Error sending PowerShell directly to ECC queue

chadlockwood · ‎08-04-2015

I am creating a UI Action for our administrators that will allow remote restart of MID server services that go down. The UI Action will only appear on the MID server form if it is down. It will identify a MID server that is running to use and will send a PowerShell command directly to the ECC queue using this code:

function start_mid_service(){
   var start_host = get_stopped_hostname();
   var payload = '<parameters><parameter name="skip_sensor" value="true"/><parameter name="script.ps1" value="get-service -name sn_mid_server -computername ' + start_host + ' | set-service -status running"/></parameters>';
   // PowerShell directly!
   var ecc = new GlideRecord("ecc_queue");
   ecc.initialize();
   ecc.agent = "mid.server." + get_running_mid(get_stopped_host_domain());
   ecc.topic = "Powershell";
   ecc.name = "Windows - PowerShell";
   ecc.queue = "output";
   ecc.state = "ready";
   ecc.source = "127.0.0.1";
   ecc.payload = payload;
   ecc.insert();

   action.setRedirectURL(current);
}


function get_stopped_hostname(){
   return g_form.getValue('host_name');
}


function get_stopped_host_domain(){
   return g_form.getValue('win_domain');
}
function get_running_mid(domain){
   var gr = new GlideRecord('ecc_agent');
   gr.addQuery('status', 'Up');
   gr.addQuery('win_domain', domain);
   gr.query();
   if(gr.next()){
   return gr.name;
   }

}

If I include <parameter name="skip_sensor" value="true" /> I receive the error string com.service_now.mid.message_handlers.ProbeHandlingException: Error parsing XML parameters and the PowerShell does not run as expected. I have tried including <?xml version="1.0" encoding="UTF-8"?> at the beginning of the payload but still receive the ProbeHandlingException error.

However, if I do not include <parameter name="skip_sensor" value="true" /> I receive the error No sensors defined but the PowerShell code works as expected and restarts the MID server service on the remote machine. I would prefer to not see the error record in the ECC queue if it is actually successful. Is there another way to get this to skip the sensor?

Regards,

Chad

nk_dubey1 · ‎08-14-2015

Hi Chris,

Thanks for response. I am trying to run below query:

powershell.exe Invoke-Command -ComputerName XXXXXX -ConfigurationName ServiceNow -ScriptBlock {Get-Command}

When I am trying to run this command using remote server, I am getting below error:

Failed to access target system. Please check credentials and firewall settings on the target system to ensure accessibility: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

While trying to run with 127.0.0.1, I am getting below error:

Invoke-Command : Cannot bind parameter 'ScriptBlock'. Cannot convert the"-encodedCommand" value of type "System.String" to type"System.Management.Automation.ScriptBlock".At line:1 char:100+ ... ame ServiceNow -ScriptBlock -encodedCommandRwBlAHQALQBTAHQAbwBwAHAAZQBkAFMAZQBy ...+ ~~~~~~~~~~~~+ CategoryInfo : InvalidArgument: (:) [Invoke-Command], ParameterBindingException+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.PowerShell.Commands.InvokeCommandCommand

I would prefer to run this on MID Server and I am able to manually execute the command from the MID Server. But not working when I am trying using Workflow( We don't have Orchestration Enabled).

Any suggestion, how can I make it run on MID Server.

Regards,

ND

killswitch1111 · ‎08-24-2015

Dubey,

So the first error is normal. That (usually) is an issue with the credentials being passed down from ServiceNow (if any) are unable to login to the remote system to execute remote powershell.

Can you take a look at the mid server logs and the Windows logs and see if the whole error comes out?

Why are you trying to run powershell.exe? You are already executing a powershell script, that might be your problem. Try just sending Invoke-Command... Essentially here, the Mid Server is already calling powershell.exe and then from your script being executed you are calling powershell.exe again.

nk_dubey1 · ‎08-24-2015

Hi Chris,

Thanks for reply.

I manage to fix the issue. To solve the issue, we have created a file with poweshell script on the MID Server (With Same script I was trying to run before)

ecc.payload = '<?xml version="1.0" encoding="UTF-8"?><parameters><parameter name="skip_sensor" value="true"/><parameter name="probe_name" value="Windows - Powershell"/><parameter name="probe" value="ca9edfec0a0a0baa011fe82922346887"/><parameter name="script.ps1" value="powershell.exe -File D:\\TFGHH\\Get-Version1245.ps1"/></parameters>';

My next requirement is to capture the output of this poweshell script and update Change form.Could you please help me with the best practice to achieve this (I am not using Orchestration and I will write all scripts in Business rule to execute Powershell command). How can I use any sensor in script to capture the output and update worknotes on Change form?

Thanks in Advance.

Regards,

N.Dubey

killswitch1111 · ‎08-24-2015

Dubey,

If you are going to do this in a business rule and it is not asynchronous, you are going to get a very poor user experience.

Also, I am still not sure why you are issuing powershell.exe, from powershell you can just call the script file.

To get the response would be to write a business rule on the ecc_queue that would wait for the response. Since you are doing it this way you would need to manually wait for the response to come back through the ECC queue. Then use the Probe api and call getProbeResponse on the ECC queue record which would give you the payload of it.

Chris

nk_dubey1 · ‎08-24-2015

Thanks Chris for reply.

Yes, I removed powershell.exe now. Client gave me the command and I was trying to execute it directly.

Do you think creating business rule will be good idea over using Sensor? Do you have any business rule example to capture the output?

Regards,

ND