 |
SoftTree Technologies
Technical Support Forums
|
|
| Author |
Message |
Pierre
Joined: 23 May 2005
Posts: 2
|
|
 Remote agent security |
 |
Hello, I'm using Get and SetRemoteVariable.
I have this message : client **** is not authorized. I removed database security's option. Message does not appear and job works, but my operator have full acces
to scheduler. I want to secure my database and authorize remote agent for using
Get and Set Remote Variable. I think that Remote Agent Security is a solution but the option
is not accessible. Thank, **** is my administrator's login.
|
|
| Mon May 23, 2005 5:22 am |
  |
 |
SysOp
Site Admin
Joined: 26 Nov 2006
Posts: 7975
|
|
| Re: Remote agent security |
|
The user logged on to the scheduler machine must be a member of the Administrators user group in the agent in order to change "global" settings and memory. I mean 24x7 user group, not Windows/Network user group. : Hello, : I'm using Get and SetRemoteVariable.
: I have this message : client **** is not authorized. : I removed database security's option. : Message does not appear and job works, but my operator have full acces
: to scheduler. : I want to secure my database and authorize remote agent for using
: Get and Set Remote Variable. : I think that Remote Agent Security is a solution but the option
: is not accessible. : Thank, : **** is my administrator's login.
|
|
| Mon May 23, 2005 8:01 am |
|
|
Pierre
Joined: 23 May 2005
Posts: 2
|
|
| Re: Remote agent security |
|
: The user logged on to the scheduler machine must be a member of the
: Administrators user group in the agent in order to change
: "global" settings and memory. I mean 24x7 user group, not
: Windows/Network user group. I'm using only one administrators user.
This user is a member of Administrators 24x7 user group on my MASTER and my AGENT.
I would like SetRemoteVariable from Agent to Master.
|
|
| Thu May 26, 2005 5:29 am |
|
|
SysOp
Site Admin
Joined: 26 Nov 2006
Posts: 7975
|
|
| Re: Remote agent security |
|
Oh.. I see now, so you are actually pushing the value back from Agent to Master. I've never tried it before. I will experiment with this method and let you know what I find. I assume you are setting the variable on the very same master from which you are running the agent job. PS. Normally if you need to bring the result back to master you would run a job on an agent which sets some global variable (on the agent) and then pull the value of that variable from master using GetRemoteVariable statement. The value can be copied to a global variable on the master. In this case the communication is going only one way "from master to agent." : I'm using only one administrators user.
: This user is a member of Administrators 24x7 user group on my MASTER and my
: AGENT.
: I would like SetRemoteVariable from Agent to Master.
|
|
| Thu May 26, 2005 11:10 am |
|
|
SysOp
Site Admin
Joined: 26 Nov 2006
Posts: 7975
|
|
| Re: Remote agent security |
|
Here is what you need to do. On the master side close 24x7 scheduler and start 24x7 agent. Open Tools/Security menu and add the same user to the agent security with same permissions. Save changes, close the agent and restart the master scheduler. This way you should be able to make the loopback connections work with security. : Oh.. I see now, so you are actually pushing the value back from Agent to
: Master. I've never tried it before. I will experiment with this method and
: let you know what I find. I assume you are setting the variable on the
: very same master from which you are running the agent job. : PS. Normally if you need to bring the result back to master you would run a
: job on an agent which sets some global variable (on the agent) and then
: pull the value of that variable from master using GetRemoteVariable
: statement. The value can be copied to a global variable on the master. In
: this case the communication is going only one way "from master to
: agent."
|
|
| Fri May 27, 2005 11:57 am |
|
|
Cédric
Joined: 20 Jun 2005
Posts: 14
|
|
| Re: Remote agent security |
|
: Here is what you need to do. On the master side close 24x7 scheduler and
: start 24x7 agent. Open Tools/Security menu and add the same user to the
: agent security with same permissions. Save changes, close the agent and
: restart the master scheduler. This way you should be able to make the
: loopback connections work with security. I have been applied your settings, but i have the same problem.
|
|
| Mon Jun 20, 2005 8:33 am |
|
|
SysOp
Site Admin
Joined: 26 Nov 2006
Posts: 7975
|
|
| Re: Remote agent security |
|
Please check again. You still have different settings. I suggest that you use the one-way method for agent-to-master value propagation that was described in the previous response. : I have been applied your settings, but i have the same problem.
