brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aleds...@apache.org
Subject [1/2] brooklyn-library git commit: Move custom-enable-credssp.ps1 to brooklyn-server
Date Thu, 24 Mar 2016 16:30:48 GMT
Repository: brooklyn-library
Updated Branches:
  refs/heads/master be0d23240 -> 3fa4e751e


Move custom-enable-credssp.ps1 to brooklyn-server


Project: http://git-wip-us.apache.org/repos/asf/brooklyn-library/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-library/commit/b30d7c2f
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-library/tree/b30d7c2f
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-library/diff/b30d7c2f

Branch: refs/heads/master
Commit: b30d7c2f589bdb81eca58d1efa57b73eaa7aed96
Parents: be0d232
Author: Valentin Aitken <bostko@gmail.com>
Authored: Tue Mar 22 23:13:06 2016 +0200
Committer: Valentin Aitken <bostko@gmail.com>
Committed: Tue Mar 22 23:13:19 2016 +0200

----------------------------------------------------------------------
 .../database/mssql/Custom-Enable-CredSSP.ps1    | 131 -------------------
 .../brooklyn/entity/database/mssql/mssql.yaml   |   4 +-
 2 files changed, 2 insertions(+), 133 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/brooklyn-library/blob/b30d7c2f/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/Custom-Enable-CredSSP.ps1
----------------------------------------------------------------------
diff --git a/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/Custom-Enable-CredSSP.ps1
b/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/Custom-Enable-CredSSP.ps1
deleted file mode 100644
index ef2ee5c..0000000
--- a/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/Custom-Enable-CredSSP.ps1
+++ /dev/null
@@ -1,131 +0,0 @@
-#!ps1
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-# Resources:
-#  https://github.com/mwrock/boxstarter/blob/master/LICENSE.txt
-#  https://github.com/mwrock/boxstarter/blob/master/Boxstarter.Chocolatey/Enable-BoxstarterCredSSP.ps1
-
-function Custom-Enable-CredSSP {
-<#
-.SYNOPSIS
-Enables and configures CredSSP Authentication to be used in PowerShell remoting sessions
-
-.DESCRIPTION
-Enabling CredSSP allows a caller from one remote session to authenticate on other remote
-resources. This is known as credential delegation. By default, PowerShell sessions do not
-use credSSP and therefore cannot bake a "second hop" to use other remote resources that
-require their authentication token.
-
-This command will enable CredSSP and add all RemoteHostsToTrust to the CredSSP trusted
-hosts list. It will also edit the users group policy to allow Fresh Credential Delegation.
-
-.PARAMETER RemoteHostsToTrust
-A list of ComputerNames to add to the CredSSP Trusted hosts list.
-
-.OUTPUTS
-A list of the original trusted hosts on the local machine.
-
-.EXAMPLE
-Custom-Enable-CredSSP box1,box2
-
-
-#>
-    param(
-    [string[]] $RemoteHostsToTrust
-    )
-
-    # Required to be running for using CredSSP
-    winrm quickconfig -transport:http -quiet
-
-    & winrm set winrm/config/service/auth '@{CredSSP="true"}'
-    If ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE }
-
-    & winrm set winrm/config/client/auth '@{CredSSP="true"}'
-    If ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE }
-
-    $Result=@{
-        Success=$False;
-        PreviousCSSPTrustedHosts=$null;
-        PreviousFreshCredDelegationHostCount=0
-    }
-
-    Write-Host "Configuring CredSSP settings..."
-    $credssp = Get-WSManCredSSP
-
-    $ComputersToAdd = @()
-    $idxHosts=$credssp[0].IndexOf(": ")
-    if($idxHosts -gt -1){
-        $credsspEnabled=$True
-        $Result.PreviousCSSPTrustedHosts=$credssp[0].substring($idxHosts+2)
-        $hostArray=$Result.PreviousCSSPTrustedHosts.Split(",")
-        $RemoteHostsToTrust | ? { $hostArray -notcontains "wsman/$_" } | % { $ComputersToAdd
+= $_ }
-    }
-    else {
