Cisco UCS Director PowerShell Agent Installation and Configuration Guide, Release 5.4

Similar documents
Cisco UCS Director API Integration and Customization Guide, Release 5.4

Host Upgrade Utility User Guide for Cisco UCS E-Series Servers and the Cisco UCS E-Series Network Compute Engine

Software Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9300 Switches)

Cisco TEO Adapter Guide for SAP Java

Cisco TEO Adapter Guide for Microsoft Windows

Cisco TEO Adapter Guide for

Cisco TEO Adapter Guide for Microsoft System Center Operations Manager 2007

Cisco Connected Mobile Experiences REST API Getting Started Guide, Release 10.2

Cisco Nexus 1000V for KVM REST API Configuration Guide, Release 5.x

Videoscape Distribution Suite Software Installation Guide

Cisco TEO Adapter Guide for SAP ABAP

Installation and Configuration Guide for Visual Voic Release 8.5

Cisco Host Upgrade Utility 1.5(1) User Guide

Cisco UCS Integrated Management Controller Faults Reference Guide

Cisco Nexus 7000 Series NX-OS Virtual Device Context Command Reference

Cisco Connected Grid Design Suite (CGDS) - Substation Workbench Designer User Guide

Cisco FindIT Plugin for Kaseya Quick Start Guide

Cisco UCS Performance Manager Release Notes

Cisco Nexus 1000V for KVM OpenStack REST API Configuration Guide, Release 5.x

Cisco Nexus 9000 Series NX-OS Virtual Machine Tracker Configuration Guide, Release 9.x

Process Automation Guide for Automation for SAP BOBJ Enterprise

Cisco UCS Director UCS Central Management Guide, Release 6.5

Application Launcher User Guide

OpenStack Group-Based Policy User Guide

Cisco UCS Virtual Interface Card Drivers for Windows Installation Guide

Cisco Unified Communications Self Care Portal User Guide, Release

Cisco UCS Director F5 BIG-IP Management Guide, Release 5.0

Cisco Terminal Services (TS) Agent Guide, Version 1.1

SAML SSO Okta Identity Provider 2

MIB Reference for Cisco UCS Standalone C-Series Servers

Release Notes for Cisco Virtualization Experience Client 2111/2211 PCoIP Firmware Release 4.0.2

Enterprise Chat and Supervisor s Guide, Release 11.5(1)

Cisco Terminal Services (TS) Agent Guide, Version 1.1

Recovery Guide for Cisco Digital Media Suite 5.4 Appliances

Cisco Nexus 7000 Series Switches Configuration Guide: The Catena Solution

Cisco Unified Contact Center Express Historical Reporting Guide, Release 10.5(1)

Cisco CIMC Firmware Update Utility User Guide

Cisco IMC Supervisor Installation Guide for VMware vsphere and Microsoft Hyper-V, Release 2.0

Cisco IMC Management Pack User Guide, Release 4.x For Microsoft System Center Operations Manager

Cisco UCS Director Public Cloud Management Guide, Release 5.0

Cisco Unified Contact Center Express Historical Reporting Guide, Release 10.6(1)

Cisco UCS Director Open Automation Troubleshooting Guide, Release 6.5

TechNote on Handling TLS Support with UCCX

Cisco Terminal Services (TS) Agent Guide, Version 1.0

NNMi Integration User Guide for CiscoWorks Network Compliance Manager 1.6

Enterprise Chat and Upgrade Guide, Release 11.6(1)

Prime Service Catalog: UCS Director Integration Best Practices Importing Advanced Catalogs

Cisco UCS PowerTool Suite Installation and Configuration Guide, Release 2.x

Cisco UCS PowerTool Suite Installation and Configuration Guide, Release 2.x

Cisco Unified Communications Self Care Portal User Guide, Release 11.5(1)

CPS UDC MoP for Session Migration, Release

Cisco UCS Performance Manager Release Notes

Cisco Nexus 9000 Series NX-OS IP Fabric for Media Solution Guide, Release 7.0(3)I4(2)

Cisco UCS Director Management Guide for Microsoft System Center Virtual Machine Manager, Release 6.5

Cisco ACI Simulator Installation Guide

Cisco UCS Central Management Pack User Guide, Release 4.x For Microsoft System Center Operations Manager

