About Cross-Platform Agents
For those who ever have worked with the cross-platform agents in SCOM, you probably know that they work different than the Windows agents.
Where Windows Agents run their workflows locally on the client, the workflows for cross-platform/xplat agents are ran from the Management Servers.
Windows systems support different ways of remote connecting, not present in cross-platform systems. Cross-platform agents are actually listeners based on WS-Man, Web Services-Management. This makes use of a SOAP-based protocol.
When the Management Server starts a workflow, it connects to the cross-platform agent through WS-Man. It retrieves the required information and processes the returned information.
Connecting with cross-platform agents
I'll won't copy the post of Daniele Muscetta here. These are the main requirements when connecting from any client other than a management server. If you don't use this option, you'll have to add the agent to the trusted hosts list of the WS-Man client on the computer you are working on and allow unencrypted traffic.
- Connecting over SSL
- Download the agent's certificate (which is signed by the management server) with SCP (use WinSCP or FileZilla)
- Rename to .cer
- Open this certificate on the management server which installed the agent. This is because this server signed the certificate.
- Open the details tab, get the Root CA certificate, export it to a .cer file
- Add certificate to Trusted Root Certificate Authorities on your workstation's computer certificate store.
Or
- Untrusted connection (by default disabled for the WS-Man Windows client)
- Open Powershell (as Administrator)
- Enter: set-item WSMan:\localhost\Client\AllowUnencrypted "true"
- Enter: set-item WSMan:\localhost\Client\TrustedHosts "
"
Time to play
- Test-WSMan - Test whether a connection can be made
- Invoke-WSMan - Invoke an action that is accepted by the agent
Test-WSMan -computer linuxhost.contoso.local -port 1270 -authentication basic -credential (Get-Credential) -UseSSL
The output of the command is show above. The cmdlet shows the properties of the Cross-Platform agent.
Invoke-WSManAction -Action ExecuteCommand -Authentication Basic -ComputerName "linuxhost.contoso.local" -Credential (Get-Credential) -Port 1270 -ResourceURI http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem?__cimnamespace=root/scx -UseSSL -ValueSet @{command="uname -a";timeout=30}
In this example I invoke the action "ExecuteCommand". For this cmdlet to work you need to add a ValueSet. These are the arguments for the ExecuteCommand method. I found the right syntax by trial and error. The need to be entered as a hashtable.
In this case, the arguments are 'command' and 'timeout'.
Technical documentaton about the Methods and the necessary arguments: http://technet.microsoft.com/en-us/library/dd789056.aspx. (not the best documented features sadly).
You can also take a look at the MP library: Microsoft.Unix.Library.mp
In this case, the arguments are 'command' and 'timeout'.
Technical documentaton about the Methods and the necessary arguments: http://technet.microsoft.com/en-us/library/dd789056.aspx. (not the best documented features sadly).
You can also take a look at the MP library: Microsoft.Unix.Library.mp
Links
0 reacties:
Post a Comment