DHCPServer' do
  action :install

Install the .Net 3.5.1 feature on Server 2012 using repository files on DVD and install all dependencies with a timeout of 900 seconds

windows_feature "NetFx3" do
  action :install
  all true
  source "d:\sources\sxs"
  timeout 900

Remove Telnet Server and Client features

windows_feature ['TelnetServer', 'TelnetClient'] do
  action :remove

Add the SMTP Server feature using the PowerShell provider

windows_feature "smtp-server" do
  action :install
  all true
  install_method :windows_feature_powershell

Install multiple features using one resource with the PowerShell provider

windows_feature ['Web-Asp-Net45', 'Web-Net-Ext45'] do
  action :install
  install_method :windows_feature_powershell

Install the Network Policy and Access Service feature, including the management tools. Which, for this example, will automatically install RSAT-NPAS as well.

windows_feature 'NPAS' do
  action :install
  management_tools true
  install_method :windows_feature_powershell


Note: This resource is now included in Chef 14 and later. There is no need to depend on the Windows cookbook for this resource.

Installs font files. Sources the font by default from the cookbook, but a URI source can be specified as well.


  • :install - install a font to the system fonts directory.


  • font_name - The file name of the font file name to install. The path defaults to the files/default directory of the cookbook you're calling windows_font from. Defaults to the resource name.
  • source - A local filesystem path or URI to source the font file from..


windows_font 'Code New Roman.otf'

windows_font 'Custom.otf' do
  source ""


Sets the Access Control List for an http URL to grant non-admin accounts permission to open HTTP endpoints.


  • :create - creates or updates the ACL for a URL.
  • :delete - deletes the ACL from a URL.


  • url - the name of the url to be created/deleted.
  • sddl - the DACL string configuring all permissions to URL. Mandatory for create if user is not provided. Can't be use with user.
  • user - the name (domain\user) of the user or group to be granted permission to the URL. Mandatory for create if sddl is not provided. Can't be use with sddl. Only one user or group can be granted permission so this replaces any previously defined entry. If you receive a parameter error your user may not exist.


windows_http_acl 'http://+:50051/' do
    user 'pc\\fred'
# Grant access to users "NT SERVICE\WinRM" and "NT SERVICE\Wecsvc" via sddl
windows_http_acl 'http://+:5985/' do
  sddl 'D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)'
windows_http_acl 'http://+:50051/' do
    action :delete


Note: This resource is now included in Chef 14 and later. There is no need to depend on the Windows cookbook for this resource.

Configures the file that provides virtual memory for applications requiring more memory than available RAM or that are paged out to free up memory in use.


  • :set - configures the default pagefile, creating if it doesn't exist.
  • :delete - deletes the specified pagefile.


  • path - the path to the pagefile, String, name_property: true
  • system_managed - configures whether the system manages the pagefile size. [true, false]
  • automatic_managed - all of the settings are managed by the system. If this is set to true, other settings will be ignored. [true, false], default: false
  • initial_size - initial size of the pagefile in megbytes. Integer
  • maximum_size - maximum size of the pagefile in megbytes. Integer


Note: This resource is now included in Chef 14 and later. There is no need to depend on the Windows cookbook for this resource.

Create and delete TCP/IPv4 printer ports.


  • :create - Create a TCIP/IPv4 printer port. This is the default action.
  • :delete - Delete a TCIP/IPv4 printer port


  • ipv4_address - Name attribute. Required. IPv4 address, e.g. ''
  • port_name - Port name. Optional. Defaults to 'IP_' + ipv4_address
  • port_number - Port number. Optional. Defaults to 9100.
  • port_description - Port description. Optional.
  • snmp_enabled - Boolean. Optional. Defaults to false.
  • port_protocol - Port protocol, 1 (RAW), or 2 (LPR). Optional. Defaults to 1.


Create a TCP/IP printer port named 'IP_10.4.64.37' with all defaults

windows_printer_port '' do
  action :create

Delete a printer port

windows_printer_port '' do
  action :delete

Delete a port with a custom port_name

windows_printer_port '' do
  port_name 'My awesome port'
  action :delete

Create a port with more options

windows_printer_port '' do
  port_name 'My awesome port'
  snmp_enabled true
  port_protocol 2


Note: This resource is now included in Chef 14 and later. There is no need to depend on the Windows cookbook for this resource.

Create Windows printer. Note that this doesn't currently install a printer driver. You must already have the driver installed on the system.

The Windows Printer resource will automatically create a TCP/IP printer port for you using the ipv4_address property. If you want more granular control over the printer port, just create it using the windows_printer_port resource before creating the printer.


  • :create - Create a new printer
  • :delete - Delete an existing printer


  • device_id - Printer queue name, e.g. 'HP LJ 5200 in fifth floor copy room'. Name property.
  • comment - Optional string describing the printer queue.
  • default - Boolean. Optional. Defaults to false. Note that Windows sets the first printer defined to the default printer regardless of this setting.
  • driver_name - String. Required. Exact name of printer driver. Note that the printer driver must already be installed on the node.
  • location - Printer location, e.g. 'Fifth floor copy room', or 'US/NYC/Floor42/Room4207'
  • shared - Boolean. Defaults to false.
  • share_name - Printer share name.
  • ipv4_address - Printer's IPv4 address, e.g. ''. You don't have to be able to ping the IP address to set it. Required.

An error of "Set-WmiInstance : Generic failure" is most likely due to the printer driver name not matching or not being installed.


Create a printer

windows_printer 'HP LaserJet 5th Floor' do
  driver_name 'HP LaserJet 4100 Series PCL6'
  ipv4_address ''

Delete a printer. Note: this doesn't delete the associated printer port. See windows_printer_port above for how to delete the port.

windows_printer 'HP LaserJet 5th Floor' do
  action :delete


Note: This resource is now included in Chef 14.7 and later. There is no need to depend on the Windows cookbook for this resource.

Creates, modifies and removes Windows shares. All properties are idempotent.

Note: This resource uses PowerShell cmdlets introduced in Windows 2012/8.


  • :create: creates/modifies a share
  • :delete: deletes a share


property type default description
share_name String resource name the share to assign to the share
path String The path of the location of the folder to share. Required when creating. If the share already exists on a different path then it is deleted and re-created.
description String description to be applied to the share
full_users Array [] users which should have "Full control" permissions
change_users Array [] Users are granted modify permission to access the share.
read_users Array [] users which should have "Read" permissions
temporary True/False false The lifetime of the new SMB share. A temporary share does not persist beyond the next restart of the computer
scope_name String '*' The scope name of the share.
ca_timeout Integer 0 The continuous availability time-out for the share.
continuously_available True/False false Indicates that the share is continuously available.
concurrent_user_limit Integer 0 (unlimited) The maximum number of concurrently connected users the share can accommodate
encrypt_data True/False false Indicates that the share is encrypted.


windows_share "foo" do
  action :create
  path "C:\\foo"
  full_users ["DOMAIN_A\\some_user", "DOMAIN_B\\some_other_user"]
  read_users ["DOMAIN_C\\Domain users"]
windows_share "foo" do
  action :delete


Note: This resource is now included in Chef 14 and later. There is no need to depend on the Windows cookbook for this resource.

Creates and modifies Windows shortcuts.


  • :create - create or modify a windows shortcut


  • shortcut_name - The name for the shortcut if it differs from the resource name. Name property
  • target - Where the shortcut links to.
  • arguments - arguments to pass to the target when the shortcut is executed
  • description - description of the shortcut
  • cwd - Working directory to use when the target is executed
  • iconlocation - Icon to use, in the format of "path, index" where index is which icon in that file to use (See WshShortcut.IconLocation)


Add a shortcut to all users desktop:

require 'win32ole'
all_users_desktop ="WScript.Shell").SpecialFolders("AllUsersDesktop")

windows_shortcut "#{all_users_desktop}/Notepad.lnk" do
  target "C:\\Windows\\notepad.exe"
  description "Launch Notepad"
  iconlocation "C:\\Windows\\notepad.exe,0"



  • :add - Add an item to the system path
  • :remove - Remove an item from the system path


  • path - Name attribute. The name of the value to add to the system path


Add Sysinternals to the system path

windows_path 'C:\Sysinternals' do
  action :add

Remove 7-Zip from the system path

windows_path 'C:\7-Zip' do
  action :remove


Adds the principal (User/Group) to the specified privileges (such as Logon as a batch job or Logon as a Service).


