Remote Execution Adapter for Aegis (Part 1 - Client)

Remote Execution Adapter for Aegis (Part 1 - Client)

Designing IT Process Automation workflows very often comprises of taking a manually documented process and converting it into an automated process, maintaining the logical steps and as many of the techniques used in the manual process as possible. Manual processes can include heterogeneous automated steps utilizing customized scripts which may have been in place for years so using them in the automated process is of great benefit using solutions which are tried and tested. If the script can be run on the automation server manually great, the automation platform will have little problem running it – but if it needs to be placed on a remote machine in a different network behind firewalls or in a different domain then the automation platform can run into some problems of even getting the script to where its meant to be before running it!

Having an agent running on the remote system such as NetIQ AppManager allows scripts to be run locally on the target system and overcomes this limitation nicely and Aegis can easily use this functionality. If not running remote commands and scripts is more of a challenge.

Aegis does provide out of the box activities to run remote commands and scripts, but firewalls, permissions and lack of adequate results from the remote scripts are often a blocker. Sometimes even getting a command or script to the remote machine is a problem and getting results like log files back is just as difficult. There are always ways around this though, with many solutions using third party command-line utilities are used via the ‘run command’ activity to get around these problems.

With the 'Remote Execution Adapter', I provide a solution which avoids the limitations of existing methodologies in a tightly integrated way.

The adapter works by placing a NetIQ IQConnect (Namespace) agent service on the remote system which also runs the adapter and then runs the script locally on the target server rather than remotely. The Aegis Namespace Provider on the Aegis server communicates with the service on the remote system on a defined port so a firewall rule can be defined to allow the communication. The scripts will run under the context of the remote service account so there are no permission problems if the remote system is on an untrusted domain for example. Activities can be used to copy files (including executables) to the remote machine to run or retrieve logs files over the same port.

In terms of adapters, this is a pretty simple one. It has a very limited amount of details available in the Namespace Browser and doesn’t include events or IQRM integration. It has five activities which perform all the required tasks:

Run Script

Runs a script on the remote machine. The script can either be a file already on the remote server or a text input to the activity.

Run Command

Runs a command on the remote machine. The command is an executable file already on the remote system.

Send File

Sends a file from the Aegis Server to the remote machine. The file can be any file including binary executable but is restricted in size to 100KB for the Community version.

Get File

Gets a file from the remote server and saves on the Aegis Server. The file can be any file including binary executable but is restricted in size to 100KB for the Community version.

Get Connection Config

Get Connection information for use in workflows including the default directory and working directory.

The adapter is in two parts – the Aegis Server side and the Client Side. Part1 of this post includes the Client side files (attached) and configuration below, Part 2 is for the Aegis Server side!

Aegis Versions

mjcRemote is built for Aegis 3.1 (and above) and is tested on 64 bit systems only although it should work on 32 bit systems. All instructions below are for 64 bit systems but you can work out 32 bit equivalent.

Installation Procedure Part 1: On Remote Server


Installation on the remote server is basically installing the ‘Aegis Event Generator’ component which we will run as a service with the mjcRemote adapter.

  1. Copy the Aegis 3.1 installation media to your remote server and begin an Aegis installation as normal.

  2. At the Component Selection window, choose an installation path and then unselect all options except for the ‘Aegis Event Generator’ and click ‘Next’.eventgen

  3. Verify all pre-requisites are met and continue. Note that the .NET Framework 4 or later is also required for the adapter to run! The installation file can be found on Aegis install media under Setup\DotNetFramework if required. The Aegis Namespace will not start if this pre-requisite is not in place.

  4. For ‘Resource Management Namespace Provider’, point this to your Aegis Server where the Resource Management Namespace Provider service is running. Make sure the ‘Test Credentials’ check works before continuing.iqrm

  5. Click Install.

  6. Copy the mjcRemoteAdapterCommunityClient.zip file to folder where you just installed the Event Generator:
    <installdrive>:\Program Files (x86)\NetIQ

    Aegis should be a sub-folder at this location. This location will be referred to as the <installpath> in the next steps.

  7. Unzip mjcRemoteAdapterCommunityClient.zip attached to this post to the <installpath> directly to the current location. Do not unzip it to any subfolder extract to the existing Aegis folder structure. This can be verified by checking that following file exists – if it doesn’t you have done unzipped the file to the wrong location!
    <install path>\Aegis\IQConnect73\bin\mjcRemote.dll


  8. Navigate to <install path>\Aegis and double-click mjcRemote_64bit.reg to add adapter specific registry entries.

  9. In the registry navigate to:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NetIQ\AegisIQConnect73

    There is a multi-value string value here called providers which on the client will be empty. Do not confuse with the subkey of the same name!

    Add IQDotNetProvider:mjcRemote to this list.

    registry1

  10. Run the following command (from an elevated command line) to create a service called ‘NetIQ Namespace Provider’. Make sure the path in the command corresponds to your installation.
    sc create "NetIQ Namespace Provider" start= auto binPath= "C:\Program Files (x86)\NetIQ\Aegis\IQConnect73\bin\NetIQAegisNamespaceProvider.exe -config AegisIQConnect73 -deferlisten -s"


  11. Start the service "NetIQ Namespace Provider". The client is now ready to accept requests from the Aegis server on port 2219.


In Part 2 of this post I will provide instructions to install the adapter on the Aegis Server side and configure to communicate with the client!

Please ensure to download the client and server files at the same time to ensure compatibility - the link to the server files will be added here when posted.

 
Attachments

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
1 of 1
Last update:
‎2015-03-18 19:23
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.