Below is my Oracle query which is running via PowerShell. It is working fine with no error if I am running it locally on that machine.
[Reflection.Assembly]::LoadFile("E:\oracle\product\11.2.0\ODP.NET\bin\2.x\Oracle.DataAccess.dll")
$constr = "User Id=system;Password=pass;Data Source=API"
$conn= New-Object Oracle.DataAccess.Client.OracleConnection($constr)
$conn.Open()
$sql="select * from dba_users"
$command = New-Object Oracle.DataAccess.Client.OracleCommand($sql,$conn)
$reader=$command.ExecuteReader()
while($reader.Read()){
$reader.GetString(0)
}
$conn.Close()
I want to run same query on other machine from this machine. I can say I want to run it remotely.
When I run it I am getting this error:
Exception calling "Open" with "0" argument(s): "ORA-12541: TNS:no
listener"
I can't add entry in Tnsora file.
Can anybody advise me any alternative way to achive this?
If you can't modify the tnsora, you have to use either EZConnect or the connect descriptor as your connection string. Try this:
$userId = 'system'
$password = 'pass'
$host = 'ip or hostname'
$port = '1521'
$serviceName = 'Your service name'
$constr = "User Id=$userId;Password=$password;Data Source=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=$host)(PORT=$port))(CONNECT_DATA=(SERVICE_NAME=$serviceName)))"
Related
So my organization has tasked me with cleaning up some of the security issues in regards to some automated scripts that have hard coded passwords within the scripts that are running as automated tasks. One such task contains SFTP scripts that export and import files to and from with the password, host name, credentials, port, and everything exposed within the script. As a result, I would like to first see about how to call such credentials within a separate file that can be hidden and two see about encryption and salting it later. But my main focus is getting them out of the script in case traffic is every intercepted. Here is what the PowerShell code looks like:
param (
$localPath = 'E:\FTP\SchooLinks\course_requests.csv',
$remotePath = '/schoolinks_exports/course_planning/course_requests.csv'
)
try
{
# Load WinSCP .NET assembly
Add-Type -Path "C:\Program Files (x86)\WinSCP\WinSCPnet.dll"
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property #{
Protocol = [WinSCP.Protocol]::Sftp
HostName = "<domain_name>"
UserName = "<username>"
Password = "<password>"
SshHostKeyFingerprint = "<fingerprint>"
}
$session = New-Object WinSCP.Session
try
{
# Connect
$session.Open($sessionOptions)
# Upload files
$transferOptions = New-Object WinSCP.TransferOptions
$transferOptions.TransferMode = [WinSCP.TransferMode]::Binary
$transferResult =
$session.GetFiles($remotePath, $localPath, $False, $transferOptions)
# Throw on any error
$transferResult.Check()
# Print results
foreach ($transfer in $transferResult.Transfers)
{
Write-Host "Download of $($transfer.FileName) succeeded"
}
}
finally
{
# Disconnect, clean up
$session.Dispose()
}
exit 0
}
catch
{
Write-Host "Error: $($_.Exception.Message)"
exit 1
}
Another one that we have looks like this:
param (
$localPath = 'E:\FTP\TalentEd\SkywardApplicantExportSQL.txt',
$remotePath = '/SkywardApplicantExportSQL.txt'
)
try
{
# Load WinSCP .NET assembly
Add-Type -Path "C:\Program Files (x86)\WinSCP\WinSCPnet.dll"
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property #{
Protocol = [WinSCP.Protocol]::Sftp
HostName = "<domain>"
UserName = "<username>"
Password = "<password>"
SshHostKeyFingerprint = "<sha_fingerprint>"
}
$session = New-Object WinSCP.Session
try
{
# Connect
$session.Open($sessionOptions)
# Upload files
$transferOptions = New-Object WinSCP.TransferOptions
$transferOptions.TransferMode = [WinSCP.TransferMode]::Binary
$transferResult =
$session.GetFiles($remotePath, $localPath, $False, $transferOptions)
# Throw on any error
$transferResult.Check()
# Print results
foreach ($transfer in $transferResult.Transfers)
{
Write-Host "Download of $($transfer.FileName) succeeded"
}
}
finally
{
# Disconnect, clean up
$session.Dispose()
}
exit 0
}
catch
{
Write-Host "Error: $($_.Exception.Message)"
exit 1
}
I am familiar with Python and json and calling stuff within a json file similar to the following:
import json
with open('secrets.json','r') as f:
config = json.load(f)
and calling it with (config['object']['nested_element']) within the Python script.