  • :add - add the specified privileges to the principal
  • :remove - remove the specified privilege of the principal


  • principal - Name attribute, Required, String. The user or group to be granted privileges.
  • privilege - Required, String/Array. The privilege(s) to be granted.


Grant the Administrator user the Logon as a batch job and Logon as a service privilege.

windows_user_privilege 'Administrator' do
  privilege %w(SeBatchLogonRight SeServiceLogonRight)

Remove Logon as a batch job privilege of Administrator.

windows_user_privilege 'Administrator' do
  privilege %w(SeBatchLogonRight)
  action :remove

Available Privileges

SeTrustedCredManAccessPrivilege      Access Credential Manager as a trusted caller
SeNetworkLogonRight                  Access this computer from the network
SeTcbPrivilege                       Act as part of the operating system
SeMachineAccountPrivilege            Add workstations to domain
SeIncreaseQuotaPrivilege             Adjust memory quotas for a process
SeInteractiveLogonRight              Allow log on locally
SeRemoteInteractiveLogonRight        Allow log on through Remote Desktop Services
SeBackupPrivilege                    Back up files and directories
SeChangeNotifyPrivilege              Bypass traverse checking
SeSystemtimePrivilege                Change the system time
SeTimeZonePrivilege                  Change the time zone
SeCreatePagefilePrivilege            Create a pagefile
SeCreateTokenPrivilege               Create a token object
SeCreateGlobalPrivilege              Create global objects
SeCreatePermanentPrivilege           Create permanent shared objects
SeCreateSymbolicLinkPrivilege        Create symbolic links
SeDebugPrivilege                     Debug programs
SeDenyNetworkLogonRight              Deny access this computer from the network
SeDenyBatchLogonRight                Deny log on as a batch job
SeDenyServiceLogonRight              Deny log on as a service
SeDenyInteractiveLogonRight          Deny log on locally
SeDenyRemoteInteractiveLogonRight    Deny log on through Remote Desktop Services
SeEnableDelegationPrivilege          Enable computer and user accounts to be trusted for delegation
SeRemoteShutdownPrivilege            Force shutdown from a remote system
SeAuditPrivilege                     Generate security audits
SeImpersonatePrivilege               Impersonate a client after authentication
SeIncreaseWorkingSetPrivilege        Increase a process working set
SeIncreaseBasePriorityPrivilege      Increase scheduling priority
SeLoadDriverPrivilege                Load and unload device drivers
SeLockMemoryPrivilege                Lock pages in memory
SeBatchLogonRight                    Log on as a batch job
SeServiceLogonRight                  Log on as a service
SeSecurityPrivilege                  Manage auditing and security log
SeRelabelPrivilege                   Modify an object label
SeSystemEnvironmentPrivilege         Modify firmware environment values
SeManageVolumePrivilege              Perform volume maintenance tasks
SeProfileSingleProcessPrivilege      Profile single process
SeSystemProfilePrivilege             Profile system performance
SeUnsolicitedInputPrivilege          "Read unsolicited input from a terminal device"
SeUndockPrivilege                    Remove computer from docking station
SeAssignPrimaryTokenPrivilege        Replace a process level token
SeRestorePrivilege                   Restore files and directories
SeShutdownPrivilege                  Shut down the system
SeSyncAgentPrivilege                 Synchronize directory service data
SeTakeOwnershipPrivilege             Take ownership of files or other objects


Most version of Windows do not ship with native cli utility for managing compressed files. This resource provides a pure-ruby implementation for managing zip files. Be sure to use the not_if or only_if meta parameters to guard the resource for idempotence or action will be taken every Chef run.


  • :unzip - unzip a compressed file
  • :zip - zip a directory (recursively)


  • path - name attribute. The path where files will be (un)zipped to.
  • source - source of the zip file (either a URI or local path) for :unzip, or directory to be zipped for :zip.
  • overwrite - force an overwrite of the files if they already exist.
  • checksum - for :unzip, useful if source is remote, if the local file matches the SHA-256 checksum, Chef will not download it.


Unzip a remote zip file locally

windows_zipfile 'c:/bin' do
  source ''
  action :unzip
  not_if {::File.exists?('c:/bin/PsExec.exe')}

Unzip a local zipfile

windows_zipfile 'c:/the_codez' do
  source 'c:/foo/baz/'
  action :unzip

Create a local zipfile

windows_zipfile 'c:/foo/baz/' do
  source 'c:/the_codez'
  action :zip



Helper that allows you to use helpful functions in windows


Returns a hash of all DisplayNames installed

# usage in a recipe
::Chef::Recipe.send(:include, Windows::Helper)
hash_of_installed_packages = installed_packages


  • package_name - The name of the package you want to query to see if it is installed
  • returns - true if the package is installed, false if it the package is not installed

Download a file if a package isn't installed

# usage in a recipe to not download a file if package is already installed
::Chef::Recipe.send(:include, Windows::Helper)
is_win_sdk_installed = is_package_installed?('Windows Software Development Kit')

remote_file 'C:\windows\temp\' do
  source 'http://url_to_download/'
  action :create_if_missing
  not_if {is_win_sdk_installed}

Do something if a package is installed

# usage in a provider
include Windows::Helper
if is_package_installed?('Windows Software Development Kit')
  # do something if package is installed


Helper that allows you to get information of the windows version running on your node. It leverages windows ohai from kernel.os_info, easy to mock and to use even on linux.


Determines whether given node is running on a windows Core.

if ::Windows::VersionHelper.core_version? node
  fail 'Windows Core is not supported'


Determines whether given node is a windows workstation version (XP, Vista, 7, 8, 8.1, 10)

if ::Windows::VersionHelper.workstation_version? node
  fail 'Only server version of windows are supported'


Determines whether given node is a windows server version (Server 2003, Server 2008, Server 2012, Server 2016)

if ::Windows::VersionHelper.server_version? node
  puts 'Server version of windows are cool'


Determines NT version of the given node

case ::Windows::VersionHelper.nt_version node
  when '6.0' then 'Windows vista or Server 2008'
  when '6.1' then 'Windows 7 or Server 2008R2'
  when '6.2' then 'Windows 8 or Server 2012'
  when '6.3' then 'Windows 8.1 or Server 2012R2'
  when '10.0' then 'Windows 10'


Place an explicit dependency on this cookbook (using depends in the cookbook's metadata.rb) from any cookbook where you would like to use the Windows-specific resources/providers that ship with this cookbook.

depends 'windows'

License & Authors

Copyright 2011-2018, Chef Software, Inc.
Copyright 2010, VMware, Inc.
Copyright 2011, Business Intelligence Associates, Inc
Copyright 2012, Nordstrom, Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

