尊敬的 微信汇率:1円 ≈ 0.046166 元 支付宝汇率:1円 ≈ 0.046257元 [退出登录]
SlideShare a Scribd company logo

VPN Access Runbook

Download as DOCX, PDF
Taha Shakeel
Taha Shakeel

1. The runbook grants a user VPN access by making changes to their Active Directory profile after their request is approved. 2. It runs .NET scripts to extract the user's SAM account name and grant VPN access by setting the msnpallowdialin property to true. 3. It then gets information on the user and their manager from Active Directory to notify them by email that VPN access was granted.

1 of 15
VPN Access Runbook Title Grant User VPN Access Description User requests for VPN access from service manager portal, after concerned parties approve this request this runbbok is run to give user access to VPN. Status Not yet tested. (Should work just fine). Needed rights to make changes in Active Directory. Runbook 1. Initialize Data Part of Runbookcontrol IP,gets data fromservice portal form.Inthiscase the User ID. 2. Run .Net Script (Extracting SAM account name) Thisscriptingactivityisused incase userentersthe UPN suffix alongwithhisID.Thisscriptensuresthatonlya validuserID isused.
AssemblyLink:C:WindowsMicrosoft.NETFrameworkv2.0.50727System.dll Both namespace andassemblyare addedviathe “ADD”button.
3. Run .Net Script (Grant VPNAccess) Thisis the actual work,the scriptwhichgrants userVPN accessby makingthe msnpallowdialin property true. Scriptis writteninPoweshell. Code Snippet # Set script parameters from runbook data bus and Orchestrator global variables $DataBusInput1 = "`d.T.~Ed/{160D8A4D-B838-45E3-81B5- D30C79069E7C}.SamAccountName`d.T.~Ed/" $DataBusInput2 = "Test value 2" #----------------------------------------------------------------------- ## Initialize result and trace variables # $ResultStatus provides basic success/failed indicator # $ErrorMessage captures any error text generated by script # $Trace is used to record a running log of actions $ResultStatus = "" $ErrorMessage = "" $Trace = (Get-Date).ToString() + "`t" + "Runbook activity script started" + " `r`n" # Create argument array for passing data bus inputs to the external script session $argsArray = @() $argsArray += $DataBusInput1 $argsArray += $DataBusInput2 # Establish an external session (to localhost) to ensure 64bit PowerShell runtime using the latest version of PowerShell installed on the runbook server # Use this session to perform all work to ensure latest PowerShell features and behavior available $Session = New-PSSession -ComputerName localhost # Invoke-Command used to start the script in the external session. Variables returned by script are then stored in the $ReturnArray variable $ReturnArray = Invoke-Command -Session $Session -Argumentlist $argsArray -ScriptBlock { # Define a parameter to accept each data bus input value. Recommend matching names of parameters and data bus input variables above Param( [ValidateNotNullOrEmpty()] [string]$DataBusInput1, [ValidateNotNullOrEmpty()] [string]$DataBusInput2 ) # Define function to add entry to trace log variable function AppendLog ([string]$Message) { $script:CurrentAction = $Message $script:TraceLog += ((Get-Date).ToString() + "`t" + $Message + " `r`n") }
