Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
devel:documentation:adm:systems:winrm_ad_connector [2019/09/02 14:36] sourek |
devel:documentation:adm:systems:winrm_ad_connector [2020/03/25 07:32] kucerar link to tips for scripts |
||
---|---|---|---|
Line 5: | Line 5: | ||
Typical use cases for this combined connector are: | Typical use cases for this combined connector are: | ||
- | * Management of home directories - User is created via AD connector and home directory is created by WinRM Connector (powershell) | + | * Management of home directories - User is created via AD connector and home directory is created by WinRM Connector (powershell). Owner of home directory can be set only locally. |
* Management of o365 | * Management of o365 | ||
* Management of Exchange | * Management of Exchange | ||
Line 44: | Line 44: | ||
Powershell scripts are in subfolders. It's not only " | Powershell scripts are in subfolders. It's not only " | ||
- | All of these scripts logging into connector server log | + | All of these scripts logging into connector server log. All log messages are shown after powershell script is executed and the control is returned into connector. So it can see that the log is frozen if the powershell script will run some time. Disadvantage is, if your powershell script froze for real you will not see any log. This can happen for example if you execute some command which will wait for user input, but you can prevent this one by using [[devel: |
Then in folder " | Then in folder " | ||
Line 101: | Line 101: | ||
===== Scripts ===== | ===== Scripts ===== | ||
+ | |||
+ | For more information about how to write scripts, follow [[devel: | ||
+ | |||
==== python ==== | ==== python ==== | ||
Python scripts should start with these two lines: | Python scripts should start with these two lines: | ||
Line 118: | Line 121: | ||
We are using encoding otherwise you will have problem with diacritics in powershell when you want to encode the powershell script before sending it via WinRM. | We are using encoding otherwise you will have problem with diacritics in powershell when you want to encode the powershell script before sending it via WinRM. | ||
+ | <note tip> | ||
+ | <note tip>For search and delete operations IdM only sends uid. So in this scripts you cannot use any other attributes. For example someone would want to rename home directory in delete script and leave it there for period of time as backup. But in this situation you can only add to home directory' | ||
===== Installation ===== | ===== Installation ===== | ||
- | For using this connector you need to install a few things which is needed. | + | For using WinRM part of this connector you need to install a few things which is needed, otherwise you can skip these steps. |
* Install python, tested version is 2.7 | * Install python, tested version is 2.7 | ||
* Install pip for managing Python packages - for linux use package managers based on you distribution and install package python-pip. If you are using windows pip will be installed together with python if you use official installator. | * Install pip for managing Python packages - for linux use package managers based on you distribution and install package python-pip. If you are using windows pip will be installed together with python if you use official installator. | ||
* Install pywinrm and dependencies. You can follow official guide https:// | * Install pywinrm and dependencies. You can follow official guide https:// | ||
- | Now we have prepared the tool which is used by our connector. Next you need to install | + | <note tip> |
- | + | ||
- | < | + | |
- | You can download whole bundle with prepared | + | |
- | + | ||
- | Or you can follow | + | |
- | This connector | + | |
- | and with connector-framework 1.4.3.0 | + | |
- | + | ||
- | Next you will need to add these libraries into lib folder of the connector server: | + | |
- | * jackson-annotations-2.9.8 | + | |
- | * jackson-core-2.9.8 | + | |
- | * jackson-databind-2.9.8 | + | |
- | You will probably need to add these libs into classpath in ConnectorServer.sh or ConnectorServer.bat it depends on your OS. | + | |
- | + | ||
- | If you want to be able to run connector server as a service follow next steps | + | |
< | < | ||
- | # create user which we run the connector server | + | su - connector-server |
- | useradd connector-server | + | pip install |
- | + | ||
- | #create file | + | |
- | / | + | |
- | + | ||
- | # content of the file, change path according where you have your connector server | + | |
- | [Unit] | + | |
- | Description=Java Connector Server Service | + | |
- | [Service] | + | |
- | User=connector-server | + | |
- | WorkingDirectory=/ | + | |
- | ExecStart=/ | + | |
- | SuccessExitStatus=143 | + | |
- | [Install] | + | |
- | WantedBy=multi-user.target | + | |
- | + | ||
- | # Reload and enable deamon | + | |
- | systemctl daemon-reload | + | |
- | systemctl enable java-connector-server | + | |
- | # Use this to start/ | + | #those only if you need them |
- | systemctl start java-connector-server | + | pip install |
- | systemctl stop java-connector-server | + | pip install |
- | systemctl status java-connector-server | + | |
</ | </ | ||
+ | </ | ||
- | Now you can put winrm-ad-connector-1.0.1.jar | + | Now we have prepared the tool which is used by our connector. |
- | Next thing which you need to do is configure | + | - Follow [[devel: |
+ | - Put '' | ||
+ | - Configure | ||
===== Configuration ===== | ===== Configuration ===== | ||
Line 226: | Line 198: | ||
You can configure the order of connectors. Default behavior is that AD connector is first. | You can configure the order of connectors. Default behavior is that AD connector is first. | ||
{{ : | {{ : | ||
+ | < |