7-zip Applicable Versions
AWS_ms_dotnet Applicable Versions
Notepadplus_2 Applicable Versions
PsTools Applicable Versions
PsTools 1.20160904.2
PsTools 1.20160904.3
PsTools 1.20160904.4
PsTools 1.20160904.5
PsTools 1.20160904.6
PsTools 1.20160904.7
PsTools 1.20160904.8
PsTools 1.20160907.1
PsTools 1.20160910.1
PsTools 1.20160910.2
PsTools 1.20160911.1
PsTools 1.20160920.1
PsTools 1.20161023.1
PsTools 1.20161023.2
PsTools 1.20161103.1
PsTools 1.20161103.2
PsTools 1.20161104.1
PsTools 1.20161106.1
PsTools 1.20161112.2
PsTools 1.20161112.3
PsTools 1.20161113.1
PsTools 1.20161118.1
PsTools 1.20161118.2
PsTools 1.20161120.1
PsTools 1.20161120.2
PsTools 1.20161122.1
PsTools 1.20161122.2
PsTools 1.20161122.3
PsTools 1.20161122.4
PsTools 1.20161123.1
PsTools 1.20161123.2
PsTools 1.20161123.3
PsTools 1.20161123.4
PsTools 1.20161123.5
PsTools 1.20161123.6
PsTools 1.20161123.7
PsTools 1.20161123.8
PsTools 1.20161123.9
PsTools 1.20161123.10
PsTools 1.20161124.1
PsTools 1.20161126.1
PsTools 1.20161126.2
PsTools 1.20161126.3
PsTools 1.20161127.1
PsTools 1.20161127.2
PsTools 1.20161127.3
PsTools 1.20161130.1
PsTools 1.20161130.2
PsTools 1.20161201.1
PsTools 1.20161202.1
PsTools 1.20161202.2
PsTools 1.20161202.3
PsTools 1.20161202.4
PsTools 1.20161203.1
PsTools 1.20161203.2
PsTools 1.20161203.3
PsTools 1.20161204.1
PsTools 1.20170204.3
PsTools 1.20170205.1
PsTools 1.20170224.1
PsTools 1.20170224.2
PsTools 1.20170304.1
PsTools 1.20170304.2
PsTools 1.20170304.3
PsTools 1.20170305.1
PsTools 1.20170313.1
PsTools 1.20170313.2
PsTools 1.20170314.1
PsTools 1.20170314.2
PsTools 1.20170314.3
PsTools 1.20170314.4
PsTools 1.20170314.5
PsTools 1.20170315.1
PsTools 1.20170315.2
PsTools 1.20170321.1
PsTools 1.20170321.2
PsTools 1.20170321.3
PsTools 1.20170324.1
PsTools 1.20170324.2
PsTools 1.20170325.1
PsTools 1.20170325.2
PsTools 1.20170325.3
PsTools 1.20170327.1
PsTools 1.20170327.2
PsTools 1.20170327.3
PsTools 1.20170408.1
PsTools 1.20170409.1
PsTools 1.20170409.2
PsTools 1.20170409.3
PsTools 1.20170409.4
PsTools 1.20170409.5
PsTools 1.20170409.6
PsTools 1.20170409.7
PsTools 1.20170411.1
PsTools 1.20170422.1
PsTools 1.20170423.1
PsTools 1.20170423.2
PsTools 1.20170517.1
PsTools 1.20170527.1
PsTools 1.20170527.2
PsTools 1.20170527.3
PsTools 1.20170527.4
PsTools 1.20170527.5
PsTools 1.20170527.6
SysinternalsBginfo Applicable Versions
ad-join Applicable Versions
air Applicable Versions
apache2-windows Applicable Versions
appveyor Applicable Versions
appveyor-ci Applicable Versions
appveyorapi Applicable Versions
arcgis-desktop Applicable Versions
arcgis-enterprise Applicable Versions
arcgis-pro Applicable Versions
ark Applicable Versions
artifact Applicable Versions
artifact_legacy Applicable Versions
auditbeat Applicable Versions
autohotkey Applicable Versions
aws-ec2-snapshot Applicable Versions
b1 Applicable Versions
bacula-backup Applicable Versions
bacula-client Applicable Versions
beyondcompare Applicable Versions
bginfo Applicable Versions
box-sync Applicable Versions
buildkite Applicable Versions
cafe Applicable Versions
certificate_services Applicable Versions
chef-client Applicable Versions
chef-splunk-windows Applicable Versions
chef-waiter Applicable Versions
chefdk_bootstrap Applicable Versions
chocolatey Applicable Versions
chocolatey-installer Applicable Versions
chrome Applicable Versions
chromedriver Applicable Versions
composer Applicable Versions
consul Applicable Versions
couchbase Applicable Versions
couchbase-ng Applicable Versions
cygwin Applicable Versions
dacpac Applicable Versions
database_upgrader Applicable Versions
datadog Applicable Versions
divvy Applicable Versions
dmi Applicable Versions
dotnetframework Applicable Versions
dropbox Applicable Versions
drupal-windows Applicable Versions
dsc2 Applicable Versions
ec2configservice Applicable Versions
esri-iis Applicable Versions
expect Applicable Versions
fiddler Applicable Versions
filebeat Applicable Versions
filezilla Applicable Versions
firefox Applicable Versions
firefox_package Applicable Versions
flash Applicable Versions
flyway-cli Applicable Versions
gauge Applicable Versions
ghostdriver Applicable Versions
gimp Applicable Versions
git Applicable Versions
git-extensions Applicable Versions
gocd Applicable Versions
google-drive Applicable Versions
gow Applicable Versions
grant_logon_as_service Applicable Versions
graphite_powershell_functions Applicable Versions
habitat Applicable Versions
hana-studio Applicable Versions
heidisql Applicable Versions
hipchat_client Applicable Versions
iedriver Applicable Versions
iis Applicable Versions
iis-lb Applicable Versions
iis-packages-server Applicable Versions
iis_urlrewrite Applicable Versions
java Applicable Versions
java-snapshot Applicable Versions
kindle Applicable Versions
kms-server Applicable Versions
komodo-edit Applicable Versions
libsodium Applicable Versions
ls_windows_ad Applicable Versions
maven Applicable Versions
mercurial Applicable Versions
metricbeat Applicable Versions
mod_security Applicable Versions
mozilla_firefox Applicable Versions
ms_dotnet Applicable Versions
ms_dotnet2 Applicable Versions
ms_dotnet35 Applicable Versions
ms_dotnet4 Applicable Versions
ms_dotnet45 Applicable Versions
ms_messagequeue Applicable Versions
ms_telnet_client Applicable Versions
msoffice Applicable Versions
mssqlserver Applicable Versions
mssqlserver 1.20161122.4
mssqlserver 1.20161123.1
mssqlserver 1.20161123.2
mssqlserver 1.20161123.3
mssqlserver 1.20161123.4
mssqlserver 1.20161123.5
mssqlserver 1.20161123.6
mssqlserver 1.20161123.7
mssqlserver 1.20161123.8
mssqlserver 1.20161123.9
mssqlserver 1.20161123.10
mssqlserver 1.20161124.1
mssqlserver 1.20161126.1
mssqlserver 1.20161126.2
mssqlserver 1.20161126.3
mssqlserver 1.20161127.1
mssqlserver 1.20161127.2
mssqlserver 1.20161127.3
mssqlserver 1.20161130.1
mssqlserver 1.20161130.2
mssqlserver 1.20161201.1
mssqlserver 1.20161202.1
mssqlserver 1.20161202.2
mssqlserver 1.20161202.3
mssqlserver 1.20161202.4
mssqlserver 1.20161203.1
mssqlserver 1.20161203.2
mssqlserver 1.20161203.3
mssqlserver 1.20161204.1
mssqlserver 1.20170204.3
mssqlserver 1.20170205.1
mssqlserver 1.20170224.1
mssqlserver 1.20170224.2
mssqlserver 1.20170304.1
mssqlserver 1.20170304.2
mssqlserver 1.20170304.3
mssqlserver 1.20170305.1
mssqlserver 1.20170313.1
mssqlserver 1.20170313.2
mssqlserver 1.20170314.1
mssqlserver 1.20170314.2
mssqlserver 1.20170314.3
mssqlserver 1.20170314.4
mssqlserver 1.20170314.5
mssqlserver 1.20170315.1
mssqlserver 1.20170315.2
mssqlserver 1.20170321.2
mssqlserver 1.20170321.3
mssqlserver 1.20170324.1
mssqlserver 1.20170324.2
mssqlserver 1.20170325.1
mssqlserver 1.20170325.2
mssqlserver 1.20170325.3
mssqlserver 1.20170327.1