I would like to do something similar with PowerShell, however I have very limited knowledge to PowerShell.
Yeppers, of course, never store creds in clear text in files.
There are several ways to store credentials for use. Secure file (xml, etc..), the registry, or Windows Credential Manager and this is well documented on Microsoft sites, as well as in many articles all over the web and via Q&A's on StackOverflow.
Just search for 'securely store credentials PowerShell'
Sample results...
Working with Passwords, Secure Strings and Credentials in Windows
PowerShell
How to run a PowerShell script against multiple Active Directory
domains with different credentials
Accessing Windows Credentials Manager from PowerShell
Save Encrypted Passwords to Registry for PowerShell
...and/or the modules via the MS powershellgallery.com directly installable from your PowerShell environments.
Find-Module -Name '*cred*' |
Format-Table -AutoSize
<#
# Results
Version Name Repository Description
------- ---- ---------- -----------
2.0 CredentialManager PSGallery Provides access to credentials in the Windows Credential Manager
2.0.168 VcRedist PSGallery A module for lifecycle management of the Microsoft Visual C++ Redistributables. Downloads the supp...
1.3.0.0 xCredSSP PSGallery Module with DSC Resources for WSMan CredSSP.
1.1 VPNCredentialsHelper PSGallery A simple module to set the username and password for a VPN connection through PowerShell. Huge tha...
1.0.11 pscredentialmanager PSGallery This module allows management and automation of Windows cached credentials.
4.5 BetterCredentials PSGallery A (compatible) major upgrade for Get-Credential, including support for storing credentials in Wind...
1.0.4 WindowsCredential PSGallery Management module for Windows Credential Store.
...
#>
So many thanks to #postanote and #Martin Prikryl I was able to figure this out.
You can basically use a config.xml file with contents similar to this:
<Configuration>
<localPath>insert_local_file_path</localPath>
<remotePath>insert_remote_file_path</remotePath>
<Protocol>[WinSCP.Protocol]::Sftp</Protocol>
<HostName>insert_hostname</HostName>
<UserName>username</UserName>
<Password>mypassword</Password>
<SshHostKeyFingerPrint>fingerprint</SshHostKeyFingerPrint>
</Configuration>
From here you can use the following at the beginning of your template:
# Read XML configuration file
[xml]$config = Get-Content ".\config.xml"
param (
$localPath = $config.Configuration.localPath
$remotePath = $config.Configuration.remotePath
)
try
{
# Load WinSCP .NET assembly
Add-Type -Path "C:\Program Files (x86)\WinSCP\WinSCPnet.dll"
# Setup session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property #{
Protocol = $config.Configuration.Protocol
HostName = $config.Configuration.HostName
UserName = $config.Configuration.UserName
Password = $config.Configuration.Password
SshHostKeyFingerprint = $config.Configuration.SshHostKeyFingerprint
}
I have more SFTP templates here people can use at
https://github.com/Richard-Barrett/ITDataServicesInfra/tree/master/SFTP
I am using PowerShell Pro Tools to create a GUI application that consists of all the common scripts I would run on a clients server:
main.ps1
main.ps1 loads a ServerConnection form on load:
The code behind this is pretty basic, it just gets the database name and server address for an SQL server:
$btnConfirm_Click = {
$ServerConnectForm.Close();
}
$btnTest_Click = {
## Set database connection variables [global]
$Global:databaseName = $cmbDatabaseName.Text;
$Global:serverAddress = $txtServerAddress.Text;
## Check db connection
$testResult = Invoke-SqlCmd -serverInstance $serverAddress -Database $databaseName -Query "SELECT TOP 1 SettingName FROM Settings";
## Write results to user
if ( $testResult -ne $null ) {
$lblTestResult.ForeColor = "#2acc18";
$lblTestResult.Text = "Test connection successfull";
<# If test connection success enable confirm button #>
$btnConfirm.Enabled = $true;
}
else {
$lblTestResult.ForeColor = "#d61111";
$lblTestResult.Text = "Test connection failed";
}
}
$txtServerAddress_Leave = {
## Get TRIS database list
$databaseList = Invoke-Sqlcmd -ServerInstance $txtServerAddress.Text -Query "
SELECT name FROM sys.databases WHERE CASE WHEN state_desc = 'ONLINE' THEN OBJECT_ID(QUOTENAME(name) + '.[dbo].[settings]', 'U') END IS NOT NULL
"
## Clear combo box
$cmbDatabaseName.Items.Clear();
## Add to combo box
foreach ($database in $databaseList) {
$cmbDatabaseName.Items.Add($database.ItemArray[0]);
}
}
. (Join-Path $PSScriptRoot 'main.designer.ps1')
$MainForm.ShowDialog()
The problem is that when I either compile this into an executable or run main.ps1 directly from the project folder, none of the code outside of main.ps1 works. The form will show up but I cannot find a way to get the code behind the form to work. For example in the ServerConnection form, adding a server address does not populate the database names and the test connection button does nothing.
