Configuring the Windows Command adapter
In addition to targets defined in the adapter configuration, the Windows Command adapter can have dynamic targets defined in each adapter request. If a dynamic target will always be defined in the Windows Command adapter request, a configuration node of <config/>
can be used in the adapter configuration. BMC recommends that you do not include unused elements in the adapter configuration because they might cause errors.
The remote service starts once you provide the credentials in the adapter configuration or request depending on the access rights.
The Windows Command adapter configuration supports the SSH functionality along with the xCmd utility. With the SSH functionality, a non-administrator user can execute commands on the remote computer if the SSH server is installed and running on the target computer.
Note
The default port for SSH is 22.
Adapter type: ro-adapter-windows-command_vv.rr.nn
Default adapter name: WindowsCommandAdapter
To configure the Windows Command adapter, see Configuring base adapters.
The following table describes the adapter configuration elements for the Windows Command adapter that you can specify by using the form view, XML view, or both. You cannot use the form view to configure elements and attributes that do not have an entry in the "UI label" column.
Configuration node elements for the Windows Command adapter
UI label | Element | Description | Required |
---|---|---|---|
Target |
| Specifies the host name or the IP address of the remote host | No |
User Name |
| Specifies the user name to be used for remote host authentication | Conditional; required based on your environment |
Password |
| Specifies the password that corresponds to the | Conditional; required based on your environment |
Encryption Type |
| Indicates whether the password specified is encrypted; is an attribute of the | No |
Character Set |
| Specifies the supporting CharSet Note The locale and character set of the target computer must be compatible with the character set provided in the | No |
Logon With User Credentials |
| Starts a service on the remote computer
| No |
Executable Directory |
| Specifies the complete path to the directory in which the .exe is located | No |
Executable |
| Specifies the program to be used to execute the command | No |
Escape Double Quotes |
| Escapes the double quotes (") by using a double backslash in the command | No |
Protocol |
| Decides whether the command is routed through the xCmd tool or ssh Notes
| No |
Script File Path |
| Specifies whether the path to the script file is relative to the local (peer) or the remote (target) computer
| No |
Max Request Queue Size |
| Specifies the maximum size of the queue maintained by the adapter to handle concurrent requests | Conditional |
Debug Utility |
| Specify whether xCmd run in debug mode or non-debug mode | No |
Impersonate User | <impersonate-user> | Specifies whether to enable the user impersonation and allow the specified user to execute tasks by using the security context of another user (For example, TrueSight Orchestration service running under a user account) For example, a service running as LocalSystem could access network resources by impersonating a specific user account. This account would have been configured with the necessary permissions to access a network resource, something the service would not be able to do otherwise.For more information about how user impersonation works, see Impersonation If set to true, the Service Control Manager (SCM) API is invoked with the user specified in the adapter request or configuration. By default, the xCmd utility runs under the security context of the TrueSight Orchestration service running under a user account. When we specify Valid values: true, false (default) | No |
Service Launch Mode | <service-launch-mode> | Specifies the mode to launch the xCommand service on a remote system By default, the xCommand utility is launched on 32-bit mode. Valid value: 64-bit Note Specify 64-bit only if you want to launch the xCommand service on a 64-bit image mode on the target system. BMC recommends that you do not specify any value if 64-bit is not required as it can affect the time taken for the request to execute. | No |
The following figure shows an XML template for the Windows command adapter configuration.
XML template of the Windows command adapter configuration
<config>
<target></target>
<user-name></user-name>
<password encryption-type=""></password>
<logon-with-user-credentials></logon-with-user-credentials>
<protocol></protocol>
<executable-directory></executable-directory>
<executable></executable>
<escape-double-quotes></escape-double-quotes>
<protocol></protocol>
<script-file-path></script-file-path>
<character-set></character-set>
<max-request-queue-size></max-request-queue-size>
<debug-utility></debug-utility>
</config>
The following figure shows an XML sample for the adapter configuration for the Windows Command adapter using the xCmd utility.
XML sample of the Windows command adapter configuration using the xCmd utility
<config>
<target>abc2</target>
<user-name>Administrator</user-name>
<password encryption-type="Plain">test</password>
<character-set>gb18030</character-set>
<logon-with-user-credentials>true</logon-with-user-credentials>
<protocol>default</protocol>
<script-file-path>local</script-file-path>
</config>
The following figure shows an XML sample for the adapter configuration for the Windows Command adapter using the ssh utility.