mssqlserver 1.20170327.2
mssqlserver 1.20170327.3
mssqlserver 1.20170408.1
mssqlserver 1.20170409.1
mssqlserver 1.20170409.2
mssqlserver 1.20170409.3
mssqlserver 1.20170409.4
mssqlserver 1.20170409.5
mssqlserver 1.20170409.6
mssqlserver 1.20170409.7
mssqlserver 1.20170411.1
mssqlserver 1.20170422.1
mssqlserver 1.20170423.1
mssqlserver 1.20170423.2
mssqlserver 1.20170517.1
mssqlserver 1.20170527.1
mssqlserver 1.20170527.2
mssqlserver 1.20170527.3
mssqlserver 1.20170527.4
mssqlserver 1.20170527.5
mssqlserver 1.20170527.6
mssqlserver 1.20170527.7
mssqlserver 1.20170527.8
mssqlserver 1.20180204.1
mssqlserver 1.20180204.2
mysql Applicable Versions
mysql-windows Applicable Versions
nant Applicable Versions
nexpose Applicable Versions
nodejs-windows Applicable Versions
nopcommerce Applicable Versions
notepadplusplus Applicable Versions
notepadplusplus_2 Applicable Versions
notepadpp Applicable Versions
nssm Applicable Versions
ntp Applicable Versions
octopus Applicable Versions
octopus-deploy Applicable Versions
omnibus Applicable Versions
openbazaar Applicable Versions
openssh-win Applicable Versions
operadriver Applicable Versions
opsview_client Applicable Versions
opsworks_ruby Applicable Versions
paintdotnet Applicable Versions
pandoc Applicable Versions
perforce Applicable Versions
perl Applicable Versions
php Applicable Versions
plex-home-theater Applicable Versions
powergui Applicable Versions
powershell Applicable Versions
private-internet-access Applicable Versions
proget Applicable Versions
push-jobs Applicable Versions
putty Applicable Versions
pycharm-community-edition Applicable Versions
resharper Applicable Versions
rubyinstaller Applicable Versions
sbp_emet Applicable Versions
sbp_mcafee Applicable Versions
sbp_messageanalyzer Applicable Versions
sbp_mremoteng Applicable Versions
sbp_netmon Applicable Versions
sbp_safenet Applicable Versions
sbp_sysinternals Applicable Versions
sbp_tcp_offloading Applicable Versions
sbp_tortoisegit Applicable Versions
sbp_treesizefree Applicable Versions
selenium Applicable Versions
selenium_grid Applicable Versions
sensu Applicable Versions
seven_zip Applicable Versions
signalfx_agent Applicable Versions
sikulix Applicable Versions
sitecore Applicable Versions
skype-app Applicable Versions
skype_windows Applicable Versions
snapraid Applicable Versions
spotify Applicable Versions
sql_server Applicable Versions
sqlce Applicable Versions
steam Applicable Versions
stegosoc-windows Applicable Versions
subversion Applicable Versions
symantec Applicable Versions
sysmon Applicable Versions
telegraf Applicable Versions
tfs Applicable Versions
tfs 1.20160723.8
tfs 1.20160723.9
tfs 1.20160723.10
tfs 1.20160723.11
tfs 1.20160724.1
tfs 1.20160731.1
tfs 1.20160801.1
tfs 1.20160802.1
tfs 1.20160824.1
tfs 1.20160825.1
tfs 1.20160825.2
tfs 1.20160826.1
tfs 1.20160826.2
tfs 1.20160826.3
tfs 1.20160826.4
tfs 1.20160826.5
tfs 1.20160826.6
tfs 1.20160826.7
tfs 1.20160826.8
tfs 1.20160826.9
tfs 1.20160826.10
tfs 1.20160827.1
tfs 1.20160828.1
tfs 1.20160828.2
tfs 1.20160828.3
tfs 1.20160828.4
tfs 1.20160828.5
tfs 1.20160828.6
tfs 1.20160828.7
tfs 1.20160828.8
tfs 1.20160830.1
tfs 1.20160830.2
tfs 1.20160831.1
tfs 1.20160831.2
tfs 1.20160831.3
tfs 1.20160831.4
tfs 1.20160831.5
tfs 1.20160831.6
tfs 1.20160831.7
tfs 1.20160831.8
tfs 1.20160831.9
tfs 1.20160831.10
tfs 1.20160831.11
tfs 1.20160903.1
tfs 1.20160903.2
tfs 1.20160903.3
tfs 1.20160903.4
tfs 1.20160903.5
tfs 1.20160903.6
tfs 1.20160903.7
tfs 1.20160903.8
tfs 1.20160904.1
tfs 1.20160904.2
tfs 1.20160904.3
tfs 1.20160904.4
tfs 1.20160904.5
tfs 1.20160904.6
tfs 1.20160904.7
tfs 1.20160904.8
tfs 1.20160907.1
tfs 1.20160910.1
tfs 1.20160910.2
tfs 1.20160911.1
tfs 1.20160920.1
tfs 1.20161023.1
tfs 1.20161023.2
tfs 1.20161103.1
tfs 1.20161103.2
tfs 1.20161104.1
tfs 1.20161106.1
tfs 1.20161112.2
tfs 1.20161112.3
tfs 1.20161113.1
tfs 1.20161118.1
tfs 1.20161118.2
tfs 1.20161120.1
tfs 1.20161120.2
tfs 1.20161122.1
tfs 1.20161122.2
tfs 1.20161122.3
tfs 1.20161122.4
tfs 1.20161123.1
tfs 1.20161123.2
tfs 1.20161123.3
tfs 1.20161123.4
tfs 1.20161123.5
tfs 1.20161123.6
tfs 1.20161123.7
tfs 1.20161123.8
tfs 1.20161123.9
tfs 1.20161123.10
tfs 1.20161124.1
tfs 1.20161126.1
tfs 1.20161126.2
tfs 1.20161126.3
tfs 1.20161127.1
tfs 1.20161127.2
tfs 1.20161127.3
tfs 1.20161130.1
tfs 1.20161130.2
tfs 1.20161201.1
tfs 1.20161202.1
tfs 1.20161202.2
tfs 1.20161202.3
tfs 1.20161202.4
tfs 1.20161203.1
tfs 1.20161203.2
tfs 1.20161203.3
tfs 1.20161204.1
tfs 1.20170204.3
tfs 1.20170205.1
tfs 1.20170224.1
tfs 1.20170224.2
tfs 1.20170304.1
tfs 1.20170304.2
tfs 1.20170304.3
tfs 1.20170305.1
tfs 1.20170313.1
tfs 1.20170313.2
tfs 1.20170314.1
tfs 1.20170314.2
tfs 1.20170314.3
tfs 1.20170314.4
tfs 1.20170314.5
tfs 1.20170315.1
tfs 1.20170315.2
tfs 1.20170321.1
tfs 1.20170321.2
tfs 1.20170321.3
tfs 1.20170324.1
tfs 1.20170324.2
tfs 1.20170325.1
tfs 1.20170325.2
tfs 1.20170325.3
tfs 1.20170327.1
tfs 1.20170327.2
tfs 1.20170327.3
tfs 1.20170408.1
tfs 1.20170409.1
tfs 1.20170409.2
tfs 1.20170409.3
tfs 1.20170409.4
tfs 1.20170409.5
tfs 1.20170409.6
tfs 1.20170409.7
tfs 1.20170411.1
tfs 1.20170422.1
tfs 1.20170423.1
tfs 1.20170423.2
tfs 1.20170517.1
tfs 1.20170527.1
tfs 1.20170527.2
tfs 1.20170527.3
tfs 1.20170527.4
tfs 1.20170527.5
tfs 1.20170527.6
tissues Applicable Versions
topbeat Applicable Versions
tripwire_agent Applicable Versions
vagrant Applicable Versions
vc2010 Applicable Versions
vc2013 Applicable Versions
vcruntime Applicable Versions
veeam Applicable Versions
vim-windows Applicable Versions
virtualbox Applicable Versions
virtualbox-install Applicable Versions
visualstudio Applicable Versions
vlc Applicable Versions
vmware_workstation Applicable Versions
vs-2008 Applicable Versions
vsts_agent Applicable Versions
vsts_build_agent Applicable Versions
webhook Applicable Versions
webpi Applicable Versions
win_dns Applicable Versions
win_firewall Applicable Versions
win_time Applicable Versions
winbox Applicable Versions
windev Applicable Versions
windirstat Applicable Versions
windows-hostname Applicable Versions
windows_ad Applicable Versions
windows_dfs Applicable Versions
windows_dhcp Applicable Versions
windows_dns Applicable Versions
windows_failover_cluster Applicable Versions
windows_print Applicable Versions
windows_ssl Applicable Versions
windows_tasks Applicable Versions
winlogbeat_lwrp Applicable Versions
winlogbeats Applicable Versions
winrm Applicable Versions
winrm-config Applicable Versions
winscp Applicable Versions
wireshark Applicable Versions
wix Applicable Versions
wordpress-windows Applicable Versions
wsus-server Applicable Versions
x2go-client Applicable Versions
zabbix2 Applicable Versions