-        $ComputersToAdd = $RemoteHostsToTrust
-    }
-
-    if($ComputersToAdd.Count -gt 0){
-        try {
-            Enable-WSManCredSSP -DelegateComputer $ComputersToAdd -Role Client -Force -ErrorAction
Stop | Out-Null
-        }
-        catch {
-            Write-BoxstarterMessage "Enable-WSManCredSSP failed with: $_" -Verbose
-            return $result
-        }
-    }
-
-    $key = "HKLM:\SOFTWARE\Policies\Microsoft\Windows"
-    if (!(Test-Path "$key\CredentialsDelegation")) {
-        New-Item $key -Name CredentialsDelegation | Out-Null
-    }
-    $key = Join-Path $key "CredentialsDelegation"
-    New-ItemProperty -Path "$key" -Name "ConcatenateDefaults_AllowFresh" -Value 1 -PropertyType
Dword -Force | Out-Null
-    New-ItemProperty -Path "$key" -Name "ConcatenateDefaults_AllowFreshNTLMOnly" -Value 1
-PropertyType Dword -Force | Out-Null
-
-    $result.PreviousFreshNTLMCredDelegationHostCount = Set-CredentialDelegation $key 'AllowFreshCredentialsWhenNTLMOnly'
$RemoteHostsToTrust
-    $result.PreviousFreshCredDelegationHostCount = Set-CredentialDelegation $key 'AllowFreshCredentials'
$RemoteHostsToTrust
-
-    $Result.Success=$True
-    return $Result
-}
-
-function Set-CredentialDelegation($key, $subKey, $allowed){
-    New-ItemProperty -Path "$key" -Name $subKey -Value 1 -PropertyType Dword -Force | Out-Null
-    $policyNode = Join-Path $key $subKey
-    if (!(Test-Path $policyNode)) {
-        md $policyNode | Out-Null
-    }
-    $currentHostProps=@()
-    (Get-Item $policyNode).Property | % {
-        $currentHostProps += (Get-ItemProperty -Path $policyNode -Name $_).($_)
-    }
-    $currentLength = $currentHostProps.Length
-    $idx=$currentLength
-    $allowed | ? { $currentHostProps -notcontains "wsman/$_"} | % {
-        ++$idx
-        New-ItemProperty -Path $policyNode -Name "$idx" -Value "wsman/$_" -PropertyType String
-Force | Out-Null
-    }
-
-    return $currentLength
-}
-
-$result = Custom-Enable-CredSSP $env:COMPUTERNAME,localhost
-if (-not $result.Success) {
-  exit 1
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/brooklyn-library/blob/b30d7c2f/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/mssql.yaml
----------------------------------------------------------------------
diff --git a/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/mssql.yaml
b/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/mssql.yaml
index 321b52d..d9f2a32 100644
--- a/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/mssql.yaml
+++ b/software/database/src/main/resources/org/apache/brooklyn/entity/database/mssql/mssql.yaml
@@ -15,13 +15,13 @@ services:
 - type: org.apache.brooklyn.entity.software.base.VanillaWindowsProcess
   brooklyn.config:
     templates.install:
-      classpath://org/apache/brooklyn/entity/database/mssql/Custom-Enable-CredSSP.ps1: "C:\\Custom-Enable-CredSSP.ps1"
+      classpath://org/apache/brooklyn/software/base/custom-enable-credssp.ps1: "C:\\custom-enable-credssp.ps1"
       classpath://org/apache/brooklyn/entity/database/mssql/ConfigurationFile.ini: "C:\\ConfigurationFile.ini"
       classpath://org/apache/brooklyn/entity/database/mssql/installmssql.ps1: "C:\\installmssql.ps1"
       classpath://org/apache/brooklyn/entity/database/mssql/configuremssql.ps1: "C:\\configuremssql.ps1"
       classpath://org/apache/brooklyn/entity/database/mssql/launchmssql.bat: "C:\\launchmssql.bat"
       classpath://org/apache/brooklyn/entity/database/mssql/stopmssql.bat: "C:\\stopmssql.bat"
-    install.command: powershell -command "C:\\Custom-Enable-CredSSP.ps1" && powershell
-command "C:\\installmssql.ps1"
+    install.command: powershell -command "C:\\custom-enable-credssp.ps1" && powershell
-command "C:\\installmssql.ps1"
     customize.command: powershell -command "C:\\configuremssql.ps1"
     launch.command: "C:\\launchmssql.bat"
     stop.command: "C:\\stopmssql.bat"


Mime
View raw message