2.5.21 Batch change of operation users
Function
This service template uses a CSV (Comma Separated Values) file or list information about users, created using Microsoft Excel, (called "user information files" hereafter) to perform batch operations for changing JP1 user passwords, changing OS user passwords, and making the resulting changes to the registered content in the password management information of the Windows version of JP1/Base.
Note that in a CentOS environment, only changing OS user passwords is executable.
If the JP1/AO server is in a Windows environment, use a CSV or Excel file. If the JP1/AO server is in a UNIX environment, use a CSV file.
This is effective when managing a system that has the following configuration:
- Jobs are executed using multiple agent servers in a job execution environment using JP1/AJS3.
- Automatic actions are performed and commands are executed on multiple agent servers in a monitoring environment using JP1/IM.
- Multiple JP1 users or OS users are managed in a system that uses JP1/Base for authentication.
This service template requires the following server:
- JP1 authentication server
This server is run by the JP1/Base authentication server. It manages the JP1 user information.
- Agent server
This server is where JP1/Base is installed and job execution and automatic actions are performed.
The following processes are performed for updating of the operation user information in the above system.
[OS User Password Change Process]
Extract the column containing the key value from the OS user information file, and execute the following process for all key values.
(1) Read the agent server host name, agent server logical host name, OS user name, and new password of the OS user from the row that matches the key value.
(2) Use the information that was read in step (1) to change the password of the OS user of the agent server.
(3) Use the information that was read in step (1) to update the password management information to JP1/Base of the agent server as necessary.
[JP1 User Password Change Process]
Extract the column containing the key value from the JP1 user information file, and execute the following process for all key values.
(1) Read the JP1 authentication server host name, JP1 authentication server logical host name, JP1 user name, old password of the JP1 user, and new password of the JP1 user from the row that matches the key value.
(2) Use the information that was read in step (1) to change the password of the JP1 user of the authentication server.
When OS.osUserInfoFilePath (path of OS user information file) is specified during service execution, execute the change process of the password of the OS user. When jp1base.jp1UserInfoFilePath (path of JP1 user information file) is specified, execute the change process of the password of the JP1 user. In the property where the column number is specified, specify with a value from 1 to 255 the number of the column counting from the left of the CSV file or number of the first column containing data when viewed from the left of the Excel file.
Up to 99 entries (99 rows) of user information can be entered into each user information file. Each change process is executed sequentially by a repeat component.
If reading an each user information file fails, wait for the seconds specified in the OS.fileOpenRetryInterval property, and then repeat the number of times specified in the OS.fileOpenRetryCount property to retry for reading a file. If necessary, modify the property values to adjust your system environment.
If any of the JP1/AO server, the JP1 authentication server and the agent server is Windows, the execution of this services template requires the built-in Administrator. If the built-in Administrator does not exist or is invalid on each server, execute the "Batch change of operation users(SYSTEM)" service template that executes with the system account.
Prerequisites
For the latest support information about [Required product in the System]/[Prerequisite products in the system executing the service template]/[Prerequisite product OS running in the system executing the service template], see the release notes.
[Required product in the System]
JP1/Automatic Operation 11-10 or later
[Prerequisite products in the system executing the service template]
(1) The following version of JP1/Base is running on the JP1 authentication server and the agent server:
Job Management Partner 1/Base 09-00 or later, or
JP1/Base 11-00 or later
(2) When specifying an Excel book or an Excel macro enabled book in Excel 2007 or later as the user information file, the following Microsoft program needs to be installed on the JP1/AO server.
- 2007 Office system driver, or
Microsoft Access Database Engine 2010(32bit)
[Prerequisite product OS running in the system executing the service template]
(1) Windows Server 2008 R2 Standard/Enterprise/Datacenter
(2) Windows Server 2012 Standard/Datacenter, Windows Server 2012 R2 Standard/Datacenter
(3) Windows Server 2016 Standard/Datacenter
(4) Red Hat Enterprise Linux Server 6 (32-bit x86), Red Hat Enterprise Linux Server 6 (64-bit x86_64)
(5) Red Hat Enterprise Linux Server 7 (64-bit x86_64)
(6) CentOS 6 (64-bit x86_64)
Note: Only changing OS user passwords is executable.