windows Cookbook CHANGELOG

This file is used to list changes made in each version of the windows cookbook.

5.2.4 (2019-02-28)

  • Fix http_acl regex to properly capture SDDL - @Annih
  • Updated windows_share to create share if the share is deleted, and to sanitize paths using Chef::Util::PathHelper.cleanpath (#607) - @Xorima

5.3.3 (2019-01-30)

  • Updated windows_certificate code to match that in Chef 14.10. This increases the requirement of the win32_certstore gem to the latest and resolves multiple issues with the previous implementation.

5.2.2 (2018-11-20)

  • windows_share: Accounts to be revoked should be provided as an individually quoted string array

5.2.1 (2018-11-19)

  • windows_share: Fix idempotency by not adding everyone by default

5.2.0 (2018-11-14)

  • Support installing deleted features in windows_feature_dism

5.1.6 (2018-11-13)

  • Add a warning to the readme regarding windows_share and windows_certificate now being included in Chef 14.7
  • Deprecated win_friendly_path helper in favor of built-in helpers

5.1.5 (2018-11-07)

  • Avoid deprecation warnings in windows_share and windows_certificate on Chef 14.7+ as these are now included in the chef-client itself.

5.1.4 (2018-10-30)

  • Note the :verify action for windows_certificate in the readme
  • certificate resource: auto set sensitive is passing password

5.1.3 (2018-10-11)

  • Remove docs and test suite for windows tasks
  • Changed variable name in log message for retrieving SMB share access
  • Don't load the windows helper in windows_certificate

5.1.2 (2018-10-08)

  • Fix typo in windows_feature_dism resource name

5.1.1 (2018-09-06)

  • Require the win32-certstore gem and upgrade the gem as the resource runs so we get the most up to date version
  • Remove redundant helper methods from the windows_certificate resource

5.1.0 (2018-08-29)

  • Add an action to windows_user_privilege to remove a privilege
  • Fix failing appveyor tests
  • Require win32-certstore 0.1.8 which resolves several issues with the windows_certificate resource
  • Avoid deprecation warnings with Chef 14.3+ by not loading resources that are now built into Chef

5.0.0 (2018-07-24)

Breaking Changes

This release removes the windows_task and windows_path resources from this cookbook. This resources shipped in Chef 13.0 and 13.4 This raises the required version of chef-client for this cookbook to 13.4 or later.

4.3.4 (2018-07-18)

  • Fix error message typo in windows_feature_powershell
  • Use win32-certstore 0.1.7 for bugfixes

4.3.3 (2018-07-05)

  • Fix failures on PS 3.0 in windows_feature_powershell

4.3.2 (2018-06-13)

  • Don't error in windows_feature_dism when providing a source

4.3.1 (2018-06-11)

  • Make sure to quote each individual user to grant share access to

4.3.0 (2018-06-11)

  • Add the windows_user_privilege resource which can grant privileges like Logon As a Service
  • Add windows_feature_powershell support for Windows 2008 R2 by not downcasing the feature names there and modifying the shell_out commands to make older output look like the 2012+ output
  • windows_certificate resource has been reworked to use the new win32-certstore gem. This gem abstracts away much of the logic and will allow us to better support certificates on Windows, especially on non-english systems.
  • Convert pester tests to InSpec for easier testing with ChefDK out of the box
  • Added additional tests for better testing in AppVeyor
  • Stop importing the servermanager module in windows_feature_powershell since we require PowerShell 3.0 and we don't need to do this there
  • Improve the error messages in Windows feature to get the Windows versions right
  • Increase readability in version logic with helpers in windows_feature resources

4.2.5 (2018-05-28)

  • Add quoting to Path when creating new Share

4.2.4 (2018-05-14)

  • Fix the platform version check in windows_share

4.2.3 (2018-05-07)

  • Include the helper in the action class to prevent failures with the zipfile resource

4.2.2 (2018-04-24)

  • Properly fail in windows_share on Windows 2008 R2 since we lack the cmdlets to manipulates shares on those systems.

4.2.1 (2018-04-17)

  • Make sure shares can have spaces in the share name

4.2.0 (2018-04-16)

  • Initial rewrite of windows_share to use PowerShell for share creation. This introduces multiple new properties and resolves a good number of longstanding issues. Please be sure to report any issues you see with this so we can stabilize this resource and include it in Chef 15!
  • Resolve failures in windows_certificate

4.1.4 (2018-03-29)

  • Raise in windows_feature_powershell if we're on PS < 3.0

4.1.3 (2018-03-28)

  • Restore support for Windows 2008 R2 in windows_feature_dism

4.1.2 (2018-03-27)

  • Improve creation messaging for shares
  • Allow feature names to be case insensitive in windows_feature

4.1.1 (2018-03-23)

  • Simplify delete action slightly in windows_pagefile
  • Don't use win_friendly_path helper in windows_pagefile since we already coerce the path value

4.1.0 (2018-03-21)

  • Adds Caching for WIndows Feature Powershell resource using the same sort of logic we use on windows_feature_dism. This gives us a 3.5X speedup when no features need to be changed (subsequent runs after the change)
  • Warn if we're on w2k12 and trying to use source/management properties in windows_feature_powershell since that doesn't work.
  • Properly parse features into arrays so installing an array of features works in dism/powershell. This is the preferred way to install a number of features and will be faster than a large number of feature resources
  • Fix description of properties for pagefile in the readme

4.0.2 (2018-03-20)

  • Enable FC016 testing
  • Enable FC059 testing
  • Properly calculate available packages if source is passed in windows_feature_dism resource

4.0.1 (2018-03-07)

Fix the previous update to windows_feature_dism to use 'override' level of attributes not the normal level which persists to the node. Thanks to @Annih for pointing out the mistake here.

4.0.0 (2018-03-05)


This release contains a complete rewrite to windows_feature_dism resource and includes several behavior changes to windows_feature resource. Make sure to read the complete list of changes below before deploying this to production systems.

DISM feature caching Ohai plugin replacement

In the 3.X cookbook we installed an Ohai plugin that cached the state of features on the node, and we reloaded that plugin anytime we installed/removed a feature from the system. This greatly sped up Chef runs where no features were actually installed/removed (2nd run and later). Without the caching each resource would take about 1 second longer while it queried current feature state. Using Ohai to cache this data was problematic though due to incompatibilities with Chef Solo, the reliance on the ohai cookbook, and the addition of extra node data which had to be stored on the Chef Server.

In the 4.0 release instead of caching data via an Ohai plugin we just write directly to the node within the resource. This avoids the need to load in the ohai plugin and the various issues that come with that. In the end it's basically the exact same thing, but less impacting on end users and faster when the data needs to be updated.

Fail when feature is missing in windows_feature_dism

The windows_feature_dism resource had a rather un-Chef behavior in which it just warned you if a feature wasn't available on your platform and then continued on silently. This isn't how we handle missing packages in any of our package resource and because of that it's not going to be what anyone expects out of the box. If someone really wants SNMP installed and we can't install it we should fail instead of continuing on as if we did install it. So we'll now do the following things:

  • When installing a feature that doesn't exist: fail
  • When removing a feature that doesn't exist: continue since it is technically removed
  • When deleting a feature that doesn't exist: continue since it is technically deleted

For some users, particularly those writing community cookbooks, this is going to be a breaking change. I'd highly recommend putting logic within your cookbooks to only install features on supported releases of Windows. If you'd just like it to continue even with a failure you can also use ignore_failure true on your resource although this produces a lot of failure messaging in logs.

Properly support features as an array in windows_feature_dism

We claimed to support installing features as an array in the windows_feature_dism resource previously, but it didn't actually work. The actual result was a warning that the array of features wasn't available on your platform since we compared the array to available features as if it was a string. We now properly support installation as a array and we do validation on each feature in the array to make sure the features are available on your Windows release.

