Configuring the PowerShell adapter

The PowerShell actor adapter supports empty and multiple configurations. The PowerShell adapter considers the target as localhost and executes the command on the command line under the following conditions:

The adapter has an empty configuration, and the dynamic target is not defined
You do not define a dynamic target, and the configuration has a blank target or no target
You define a dynamic target and do not specify the host name

Adapter type: bmc-adapter-microsoft-windows-powershell-actor_vv.rr.nn

Default name: MicrosoftPowerShell

To configure the PowerShell adapter, see Configuring base adapters.

BMC recommends that you do not use empty elements in an adapter configuration because they might cause errors.

Prerequisites for the PowerShell adapter remoting feature:

Set <powershell-version> to 2.0.
Install PowerShell version 2.0 on the peer on which the adapter is enabled. For more information about PowerShell remoting, go to http://technet.microsoft.com/en-us/magazine/ff700227.aspx

The following table describes the adapter configuration elements for the PowerShell adapter that you can specify by using the form view, XML view, or both. You cannot use the form view to configure elements and attributes that do not have an entry in the "UI label" column.

Configuration node elements for the PowerShell adapter

UI label	Element	Definition	Required
Target	`<target>`	Specifies the fully-qualified (absolute) host name or IP address of the remote or the local computer Default value: localhost	No
User Name	`<user-name>`	Specifies the user name required to authenticate the remote host computer You must have administrative roles and privileges on the remote host computer.	Conditional; required based your environment
Password	`<password>`	Specifies the password that corresponds to the user-name provided The `<password>` element can contain any special characters. It can also contain an `encryption-type` attribute.	Conditional; required based your environment
Encryption Type	`<encryption-type>`	Indicates whether the password specified is encrypted; is an attribute of the `<password>` element, not an element itself Valid values: Base64, Plain (default)	No
Powershell Version	`<powershell-version>`	Specifies the version of Microsoft Windows PowerShell Valid values: 1.0, 2.0, 3.0, 4.0	Conditional; required if the `<powershell-consolefile>` element is not specified
Powershell Consolefile	`<powershell-consolefile>`	Specifies the Microsoft Windows PowerShell console file, which is the library used by PowerShell that must be loaded Valid value: .psc1	Conditional; required if the `<powershell-version>` element is not specified
Character Set	`<character-set>`	Specifies the supporting CharSet Also called character set, it includes identifiers describing a series of universal characters. Note: The locale and character set of the target computer must be compatible with the character set provided in the `<character-set>` element to get the desired results.	No
Logon With User Credentials	`<logon-with-user-credentials>`	Starts a service on the remote computer Set `<logon-with-user-credentials>` to true to start the remote service using the credentials specified in the adapter configuration. Set `<logon-with-user-credentials>` to false, to start the remote service using the SYSTEM credentials on the remote server. Valid values: true, false (default) Note: To start a service on the remote computer, you must set the rights for the user name specified in `<user-name>` to Log on as a service. Use the Microsoft Windows Local Security Policy tool to set the user name rights.	No
Use Userprofile	`<use-userprofile>`	Determines whether to load the user profile Valid values: true, false	No
Script File Path	`<script-file-path>`	Specifies the script file path relative to the local (peer) or target (remote) computer PowerShell must be installed on the target computer. Valid values: local (default), remote	No
Enable Psremoting	`<enable-psremoting>`	Specifies whether to enable the remoting feature of PowerShell version 2.0 Valid values: true, false (default) If you specify `<enable-psremoting>` in the adapter configuration and adapter request, the value in the request overrides the values in the configuration.	No
Impersonate User	`<impersonate-user>`	Specifies whether to enable the user impersonation and allow the specified user to execute tasks by using the security context of another user (For example, BAO service running under a user account) For example, a service running as LocalSystem could access network resources by impersonating a specific user account. This account would have been configured with the necessary permissions to access a network resource, something the service would not be able to do otherwise. For more information about how user impersonation works, see Impersonation If set to true, the Service Control Manager (SCM) API is invoked with the user specified in the adapter request or configuration. By default, the xCmd utility runs under the security context of the BAO service running under a user account. When we specify `<impersonate-user>` as true, the SCM API is invoked with the user specified in the adapter request or configuration. Valid values: true, false (default)	No
Service Launch Mode	`<service-launch-mode>`	Specifies the mode to launch the xCommand service on a remote system By default, the xCommand utility is launched on 32-bit mode. Valid value: 64bit, none Note Specify 64bit only if you want to launch the xCommand service on a 64-bit image mode on the target system. BMC recommends that you do not specify any value if 64bit is not required as it can affect the time taken for the request to execute.	No
Redirect Error Stream to Success Output Stream	`<redirect-error-to-success-output-stream>`	Specifies whether to redirect the command output error stream to the success output stream Valid values: true, false (default) When specified as true, all PowerShell commands are redirected to the success output stream. The PowerShell adapter uses the xCMD utility to connect to the Windows System remotely to perform PowerShell commands. Since the xCMD utility only consumes output streams, it fails to process the data written on error streams and the actual output is not processed by the xCMD utility and reports an error. This problem occurs while executing the PowerShell Module cmd-lets version 3.0 and later.	No

The following figure shows an XML sample for the PowerShell adapter configuration.