|
|
| Mon Jun 20, 2005 8:48 am |
|
|
Cédric
Joined: 20 Jun 2005
Posts: 14
|
|
| Re: Remote agent security |
|
: Please check again. You still have different settings. : I suggest that you use the one-way method for agent-to-master value
: propagation that was described in the previous response. Hello, I create my user on :
- 24x7 master
- 24x7 agent (on the same server)
- 24x7 remote agent
on administrator's group I transfer to my 24x7 mastzer, the name of server (because i have 2 server for my application) who execute Job : Dim (computername, string, @V"computer") AgentTest( "MASTERSCHEDULER1", ONOFF ) If( ONOFF , GOON_A, GOBACK_A) GOON_A: SetRemoteVariable ( "MASTERSCHEDULER1", "global.agentcomputer", computername ) goto NEXT GOBACK_A: SetRemoteVariable ( "MASTERSCHEDULER2", "global.agentcomputer", computername ) goto NEXT global.agentcomputer is an global variable on 24x7 master Job on 24x7 master after job on 24x7 remote agent : GetRemoteVariable (global.agentcomputer, "global.jobid", jobid)
GetRemoteVariable (global.agentcomputer, "global.jobname", jobname)
GetRemoteVariable (global.agentcomputer, "global.STATUS", STATUS) error message : Client ***** not authorized. Connection denied.
Remote job jailed. Exit code: -1. An error occured while executing automation script: Line 7 : connection to agent MASTERSCHEDULER1 failed. Distributed service error. I think is a problem because password isn't tranfer.
|
|
| Tue Jun 28, 2005 9:00 am |
|
|
SysOp
Site Admin
Joined: 26 Nov 2006
Posts: 7975
|
|
| Re: Remote agent security |
|
Sorry, I didn't understand how you use the system. You said you use 2 computers, yet in the script you reference 2 masters schedulers and an agent, which I guess means that you use 3 computers. Let's call these computers A, B and C. You schedule a job on A (master scheduler) that executes remotely on B (agent) or C (another master) and sets some global variables on that remote computer. You then run another job on A that attempts to retrieve values of previously set global variables from computer B or C whichever was used to run the first job. Am I correct? : Hello, : I create my user on : - 24x7 master
: - 24x7 agent (on the same server)
: - 24x7 remote agent
: on administrator's group : I transfer to my 24x7 mastzer, the name of server (because i have 2 server
: for my application) who execute Job : Dim (computername, string,
: @V"computer") : AgentTest( "MASTERSCHEDULER1", ONOFF ) : If( ONOFF , GOON_A, GOBACK_A) : GOON_A: SetRemoteVariable ( "MASTERSCHEDULER1",
: "global.agentcomputer", computername ) : goto NEXT : GOBACK_A: SetRemoteVariable ( "MASTERSCHEDULER2",
: "global.agentcomputer", computername ) : goto NEXT : global.agentcomputer is an global variable on 24x7 master : Job on 24x7 master after job on 24x7 remote agent : GetRemoteVariable
: (global.agentcomputer, "global.jobid", jobid)
: GetRemoteVariable (global.agentcomputer, "global.jobname", jobname)
: GetRemoteVariable (global.agentcomputer, "global.STATUS", STATUS) : error message : Client ***** not authorized. Connection denied.
: Remote job jailed. Exit code: -1. An error occured while executing automation
: script: Line 7 : connection to agent MASTERSCHEDULER1 failed. Distributed
: service error. : I think is a problem because password isn't tranfer.