# Set external session trace and status variables to defaults $ResultStatus = "" $ErrorMessage = "" $script:CurrentAction = "" $script:TraceLog = "" try { # Add startup details to trace log AppendLog "Script now executing in external PowerShell version [$($PSVersionTable.PSVersion.ToString())] session in a [$([IntPtr]::Size * 8)] bit process" AppendLog "Running as user [$([Environment]::UserDomainName)$([Environment]::UserName)] on host [$($env:COMPUTERNAME)]" AppendLog "Parameter values received: DataBusInput1=[$DataBusInput1]; DataBusInput2=[$DataBusInput2]" # The actual work the script does goes here AppendLog "Doing first action" #the actual code which does the work Import-Module ActiveDirectory $myCustomVariable=GET-ADUser $DataBusInput1 -Properties msnpallowdialin | select - expand msnpallowdialin Set-ADUser $DataBusInput1 -replace @{msnpallowdialin=$true} $myCustomVariable2=GET-ADUser $DataBusInput1 -Properties msnpallowdialin | select - expand msnpallowdialin # Validate results and set return status AppendLog "Finished work, determining result" $EverythingWorked = $true if($EverythingWorked -eq $true) { $ResultStatus = "Success" } else { $ResultStatus = "Failed" } } catch { # Catch any errors thrown above here, setting the result status and recording the error message to return to the activity for data bus publishing $ResultStatus = "Failed" $ErrorMessage = $error[0].Exception.Message AppendLog "Exception caught during action [$script:CurrentAction]: $ErrorMessage" } finally { # Always do whatever is in the finally block. In this case, adding some additional detail about the outcome to the trace log for return if($ErrorMessage.Length -gt 0) {
AppendLog "Exiting external session with result [$ResultStatus] and error message [$ErrorMessage]" } else { AppendLog "Exiting external session with result [$ResultStatus]" } } # Return an array of the results. Additional variables like "myCustomVariable" can be returned by adding them onto the array $resultArray = @() $resultArray += $ResultStatus $resultArray += $ErrorMessage $resultArray += $script:TraceLog $resultArray += $myCustomVariable $resultArray += $myCustomVariable2 return $resultArray }#End Invoke-Command # Get the values returned from script session for publishing to data bus $ResultStatus = $ReturnArray[0] $ErrorMessage = $ReturnArray[1] $Trace += $ReturnArray[2] $MyCustomVariable = $ReturnArray[3] $MyCustomVariable2 = $ReturnArray[4] # Record end of activity script process $Trace += (Get-Date).ToString() + "`t" + "Script finished" + " `r`n" # Close the external session Remove-PSSession $Session
4. GetUser Part of the active directoryIP.We are basicallyusingthistogetthe affectedusersemail addressandhismanger so that theymaybe notifiedof the decisionthatVPN accesshasbeengrantedtothe user. SelectName as“Active Directory”bypressingthe Ellipse(…) button. In the Propertiesfield“Searchroot”isacquiredbythe Optional Propertiesbutton. The Search Root fieldisfilled,byusingsubscribe variable.
Nowfromthe lefttabselectFilter: Press“ADD”.
Value fieldispopulatedbyusingpublisheddata. 5. GetUser(GetManager) Thisactivityof get userisusedto fetchinformationaboutthe user’sdirectmanager.
NowselectingFilterTab: Use “ADD” buttonand populate asfollows: How value fieldispopulated: Nowwe use publisheddataandplace data betweenthe firsttwo“invertedcommas”
6. Appendline Write the resultsina file: The Text AreaInclude: Before:
UserEmal: ManagerEmail:
After: 7. Create And Send Email (Notifyuserand Manager of VPN AccessAllowed) Part of Exchange userIP. To:
Done usingPublishedDatatechnique. Body:
UserName: Email: Ok,and Finish.Done.