Install as the default action in windows_feature_powershell

Due to some previous refactoring the :install action was not the default action for windows_feature_powershell. For all other package resources in Chef install is the default so this would likely lead to some unexpected behavior in cookbooks. This is technically a breaking change, but I suspect everyone assumed :install was always the default.

servermanagercmd.exe Support Removal

This cookbook previously supported servermanagercmd.exe, which was necessary for feature installation on Windows 2003 / 2008 (not R2) systems. Windows 2003 went full EOL in 2015 and 2008 went into extended support in 2015. Neither releases are supported platforms for Chef or this cookbook so we've chosen to simplify the code and remove support entirely.

Remove the undocumented node['windows']['rubyzipversion'] attribute

This attribute was a workaround for a bug in the rubyzip gem YEARS ago that's just not necessary anymore. We also never documented this attribute and a resource shouldn't change behavior based on attributes.

3.5.2 (2018-03-01)

  • Remove value_for_feature_provider helper which wasn't being used and was using deprecated methods
  • Add all the Windows Core editions to the version helper
  • Simplify / speedup how we find the font directory in windows_font
  • Don't bother enabling why-run mode in the resources since it's enabled by default
  • Don't include mixlib-shellout in the resources since it's included by default
  • Fix installation messaging for windows_feature_powershell to properly show all features being installed
  • Use powershell for the share creation / deletion in windows_share. This speeds up the runs and fixes some of the failures.

3.5.1 (2018-02-23)

  • Add a new shortcut_name property to windows_shortcut
  • Use Chef's built in registry_key_exists helper in windows_printer_port
  • Fix the source coerce in windows_font

3.5.0 (2018-02-23)

  • Add Windows 2016 to the supported releases in the readme
  • Add Windows 10 detection to the version helper
  • Remove the Chefspec matchers. These are auto generated by ChefSpec now. If this causes your specs to fail upgrade ChefDK
  • In certificate_binding support hostnameport option if address is a hostname
  • Convert several tests to InSpec tests and add additional test scenarios
  • Remove required: true on the name_properties, which serves no purpose and will be a Foodcritic rule in the next Foodcritic release
  • Fix windows_feature logging to work when the user provides an array of features
  • Don't both coercing a symbol into a symbol in the windows_auto_run resource.
  • Switch windows_font over to the built in path helper in Chef, which a much more robust
  • Don't coerce forward slashes to backslashes in the windows_font source property if the source is a URI
  • Add a new path property to windows_pagefile for properly overriding the resource name
  • Coerce backslashes to forward slashes in windows_pagefile's path property so we do the right thing even if a user gives bad input
  • Add a new program_name property in windows_auto_run for overriding the resource name
  • Rename program property to path in windows_auto_run. The legacy name will continue to work, but cookbooks should be updated
  • Coerce the path property to use backslashes in windows_auto_run so it works no matter what format of path the user provides
  • Avoid writing out an extra space in windows_auto_run's registry entry when the user doesn't specify an arg
  • Added yard comments to many of the helper methods

3.4.4 (2018-01-19)

  • Fix undefined method for 'ipv4_address' in windows_printer_port

3.4.3 (2018-01-04)

  • Added missing parentheses around PersistKeySet flag that was preventing PowerShell from creating X509Certificate2 object

3.4.2 (2018-01-02)

  • Add deprecation warnings for windows_path and windows_task which are now included in Chef 13. These will be removed from this cookbook in Sept 2018.

3.4.1 (2017-12-06)

  • Fix long-running filtering by replace LIKE with equality sign in the share resource
  • Use logical OR instead of AND when trying to detect share permissions changing in the share resource
  • Remove extra new_resource.updated_by_last_action in the windows_task resource that resulted in a Foodcritic warning

3.4.0 (2017-11-14)

  • Add a root key property for the auto_run resource
  • Fix a resource typo where a name_property was still written name_attribute
  • Resolve FC108 warnings

3.3.0 (2017-11-06)

  • Add new dns resource. See readme for examples
  • Add BUILTIN\Users to SYSTEM_USERS for windows_task

3.2.0 (2017-10-17)

  • Add management_tools property to windows_feature powershell provider which installs the various management tools
  • Fix deprecations_namespace_collisions
  • Add additional certificate store names
  • Add the ability to define a timeout on windows_feature
  • Multiple improvements to the font resource

    • Improved logging, particularly debug logging
    • Allow pulling the font from a remote location using remote_file
    • Fix some failures in fetching local fonts
    • Added a font_name property that allows you specify the local name of the font, which can be different from the name of the chef resource. This allows you to create more friendly resource names for your converge.
    • Handle font resources with backslashes in their source
  • Remove source property from servermanagercmd provider as it does not support it.

  • Remove converge_by around inner powershell_script resource to stop it always reporting as changed

  • Change install feature guards to work on Windows 2008r2

  • Allow dism feature installs to work on non-English systems

3.1.3 (2017-09-18)

windows_task and windows_path deprecation

s of chef-client 13.0+ and 13.4+ windows_task and windows_path are now included in the Chef client. windows_task underwent a full rewrite that greatly improved the functionality and idempotency of the resource. We highly recommend using these new resources by upgrading to Chef 13.4 or later. If you are running these more recent Chef releases the windows_task and windows_path resources within chef-client will take precedence over those in this cookbook. In September 2018 we will release a new major version of this cookbook that removes windows_task and windows_path.

3.1.2 (2017-08-14)

  • Revert "Require path in the share resource instead of raising if it's missing" which was causing failures due to a bug in the chef-client

3.1.1 (2017-06-13)

  • Replace Windows 7 testing with Windows 10 testing
  • Expand debug logging in the pagefile resource
  • Require path in the share resource instead of raising if it's missing
  • Make pagefile properly fail the run if the command fails to run

3.1.0 (2017-05-30)

  • Updated resource documentation for windows_pagefile
  • Declare windows_feature as why-runnable
  • Remove action_class.class_eval usage and require 12.7+ as class_eval is causing issues with later versions of Chef

3.0.5 (2017-04-07)

  • Add support for windows_task resource to run on non-English editions of Windows
  • Ensure chef-client 12.6 compatibility with action_class.class_eval

3.0.4 (2017-03-29)

  • restoring the cached_file helper as downstream cookbooks use it.

3.0.3 (2017-03-28)

  • Correct a typo in a Log message

3.0.2 (2017-03-21)

  • Fix windows_zipfile resource to properly download and cache the zip archives

3.0.1 (2017-03-17)

  • Fix windows_share to be fully idempotent. Fixes #447

3.0.0 (2017-03-15)

Warning This release includes multiple breaking changes as we refactored all existing resources and resolved many longstanding bugs. We highly recommend exercising caution and fully testing this new version before rolling it out to a production environment.

Breaking changes

  • This cookbook now requires Chef 12.6 or later and we highly recommend even more recent Chef 12 releases as they resolve critical Windows bugs and include new Windows specific functionality.
  • The windows_package resource has been removed as it is built into chef-client 12.6+ and the built in version is faster / more robust.
  • The powershell out helper has been removed as it is now included in chef-client 12.6+
  • The default recipe no longer installs the various Windows rubygems required for non-omnibus chef-client installs. This was a leftover from Chef 10 and is no longer necessary, or desired, as we ship these gems in every Windows chef release.
  • windows_feature has been heavily refactored and in doing so the method used to control the underlying providers has changed. You can no longer specify which windows_feature provider to use by setting node['windows']['feature_provider'] or by setting the provider property on the resource itself. Instead you must set install_method to specify the correct underlying installation method. You can also now reference the resources directly by using windows_feature_servermanagercmd, windows_feature_powershell or windows_feature_dism instead of windows_feature

  • Windows_font's file property has been renamed to name to avoid collisions with the Chef file resource.

