Make Packer bypass Windows UAC

wblakecannon · May 14, 2020, 4:06pm

I’ve been a Packer user for about a year; but with Linux. I was just asked to configure a Windows server. I don’t know Windows. For starters, I’m trying to use Packer to have a D: drive mapped on startup. The script that puts the volume online, partitions it, and maps it doesn’t seem to work. I have a feeling it’s failing because of UAC. When I log into the instance and try to execute the Powershell diskpart /s C:/Users/Administrator/Documents/diskpart.txt it brings up the UAC. So, I guess that’s what’s happening in packer? How do I bypass UAC with Packer?

poc.json:

{
    "variables": {
        "environment": "dev",
        "contact": "redacted",
        "service": "redacted"
    },
    "builders": [
        {
            "profile": "nonprod",
            "region": "us-west-2",
            "type": "amazon-ebs",
            "subnet_id": "redacted",
            "security_group_id": "redacted",
            "source_ami": "redacted",
            "instance_type": "t2.micro",
            "communicator": "winrm",
            "winrm_username": "Administrator",
            "ami_name": "{{user `service`}}-v7.0-{{user `environment`}}-Packer-{{timestamp}}",
            "tags": {
                "Name": "{{user `service`}}-v7.0-{{user `environment`}}-Packer-{{timestamp}}",
                "Service": "{{user `service`}}",
                "Environment": "{{user `environment`}}",
                "Contact": "{{user `contact`}}",
                "Packer": "true"
            },
            "run_tags": {
                "Name": "{{user `service`}} Packer Builder",
                "Service": "{{user `service`}}",
                "Environment": "{{user `environment`}}",
                "Contact": "{{user `contact`}}",
                "Packer": "true"
            },
            "launch_block_device_mappings": [
                {
                    "device_name": "xvdb",
                    "volume_size": 500,
                    "volume_type": "gp2",
                    "delete_on_termination": true
                }
            ]
        }
    ],
    "provisioners": [
        {
            "type": "powershell",
            "inline": [
                "C:/ProgramData/Amazon/EC2-Windows/Launch/Scripts/InitializeInstance.ps1 -Schedule",
                "C:/ProgramData/Amazon/EC2-Windows/Launch/Scripts/SysprepInstance.ps1 -NoShutdown"
            ]
        },
        {
            "type": "file",
            "source": "./files/diskpart.txt",
            "destination": "C:/Users/Administrator/Documents/"
        },
        {
            "type": "powershell",
            "execution_policy": "bypass",
            "inline": [
                "diskpart /s C:/Users/Administrator/Documents/diskpart.txt"
            ]
        }
    ]
}

diskpart.txt:

select disk 1 
attributes disk clear readonly 
online disk 
convert mbr
convert gpt
create partition primary 
format quick fs=ntfs label="Data Drive"
assign letter=D

wblakecannon · May 19, 2020, 5:29pm

The solution was to use all Powershell:

{
    "variables": {
        "environment": "redacted",
        "contact": "redacted",
        "service": "redacted"
    },
    "builders": [
        {
            "profile": "nonprod",
            "region": "us-west-2",
            "type": "amazon-ebs",
            "subnet_id": "redacted",
            "security_group_id": "redacted",
            "source_ami": "redacted",
            "instance_type": "t2.micro",
            "communicator": "winrm",
            "winrm_username": "Administrator",
            "ami_name": "{{user `service`}}-v7.0-{{user `environment`}}-Packer-{{timestamp}}",
            "tags": {
                "Name": "{{user `service`}}-v7.0-{{user `environment`}}-Packer-{{timestamp}}",
                "Service": "{{user `service`}}",
                "Environment": "{{user `environment`}}",
                "Contact": "{{user `contact`}}",
                "Packer": "true"
            },
            "run_tags": {
                "Name": "{{user `service`}} Packer Builder",
                "Service": "{{user `service`}}",
                "Environment": "{{user `environment`}}",
                "Contact": "{{user `contact`}}",
                "Packer": "true"
            },
            "launch_block_device_mappings": [
                {
                    "device_name": "xvdb",
                    "volume_size": 500,
                    "volume_type": "gp2",
                    "delete_on_termination": true
                }
            ]
        }
    ],
    "provisioners": [
        {
            "type": "powershell",
            "inline": [
                "C:/ProgramData/Amazon/EC2-Windows/Launch/Scripts/InitializeInstance.ps1 -Schedule",
                "C:/ProgramData/Amazon/EC2-Windows/Launch/Scripts/SysprepInstance.ps1 -NoShutdown",
                "Get-Disk | where partitionstyle -eq \"raw\" | Initialize-Disk -PartitionStyle GPT -PassThru | New-Partition -AssignDriveLetter -UseMaximumSize | Format-Volume -FileSystem NTFS -NewFileSystemLabel \"Data Drive\" -Confirm:$false"
            ]
        }
    ]
}

Topic		Replies	Views
Unable to set registry values in Windows using Packer for Azure Packer	0	674	March 12, 2021
Packer doesn't seem to upload files to Windows Packer	2	2937	August 2, 2021
Can't connect to Windows EC2 instance built by Packer via SSM Agent Packer windows	6	2809	March 26, 2023
Problem with packer in AWS windows Packer	3	826	April 12, 2023
Packer Windows AMI Build Failed Packer	0	850	March 17, 2021

Make Packer bypass Windows UAC

Related topics