Cisco Jabber IM for iphone Frequently Asked Questions

Cisco UCS Performance Manager Release Notes

Cisco ACI with OpenStack OpFlex Architectural Overview

Cisco UCS C-Series IMC Emulator Quick Start Guide. Cisco IMC Emulator 2 Overview 2 Setting up Cisco IMC Emulator 3 Using Cisco IMC Emulator 9

Cisco UC Integration for Microsoft Lync 9.7(4) User Guide

AsyncOS 11.0 API - Getting Started Guide for Security Appliances

Cisco Meeting Management

Cisco IMC Supervisor Rack-Mount Servers Management Guide, Release 1.0

Migration and Upgrade: Frequently Asked Questions

Executing PowerShell Agent Commands

Cisco Jabber for Android 10.5 Quick Start Guide

User Guide for Accessing Cisco Unity Connection Voice Messages in an Application

IP Routing: ODR Configuration Guide, Cisco IOS Release 15M&T

Cisco UCS Performance Manager Release Notes

Tetration Cluster Cloud Deployment Guide

Executing PowerShell Agent Commands

Configure WSA to Upload Log Files to CTA System

Cisco Unified Communications Manager Device Package 8.6(2)( ) Release Notes

Cisco UCS Diagnostics User Guide for B-Series Servers, Release 1.0

Process Automation Guide for System Copy for SAP

Cisco Host Upgrade Utility 3.0 User Guide

Cisco TelePresence FindMe Cisco TMSPE version 1.2

Cisco StadiumVision Management Dashboard Monitored Services Guide

Cisco Expressway Authenticating Accounts Using LDAP

Smart Software Manager satellite Installation Guide

Release Notes for Cisco Unified Intelligence Center, Release 10.0(1)

Cisco Unified Communications Manager Device Package 10.5(1)( ) Release Notes

Configure WSA to Upload Log Files to CTA System

Cisco Proximity Desktop

Cisco Prime Network Registrar IPAM 8.3 Quick Start Guide

Method of Procedure for HNB Gateway Configuration on Redundant Serving Nodes

Cisco TEO Process Automation Guide for System Copy for SAP

Media Services Proxy Command Reference

Embedded Packet Capture Configuration Guide

Quick Start Guide for Cisco Prime Network Registrar IPAM 8.0

Enterprise Chat and Administrator s Guide to System Console, Release 11.6(1)

NetFlow Configuration Guide

CPS vdra Troubleshooting Guide, Release

Cisco Process Orchestrator REST Web Services Guide

Cisco CSPC 2.7x. Configure CSPC Appliance via CLI. Feb 2018

Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP

CiscoWorks Network Compliance Manager Horizontal Scalability User s Guide

Cisco TelePresence Management Suite 15.5

Flow Sensor and Load Balancer Integration Guide. (for Stealthwatch System v6.9.2)

Transcription:

Cisco UCS Director PowerShell Agent Installation and Configuration Guide, Release 5.4 First Published: November 05, 2015 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http:// www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) 2015 Cisco Systems, Inc. All rights reserved.

CONTENTS Preface Preface v Audience v Conventions v Related Documentation vii Documentation Feedback vii Obtaining Documentation and Submitting a Service Request vii CHAPTER 1 New and Changed Information in this Release 1 New and Changed Information for this Release 1 CHAPTER 2 Overview 3 Cisco UCS Director PowerShell Agent 3 CHAPTER 3 Installation of Cisco UCS Director PowerShell Agent 5 Prerequisites 5 Downloading Cisco UCS Director PowerShell Agent 6 Installing Cisco UCS Director PowerShell Agent 6 Updating Authentication Properties 7 Configuring the Firewall 7 Enabling WinRM and WinRS 7 CHAPTER 4 Configuring Cisco UCS Director PowerShell Agent 9 Adding PowerShell Agent to Cisco UCS Director 9 Verifying Connectivity with Cisco UCS Director 10 Troubleshooting Connectivity with Cisco UCS Director 11 Executing a Cisco UCS Director PowerShell Command on a Target Server 12 Example: Executing a PowerShell Agent Command on a Target Server 12 iii

Contents Example: Setting Up PowerShell Agent and Running a Test Task 13 iv

Preface Audience, page v Conventions, page v Related Documentation, page vii Documentation Feedback, page vii Obtaining Documentation and Submitting a Service Request, page vii Audience This guide is intended primarily for data center administrators who use Cisco UCS Director and who have responsibilities and expertise in one or more of the following: Server administration Storage administration Network administration Network security Virtualization and virtual machines Conventions Text Type Indication GUI elements GUI elements such as tab titles, area names, and field labels appear in this font. Main titles such as window, dialog box, and wizard titles appear in this font. Document titles Document titles appear in this font. TUI elements In a Text-based User Interface, text the system displays appears in this font. v