(7) CentOS 7 (64-bit x86_64)
Note: Only changing OS user passwords is executable.
(8) AIX V6.1, AIX V7.1
[Usage conditions of prerequisite products in the system executing the service template]
(1) If the password of the OS user is changed (in the case of Windows, if the password management information of JP1/Base is updated), always specify OS.osUserInfoFilePath, OS.osUserInfoSheetName(Excel file only), OS.osUserInfoKeyColumn, common.targetHostNameColumn, jp1base.jp1BaseLHostNameColumn, OS.osUserNameColumn, OS.osUserNewPasswordColumn, OS.osUserTypeColumn, jp1base.updatePasswordInfoColumn.
(2) To change the password of the JP1 user, always specify jp1base.jp1UserInfoFilePath, jp1base.jp1UserInfoSheetName(Excel file only), jp1base.jp1UserInfoKeyColumn, jp1base.certHostNameColumn, jp1base.certHostLHostNameColumn, jp1base.jp1UserNameColumn, jp1base.jp1UserOldPasswordColumn, jp1base.jp1UserNewPasswordColumn.
(3) If the password of the JP1 user of the logical host environment is updated when JP1/Base of the authentication server has a cluster configuration, the physical host name or logical host name is entered for the value of the column specified in jp1base.certHostNameColumn, and the logical host name is entered for the value of the column specified in jp1base.certHostLHostNameColumn. If the password of the JP1 user of the physical host environment is updated, specify a null entry for the column specified in jp1base.certHostLHostNameColumn.
(4) If the password management information of the OS user of the logical host environment is updated when JP1/Base of the agent server has a cluster configuration, use the OS user information file containing the OS user information of the execution system environment to execute the service. Set the value of the column specified in jp1base.updatePasswordInfoColumn to "TRUE" in the information of the agent server of the execution system (being operated by JP1/Base). After the service is executed once on the execution system environment, when the service is executed to an execution system environment after changing over the system, enter the values into the parameters of the system environment setting information and OS user information, make all the parameters of the JP1 user information blank, and then execute the service.
(5) If processing to change the OS user is performed, the OS user information file containing the content given below must be stored in the JP1/AO server.
- Number of columns
Set so that the number of columns counted from the reading start column of the data is 255 or less.
- Column name
- CSV file
- If column names are needed, enter them in the first row of the file. If column names are not needed, the column names do not need to be included.
- The data reading start row starts from the second row regardless of whether the first row contains the column names or not.
- Excel file
- Always include the column names. Starting from the first row or after, the initial row that contains data is treated as column names.
- Data is read starting from the row following the row containing the column names.
See (8) when specifying the column names.
- Key information
This column stores values serving as unique keys at each row of the user information file. Any content can be entered for the key information, but it is recommended that you specify short values, such as integer values starting from 1. Also, use characters other than double quotation marks (") and single quotation marks (') in the key information. The total number of bytes of all key information + the number of data rows must not exceed 1017 bytes. Any value can be specified for each row. If a value is omitted, the processing for the applicable row is not performed.
- Agent server host name
This column stores the host name of the agent server that changes the password of the OS user. A value must be specified for each row.
- Agent server JP1/Base logical host name
This column stores the JP1/Base logical host name when the agent server JP1/Base has a cluster configuration. Any value can be specified for each row. If no value is specified to this column, the agent server is processed by treating it as a physical server.
- OS user name
This column stores the OS user name whose password is changed. A value must be specified for each row.
- New password of OS user
This column stores the new password of the OS user whose password is changed. A value must be specified for each row.
- OS user type
This column stores the OS user type (domain user (domain)) or local user (local)) for the password that is changed. If the agent server is running Windows, a value must be specified for each row.
- JP1/Base password management information update requirement
Specify "True" (case-sensitive) when updating the JP1/Base password management information in the information of the content row. Any value can be specified for each row. The JP1/Base password management information is updated only when "True" is specified.