|
|
| Tue Jun 28, 2005 9:27 am |
|
|
Cédric
Joined: 20 Jun 2005
Posts: 14
|
|
| Re: Remote agent security |
|
: Sorry, I didn't understand how you use the system. You said you use 2
: computers, yet in the script you reference 2 masters schedulers and an
: agent, which I guess means that you use 3 computers. Let's call these
: computers A, B and C. You schedule a job on A (master scheduler) that
: executes remotely on B (agent) or C (another master) and sets some global
: variables on that remote computer. You then run another job on A that
: attempts to retrieve values of previously set global variables from
: computer B or C whichever was used to run the first job. Am I correct? A is a master
B is an agent
C is a backup agent of B A can execute job on B or C B or C use "setremotevariable" to give information (computername B or C) to A
|
|
| Tue Jun 28, 2005 11:48 am |
|
|
Cédric
Joined: 20 Jun 2005
Posts: 14
|
|
| Re: Remote agent security |
|
: A is a master
: B is an agent
: C is a backup agent of B : A can execute job on B or C : B or C use "setremotevariable" to give information (computername B
: or C) to A Hello, Have you got an idea in order to resolve my problem ? Thanks,
|
|
| Thu Jun 30, 2005 4:30 pm |
|
|
SysOp
Site Admin
Joined: 26 Nov 2006
Posts: 7975
|
|
| Re: Remote agent security |
|
I think I already answered that going backward from agent to master is not working. You really need to set the global variable on the agent (B or C) and then call GetRemoteVariable from master (A) to obtain the value. The returned value can be stored in a global variable on the master if you wish so. This could be done in job's Finish event script or in a separate job that runs immediately after the first one (you can chain them if needed using "Run another job" action for Finish event or using job dependencies). : Hello, : Have you got an idea in order to resolve my problem ? : Thanks,
|
|
| Thu Jun 30, 2005 5:12 pm |
|
|
Cédric
Joined: 20 Jun 2005
Posts: 14
|
|
| Re: Remote agent security |
|
Hello, I see, but it works when master security desactived.
I would not declare any hostname in jobscript.
Multiple host are declared in graphical mode (Agent's anme and backup agent).
When Job finished successfuly or not, i run a job who read with "getremotevariable" jobid/jobstatus on Agent Host
(Agent Host setremotevariable with it's own name to Master). Job 1 on Master : Dim ( global.agentcomputer, string )
Dim( global.login_sgbd, string )
set( global.login_sgbd, "****" )
Dim( global.password_sgbd, string )
set( global.password_sgbd, "****" ) Job 2 on Agent : Dim (ONOFF, boolean)
Dim (RESULT, string)
Dim (EXITCODE_PRG, number)
Dim (ANALYSE, boolean)
Dim (chaine0, string, "C:\\Program Files\\Microsoft SQL Server\\80\\Tools\\Binn\\" )
Dim (chaine1, string, "C:\\Program Files\\Microsoft SQL Server\\80\\Tools\\Binn\\DTSRun.exe /S (local) /U ")
Dim (chaine2, string, " /P ")
Dim (chaine3, string, " /N ")
Dim (chaine4, string, " /A user:8=")
Dim (chaine5, string, " /A password:8=")
Dim (computername, string, @V"computer")
Dim (global.jobid, number, @V"job_id")
Dim (global.jobname, string, @V"job_name")
Dim (global.prgname, string, "ALIM_RC1_TRT")
Dim (global.STATUS ,number) AgentTest( "MASTERSCHEDULER1", ONOFF ) If( ONOFF , GOON_A, GOBACK_A) GOON_A: SetRemoteVariable ( "MASTERSCHEDULER1", "global.agentcomputer", computername ) goto NEXT GOBACK_A: SetRemoteVariable ( "MASTERSCHEDULER2", "global.agentcomputer", computername ) goto NEXT
NEXT:
concatEx ( chaine1, global.login_sgbd, chaine2, global.password_sgbd, chaine3, global.prgname, RESULT )
RunConfig( "DESKTOP", "winsta0\default" )
RunAndWAit( RESULT, chaine0,"", EXITCODE_PRG )
ProcessGetExitCode( global.STATUS )
If( ANALYSE , GOON_B, GOBACK_B) GOON_B: //MailSend( "","", "", "SUCCES", global.STATUS) goto FIN GOBACK_B: //MailSend( "","", "", "ERREUR", global.STATUS) erreur_inconnue FIN: exit Job 3 on MASTER (executed when Job 2 are finished) : Dim (jobid, string)
Dim (jobname, string)
Dim (STATUS, string)
Dim (ANALYSE, boolean)
Dim (MSG, string)
Dim (chaineSUC, string, "Succès de l'exécution du programme ")
Dim (chaineERR, string, "Erreur pendant l'exécution du programme ") GetRemoteVariable (global.agentcomputer, "global.jobid", jobid)
GetRemoteVariable (global.agentcomputer, "global.jobname", jobname)
GetRemoteVariable (global.agentcomputer, "global.STATUS", STATUS) IsEqual( STATUS, 0, ANALYSE )
If( ANALYSE , GOON, GOBACK) GOON: concat (chaineSUC ,jobname, MSG) LogAddMessageEx( "INFO", jobid,jobname, MSG ) goto FIN GOBACK: concat (chaineERR ,jobname, MSG) LogAddMessageEx( "ERROR", jobid,jobname, MSG ) FIN: exit
|
|
| Thu Jun 30, 2005 5:35 pm |
|
|
SysOp
Site Admin
Joined: 26 Nov 2006
Posts: 7975
|
|
| Re: Remote agent security |
|
You are correct, this happens only when the security is turned on because internally it uses a different communication protocol. This limitation might be lifted in future versions, but right now you cannot use agent-to-server callbacks when security option is enabled.