Recommended

Powershell function
Powershell functionPowershell function
Powershell function
LearningTech
 
Bootstrap
BootstrapBootstrap
Bootstrap
NexThoughts Technologies
 
Java Script Promise
Java Script PromiseJava Script Promise
Java Script Promise
Alok Guha
 
Angular promises and http
Angular promises and httpAngular promises and http
Angular promises and http
Alexe Bogdan
 
Gwt and Xtend
Gwt and XtendGwt and Xtend
Gwt and Xtend
Sven Efftinge
 
Auto-GWT : Better GWT Programming with Xtend
Auto-GWT : Better GWT Programming with XtendAuto-GWT : Better GWT Programming with Xtend
Auto-GWT : Better GWT Programming with Xtend
Sven Efftinge
 
Boot strap.groovy
Boot strap.groovyBoot strap.groovy
Boot strap.groovy
Vijay Shukla
 
JavaScript Promises
JavaScript PromisesJavaScript Promises
JavaScript Promises
L&T Technology Services Limited
 

Recommended

Powershell function
Powershell functionPowershell function
Powershell function
LearningTech
 
Bootstrap
BootstrapBootstrap
Bootstrap
NexThoughts Technologies
 
Java Script Promise
Java Script PromiseJava Script Promise
Java Script Promise
Alok Guha
 
Angular promises and http
Angular promises and httpAngular promises and http
Angular promises and http
Alexe Bogdan
 
Gwt and Xtend
Gwt and XtendGwt and Xtend
Gwt and Xtend
Sven Efftinge
 
Auto-GWT : Better GWT Programming with Xtend
Auto-GWT : Better GWT Programming with XtendAuto-GWT : Better GWT Programming with Xtend
Auto-GWT : Better GWT Programming with Xtend
Sven Efftinge
 
Boot strap.groovy
Boot strap.groovyBoot strap.groovy
Boot strap.groovy
Vijay Shukla
 
JavaScript Promises
JavaScript PromisesJavaScript Promises
JavaScript Promises
L&T Technology Services Limited
 
GPars For Beginners
GPars For BeginnersGPars For Beginners
GPars For Beginners
Matt Passell
 
Config BuildConfig
Config BuildConfigConfig BuildConfig
Config BuildConfig
NexThoughts Technologies
 
Store and Process Big Data with Hadoop and Cassandra
Store and Process Big Data with Hadoop and CassandraStore and Process Big Data with Hadoop and Cassandra
Store and Process Big Data with Hadoop and Cassandra
Deependra Ariyadewa
 
Python in the database
Python in the databasePython in the database
Python in the database
pybcn
 
Graphql, REST and Apollo
Graphql, REST and ApolloGraphql, REST and Apollo
Graphql, REST and Apollo
Christoffer Noring
 
exportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailboxexportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailbox
Daniel Gilhousen
 
Deep Dive into React Hooks
Deep Dive into React HooksDeep Dive into React Hooks
Deep Dive into React Hooks
Felix Kühl
 
Component lifecycle hooks in Angular 2.0
Component lifecycle hooks in Angular 2.0Component lifecycle hooks in Angular 2.0
Component lifecycle hooks in Angular 2.0
Eyal Vardi
 
Async all around us (promises)
Async all around us (promises)Async all around us (promises)
Async all around us (promises)
Francisco Ferreira
 
Q
QQ
Q
Nelma Sooai
 
Intro to Redux | DreamLab Academy #3
Intro to Redux | DreamLab Academy #3 Intro to Redux | DreamLab Academy #3
Intro to Redux | DreamLab Academy #3
DreamLab
 
Talk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetTalk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe Converset
CocoaHeads France
 
Psycopg2 - Connect to PostgreSQL using Python Script
Psycopg2 - Connect to PostgreSQL using Python ScriptPsycopg2 - Connect to PostgreSQL using Python Script
Psycopg2 - Connect to PostgreSQL using Python Script
Survey Department
 
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Codemotion
 
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Tsuyoshi Yamamoto
 
Mule esb object_to_jackson_json
Mule esb object_to_jackson_jsonMule esb object_to_jackson_json
Mule esb object_to_jackson_json
Davide Rapacciuolo
 
Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4
DEVCON
 
Rxjs marble-testing
Rxjs marble-testingRxjs marble-testing
Rxjs marble-testing
Christoffer Noring
 
Php sql-android
Php sql-androidPhp sql-android
Php sql-android
maamir farooq
 
Accessible Ajax on Rails
Accessible Ajax on RailsAccessible Ajax on Rails
Accessible Ajax on Rails
supervillain
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the Trenches
Jonathan Wage
 
Symfony2 - from the trenches
Symfony2 - from the trenchesSymfony2 - from the trenches
Symfony2 - from the trenches
Lukas Smith
 

More Related Content

What's hot

GPars For Beginners
GPars For BeginnersGPars For Beginners
GPars For Beginners
Matt Passell
 
Config BuildConfig
Config BuildConfigConfig BuildConfig
Config BuildConfig
NexThoughts Technologies
 
Store and Process Big Data with Hadoop and Cassandra
Store and Process Big Data with Hadoop and CassandraStore and Process Big Data with Hadoop and Cassandra
Store and Process Big Data with Hadoop and Cassandra
Deependra Ariyadewa
 