Conventions Preface Text Type System output CLI commands [ ] {x y z} [x y z] string < > [ ]!, # Indication Terminal sessions and information that the system displays appear in this font. CLI command keywords appear in this font. Variables in a CLI command appear in this font. Elements in square brackets are optional. Required alternative keywords are grouped in braces and separated by vertical bars. Optional alternative keywords are grouped in brackets and separated by vertical bars. A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks. Nonprinting characters such as passwords are in angle brackets. Default responses to system prompts are in square brackets. An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line. Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the document. Caution Means reader be careful. In this situation, you might perform an action that could result in equipment damage or loss of data. Tip Means the following information will help you solve a problem. The tips information might not be troubleshooting or even an action, but could be useful information, similar to a Timesaver. Timesaver Means the described action saves time. You can save time by performing the action described in the paragraph. vi

Preface Related Documentation Warning IMPORTANT SAFETY INSTRUCTIONS This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and be familiar with standard practices for preventing accidents. Use the statement number provided at the end of each warning to locate its translation in the translated safety warnings that accompanied this device. SAVE THESE INSTRUCTIONS Related Documentation Cisco UCS Director Documentation Roadmap For a complete list of Cisco UCS Director documentation, see the Cisco UCS Director Documentation Roadmap available at the following URL: http://www.cisco.com/en/us/docs/unified_computing/ucs/ ucs-director/doc-roadmap/b_ucsdirectordocroadmap.html. Cisco UCS Documentation Roadmaps For a complete list of all B-Series documentation, see the Cisco UCS B-Series Servers Documentation Roadmap available at the following URL: http://www.cisco.com/go/unifiedcomputing/b-series-doc. For a complete list of all C-Series documentation, see the Cisco UCS C-Series Servers Documentation Roadmap available at the following URL: http://www.cisco.com/go/unifiedcomputing/c-series-doc. Note The Cisco UCS B-Series Servers Documentation Roadmap includes links to documentation for Cisco UCS Manager and Cisco UCS Central. The Cisco UCS C-Series Servers Documentation Roadmap includes links to documentation for Cisco Integrated Management Controller. Documentation Feedback To provide technical feedback on this document, or to report an error or omission, please send your comments to ucs-director-docfeedback@cisco.com. We appreciate your feedback. Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What's New in Cisco Product Documentation. To receive new and revised Cisco technical content directly to your desktop, you can subscribe to the What's New in Cisco Product Documentation RSS feed. RSS feeds are a free service. vii

Obtaining Documentation and Submitting a Service Request Preface viii

CHAPTER 1 New and Changed Information in this Release This chapter contains the following section: New and Changed Information for this Release, page 1 New and Changed Information for this Release The following table provides an overview of the significant changes to this guide for this current release. Table 1: New and Changed Information for Release 5.4 Feature Description Where Documented Additional version support Additional version support Cisco UCS Director Compatibility Matrix has been added for this release. This support is backwards compatible. There are no changes in feature support from the previous release of Cisco UCS Director. 1

New and Changed Information for this Release New and Changed Information in this Release 2

CHAPTER 2 Overview This chapter contains the following sections: Cisco UCS Director PowerShell Agent, page 3 Cisco UCS Director PowerShell Agent Cisco UCS Director PowerShell Agent (PowerShell Agent) is a lightweight, Microsoft Windows service application that provides the ability to manage applications that expose Windows PowerShell based northbound API calls. The PowerShell Agent acts as an interfacing layer between Cisco UCS Director and applications such as Microsoft System Center Virtual Machine Manager (SCVMM), that is managed through Windows PowerShell. After you have installed and started the PowerShell Agent, you can manage it from Cisco UCS Director. Note The PowerShell Agent consumes minimum memory or CPU cycles because it relays the requests and responses back and forth between Cisco UCS Director and Microsoft SCVMM (or other PowerShell enabled applications). 3

Cisco UCS Director PowerShell Agent Overview 4

CHAPTER 3 Installation of Cisco UCS Director PowerShell Agent This chapter contains the following sections: Prerequisites, page 5 Downloading Cisco UCS Director PowerShell Agent, page 6 Installing Cisco UCS Director PowerShell Agent, page 6 Updating Authentication Properties, page 7 Configuring the Firewall, page 7 Enabling WinRM and WinRS, page 7 Prerequisites Before you install Cisco UCS Director PowerShell Agent, make sure that the following software has been installed on the machine: Supported Windows operating system Supported.NET Framework (Full Package) Supported Windows PowerShell For more information about the system requirements and supported software, see the Compatibility Matrix for Cisco UCS Director. Note Cisco UCS Director executes scripts (commandlets) on the target server via remote execution. The target server's northbound PowerShell APIs must support remote invocation. 5

Downloading Cisco UCS Director PowerShell Agent Installation of Cisco UCS Director PowerShell Agent Downloading Cisco UCS Director PowerShell Agent You download the installer for PowerShell Agent from Cisco UCS Director. Step 1 Step 2 Step 3 Step 4 Step 5 In Cisco UCS Director, choose Administration > Virtual Accounts. Choose the PowerShell Agents tab. Click the Download Installer button. Review the list of installation requirements in the Download Agent Installer dialog box and ensure that you have them available on the target computer where you plan to install Powershell Agent. Click Submit. The PSASetup.exe file is downloaded to the default download folder on the target computer. What to Do Next Install Cisco UCS Director PowerShell Agent on the target computer. Installing Cisco UCS Director PowerShell Agent Installing a newer version of the PowerShell Agent requires that you uninstall the older version first. To remove the older version of PowerShell Agent, stop the Cisco PSA Service first and then uninstall the agent. Note If you do not install the new version of PowerShell Agent for Cisco UCS Director, Release 5.4, the Execute Power Shell Task and the Execute Command options on the PowerShell Agents tab will not work correctly. Before You Begin You need system administrator privileges to complete this task. Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 If necessary, copy the PSASetup.exe that you downloaded from Cisco UCS Director to your target computer. Double-click the PSASetup.exe file. In the Preparing to Install screen, click Next. In the Ready to install the Program screen, click Install. The Installing Cisco PSA Service screen displays during the installation. When the installation is complete, the InstallShield Wizard Completed screen displays. Click Finish. The PowerShell Agent is installed to the C:\Program Files (x86)\cisco Systems\Cisco PSA Service folder. This folder is referred to as %AGENT_INSTALL_FOLDER% in the remainder of the document. On your computer, choose Start, type services.msc in the text field, and press the Enter key. 6

Installation of Cisco UCS Director PowerShell Agent Updating Authentication Properties A list of current services displays. Verify that the Cisco PSA Service is listed and is currently running. What to Do Next Configure Cisco UCS Director PowerShell Agent. Updating Authentication Properties The PowerShell Agent uses port 43891 (default) and it also uses a predefined authentication/access key to communicate with Cisco UCS Director. You can change these values, if needed, by modifying a properties file. The properties (XML) file is located in the following directory: %AGENT_INSTALL_FOLDER%/props/properties.xml. Before You Begin You should download and successfully install the Cisco UCS Director PowerShell Agent installation program. Step 1 Step 2 Step 3 Step 4 Step 5 Use a text editor to open the properties.xml file. Edit the authkey entry. Edit the serverport entry. Save the file. Note When the PowerShell Agent is added to Cisco UCS Director, the port number and access key values must match the values that are specified in the PowerShell Agent. Cisco UCS Director cannot able to communicate with the PowerShell Agent if the entries do not match (Optional) Restart the Cisco UCS Director PowerShell Agent service if you modify any of the properties in the properties.xml file. This can be done from the Services snap-in (Start > Services.msc) What to Do Next Configure your firewalls. Configuring the Firewall The PowerShell Agent listens for incoming requests on port 43891 by default. Your machine's firewall needs to be configured so as to allow incoming TCP requests on port 43891 (or any port that you choose to use). Enabling WinRM and WinRS To accept remote PowerShell commands, you must enable Windows Remote Management (WinRM) for Windows Server 2008 R2, 2012 or 2012 R2. Once you enable the WinRM, the interoperability of hardware 7

Enabling WinRM and WinRS Installation of Cisco UCS Director PowerShell Agent and operations systems is enabled to work with the Windows Remote Shell (WinRS) command-line tool on your target server and the target server hosts. Before You Begin The PowerShell Agent only executes the cmdlets and scripts on the target server in a PowerShell remote session. It requires the WinRM configuration to accept the remote session. This is a Windows PowerShell remote session requirement Step 1 On your host(s), open a command prompt, and enter winrm quickconfig. Note Configuring WinRM over HTTP or HTTPS depends on the requirements of the specific environment. HTTPS is only necessary if a secure connection is required. Instructions on configuring HTTPS communication is available at the following URL: https://blogs.technet.microsoft.com/meamcs/2012/02/24/ how-to-force-winrm-to-listen-interfaces-over-https/ The following messages appear: WinRM is not set up to allow remote access to this machine for management. The following changes must be made: Create a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine. Enable the WinRM firewall exception. Make these changes [y/n]? Step 2 Enter y. WinRM is updated for remote management, a listener is created to accept requests, and the firewall exception is enabled: Make these changes [y/n]? y WinRM has been updated for remote management. Step 3 Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine. WinRM firewall exception enabled. Verify that WinRS is enabled by entering the winrm g winrm/config command at a command prompt. Step 4 Configure the value " * " in the TrustedHosts table of WinRM by entering the winrm set winrm/config/client @{TrustedHosts="*"} command. Note Adding the value " * " to the TrustedHosts table allows all hosts to be trusted or only add specific trusted IP addresses of target servers to the table. What to Do Next Make sure that the domain account used to connect the target server belongs to the local administrator group for the target server hosts. 8

CHAPTER 4 Configuring Cisco UCS Director PowerShell Agent This chapter contains the following sections: Adding PowerShell Agent to Cisco UCS Director, page 9 Verifying Connectivity with Cisco UCS Director, page 10 Troubleshooting Connectivity with Cisco UCS Director, page 11 Executing a Cisco UCS Director PowerShell Command on a Target Server, page 12 Example: Executing a PowerShell Agent Command on a Target Server, page 12 Example: Setting Up PowerShell Agent and Running a Test Task, page 13 Adding PowerShell Agent to Cisco UCS Director After PowerShell Agent is installed and running, you must add it to Cisco UCS Director. You must set up the virtual account (for example, an SCVMM account) to use the PowerShell Agent for inventory collection and other management functions. Step 1 Step 2 On the menu bar, choose Administration > Virtual Accounts > PowerShell Agents. Click Add. In the Add Agent dialog box, complete the following fields. Name Description Agent name field The name of the PowerShell Agent. Agent Address field The IP address or FQDN (Fully Qualified Domain name) of the PowerShell Agent. 9

Verifying Connectivity with Cisco UCS Director Configuring Cisco UCS Director PowerShell Agent Name Agent Access Port field Access key field Description field Description The port assigned to the PowerShell Agent. Note The default port address is 43891. These values are pre-populated with default values. The PowerShell Agent is pre-configured to use these values and UCS Director must have matching values. These values can be changed on the Agent, but UCS Director must always use them as well. The default access key assigned to the PowerShell Agent. Note These values are prepopulated with default values. The PowerShell agent is preconfigured to use these values and Cisco UCS Director must have matching values. These values can be changed on the PowerShell Agent, but Cisco UCS Director must always use them as well. The description of the PowerShell Agent. Step 3 Click Submit. What to Do Next Verify connectivity between Cisco UCS Director and the PowerShell Agent. Verifying Connectivity with Cisco UCS Director After the PowerShell Agent is added, you can check the connectivity between Cisco UCS Director and the PowerShell Agent. Step 1 Step 2 On the menu bar, choose Administration > Virtual Accounts > PowerShell Agents. Click the Test Connect icon. Cisco UCS Director displays a success message if it can communicate with the PowerShell Agent. If Cisco UCS Director cannot communicate with the PowerShell Agent, see What to Do Next Execute the Cisco UCS Director PowerShell command on the target server. 10

Configuring Cisco UCS Director PowerShell Agent Troubleshooting Connectivity with Cisco UCS Director Troubleshooting Connectivity with Cisco UCS Director Problem You can experience a failed test connection with Cisco UCS Director. This problem can occur even though you successfully installed and configured the PowerShell Agent, and there is no issue with the network connectivity between PowerShell Agent and Cisco UCS Director. Note This problem can happen with Windows Server 2012 R2 or other versions that use advanced cipher suites for https communication. Symptom When you check the PowerShell Agent logs in the PowerShell Agent server, you will find an SSPI failed with inner exception error. See a sample error message below: 2014-08-20 14:44:16,832 [6] ERROR cuic.clientconnection[null] - Exception: A call to SSPI failed, see inner exception. 2014-08-2014:44:16,832 [6] DEBUG cuic.clientconnection[null] - Inner exception: The message received was unexpected or badly formatted. 2014-08-2014:44:16,832 [6] DEBUG cuic.clientconnection[null] - Authentication failed - closing the connection. Cause The test connection fails because of the Microsoft update, in which, new TLS cipher suites are added and cipher suite priorities are changed in Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2. See Microsoft kb article 2929281 for further information on this update. Solution To resolve the problem, you must modify the SSL cipher suite group policy setting. Follow the steps listed below: 1 At a command prompt, enter gpedit.msc to open your group policy editor. 2 Expand Computer Configuration > Administrative Templates > Network, and then click SSL Configuration Settings. 3 Under SSL Configuration Settings, click the SSL Cipher Suite Order setting. 4 In the SSL Cipher Suite Order pane, scroll to the bottom of the pane. 5 Follow the instructions labeled How to modify this setting. It is necessary to restart the computer after modifying this setting for the changes to take effect. 11

Executing a Cisco UCS Director PowerShell Command on a Target Server Configuring Cisco UCS Director PowerShell Agent Executing a Cisco UCS Director PowerShell Command on a Target Server Cisco UCS Director provides a mechanism to test connectivity to a target server through the PowerShell Agent (end-to-end connectivity). Step 1 Step 2 Step 3 On the menu bar, choose Administration > Virtual Accounts > PowerShell Agents. Click the Execute Command icon. In the Execute PowerShell Command dialog box, complete the following fields: Name Description Target Machine IP field The IP address of the target machine. User ID field Password field Domain field Commands/Script field Command Output field The unique ID assigned to the user. The assigned password. The current server domain. The field to enter your command to execute. Note Commands/scripts up to 64 kb in size are allowed. The results of the execution appear in this field. Step 4 Step 5 Click Execute. The Command Output window displays the execution results. Click Close. Example: Executing a PowerShell Agent Command on a Target Server PowerShell Agent commands can be used in a workflow orchestration in Cisco UCS Director. A workflow can use a task that executes PowerShell commands against a target server. A workflow, for example, can consist of the following Orchestrator elements: Start icon Execute PowerShell Command task icon Both Completed (Success) task and Competed (Failed)-task icons 12

Configuring Cisco UCS Director PowerShell Agent Example: Setting Up PowerShell Agent and Running a Test Task The Execute PowerShell Command, for example, could use the following inputs: PowerShell Agent Target Server's credentials (IP address, username and password, and domain) Commands or Scripts of up to 64 kb. Note Alternatively, you can provide the path to a PowerShell script on the target server (for example: C:\scripts\DoSomething.ps1) instead of providing a series of commands. The PowerShell Agent executes the script as long as it exists at the specified path on the target server. In the above example, the PowerShell command is mapped to a user input, while the rest of the inputs are pre-configured within the task itself. When you execute the workflow in Cisco UCS Director, you are prompted to enter the PowerShell Agent commands to run on a target server. Use a ";" to separate multiple commands (for example, Hostname; Get-Process). Cisco UCS Director runs the commands against the target server and displays the output as an XML string in a service request log window. Example: Setting Up PowerShell Agent and Running a Test Task The following example outlines how you can set up PowerShell Agent on a Windows server and run a test task. Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Create a Microsoft Windows Server 2008 R2 or 2012 R2 VM. Make sure that the VM has the required.net Framework and Windows PowerShell versions. Open a web browser and log on to Cisco UCS Director. From the Administration > Virtual Accounts > PowerShell Agents tab, download the PowerShell Agent and install it on the VM. In Windows Firewall, open the port that has been configured for the PowerShell Agent (the default port is 43891) or stop the firewall. Open PowerShell and run the following commands: Enable-PSRemoting -Force Set-Item WSMan:\localhost\Client\TrustedHosts -Value "*" -Force Restart-Service WinRM Set-ExecutionPolicy unrestricted -Force On the PowerShell Agent tab in Cisco UCS Director, click Execute Command option. In the Execute PowerShell Command dialog box, in addition to providing the IP address, user credentials of the VM, and the server domain, enter the following command in the Commands/Scripts field: Echo "Import-ActiveDirectory" > c:\test.ps1 Check the output for the test task on the C drive of the VM. 13

Example: Setting Up PowerShell Agent and Running a Test Task Configuring Cisco UCS Director PowerShell Agent 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback