Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
devel:documentation:systems:dev:winrm_connector [2019/06/11 13:21] kucerar provisioning,operations, powershell |
devel:documentation:systems:dev:winrm_connector [2019/07/17 05:22] kucerar path to crt |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== WinRM Connector ====== | ====== WinRM Connector ====== | ||
- | This connector can be used to connect to basically to any system which can be managed via powershell commands or some specialized client which can be called from powershell. | + | Windows Remote Management (WinRM) |
Connector is based on Connid CMD connector. We made fork of CMD connector version 0.4-SNAPSHOT. | Connector is based on Connid CMD connector. We made fork of CMD connector version 0.4-SNAPSHOT. | ||
Line 30: | Line 30: | ||
It supports HTTP and HTTPS communication. HTTPS communication can be a little bit tricky to configure. You need the right | It supports HTTP and HTTPS communication. HTTPS communication can be a little bit tricky to configure. You need the right | ||
- | certificate which is used in WinRM listener on Win server and then import crt to the trust store on machine where this connector is running. | + | certificate which is used in WinRM listener on Win server and then import crt to the trust store on machine where this connector is running |
- | In file winrm_wrapper.py on line 39 where the session for WinRM is created you need to specify ca trust path. | + | < |
- | On Debian based system | + | p = winrm.protocol.Protocol(endpoint=endpoint, |
+ | transport=authentication, | ||
+ | username=user, | ||
+ | password=password, | ||
+ | ca_trust_path=' | ||
+ | </ | ||
===== Configuration ===== | ===== Configuration ===== | ||
Connector has few settings which need to be configured before you used it. | Connector has few settings which need to be configured before you used it. | ||
+ | |||
+ | If your connector server is running on Windows then you need to enter " | ||
=== Create script === | === Create script === | ||
Line 98: | Line 104: | ||
| \_\_ACCOUNT\_\_ | | \_\_ACCOUNT\_\_ | ||
| \_\_GROUP\_\_ | | \_\_GROUP\_\_ | ||
+ | |||
+ | ===== Managing users groups ===== | ||
+ | When you use this connector for some system where you need to manage groups for users (OpenLims). Attribute for roles must be called " | ||
+ | |||
+ | ===== Scripts ===== | ||
+ | ==== python ==== | ||
+ | Python scripts should start with these two lines: | ||
+ | < | ||
+ | # -*- coding: utf-8 -*-</ | ||
+ | |||
+ | The second line is important because in python 2.x default encoding is ASCII so if don't specify the encoding in python file then we will have problems with using diacritics. | ||
+ | Then if we need to load powershell script into python and replace some params, It's recommended to open with encoding. | ||
+ | < | ||
+ | import codecs | ||
+ | f = codecs.open(os.environ[" | ||
+ | command = f.read() | ||
+ | command = command.replace(" | ||
+ | </ | ||
+ | For getting parameter from environment you can use method in winrm_wrapper which will return value or empty string if the variable is not in environment. It will return value as unicode with utf-8 encoding | ||
+ | |||
+ | We are using encoding otherwise you will have problem with diacritics in powershell when you want to encode the powershell script before sending it via WinRM. | ||
+ | |||
+ | |||
+ | ===== Installation ===== | ||
+ | For using this connector you need to install a few things which is needed. | ||
+ | * Install python, tested version is 2.7 | ||
+ | * Install pip for managing Python packages - for linux use package managers based on you distribution and install package python-pip. If you are using windows pip will be installed together with python if you use official installator. | ||
+ | * Install pywinrm and dependencies. You can follow official guide https:// | ||
+ | |||
+ | Now we have prepared the tool which is used by our connector. Next you need to install java connector server. Connector server is not mandatory but as we wrote in the first section it's recommended to use it. | ||
+ | |||
+ | < | ||
+ | You can download whole bundle with prepared and tested connector server here:< | ||
+ | |||
+ | Or you can follow this guide and prepare the connector server yourself if you want. | ||
+ | This connector is tested in java connector server 1.4.5.1 https:// | ||
+ | and with connector-framework 1.4.3.0 | ||
+ | |||
+ | Next you will need to add these libraries into lib folder of the connector server: | ||
+ | * jackson-annotations-2.9.8 | ||
+ | * jackson-core-2.9.8 | ||
+ | * jackson-databind-2.9.8 | ||
+ | You will probably need to add these libs into classpath in ConnectorServer.sh or ConnectorServer.bat it depends on your OS. | ||
+ | |||
+ | If you want to be able to run connector server as a service follow next steps | ||
+ | |||
+ | < | ||
+ | # create user which we run the connector server | ||
+ | useradd connector-server | ||
+ | |||
+ | #create file | ||
+ | / | ||
+ | |||
+ | # content of the file, change path according where you have your connector server | ||
+ | [Unit] | ||
+ | Description=Java Connector Server Service | ||
+ | [Service] | ||
+ | User=connector-server | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart=/ | ||
+ | SuccessExitStatus=143 | ||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | |||
+ | # Reload and enable deamon | ||
+ | systemctl daemon-reload | ||
+ | systemctl enable java-connector-server | ||
+ | |||
+ | # Use this to start/ | ||
+ | systemctl start java-connector-server | ||
+ | systemctl stop java-connector-server | ||
+ | systemctl status java-connector-server | ||
+ | </ | ||
+ | |||
+ | Now you can put winrm-connector-1.0.0.jar to the bundles folder inside connector server and you can start it. | ||
+ | |||
+ | Next thing which you need to do is configure WinRM on windows server or check if WinRM is accessible. You can follow steps from out [[tutorial: |