Python in the database
Python in the databasePython in the database
Python in the database
pybcn
 
Graphql, REST and Apollo
Graphql, REST and ApolloGraphql, REST and Apollo
Graphql, REST and Apollo
Christoffer Noring
 
exportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailboxexportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailbox
Daniel Gilhousen
 
Deep Dive into React Hooks
Deep Dive into React HooksDeep Dive into React Hooks
Deep Dive into React Hooks
Felix Kühl
 
Component lifecycle hooks in Angular 2.0
Component lifecycle hooks in Angular 2.0Component lifecycle hooks in Angular 2.0
Component lifecycle hooks in Angular 2.0
Eyal Vardi
 
Async all around us (promises)
Async all around us (promises)Async all around us (promises)
Async all around us (promises)
Francisco Ferreira
 
Q
QQ
Q
Nelma Sooai
 
Intro to Redux | DreamLab Academy #3
Intro to Redux | DreamLab Academy #3 Intro to Redux | DreamLab Academy #3
Intro to Redux | DreamLab Academy #3
DreamLab
 
Talk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetTalk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe Converset
CocoaHeads France
 
Psycopg2 - Connect to PostgreSQL using Python Script
Psycopg2 - Connect to PostgreSQL using Python ScriptPsycopg2 - Connect to PostgreSQL using Python Script
Psycopg2 - Connect to PostgreSQL using Python Script
Survey Department
 
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Codemotion
 
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Tsuyoshi Yamamoto
 
Mule esb object_to_jackson_json
Mule esb object_to_jackson_jsonMule esb object_to_jackson_json
Mule esb object_to_jackson_json
Davide Rapacciuolo
 
Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4
DEVCON
 
Rxjs marble-testing
Rxjs marble-testingRxjs marble-testing
Rxjs marble-testing
Christoffer Noring
 
Php sql-android
Php sql-androidPhp sql-android
Php sql-android
maamir farooq
 
Accessible Ajax on Rails
Accessible Ajax on RailsAccessible Ajax on Rails
Accessible Ajax on Rails
supervillain
 

What's hot (20)

GPars For Beginners
GPars For BeginnersGPars For Beginners
GPars For Beginners
 
Config BuildConfig
Config BuildConfigConfig BuildConfig
Config BuildConfig
 
Store and Process Big Data with Hadoop and Cassandra
Store and Process Big Data with Hadoop and CassandraStore and Process Big Data with Hadoop and Cassandra
Store and Process Big Data with Hadoop and Cassandra
 
Python in the database
Python in the databasePython in the database
Python in the database
 
Graphql, REST and Apollo
Graphql, REST and ApolloGraphql, REST and Apollo
Graphql, REST and Apollo
 
exportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailboxexportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailbox
 
Deep Dive into React Hooks
Deep Dive into React HooksDeep Dive into React Hooks
Deep Dive into React Hooks
 
Component lifecycle hooks in Angular 2.0
Component lifecycle hooks in Angular 2.0Component lifecycle hooks in Angular 2.0
Component lifecycle hooks in Angular 2.0
 
Async all around us (promises)
Async all around us (promises)Async all around us (promises)
Async all around us (promises)
 
Q
QQ
Q
 
Intro to Redux | DreamLab Academy #3
Intro to Redux | DreamLab Academy #3 Intro to Redux | DreamLab Academy #3
Intro to Redux | DreamLab Academy #3
 
Talk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe ConversetTalk KVO with rac by Philippe Converset
Talk KVO with rac by Philippe Converset
 
Psycopg2 - Connect to PostgreSQL using Python Script
Psycopg2 - Connect to PostgreSQL using Python ScriptPsycopg2 - Connect to PostgreSQL using Python Script
Psycopg2 - Connect to PostgreSQL using Python Script
 
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
Building multi lingual and empatic bots - Sander van den Hoven - Codemotion A...
 
