Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
devel:documentation:systems:dev:winrm_connector [2019/06/12 11:36] kucerar link to winrm config |
devel:documentation:systems:dev:winrm_connector [2019/07/17 05:22] kucerar path to crt |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== WinRM Connector ====== | ====== WinRM Connector ====== | ||
- | This connector can be used to connect to basically to any system which can be managed via powershell commands or some specialized client which can be called from powershell. | + | Windows Remote Management (WinRM) |
Connector is based on Connid CMD connector. We made fork of CMD connector version 0.4-SNAPSHOT. | Connector is based on Connid CMD connector. We made fork of CMD connector version 0.4-SNAPSHOT. | ||
Line 30: | Line 30: | ||
It supports HTTP and HTTPS communication. HTTPS communication can be a little bit tricky to configure. You need the right | It supports HTTP and HTTPS communication. HTTPS communication can be a little bit tricky to configure. You need the right | ||
- | certificate which is used in WinRM listener on Win server and then import crt to the trust store on machine where this connector is running. | + | certificate which is used in WinRM listener on Win server and then import crt to the trust store on machine where this connector is running |
- | In file winrm_wrapper.py on line 39 where the session for WinRM is created you need to specify ca trust path. | + | < |
- | On Debian based system | + | p = winrm.protocol.Protocol(endpoint=endpoint, |
+ | transport=authentication, | ||
+ | username=user, | ||
+ | password=password, | ||
+ | ca_trust_path=' | ||
+ | </ | ||
===== Configuration ===== | ===== Configuration ===== | ||
Connector has few settings which need to be configured before you used it. | Connector has few settings which need to be configured before you used it. | ||
+ | |||
+ | If your connector server is running on Windows then you need to enter " | ||
=== Create script === | === Create script === | ||
Line 98: | Line 104: | ||
| \_\_ACCOUNT\_\_ | | \_\_ACCOUNT\_\_ | ||
| \_\_GROUP\_\_ | | \_\_GROUP\_\_ | ||
+ | |||
+ | ===== Managing users groups ===== | ||
+ | When you use this connector for some system where you need to manage groups for users (OpenLims). Attribute for roles must be called " | ||
+ | |||
+ | ===== Scripts ===== | ||
+ | ==== python ==== | ||
+ | Python scripts should start with these two lines: | ||
+ | < | ||
+ | # -*- coding: utf-8 -*-</ | ||
+ | |||
+ | The second line is important because in python 2.x default encoding is ASCII so if don't specify the encoding in python file then we will have problems with using diacritics. | ||
+ | Then if we need to load powershell script into python and replace some params, It's recommended to open with encoding. | ||
+ | < | ||
+ | import codecs | ||
+ | f = codecs.open(os.environ[" | ||
+ | command = f.read() | ||
+ | command = command.replace(" | ||
+ | </ | ||
+ | For getting parameter from environment you can use method in winrm_wrapper which will return value or empty string if the variable is not in environment. It will return value as unicode with utf-8 encoding | ||
+ | |||
+ | We are using encoding otherwise you will have problem with diacritics in powershell when you want to encode the powershell script before sending it via WinRM. | ||
+ | |||
===== Installation ===== | ===== Installation ===== | ||
Line 107: | Line 135: | ||
Now we have prepared the tool which is used by our connector. Next you need to install java connector server. Connector server is not mandatory but as we wrote in the first section it's recommended to use it. | Now we have prepared the tool which is used by our connector. Next you need to install java connector server. Connector server is not mandatory but as we wrote in the first section it's recommended to use it. | ||
+ | < | ||
You can download whole bundle with prepared and tested connector server here:< | You can download whole bundle with prepared and tested connector server here:< | ||
Line 119: | Line 148: | ||
You will probably need to add these libs into classpath in ConnectorServer.sh or ConnectorServer.bat it depends on your OS. | You will probably need to add these libs into classpath in ConnectorServer.sh or ConnectorServer.bat it depends on your OS. | ||
- | Now you can put winrm-connector-0.5.jar to the bundles folder inside connector server and you can start it. | + | If you want to be able to run connector server as a service follow next steps |
+ | |||
+ | < | ||
+ | # create user which we run the connector server | ||
+ | useradd connector-server | ||
+ | |||
+ | #create file | ||
+ | / | ||
+ | |||
+ | # content of the file, change path according where you have your connector server | ||
+ | [Unit] | ||
+ | Description=Java Connector Server Service | ||
+ | [Service] | ||
+ | User=connector-server | ||
+ | WorkingDirectory=/ | ||
+ | ExecStart=/ | ||
+ | SuccessExitStatus=143 | ||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | |||
+ | # Reload and enable deamon | ||
+ | systemctl daemon-reload | ||
+ | systemctl enable java-connector-server | ||
+ | |||
+ | # Use this to start/ | ||
+ | systemctl start java-connector-server | ||
+ | systemctl stop java-connector-server | ||
+ | systemctl status java-connector-server | ||
+ | </ | ||
+ | |||
+ | Now you can put winrm-connector-1.0.0.jar to the bundles folder inside connector server and you can start it. | ||
Next thing which you need to do is configure WinRM on windows server or check if WinRM is accessible. You can follow steps from out [[tutorial: | Next thing which you need to do is configure WinRM on windows server or check if WinRM is accessible. You can follow steps from out [[tutorial: |