Other Changes

  • All LWRPs in this cookbook have been refactored to be custom resources
  • windows_path, windows_shortcut, and windows_zipfile have been updated to be idempotent with support for why-run mode and proper notification when the resources actually update
  • windows_pagefile now validates the name of the pagefile to avoid cryptic error messages
  • A new share resource has been added for setting up Windows shares
  • TrustedPeople certificate store has been added to the list of allowed store_names in the certificate resources
  • version helper constant definitions has been improved
  • A new all property has been added to the Windows feature resource to install all dependent features. See the windows feature test recipe for usage examples.
  • Windows feature now accepts an array of features, which greatly speeds up feature installs and simplifies recipe code
  • The path resource now accepts paths with either forward slashes or backslashes and correctly adds the path using Windows style backslash.
  • The powershell provider for windows_feature resource has been fixed to properly import ServerManager in the :remove action
  • Testing has been switched from a Rakefile to the new Delivery local mode
  • Several issues with testing the resources on non-Windows hosts in ChefSpec have been resolved
  • A new source property has been added to the windows_feature_powershell resource
  • Additional test suites have been added to Test Kitchen to cover all resources and those test suites are now being executed in AppVeyer on every PR
  • Travis CI testing has been removed and all testing is being performed in AppVeyer

2.1.1 (2016-11-23)

  • Make sure the ohai plugin is available when installing features

2.1.0 (2016-11-22)

  • Reduce expensive executions of dism in windows_feature by using a new Ohai plugin
  • Add guard around chef_version metadata for Opsworks and older Chef 12 clients
  • Update the rakefile to the latest
  • Add deprecation dates for the windows_package and powershell functionality that has been moved to core Chef. These will be removed 4/17 when we release Chef 13
  • Provide helper method to get windows version info
  • Allow defining http acl using SDDL

2.0.2 (2016-09-07)

  • Added the powershell_out mixin back to allow for Chef 12.1-12.3 compatibility
  • Set the dependency back to Chef 12.1

2.0.1 (2016-09-07)

  • Clarify the platforms we support in the readme
  • Require Chef 12.4 which included powershell_out

2.0.0 (2016-09-07)

This cookbook now requires Chef 12.1+. Resources (lwrps) that have been moved into the chef-client have been removed from this cookbook. While the functionality in the chef-client is similar, and in many cases improved, the names and properties have changed in some cases. Make sure to check for full documentation on each of these resources, and as usual carefully test your cookbooks before upgrading to this new release.

Removed resources and helpers:

  • windows_reboot provider
  • windows_batch provider
  • windows_registry provider
  • Powershell out for only_if / not_if statements
  • Windows Architecture Helper
  • Reboot handler and the dependency on the chef_handler cookbook

Changes resource behavior

  • For Chef clients 12.6 and later the windows_package provider will no longer be used as windows_package logic is now included in Chef. Chef 12.1 - 12.5.1 clients will continue to default to the windows_package provider in this cookbook for full compatibility.

Additional changes

  • Updated and expanded testing
  • Fixed the windows_feature powershell provider to run on Windows 2008 / 2008 R2
  • Added TrustedPublisher as a valid cert store_name
  • Updated the certificate_binding resource to respect the app_id property
  • Added why-run support to the auto_run resource

1.44.3 (2016-08-16)

  • Remove support for ChefSpec <4.1 in the matchers
  • Add missing Chefspec matchers

1.44.2 (2016-08-15)

  • Add missing windows_font matcher
  • Add chef_version to the metadata
  • Switch from Rubocop to Cookstyle and use our improved Rakefile
  • Remove test deps from the Gemfile that are in ChefDK


  • PR 375 - Fix comparison of string to number in platform_version
  • PR 376 - Switch to cookstyle, update gem deps and other minor stuff
  • PR 377 - add test and check for feature installation through powershell


  • PR 372 - Support Server 2008 for feature installs via PowerShell


  • PR 369 - Add a enable_windows_task matcher


  • PR 365 - Escape command quotes when passing to schtasks


  • PR 364 - Configurable font source


  • PR 357 - Fixes for schtasks
  • PR 359 - take bundler out of the appveyor build
  • PR 356 - Misc fixes and updates
  • PR 355 - bump and pin rubocop, fix broken cop
  • PR 348 - Make notify work for windows_task


  • PR 329 - Silence compile_time warning for chef_gem
  • PR 338 - ChefSpec matchers for windows_certificate
  • PR 341 - Updated rubocop and FoodCritic compliance
  • PR 336 - Fixed where clause compliance with PS v1/v2


  • PR 325 - Raise an error if a bogus feature is given to the powershell windows_feature provider
  • PR 326 - Fix windows_font and copy the font file before installation


  • PR 305 - Added months attribute to windows_task and allow frequency_modifier to accept values 'FIRST', 'SECOND', 'THIRD', 'FOURTH', 'LAST', and 'LASTDAY' for monthly frequency
  • PR 310 - Fix windows_task breaks when there is a space in the user name
  • PR 314 - fixes reboot handling on some chef versions below 11.12
  • PR 317 - Adds a disable_windows_task matcher
  • PR 311 - Implements the cwd attribute of windows_task
  • PR 318 - Use dsl instead of manual resource instanciation
  • PR 303 - Fix http_acl idempotency when user name contains a space
  • PR 257 - Speed up windows_feature dism provider
  • PR 319 - Add a for kitchen testing on Azure
  • PR 315 - Deprecate windows_package and forward to Chef::Provider::Package::Windows when running 12.6 or higher


  • PR 295 - Escape http_acl username
  • PR 293 - Separating assignments to code_script and guard_script as they should be different scripts and not hold the same reference
  • Issue 298 - windows_certificate_binding is ignoring store_name attribute and always saving to MY
  • Issue 296 - Fixes windows_certificate idempotentcy on chef 11 clients


  • Make windows_task resource idempotent (double quotes need to be single when comparing)
  • Issue 245 - Fix No resource, method, or local variable namedpassword' for Chef::Provider::WindowsTask' when interactive_enabled is true


  • Lazy-load windows-pr gem library files. Chef 12.5 no longer includes the windows-pr gem. Earlier versions of this cookbook will not compile on Chef 12.5.

v1.38.1 (2015-07-28)

  • Publishing without extended metadata

v1.38.0 (2015-07-27)

  • Do not set new_resource.password to nil, Fixes #219, Fixes #220
  • Add windows_certificate resource #212
  • Add windows_http_acl resource #214

v1.37.0 (2015-05-14)

  • fix windows_package Chef.set_resource_priority_array warning
  • update windows_task to support tasks in folders
  • fix windows_task delete action
  • replace windows_task name attribute with 'task_name'
  • add :end action to 'windows_task'
  • Tasks created with the windows_task resource default to the SYSTEM account
  • The force attribute for windows_task makes the :create action update the definition.
  • windows_task :create action will force an update of the task if the user or command differs from the currently configured setting.
  • add default provider for windows_feature
  • add a helper to make sure WindowsRebootHandler works in ChefSpec
  • added a source and issues url to the metadata for Supermarket
  • updated the Gemfile and .kitchen.yml to reflect the latest test-kitchen windows guest support
  • started tests using the kitchen-pester verifier

v1.36.6 (2014-12-18)

  • reverting all chef_gem compile_time work

v1.36.5 (2014-12-18)

  • Fix zipfile provider

v1.36.4 (2014-12-18)

  • Fix Chef chef_gem with Chef::Resource::ChefGem.method_defined?(:compile_time)

v1.36.3 (2014-12-18)

  • Fix Chef chef_gem below 12.1.0

v1.36.2 (2014-12-17)

  • Being explicit about usage of the chef_gem's compile_time property.
  • Eliminating future deprecation warnings in Chef 12.1.0

v1.36.1 (2014-12-17)

  • PR 160 - Fix Chef 11.10 / versions without windows_package in core

v1.36.0 (2014-12-16)

  • PR 145 - do not fail on non-existant task
  • PR 144 - Add a zip example to the README
  • PR 110 - More zip documentation
  • PR 148 - Add an LWRP for font installation
  • PR 151 - Fix windows_package on Chef 12, add integration tests
  • PR 129 - Add enable/disable actions to task LWRP
  • PR 115 - require Chef::Mixin::PowershellOut before using it
  • PR 88 - Code 1003 from servermanagercmd.exe is valid

v1.34.8 (2014-10-31)

  • Issue 137 - windows_path resource breaks with ruby 2.x

v1.34.6 (2014-09-22)

v1.34.2 (2014-08-12)

  • Issue 99 - Remove rubygems / Internet wmi-lite dependency (PR #108)

v1.34.0 (2014-08-04)

  • Issue 99 - Use wmi-lite to fix Chef 11.14.2 break in rdp-ruby-wmi dependency

v1.32.1 (2014-07-15)