XML sample of the Windows command adapter configuration using SSH
<config>
<target>abc2</target>
<user-name>Administrator</user-name>
<password encryption-type="Plain">test</password>
<character-set>gb18030</character-set>
<protocol>ssh</protocol>
</config>
The following figure shows an XML sample for the adapter configuration for the Windows Command adapter when the <impersonate-user>
is set to true.
XML sample for the adapter configuration for the Windows Command adapter when the <impersonate-user>
is set to true
<config>
<target>vm-yyy-w2k</target>
<user-name>domain.local\domainuser1</user-name>
<password>password</password>
<protocol>default</protocol>
<service-launch-mode>64bit</service-launch-mode>
<logon-with-user-credentials>true</logon-with-user-credentials>
<impersonate-user>true</impersonate-user>
</config>
The following figure shows the XML sample for the adapter configuration for the Windows Command adapter when the <service-launch-mode>
is 64-bit.
XML sample for the adapter configuration for the Windows Command adapter when the <service-launch-mode>
is 64-bit
<config>
<target>vm-yyy-w2k</target>
<user-name>domain.local\domainuser1</user-name>
<password>password</password>
<protocol>default</protocol>
<service-launch-mode>64bit</service-launch-mode>
<logon-with-user-credentials>true</logon-with-user-credentials>
<impersonate-user>false</impersonate-user>
</config>
The Windows Command adapter supports the 64-bit Windows 2008 operating system. By default, the firewall is enabled on a 64-bit Windows 2008 computer, which disables the Internet Control Message Protocol (ICMP). If the adapter does not execute commands on the target computer after enabling the adapter (that supports a 64-bit Windows 2008 operating system), you must enable file sharing and the ICMP used by the xCmd.
Enabling custom logging
To enable custom logging for the adapter, you must specify a log file name. You can also provide additional parameters for logging.
Note
You must be using TrueSight Orchestration version 8.1 or later to use the custom logging feature. These parameters will be ignored in earlier versions of TrueSight Orchestration Platform.
These parameters are available with supported adapter versions. See TrueSight Orchestration Content documentation for details.
- Log File Name: Provide a name for the log file.
This file will be stored in the AO_HOME/tomcat/logs directory. If Log File Max Backup Index value is greater than 0, the log file name is suffixed with the backup index. For example, if the parameter value is a.log, backup log files will have names, such as a.log.1, a.log.2. - Log File Size: Specify a size limit for the log file.
If the value specified for Log File Max Backup Index is greater than 0, when the specified size is reached, the current file is renamed with the suffix .1. Otherwise, the log file will be reset and over-written. The default value is 10MB. The available units are KiloBytes (KB), MegaBytes (MB) or GigaBytes (GB). - Log File Max Backup Index: Enter the maximum number of backup files allowed. The default value is 10.
- Log File Append: Select this option to append new log information to the existing information in the file. If unselected, the file will be overwritten with new log information.
Log Level: Enter the logging level using one of the following choices:
Logging level
Description
DEBUG
The most detailed logging level; logs low-level messages, normal execution, recoverable erroneous conditions, and unrecoverable erroneous conditions
INFO
(default)
Logs normal execution, recoverable erroneous conditions, and unrecoverable erroneous conditions
WARN
Logs recoverable erroneous conditions and unrecoverable erroneous conditions
ERROR
The least detailed logging level; logs only error conditions that are not usually recoverable
Encrypting an element's contents
You can add the attribute secure="true"
to an XML adapter element XML view to ensure that the element's contents is encrypted when displayed.
Note
You must be using TrueSight Orchestration Platform version 8.1 or later to use this encryption attribute.
To enable the ICMP on the target computer
- Type netsh firewall set icmpsetting 8 enable on the Windows command line and press Enter to enable the ICMP on the computer.
To enable file sharing
- On the 64-bit Windows 2008 computer, navigate to Start => Network => Network and Sharing centre.
- On the Network and Sharing centre page, enable the File sharing option, and click Save to enable file sharing.
Comments
Log in or register to comment.