Remote Execution Adapter for Aegis (Part 2 - Server)

Remote Execution Adapter for Aegis (Part 2 - Server)

Welcome to part 2 of the Remote Execution Adapter for Aegis. In this second part I provide the server side adapter, instructions on how to install and configure as well as descriptions of each activity.

Part 1 is available here – Please ensure you download the client and server files from part1 and part2 at the same time to ensure compatibility.

Installation Procedure Part 2: Aegis Server


 
Aegis Needs to be up and running until told otherwise!


  1. Copy the mjcRemoteAdapterCommunity.zip file to your installation folder:
     
    <installdrive>:\Program Files (x86)\NetIQ


    Aegis should be a sub-folder at this location. This location will be referred to as <installpath> in the next steps.
     
    1

  2. Unzip mjcRemoteAdapterCommunity.zip to the <installpath> directly. Do not unzip it to any subfolder extract to the existing Aegis folder structure. This can be verified by checking that following file exists – if it doesn’t you have done unzipped the file to the wrong location!
     
    <install path>\Program Files (x86)\NetIQ\Aegis\IQConnect73\bin\mjcRemote.dll

     

  3. Open an elevated command prompt (Run As Administrator) and navigate to:
     
    <installpath>\Aegis\IQConnect73\bin

     
    Execute the register_mjcRemote.cmd command, with the following parameters:

    server hostname or FQDN (IP address will work but will need to be updated if it changes in the future) running the "NetIQ Aegis Namespace Provider" service

    port the port the "NetIQ Aegis Namespace Provider" service runs on (probably 2219)

    domain of service Aegis Service account

    service account the Aegis Service Account

    Service Account Password the Aegis Service Account password

    Example:
     
    register_mjcRemote.cmd myAegisServer 2219 myDomain aegissvc PaZZwOrd

     
    The last line of output should include :
     
    [IQRM Add Management Service] Management Service mjcRemote Provider created or updated successfully

     

  4. In the registry, verify that the values under
     
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NetIQ\AegisIQConnect73\configurators\mjcRemote

     
    point to the correct installation path and drive.
     
    2
     

  5. In the registry navigate to:
     
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NetIQ\AegisIQConnect73

     
    There is a multi-value string value here called providers which contains a number of adapter names including PG and IQSCH. Do not confuse with the subkey of the same name!

    Add IQDotNetProvider:mjcRemote to this list.
     
    3
     

  6. Open the NetIQ Aegis Adapter Configuration Utility - You should have a mjcRemote entry in the List.

    Add a new instance under mjcRemote and Configure.

    Here you want to configure a connection to a remotely installed agent – see part 1 to find out how to setup the client!

    The credentials you specify are credentials on the remote server/domain.

    The ‘Default Path’ is a path on the remote client used to store files from the send/receive activities where a full path is not specified.
     
    4
     
    Click 'Test Connection' to verify. If you cannot connect ensure that the port specified is open on any firewalls between the Server and the Client.


  7. Save and exit the NetIQ Aegis Adapter Configuration Utility


  8. Restart NetIQ Aegis Namespace Provider Service and dependant services (NetIQ Aegis Engine, NetIQ Aegis Activity Broker).


  9. In Configuration console, open workflow designer - choose to open the mjcRemote Activities Library if it is not listed in Activity Libraries.
     
    5
     


  10. Use namespace browser to verify the connection to your remote client.
     
    6
     

    The namespace for the adapter is pretty simple and is just to what you see in the screenshot. Some of this info is dynamic which some is the static configuration.



To verify the connection check the ‘connected’ attribute. If this is set to ‘True’ then you should see values for ‘machinename’ (hostname could be an alias or IP address based on how its configured in adapter configurator), is64bit, os (Operating System), version (the version of adapter on client) and working directory (where commands/ scripts are run from).

mjcRemote Activities!


 

Run Script

If you are familiar with the built-in activity ‘Run Script On Aegis Server’ you will find that the inputs and outputs to this activity are almost identical but the layout is a bit different.