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
Grails 1.2 探検隊 -新たな聖杯をもとめて・・・-
 
Mule esb object_to_jackson_json
Mule esb object_to_jackson_jsonMule esb object_to_jackson_json
Mule esb object_to_jackson_json
 
Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4
 
Rxjs marble-testing
Rxjs marble-testingRxjs marble-testing
Rxjs marble-testing
 
Php sql-android
Php sql-androidPhp sql-android
Php sql-android
 
Accessible Ajax on Rails
Accessible Ajax on RailsAccessible Ajax on Rails
Accessible Ajax on Rails
 

Similar to VPN Access Runbook

Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the Trenches
Jonathan Wage
 
Symfony2 - from the trenches
Symfony2 - from the trenchesSymfony2 - from the trenches
Symfony2 - from the trenches
Lukas Smith
 
How to Bring Common UI Patterns to ADF
How to Bring Common UI Patterns to ADF How to Bring Common UI Patterns to ADF
How to Bring Common UI Patterns to ADF
Luc Bors
 
ASP.NET Overview - Alvin Lau
ASP.NET Overview - Alvin LauASP.NET Overview - Alvin Lau
ASP.NET Overview - Alvin Lau
Spiffy
 
How te bring common UI patterns to ADF
How te bring common UI patterns to ADFHow te bring common UI patterns to ADF
How te bring common UI patterns to ADF
Getting value from IoT, Integration and Data Analytics
 
Easy rest service using PHP reflection api
Easy rest service using PHP reflection apiEasy rest service using PHP reflection api
Easy rest service using PHP reflection api
Matthieu Aubry
 
Power shell examples_v4
Power shell examples_v4Power shell examples_v4
Power shell examples_v4
JoeDinaso
 
Bonnes pratiques de développement avec Node js
Bonnes pratiques de développement avec Node jsBonnes pratiques de développement avec Node js
Bonnes pratiques de développement avec Node js
Francois Zaninotto
 
Doctrine For Beginners
Doctrine For BeginnersDoctrine For Beginners
Doctrine For Beginners
Jonathan Wage
 
Load Testing with PHP and RedLine13
Load Testing with PHP and RedLine13Load Testing with PHP and RedLine13
Load Testing with PHP and RedLine13
Jason Lotito
 
Zend framework service
Zend framework serviceZend framework service
Zend framework service
Michelangelo van Dam
 
Zend framework service
Zend framework serviceZend framework service
Zend framework service
Michelangelo van Dam
 
Library Project
Library ProjectLibrary Project
Library Project
Holly Sanders
 
Part APurposeThis laboratory provides some experience work.docx
Part APurposeThis laboratory provides some experience work.docxPart APurposeThis laboratory provides some experience work.docx
Part APurposeThis laboratory provides some experience work.docx
dewhirstichabod
 
Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...
Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...
Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...
dantleech
 
服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript
Qiangning Hong
 
Cutting Edge Data Processing with PHP & XQuery
Cutting Edge Data Processing with PHP & XQueryCutting Edge Data Processing with PHP & XQuery
Cutting Edge Data Processing with PHP & XQuery
William Candillon
 
An Introduction to Windows PowerShell
An Introduction to Windows PowerShellAn Introduction to Windows PowerShell
An Introduction to Windows PowerShell
Dale Lane
 
I Phone On Rails
I Phone On RailsI Phone On Rails
I Phone On Rails
John Wilker
 
Mashing up JavaScript
Mashing up JavaScriptMashing up JavaScript
Mashing up JavaScript
Bastian Hofmann
 

Similar to VPN Access Runbook (20)

Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the Trenches
 
Symfony2 - from the trenches
Symfony2 - from the trenchesSymfony2 - from the trenches
Symfony2 - from the trenches
 
How to Bring Common UI Patterns to ADF
How to Bring Common UI Patterns to ADF How to Bring Common UI Patterns to ADF
How to Bring Common UI Patterns to ADF
 
ASP.NET Overview - Alvin Lau
ASP.NET Overview - Alvin LauASP.NET Overview - Alvin Lau
ASP.NET Overview - Alvin Lau
 
How te bring common UI patterns to ADF
How te bring common UI patterns to ADFHow te bring common UI patterns to ADF
How te bring common UI patterns to ADF
 