  • Fixes broken cookbook release

v1.32.0 (2014-07-11)

  • Add ChefSpec resource methods to allow notification testing (@sneal)
  • Add use_inline_resources to providers (@micgo)
  • [COOK-4728] - Allow reboot handler to be used as an exception handler
  • [COOK-4620] - Ensure win_friendly_path doesn't error out when ALT_SEPARATOR is nil

v1.31.0 (2014-05-07)

  • [COOK-2934] - Add windows_feature support for 2 new DISM attributes: all, source

v1.30.2 (2014-04-02)

  • [COOK-4414] - Adding ChefSpec matchers

v1.30.0 (2014-02-14)

  • [COOK-3715] - Unable to create a startup task with no login
  • [COOK-4188] - Add powershell_version method to return Powershell version

v1.12.8 (2014-01-21)

  • [COOK-3988] Don't unescape URI before constructing it.

v1.12.6 (2014-01-03)

  • [COOK-4168] Circular dep on powershell - moving powershell libraries into windows. removing dependency on powershell


Fixing depend/depends typo in metadata.rb



  • COOK-4110 - feature_servermanager installed? method regex bug



  • COOK-3793 - parens inside parens of don't render

New Feature

  • COOK-3714 - Powershell features provider and delete support.



  • COOK-3724 - Rrecommend built-in resources over cookbook resources
  • COOK-3515 - Remove unprofessional comment from library
  • COOK-3455 - Add Windows Server 2012R2 to windows cookbook version helper


  • COOK-3542 - Fix an issue where windows_zipfile fails with LoadError
  • COOK-3447 - Allow Overriding Of The Default Reboot Timeout In windows_reboot_handler
  • COOK-3382 - Allow windows_task to create on_logon tasks
  • COOK-2098 - Fix and issue where the windows_reboot handler is ignoring the reboot time

New Feature

  • COOK-3458 - Add support for start_date and start_time in windows_task



  • [COOK-3126]: windows_task should support the on start frequency
  • [COOK-3127]: Support the force option on task create and delete



  • [COOK-2899]: windows_feature fails when a feature install requires a reboot
  • [COOK-2914]: Foodcritic failures in Cookbooks
  • [COOK-2983]: windows cookbook has foodcritic failures


  • [COOK-2686]: Add Windows Server 2012 to version.rb so other depending chef scripts can detect Windows Server 2012


When using Windows qualified filepaths (C:/foo), the #absolute? method for URI returns true, because "C" is the scheme.

This change checks that the URI is http or https scheme, so it can be passed off to remote_file appropriately.

  • [COOK-2729] - allow only http, https URI schemes


  • [COOK-2729] - helper should use URI rather than regex and bare string


  • [COOK-968] - windows_package provider should gracefully handle paths with spaces
  • [COOK-222] - windows_task resource does not declare :change action
  • [COOK-241] - Windows cookbook should check for redefined constants
  • [COOK-248] - Windows package install type is case sensitive


  • [COOK-2336] - MSI That requires reboot returns with RC 3010 and causes chef run failure
  • [COOK-2368] - version attribute of the windows_package provider should be documented


Important: Use powershell in nodes expanded run lists to ensure powershell is downloaded, as powershell has a dependency on this cookbook; v1.8.0 created a circular dependency.

  • [COOK-2301] - windows 1.8.0 has circular dependency on powershell


  • [COOK-2126] - Add checksum attribute to windows_zipfile
  • [COOK-2142] - Add printer and printer_port LWRPs
  • [COOK-2149] - Chef::Log.debug Windows Package command line
  • [COOK-2155] -windows_package does not send checksum to cached_file in installer_type


  • [COOK-1745] - allow for newer versions of rubyzip


  • [COOK-2048] - undefined method for Falseclass on task :change when action is :nothing (and task doesn't exist)
  • [COOK-2049] - Add windows_pagefile resource


  • [COOK-1251] - Fix LWRP "NotImplementedError"
  • [COOK-1921] - Task LWRP will return true for resource exists when no other scheduled tasks exist
  • [COOK-1932] - Include :change functionality to windows task lwrp


  • [COOK-1571] - windows_package resource (with msi provider) does not accept spaces in filename
  • [COOK-1581] - Windows cookbook needs a scheduled tasks LWRP
  • [COOK-1584] - windows_registry should support all registry types


  • [COOK-1173] - windows_registry throws Win32::Registry::Error for action :remove on a nonexistent key
  • [COOK-1182] - windows package sets start window title instead of quoting a path
  • [COOK-1476] - zipfile lwrp should support :zip action
  • [COOK-1485] - package resource fails to perform install correctly when "source" contains quote
  • [COOK-1519] - add action :remove for path lwrp


  • [COOK-1033] - remove the libraries/ruby_19_patches.rb file which causes havoc on non-Windows systems.
  • [COOK-811] - add a timeout parameter attribute for windows_package


  • [COOK-1323] - Update for changes in Chef 0.10.10.

    • Setting file mode doesn't make sense on Windows (package provider
    • and reboot_handler recipe)
    • Prefix ::Win32 to avoid namespace collision with Chef::Win32
    • (registry_helper library)
    • Use chef_gem instead of gem_package so gems get installed correctly under the Ruby environment Chef runs in (reboot_handler recipe, zipfile provider)


  • [COOK-1037] - specify version for rubyzip gem
  • [COOK-1007] - windows_feature does not work to remove features with dism
  • [COOK-667] - shortcut resource + provider for Windows platforms


  • [COOK-939] - add type parameter to windows_registry to allow binary registry keys.
  • [COOK-940] - refactor logic so multiple values get created.


  • FIX: Older Windows (Windows Server 2003) sometimes return 127 on successful forked commands
  • FIX: windows_package, ensure we pass the WOW* registry redirection flags into


  • patch to fix [CHEF-2684], Open4 is named Open3 in Ruby 1.9
  • Ruby 1.9's Open3 returns 0 and 42 for successful commands
  • retry keyword can only be used in a rescue block in Ruby 1.9


  • windows_package - catch Win32::Registry::Error that pops up when searching certain keys


  • combined numerous helper libarires for easier sharing across libaries/LWRPs
  • renamed Chef::Provider::WindowsFeature::Base file to the more descriptive feature_base.rb
  • refactored windows_path LWRP

    • :add action should MODIFY the the underlying ENV variable (vs CREATE)
    • deleted greedy :remove action until it could be made more idempotent
  • added a windows_batch resource/provider for running batch scripts remotely


  • [COOK-745] gracefully handle required server restarts on Windows platform

    • WindowsRebootHandler for requested and pending reboots
    • windows_reboot LWRP for requesting (receiving notifies) reboots
    • reboot_handler recipe for enabling WindowsRebootHandler as a report handler
  • [COOK-714] Correct initialize misspelling

  • RegistryHelper - new get_values method which returns all values for a particular key.


  • [COOK-719] resource/provider for managing windows features
  • [COOK-717] remove windows_env_vars resource as env resource exists in core chef
  • new Windows::Version helper class
  • refactored Windows::Helper mixin


  • added force_modify action to windows_registry resource
  • add win_friendly_path helper
  • re-purpose default recipe to install useful supporting windows related gems


  • [COOK-700] new resources and improvements to the windows_registry provider (thanks Paul Morton!)

    • Open the registry in the bitednes of the OS
    • Provide convenience methods to check if keys and values exit
    • Provide convenience method for reading registry values
    • NEW - windows_auto_run resource/provider
    • NEW - windows_env_vars resource/provider
    • NEW - windows_path resource/provider
  • re-write of the windows_package logic for determining current installed packages

  • new checksum attribute for windows_package resource...useful for remote packages


  • [COOK-647] account for Wow6432Node registry redirecter
  • [COOK-656] begin/rescue on win32/registry


  • [COOK-612] initial release

Collaborator Number Metric

5.2.4 passed this metric

Contributing File Metric

5.2.4 passed this metric

Foodcritic Metric

5.2.4 passed this metric

No Binaries Metric

5.2.4 passed this metric

Testing File Metric

5.2.4 passed this metric

Version Tag Metric

5.2.4 passed this metric