I need a help in wsadmin.sh scripting along with jython.
I am creating a script to provide console access to the users via wsadmin.sh
I am able to make it work if I hardcode the user name details inside the consoleacces.py file but My requirement is to give the user name details at run-time so that i can use the script for multiple times for different user.
Working :
wsadmin.sh -lang jython -f /tmp/consoleaccess.py
content of consoleaccess.py
AdminTask.mapUsersToAdminRole('[-accessids [user:defaultWIMFileBasedRealm/employeenumber=123,ou=people,ou=country,o=office] -roleName administrator -userids user1]')
AdminConfig.save()
agBean=AdminControl.queryNames('type=AuthorizationGroupManager,process=dmgr,*');null=AdminControl.invoke(agBean, 'refreshAll')
Not working
wsadmin.sh -lang jython -f /tmp/consoleaccess.py 123 user1 administrator
content of consoleaccess.py
import sys
AdminTask.mapUsersToAdminRole('[-accessids [user:defaultWIMFileBasedRealm/employeenumber=sys.argv[1],ou=people,ou=americas,o=SIAM_ED] -roleName sys.argv[3] -userids sys.argv[2]]')
AdminConfig.save()
agBean=AdminControl.queryNames('type=AuthorizationGroupManager,process=dmgr,*');null=AdminControl.invoke(agBean, 'refreshAll')
Error :
WASX7209I: Connected to process "dmgr" on node host1 using SOAP connector; The type of process is: DeploymentManager
WASX7303I: The following options are passed to the scripting environment and are available as arguments that are stored in the argv variable: "[123, user1, administrator]"
WASX7017E: Exception received while running file "/tmp/consoleaccess.py"; exception information: com.ibm.ws.scripting.ScriptingException: WASX8009E: Invalid parameter: [-accessids [user:defaultWIMFileBasedRealm/employeenumber=sys.argv[1],ou=people,ou=americas,o=SIAM_ED] -roleName sys.argv[3] -userids sys.argv[2]]
Update the script as below.
Note : In wsadmin Jython, the name of the program, or script, is not part of sys.argv. So your first argument is sys.argv[0] and not sys.argv[1]
import sys
userEmpNo=sys.argv[0]
userName=sys.argv[1]
userRole=sys.argv[2]
AdminTask.mapUsersToAdminRole('[-accessids [user:defaultWIMFileBasedRealm/employeenumber=' +userEmpNo+ ',ou=people,ou=americas,o=SIAM_ED] -roleName ' +userRole+ ' -userids ' +userName+ ']')
AdminConfig.save()
agBean=AdminControl.queryNames('type=AuthorizationGroupManager,process=dmgr,*');null=AdminControl.invoke(agBean, 'refreshAll')
and run the script as
wsadmin.sh -lang jython -f /tmp/consoleaccess.py 123 user1 administrator
How about -- to separate the flags from the arguments?
wsadmin.sh -lang jython -f /tmp/consoleaccess.py -- 123 user1 administrator
and moving the sys.argv out of the string:
'...employeenumber=' + sys.argv[1] + ',ou=people,ou=americas,o=SIAM_ED] -roleName ' + sys.argv[3] + ' -userids ' + sys.argv[2]])
Related
I would like to change path JVM logs in WebSphere 8.5.5.
Via GUI in: Logging and tracing > NorkomServer > JVM Logs.
There is:
Information required File Name:
${SERVER_LOG_ROOT}/SystemOut.log
I have to change it to: "/opt/logs/SystemOut.log"
Instead use "sed", i must use jython. Any help, please ?
You can run the below wsadmin script (with -lang jython) to update the default file path for SystemOut.log file.
#Update the below Environment variables before running this script
#Enter the nodename below
nodename=''
#Enter the servername below
servername=''
#Set the updated file path below
filename='/opt/logs/SystemOut.log'
#Set the Stream name
#outputStreamRedirect for SystemOut & errorStreamRedirect for SystemError
streamName = 'outputStreamRedirect'
#get the server Id
serverId = AdminConfig.getid('/Cell:/Node:'+nodename+'/Server:'+servername+'')
#get the Stream Id
streamId = AdminConfig.showAttribute(serverId, streamName)
#update the file path
AdminConfig.modify(streamId, [['fileName', filename]])
#Save the changes
AdminConfig.save()
Restart JVM post this change.
To do some exercise to be more familiar with MPI, i installed MS-MPI on my windows 10 machine, and then mpi4py (python MPI). I tried a hello_world code:
from mpi4py import MPI
def main ():
comm = MPI. COMM_WORLD
rank = comm . Get_rank ()
size = comm . Get_size ()
print " hello from " + str( rank ) + " in " + str( size )
if __name__ == " __main__ ":
main ()
Then, with a windows command as admin i executed the following command:
mpiexec -n 8 python MPI_Test.py
I get:
User credentials needed to launch processes: account (domain\user)
[DESKTOP-3CFSBJ8\Hazem]:
I did a registration, as mpiexec - register from username/pwd, then execute again that command, and i get the following error:
Credentials for user rejected connecting to host.
THE PROBLEM COMES WHEN EXECUTING THE COMMAND mpiexec.
I got the same issue, the solution is:
Type ”mpiexec -n 3 cpi.exe” to run the sample program. You will get a response like this:
”user credentials needed to launch process”
Type your Windows username and Windows password, the sample program will run.
In order not to enter credentials every time you run mpiexec, you can register your username
and password by command ”mpiexec -register”
source: https://www.cmpe.boun.edu.tr/sites/default/files/mpi_install_tutorial.pdf
I'm using the Invoke-Parallel CmdLet that can be found at the link here. When I have some dummy code in my script block, it works correctly, but when I add a start-process... command it fails with an error saying
Get-RunspaceData : This command cannot be run due to the error: The system
cannot find the file specified.
At c:\crm\Interfaces\Batches\Invoke-Parallel.ps1:592 char:13
My script block looks like so. Long story short, I'm feeding file names into a block, and I am telling a 3rd party application to use that file as an input for a process. When the start-process line is removed, it works, with it, it fails.
$childFiles| Invoke-Parallel -ImportVariables {
$importformat = '-f ' + '"CU Imp P19 FI"'
$importfile = '-d ' + $_ + " " + $user + " " + $pass
Write-Host $importformat + " " + $_
start-process .\mmim.exe -ArgumentList $user, $pass, '-l:1',
$importformat, $importfile -Wait -NoNewWindow
return "blah"
}
Does anyone have any idea of what might be going on? My PowerShell version is the following
Major:5
Minor:0
Build: 10586
Revision: 117
Any help is greatly appreciated.
Each PowerShell runspace have its own current location. If Invoke-Parallel does not change current location of spawned runspaces to match current location of main runspace, then relative path .\mmim.exe may be resolved to entire different executable or not resolved at all and produce given error.
I'm looking for a possibility to export all failed jobs (resolved and not) of a day into a file (text, csv, xml,..)
Tendency is, I will not be able to check all resolved/forced-ok jobs which failed all throughout the day unless I do it manually by placing in a spreadsheet.
Does anybody know if there is such an utility? We're currently using Control-M in Version 7.0 on Server
You can schedule a job do so :-
run below script as command line with passing two argument , %%PARM1 %%PARM2
you need to update two filed in it :-
1. NDP time of your Environment , I have used as 0930
2. Control-M environment name
3. your email ID in last line of mailx and file path as per your system .
***you can use mutt -a if mailx -a is not working in your system for sending email with attached file .
----------------------------------
now job :-
Job Type : Command
File Path : not reuired
C ommand : path/report.sh %%PARM1 %%PARM2
rest all as normal ,
but don't forget to define PARM1 and PRAM2 in auto edit variable
PARM1 = %%$PREV
PARM2 = %%$DATE
-------------------------
Script
***********************************
report.sh
------------------------------------------------
#!/bin/bash
env=< Control-M user name > # Use control-M name
ctmlog list $1 0930 $2 0930 | grep NOTOK > $1_failedjob.txt # update time to NDP time ,i used 0930
cut -d'|' -f2,3,4,5,8 $1_failedjob.txt | sed 's/|/,/g' > $1_failed.csv
awk 'BEGIN {print "DATE,TIME,JOBNAME\t,ORDERID\t,STATUS";}
{print $0;}
END { print "\tReport generated\n";}' $1_failed.csv
rm $1_failedjob.txt
echo " Last 24 Hour failed job list " | mailx -s "Failed Job list for $1" -a "absolute path of file $1_failed.csv" youremail#domain.com
exit 0`
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
Apart from using this , you can always ask your ops team to send an report by exporting failed job for a particular time and date from Control-m EM GUI
We have many schemas under different databases. I do not have DBA privileges. I do have privileges to log-on to schemas and to change password. We do this password change ones in six months. Currently it's a manual and time consuming process. i.e. log-on to every schema under database/s and change password using "password" command. When I do password changes I have two files - current password and new password.
I log-on to each schema#database and issue following command –
alter user schema_name identified by new_password replace old_password;
Remember I don’t have DBA privileges; I can only log-on to schemas using username and password.
I thought about creating shell script and using “expect” from shell script. Though first trying to find out whether there is any easier approach. I am wondering is there a simple way of doing this either from SQL*Plus or from PL/SQL?
It seems impossible to do it using PLSQL or SQL*Plus because using both of them, you can execute from a single schema only and since there is no DBA privilege, you cannot do it for all schemas, rather you will end up running script after logging into each schema.
You can write a shell script that reads the two files and for each line, it inserts following data into the third file,
sqlplus -s username_1/old_password_1#oracle_instance <<EOF
alter user username_1 identified by new_password1 replace old_password_1;
exit
EOF
sqlplus -s username_2/old_password_2#oracle_instance <<EOF
alter user username_2 identified by new_password_2 replace old_password_2;
exit
EOF
.
.
.
sqlplus -s username_n/old_password_n#oracle_instance <<EOF
alter user username_n identified by new_password_n replace old_password_n;
exit
EOF
and so on
Once the third file is created, execute it after setting its permission to _rwxrwxrwx
You need to script this.
Input: List of tnsalias, List of (schema_name, old password, new password).
Here is the script I use when I alter my account on multiple databases.
$ cat alterpassword.py
"""Update oracle database passwords for user by typing the old and new password once.
"""
import cx_Oracle
import getpass
username = 'bjarte'
connect_strings = ['DB1.SUPERSITE.COM',
'DB2.SUPERSITE.COM',
'DB3.SUPERSITE.COM',
'DB4.SUPERSITE.COM',
'DB5.SUPERSITE.COM',
'DB6.SUPERSITE.COM']
def alter_password(username, old_password, new_password, tnsalias):
connect_string = "%s/%s#%s" % (username, old_password, tnsalias)
try:
connection = cx_Oracle.connect(connect_string)
try:
cursor = connection.cursor()
statement = "alter user %s identified by %s" % (username, new_password)
cursor.execute(statement)
return True
except:
return False
else:
cursor.close()
except:
return False
else:
connection.close()
if __name__ == '__main__':
print "Type in old password"
old_password = getpass.getpass()
print "Type in new password"
new_password = getpass.getpass()
for tnsalias in connect_strings:
success = alter_password(username, old_password, new_password, tnsalias)
if success:
print "password altered for user %s in database %s" % (username, tnsalias)
else:
print "password alternation failed for user %s in database %s" % (username, tnsalias)
You can adjust this script to read input from file and rewrite it in your favorite scripting language - bash, php, Perl, python, ruby or Powershell.
Side note: Schema accounts are not application login-accounts
schema accounts should always be locked (no need for a password change).
When you request for ddl changes for a specific schema, the DBA can open up and give you a password. When done, lock the schema account again.
schema-accounts are special. They own objects and can do ddl like: "drop objecttype objectname". You most likely don't want your applications to have these powerful privileges.