Easy rest service using PHP reflection api
Easy rest service using PHP reflection apiEasy rest service using PHP reflection api
Easy rest service using PHP reflection api
 
Power shell examples_v4
Power shell examples_v4Power shell examples_v4
Power shell examples_v4
 
Bonnes pratiques de développement avec Node js
Bonnes pratiques de développement avec Node jsBonnes pratiques de développement avec Node js
Bonnes pratiques de développement avec Node js
 
Doctrine For Beginners
Doctrine For BeginnersDoctrine For Beginners
Doctrine For Beginners
 
Load Testing with PHP and RedLine13
Load Testing with PHP and RedLine13Load Testing with PHP and RedLine13
Load Testing with PHP and RedLine13
 
Zend framework service
Zend framework serviceZend framework service
Zend framework service
 
Zend framework service
Zend framework serviceZend framework service
Zend framework service
 
Library Project
Library ProjectLibrary Project
Library Project
 
Part APurposeThis laboratory provides some experience work.docx
Part APurposeThis laboratory provides some experience work.docxPart APurposeThis laboratory provides some experience work.docx
Part APurposeThis laboratory provides some experience work.docx
 
Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...
Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...
Building and Incredible Machine with Pipelines and Generators in PHP (IPC Ber...
 
服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript
 
Cutting Edge Data Processing with PHP & XQuery
Cutting Edge Data Processing with PHP & XQueryCutting Edge Data Processing with PHP & XQuery
Cutting Edge Data Processing with PHP & XQuery
 
An Introduction to Windows PowerShell
An Introduction to Windows PowerShellAn Introduction to Windows PowerShell
An Introduction to Windows PowerShell
 
I Phone On Rails
I Phone On RailsI Phone On Rails
I Phone On Rails
 
Mashing up JavaScript
Mashing up JavaScriptMashing up JavaScript
Mashing up JavaScript
 