I now see your reason for using B and C. You really don't know which is used and that's why you need to do a callback.
I would like to suggest using some other method to pass the data around. For example from the agent you can write to a text or .INI file on the server located in a shared directory and then read that file from the master (post job processing). This way you don't care which agent runs the job because both agents will write the same file in the same directory and after the job you would always read the same file. : Hello, : I see, but it works when master security desactived.
: I would not declare any hostname in jobscript.
: Multiple host are declared in graphical mode (Agent's anme and backup agent).
: When Job finished successfuly or not, i run a job who read with
: "getremotevariable" jobid/jobstatus on Agent Host
: (Agent Host setremotevariable with it's own name to Master). : Job 1 on Master : Dim ( global.agentcomputer, string )
: Dim( global.login_sgbd, string )
: set( global.login_sgbd, "****" )
: Dim( global.password_sgbd, string )
: set( global.password_sgbd, "****" ) : Job 2 on Agent : Dim (ONOFF, boolean)
: Dim (RESULT, string)
: Dim (EXITCODE_PRG, number)
: Dim (ANALYSE, boolean)
: Dim (chaine0, string, "C:\\Program Files\\Microsoft SQL
: Server\\80\\Tools\\Binn\\" )
: Dim (chaine1, string, "C:\\Program Files\\Microsoft SQL
: Server\\80\\Tools\\Binn\\DTSRun.exe /S (local) /U ")
: Dim (chaine2, string, " /P ")
: Dim (chaine3, string, " /N ")
: Dim (chaine4, string, " /A user:8=")
: Dim (chaine5, string, " /A password:8=")
: Dim (computername, string, @V"computer")
: Dim (global.jobid, number, @V"job_id")
: Dim (global.jobname, string, @V"job_name")
: Dim (global.prgname, string, "ALIM_RC1_TRT")
: Dim (global.STATUS ,number) : AgentTest( "MASTERSCHEDULER1", ONOFF ) : If( ONOFF , GOON_A, GOBACK_A) : GOON_A: SetRemoteVariable ( "MASTERSCHEDULER1",
: "global.agentcomputer", computername ) : goto NEXT : GOBACK_A: SetRemoteVariable ( "MASTERSCHEDULER2",
: "global.agentcomputer", computername ) : goto NEXT
: NEXT: concatEx ( chaine1, global.login_sgbd, chaine2, global.password_sgbd,
: chaine3, global.prgname, RESULT )
: RunConfig( "DESKTOP", "winsta0\default" )
: RunAndWAit( RESULT, chaine0,"", EXITCODE_PRG )
: ProcessGetExitCode( global.STATUS )
: If( ANALYSE , GOON_B, GOBACK_B) : GOON_B: //MailSend( "","", "",
: "SUCCES", global.STATUS) : goto FIN : GOBACK_B: //MailSend( "","", "",
: "ERREUR", global.STATUS) : erreur_inconnue : FIN: exit : Job 3 on MASTER (executed when Job 2 are finished) : Dim (jobid, string)
: Dim (jobname, string)
: Dim (STATUS, string)
: Dim (ANALYSE, boolean)
: Dim (MSG, string)
: Dim (chaineSUC, string, "Succès de l'exécution du programme ")
: Dim (chaineERR, string, "Erreur pendant l'exécution du programme ") : GetRemoteVariable (global.agentcomputer, "global.jobid", jobid)
: GetRemoteVariable (global.agentcomputer, "global.jobname", jobname)
: GetRemoteVariable (global.agentcomputer, "global.STATUS", STATUS) : IsEqual( STATUS, 0, ANALYSE )
: If( ANALYSE , GOON, GOBACK) : GOON: concat (chaineSUC ,jobname, MSG) : LogAddMessageEx( "INFO", jobid,jobname, MSG ) : goto FIN : GOBACK: concat (chaineERR ,jobname, MSG) : LogAddMessageEx( "ERROR", jobid,jobname, MSG ) : FIN: exit
|
|
| Thu Jun 30, 2005 6:00 pm |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