XML sample of the PowerShell adapter configuration

<config>
      <target>host1</target>
      <user-name>user1</user-name>
      <password encryption-type="Plain">pass1</password>
      <powershell-version>2.0</powershell-version>
      <use-userprofile>true</use-userprofile>
      <script-file-path>local</script-file-path>
      <character-set>gb18030</character-set>
      <logon-with-user-credentials>true</logon-with-user-credentials>
</config>

The following figure shows an XML sample for a PowerShell adapter configuration with the <powershell-consolefile> tag.

XML sample of the PowerShell adapter configuration with <powershell-consolefile> tag

<config>
  <target>host1</target>
  <user-name>user1</user-name>
  <password encryption-type="Plain">pass1</password>
  <powershell-consolefile>
    Microsoft.EnterpriseManagement.OperationsManager.ClientShell.Console.psc1
  </powershell-consolefile>
</config>

The following figure shows an XML sample for the PowerShell adapter configuration when the remoting feature is enabled.

XML sample of the PowerShell adapter configuration when the remoting feature is enabled

<config>
  <target>10.128.249.29</target>
  <user-name>bmcadmin</user-name>
  <password encryption-type="Plain">asdfgh@123</password>
  <powershell-version>2.0</powershell-version>
  <use-userprofile>false</use-userprofile>
  <script-file-path>local</script-file-path>
  <enable-psremoting>true</enable-psremoting>
</config>

The following figure shows an XML sample for the PowerShell adapter configuration when the <impersonate-user> element is set to true.

XML sample for the PowerShell adapter configuration when the Impersonate User is set to true.

<config>
        <target>vm-yyy-w2k</target>
        <user-name>domain.local\domainuser1</user-name>
        <password>password</password>
        <protocol>default</protocol>
    <service-launch-mode>64bit</service-launch-mode>
    <logon-with-user-credentials>true</logon-with-user-credentials>
    <impersonate-user>true</impersonate-user>
</config>

The following figure shows an XML sample for the PowerShell adapter configuration when the <service-launch-mode> is 64-bit.

XML sample for the PowerShell adapter configuration when the <service-launch-mode> is 64-bit

<config>
        <target>vm-yyy-w2k</target>
        <user-name>domain.local\domainuser1</user-name>
        <password>password</password>
        <protocol>default</protocol>
    <service-launch-mode>64bit</service-launch-mode>
    <logon-with-user-credentials>true</logon-with-user-credentials>
    <impersonate-user>false</impersonate-user>
</config>

Enabling custom logging

To enable custom logging for the adapter, you must specify a log file name. You can also provide additional parameters for logging.

Note

You must be using BMC Atrium Orchestrator Platform version 7.8 or later to use the custom logging feature. These parameters will be ignored in earlier versions of BMC Atrium Orchestrator Platform.

These parameters are available with supported adapter versions. See your adapter documentation for details.

Log File Name: Provide a name for the log file.
This file will be stored in the AO_HOME/tomcat/logs directory. If Log File Max Backup Index value is greater than 0, the log file name is suffixed with the backup index. For example, if the parameter value is a.log, backup log files will have names, such as a.log.1, a.log.2.
Log File Size: Specify a size limit for the log file.
If the value specified for Log File Max Backup Index is greater than 0, when the specified size is reached, the current file is renamed with the suffix .1. Otherwise, the log file will be reset and over-written. The default value is 10MB. The available units are KiloBytes (KB), MegaBytes (MB) or GigaBytes (GB).
Log File Max Backup Index: Enter the maximum number of backup files allowed. The default value is 10.
Log File Append: Select this option to append new log information to the existing information in the file. If unselected, the file will be overwritten with new log information.

Log Level: Enter the logging level using one of the following choices:

Logging level	Description
DEBUG	The most detailed logging level; logs low-level messages, normal execution, recoverable erroneous conditions, and unrecoverable erroneous conditions
INFO (default)	Logs normal execution, recoverable erroneous conditions, and unrecoverable erroneous conditions
WARN	Logs recoverable erroneous conditions and unrecoverable erroneous conditions
ERROR	The least detailed logging level; logs only error conditions that are not usually recoverable

Configuring the PowerShell adapter

Enabling custom logging

Comments