VPN Access Runbook

  • 1. VPN Access Runbook Title Grant User VPN Access Description User requests for VPN access from service manager portal, after concerned parties approve this request this runbbok is run to give user access to VPN. Status Not yet tested. (Should work just fine). Needed rights to make changes in Active Directory. Runbook 1. Initialize Data Part of Runbookcontrol IP,gets data fromservice portal form.Inthiscase the User ID. 2. Run .Net Script (Extracting SAM account name) Thisscriptingactivityisused incase userentersthe UPN suffix alongwithhisID.Thisscriptensuresthatonlya validuserID isused.
  • 3. 3. Run .Net Script (Grant VPNAccess) Thisis the actual work,the scriptwhichgrants userVPN accessby makingthe msnpallowdialin property true. Scriptis writteninPoweshell. Code Snippet # Set script parameters from runbook data bus and Orchestrator global variables $DataBusInput1 = "`d.T.~Ed/{160D8A4D-B838-45E3-81B5- D30C79069E7C}.SamAccountName`d.T.~Ed/" $DataBusInput2 = "Test value 2" #----------------------------------------------------------------------- ## Initialize result and trace variables # $ResultStatus provides basic success/failed indicator # $ErrorMessage captures any error text generated by script # $Trace is used to record a running log of actions $ResultStatus = "" $ErrorMessage = "" $Trace = (Get-Date).ToString() + "`t" + "Runbook activity script started" + " `r`n" # Create argument array for passing data bus inputs to the external script session $argsArray = @() $argsArray += $DataBusInput1 $argsArray += $DataBusInput2 # Establish an external session (to localhost) to ensure 64bit PowerShell runtime using the latest version of PowerShell installed on the runbook server # Use this session to perform all work to ensure latest PowerShell features and behavior available $Session = New-PSSession -ComputerName localhost # Invoke-Command used to start the script in the external session. Variables returned by script are then stored in the $ReturnArray variable $ReturnArray = Invoke-Command -Session $Session -Argumentlist $argsArray -ScriptBlock { # Define a parameter to accept each data bus input value. Recommend matching names of parameters and data bus input variables above Param( [ValidateNotNullOrEmpty()] [string]$DataBusInput1, [ValidateNotNullOrEmpty()] [string]$DataBusInput2 ) # Define function to add entry to trace log variable function AppendLog ([string]$Message) { $script:CurrentAction = $Message $script:TraceLog += ((Get-Date).ToString() + "`t" + $Message + " `r`n") }
  • 4. # Set external session trace and status variables to defaults $ResultStatus = "" $ErrorMessage = "" $script:CurrentAction = "" $script:TraceLog = "" try { # Add startup details to trace log AppendLog "Script now executing in external PowerShell version [$($PSVersionTable.PSVersion.ToString())] session in a [$([IntPtr]::Size * 8)] bit process" AppendLog "Running as user [$([Environment]::UserDomainName)$([Environment]::UserName)] on host [$($env:COMPUTERNAME)]" AppendLog "Parameter values received: DataBusInput1=[$DataBusInput1]; DataBusInput2=[$DataBusInput2]" # The actual work the script does goes here AppendLog "Doing first action" #the actual code which does the work Import-Module ActiveDirectory $myCustomVariable=GET-ADUser $DataBusInput1 -Properties msnpallowdialin | select - expand msnpallowdialin Set-ADUser $DataBusInput1 -replace @{msnpallowdialin=$true} $myCustomVariable2=GET-ADUser $DataBusInput1 -Properties msnpallowdialin | select - expand msnpallowdialin # Validate results and set return status AppendLog "Finished work, determining result" $EverythingWorked = $true if($EverythingWorked -eq $true) { $ResultStatus = "Success" } else { $ResultStatus = "Failed" } } catch { # Catch any errors thrown above here, setting the result status and recording the error message to return to the activity for data bus publishing $ResultStatus = "Failed" $ErrorMessage = $error[0].Exception.Message AppendLog "Exception caught during action [$script:CurrentAction]: $ErrorMessage" } finally { # Always do whatever is in the finally block. In this case, adding some additional detail about the outcome to the trace log for return if($ErrorMessage.Length -gt 0) {
  • 5. AppendLog "Exiting external session with result [$ResultStatus] and error message [$ErrorMessage]" } else { AppendLog "Exiting external session with result [$ResultStatus]" } } # Return an array of the results. Additional variables like "myCustomVariable" can be returned by adding them onto the array $resultArray = @() $resultArray += $ResultStatus $resultArray += $ErrorMessage $resultArray += $script:TraceLog $resultArray += $myCustomVariable $resultArray += $myCustomVariable2 return $resultArray }#End Invoke-Command # Get the values returned from script session for publishing to data bus $ResultStatus = $ReturnArray[0] $ErrorMessage = $ReturnArray[1] $Trace += $ReturnArray[2] $MyCustomVariable = $ReturnArray[3] $MyCustomVariable2 = $ReturnArray[4] # Record end of activity script process $Trace += (Get-Date).ToString() + "`t" + "Script finished" + " `r`n" # Close the external session Remove-PSSession $Session
  • 6.
  • 7. 4. GetUser Part of the active directoryIP.We are basicallyusingthistogetthe affectedusersemail addressandhismanger so that theymaybe notifiedof the decisionthatVPN accesshasbeengrantedtothe user. SelectName as“Active Directory”bypressingthe Ellipse(…) button. In the Propertiesfield“Searchroot”isacquiredbythe Optional Propertiesbutton. The Search Root fieldisfilled,byusingsubscribe variable.
  • 9. Value fieldispopulatedbyusingpublisheddata. 5. GetUser(GetManager) Thisactivityof get userisusedto fetchinformationaboutthe user’sdirectmanager.
  • 10. NowselectingFilterTab: Use “ADD” buttonand populate asfollows: How value fieldispopulated: Nowwe use publisheddataandplace data betweenthe firsttwo“invertedcommas”
  • 11. 6. Appendline Write the resultsina file: The Text AreaInclude: Before:
  • 13. After: 7. Create And Send Email (Notifyuserand Manager of VPN AccessAllowed) Part of Exchange userIP. To:
  翻译: