18 Jul 2013

Execute adamsync from another host with Apache Syncope

Written by mdisabatino

In this short post I want to talk about my last experience on AD and Adam.

One of the main requirements was to run adamsync script remotely (from remote host) after a user has been created on Active Directory. Adamsync synchronizes objects from Active Directory Domain Services (AD) to an instance of Active Directory Lightweight Directory Services (AD LDS - ADAM).

Thanks to the CMD ConnId connector, Apache Syncope can execute different PowerShell script.

To execute AdamSync script remotely on a certain host you have to:

  1. configure a new CMD ConnId Connector instance;
  2. configure external resource;
  3. install the Java Connector Server on the host;
  4. add CMD bundle to the Connector Server bundles directory;
  5. install PSTools on the host for run adamSync remotely.

Then you must create a powershell script file (ExecAdamSync.ps1):

$password = cat c:\ConnectorServer\scripts\securestring.txt | convertto-securestring $c = New-Object Management.Automation.PSCredential 'DOMAIN\Administrator', $password $login = $c.GetNetworkCredential().domain + "\" + $c.GetNetworkCredential().username write-output $login C:\PSTools\psexec.exe \\remoteHostName -i -u $login -p $c.GetNetworkCredential().password powershell.exe c:\ConnectorServer\scripts\adamsync.PS1

After, you must configure the CMD Connector instance with the following line for all operations:

cmd /c powershell C:/ConnectorServer/scripts/adam/ExecAdamSync.ps1



« Return