Running from within Visual Studio works as intended.
Any help on this would be greatly appreciated.
EDIT :: Show the server connection form call in main.ps1
MainForm_Load
$MainForm_Load = {
## Launch server connection form
. (Join-Path $PSScriptRoot 'ServerConnect.designer.ps1');
$ServerConnectForm.ShowDialog();
## Call prereq analysis
PrereqAnalysis
}
It might be an issue with the scoping of your code.
If code outside the current scope of a session depends on said session, it will not work.
You could try setting the scope of variables and functions to global while you troubleshoot to see if it makes a difference, then change it back until you find where the scope goes wrong.
Microsoft have a good MSDoc page about Powershell scopes
Background:
I have a server with Windows 2008 R2 installed running as a terminal server session host. I have a long list of local users set-up and configured as remote desktop users. When the users remotely log on using remote desktop connection, a program automatically starts up. When the user closes that program, the session ends. This all works fine if I set it up manually.
My Question:
I have written a script to add a list of local users automatically and setup and configure the properties. The problem is that nowhere can I find how to set the "Environment" > "Start the following program at logon" properties. (See image for the properties I want to set)
A sample portion of my current script is as follow:
$computer = "localhost"
$userName = "aTestUser"
$objComputer = [ADSI]"WinNT://$computer"
$objUser = $objComputer.Create('user', $userName)
$objUser.SetPassword("Password")
$objUser.PSBase.InvokeSet('Description', "Some description for $userName")
$objUser.PSBase.InvokeSet('userflags', 512)
$objUser.PSBase.InvokeSet('passwordExpired', 1)
$objUser.SetInfo();
I also tried this command which doesn't work:
$objUser.PSBase.InvokeSet("TerminalServicesInitialProgram", "C:\programs\a_test_program.exe")
I have searched on Microsoft's MSDN site and Google and StackOverflow but could not find this specific property.
I found a solution here.
$ou = [adsi]"WinNT://127.0.0.1"
$user = $ou.psbase.get_children().find("test")
$user.PSBase.InvokeSet("TerminalServicesInitialProgram", "C:\logoff.bat")
$user.setinfo()
Okay, so I finally got it working. Seems like you have to first create the user then open it again for editing before the InvokeSet sets the TerminalServicesInitialProgram property.
I am not sure, maybe someone can share some experience or explanation.
Thank you to everyone for your help and assistance.
Working Code:
# Read the CSV file and create the users
# The CSV file structure is:
# UserName,FullName,Description
$Users = Import-Csv -Path "C:\Users.csv"
foreach ($User in $Users)
{
# adds user
$computer = "localhost"
$username = $User.UserName
#$username = "atest001"
$fullname = $User.FullName
#$fullname = "My Name"
$description = $User.Description
#$description = "A new user description"
$password = "MyGreatUnbreakableSecretPassword"
$objComputer = [ADSI]"WinNT://$computer"
$objUser = $objComputer.Create('user', $username)
$objUser.SetPassword($password)
$objUser.PSBase.InvokeSet("Description", $description)
$objUser.PSBase.InvokeSet('userflags', 65536)
$objUser.SetInfo();
# set password not to expire
#wmic USERACCOUNT WHERE "Name = '$username'" SET Passwordexpires=FALSE
# Add to groups
$group = [ADSI]"WinNT://./Power Users,group"
$group.Add("WinNT://$username,user")
$group = [ADSI]"WinNT://./WW_Users,group"
$group.Add("WinNT://$username,user")
$ou = [adsi]"WinNT://127.0.0.1"
$user = $ou.psbase.get_children().find($username)
$user.PSBase.InvokeSet("TerminalServicesInitialProgram", "C:\Program Files (x86)\Wonderware\InTouch\view.exe c:\program files (x86)\archestra\framework\bin\sibanyegold-kdce_app_tse1_test")
$user.PSBase.InvokeSet("MaxConnectionTime", 120)
$user.PSBase.InvokeSet("MaxDisconnectionTime", 1)
$user.PSBase.InvokeSet("MaxIdleTime", 30)
$user.PSBase.InvokeSet("BrokenConnectionAction", 1)
$user.PSBase.InvokeSet("ReconnectionAction", 1)
$user.PSBase.InvokeSet("FullName", $fullname)
$user.setinfo()
}
I have an issue with a PowerShell script that i am running. This script uses ODAC (oracle data access components) to connect to an oracle database and obtain some values.
I've recently had to change the port number i use in sql developer to connect to the database.
However, when i've tried to change this port number in my powershell script i get an error
ORA-12514: TNS:listener does not currently know of service requested in connect descriptor
Any ideas as to why this is happening?
I use the following :
I install ODAC1120320Xcopy_x64.zip in C:\oracle (see newer versions here)
Here is a snipet ExecuteReader() you can also use ExecuteNonQuery()
# Load Oracle assembly
Add-Type -Path "C:\oracle\odp.net\bin\4\Oracle.DataAccess.dll"
$compConStr = "Data Source=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=10.213.6.15)(PORT=1521)))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=OURSERVICENAME)));User Id=User;Password=Pass;Pooling=False"
# Establish the connexion
$oraConn= New-Object Oracle.DataAccess.Client.OracleConnection($compConStr)
$oraConn.Open()
$sql1Tpl = #"
SELECT masi.yyyy as TYPE_ID FROM xxxx masi
WHERE masi.serno = '{0}'
"#
$sql1 = $sql1Tpl -replace "blabla"
# Exécution
$command1 = New-Object Oracle.DataAccess.Client.OracleCommand($sql1,$oraConn)
$command1.CommandTimeout = 1500
$reader1 =$command1.ExecuteReader()
$clocationID = $null
if ($reader1.HasRows -eq $true)
{
$read =$reader1.read()
if ($read -eq $true)
{
$clocationID = $reader1["C_LOCATION_ID"]
}
}
# Close the reader
$reader1.close()
# Disconect
$oraConn.Close()
The following error is logged when I try to call Fill(), and my powershell session crashes.
Event Type: Error Event Source: .NET Runtime Description: .NET Runtime
version 2.0.50727.3625 - Attempted to read or write protected memory.
This is often an indication that other memory is corrupt.
My script looks like:
$asm = [System.Reflection.Assembly]::LoadWithPartialName(“Oracle.DataAccess”)
$userName = "foo"
$tnsDbName = "bar"
$pass = "foobar"
$connectionString = "User Id=$userName;Password=$pass;Data Source=$tnsDbName"
$q = #"
SELECT * FROM blah WHERE blar = '5848752'
"#
$cstr = $connectionString
$conn= New-Object Oracle.DataAccess.Client.OracleConnection($cstr)
$conn.open()
$adapter = New-Object Oracle.DataAccess.Client.OracleDataAdapter($q,$conn)
$dataset = New-Object Data.DataSet
$adapter.Fill($dataset)
$dataset.Tables[0]
If I only run up through the "$adapter =" line to see the state of things before a crash I have:
PS H:\> $asm.GetName()
Version Name
------- ----
10.2.0.100 Oracle.DataAccess
PS H:\> $adapter.SelectCommand.Connection | fl ClientID,ConnectionTimeout,ServerVersion,State
ClientId :
ConnectionTimeout : 15
ServerVersion : 10.2.0.4.0
State : Open
I'm open to suggestions! There MAY have been an update to the ODP.NET done on my computer, but all other applications that use it (some simple winform apps) and Toad for Oracle are working without problems.
Have you seen this? An access violation occurs when you run a .NET Framework 2.0-based application that has a virtual call the IList, IEnumerable, or ICollection interface in an LCG (Lightweight Code Generation) method. A DataSet does implement IListSource that has a method GetList() which returns an IList which implements IEnumerable.