7

The first input parameter is the connection – this is a connection defined in the adapter configurator to the remote system. This avoids any requirement for credentials to be entered into the activity.

There is a choice to run a script via a file – which is on the remote computer – or via text in the activity with a choice of scripting languages.

An additional input exists which is not in the out-of-box Run Script activity, the ‘Arguments (encrypted)’ input – which basically allow you to enter arguments like passwords so they do not show up in the web console at run time. This does not prevent the scenario where you choose to echo the password in the script however!

This activity will run client under the user account that the namespace provider is running under on the remote client so you need to select an account with adequate permissions to run your scripts.

Run Command

Like the run script activity, this is similar to the out of the box ‘run command’ activity apart from the adapter specifics. It also has an extra input for ‘Arguments (encrypted)’.

8

Outputs at runtime:

9

Here notice that a simple dir command runs from the Aegis\IQConnect73\bin folder which corresponds to the ‘working directory’ attribute in the Namespace. This attribute is also made available via the ‘Get Connection Config’ or via the out of box Find Objects activity. Missing from the screenshot is the ‘Command Errors’ output which is further down.

The Execuable Process ID will only be non-zero if you choose not to wait for execution to complete in which case you can later check if it is still running.

For both the execute script and run command activities it is a good idea to set a timeout after which the activity can end, otherwise if a script encountered a logic problem it could end up running forever and the activity will wait forever. Setting a reasonable timeout will allow the workflow to continue – you can check the Command Status/Script Status outputs to determine if the activity ended with a timeout or not.

This activity will run client under the user account that the namespace provider is running under on the remote client so you need to select an account with adequate permission to run your commands.

Send File

The ‘Send File’ activity allows you to send a file to the remote client to a specified location. The type of file does not matter, so you can send script files, executables, zip files etc. to the remote client for whatever purpose, although the adapter specific idea is to copy a script file or installer etc. to the client to execute.

10

If you leave the Target File Path empty as in the example, then the adapter will use the default path attribute for the location to save the file to on the client.

This activity will run client under the user account that the namespace provider is running under on the remote client so you need to select an account with adequate permissions to save files to the location on the client

The only output to the activity is a Boolean success/failure.

Get File

The Get File does the opposite to the ‘Send File Activity’, it will copy a file from the remote client to the Aegis Server. This for example could be an output file from a script which was run by the adapter.

11

This activity will run on the client under the user account that the namespace provider is running under on the remote client so you need to select an account with adequate permissions to read the file on the client.

Get Connection Config

This activity provides client connection and environment configuration information which can be used in workflows. When it comes to running commands or scripts knowledge of the Operating System version, if the machine is 64bit or not, what the default path and working directories are, are important in decision making in the workflows. This info can also be gotten using Find Objects but this is a simpler way to do it.

The only input is the adapter alias or locator.

12

Also that it outputs the Connected attribute – if this is set to False it means the client cannot be reached.

Adapter Events


 

I said in Part 1 that this adapter doesn’t have the event feature – that is strictly true, but as we install the client on a client which was installed as an event generator, we can use the event generator feature of Aegis on the client to create events in Aegis using the ‘Run Command’ activity and the generateAegisGenericEvent.exe which is found in the Working Directory on the Client.

Aegis Versions


 

mjcRemote is built for Aegis 3.1 (and above) and is tested on 64 bit systems only although it should work on 32 bit systems. All instructions below are for 64 bit systems but you can work out 32 bit equivalent.

Adapter Limitations


 
This version of the adapter is a Community Version and therefore is not supported by NetIQ or NetIQ Technical Support.

The Adapter is limited to 1 remote client. The Adapter configurator will let you add as many connections as you like, but the adapter will only load one.

Sending and Receiving Files is limited to a file size of 100KB. You can however compress the files to a zipped format before sending/receiving as files to send larger files.

 
Attachments

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
1 of 1
Last update:
‎2015-03-24 23:21
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.