(6) If processing to change the JP1 user is performed, the JP1 user information file containing the content given below must be stored:
- Number of columns
See the explanation for the number of columns in (5).
- Column names
See the explanation for the column names in (5).
- Key information
This column stores values serving as unique keys at each row of the user information file. Any content can be entered for the key information, but the specifying of short values, such as integer values starting from 1, is recommended. Also, use characters other than double quotation marks (") and single quotations (') in the key information. The total number of bytes of all key information + the number of data rows must not exceed 1017 bytes. Any value can be specified for each row. If a value is omitted, the process for the applicable row is not performed.
- JP1 authentication server host name
This column stores the host name of the JP1 authentication server that changes the password of the JP1 user. A value must be specified for each row.
- JP1 authentication server JP1/Base logical host name
This column stores the JP1/Base logical host name when the JP1 authentication server JP1/Base has a cluster configuration. Any value can be specified for each row. If no value is specified to this column, the JP1 authentication server is processed by treating it as a physical server.
- JP1 user name
This column stores the JP1 user name whose password is changed. Specify a value for each row.
- Old password of JP1 user
This column stores the current password of the JP1 user whose password is changed. Specify a value for each row.
- New password of JP1 user
This column stores the new password of the JP1 user whose password is changed. Specify a value for each row.
(7) When this service is executed, the JP1/AO server (loopback address resolved by "localhost"), the JP1 authentication server, and the agent server must be set as agentless connection targets.
(8) Specify the content given below for the column name.
- Always specify as a character string. Do not specify numerical data.
- The following characters cannot be used in the column name:
- The following characters cannot be used at the start of the column name in the key information.
- The following characters cannot be used starting from the second character of the column name in the key information.
- The following characters cannot be used in column names other than key information.
- The specified character string can mix of single-byte and double-byte characters but no more than 64 characters can be used.
Cautions
[Notes on user information files]
- Notes when the JP1/AO server is running in a Windows environment
(1) If the agent server OS is UNIX, do not use multibyte characters for the content of the user information file.
(2) If the agent server OS is Windows, multibyte characters can be specified for an OS user name only. If specifying an OS user name, specify no more than 20 bytes.
(3) After confirming the specifications for the OS user/JP1 user whose password is to be changed, create the OS user information file and JP1 user information file. The following characters cannot be specified in the fields of the user information file:
<, >, |, ;, &, control characters (0x00 to 0x1f), double quotation marks (") except at each end, and a trailing \.
(4) If cells in the Excel file are merged, or if an error occurs in the mathematical expression, the obtained value becomes null. Also, the task is abnormally terminated if a written password is set. Remove these states from the user information file.
(5) Do not mix character string data and numerical data in the loaded columns. If this data is mixed, the values may not be obtained properly depending on the ODBC driver specifications.
(a) Numerical data refers to character strings in the following formats.
- Signed integer values (decimal format) Example: -12345
- Values with a fixed decimal point (decimal format) Example: 3.1415
- Values with a floating decimal point (decimal format) Example: 6.543E+10
(b) Character string data refers to character strings in formats other than the above numerical formats.
(6) If columns containing different mixed data types are obtained from the user information file that is read, the following corrective action must be taken:
- For Excel files, add a single quotation mark (') to the beginning of the numerical data.
- For CSV files, enclose the numerical data in double quotation marks (").
(7) If the user information file is a CSV file, enclose the IP address in double quotation marks ("). If the value is not enclosed in double quotation marks ("), it may be falsely identified as numerical data, and the value will not be obtained properly.
(8) If there are blank rows between data rows of the reading target file, the blank rows are also counted in the number of rows. Even if the number of rows containing data is 99 or less, if the number of rows counted by including blank rows in between is 100 or more, the task is abnormally terminated.
(9) If the user information file is an Excel file, the displayed value and actual obtained value might differ depending on the data type of the data contained in the cell. Take careful note if the cell contains data of the following data types:
(a) Boolean type (True/False)
Displayed value: TRUE/FALSE
Value entered in cell: TRUE/FALSE
Actual obtained value: True/False
(b) Date data
Displayed value: mm (month) dd (day)
Value entered in cell: yyyy/mm/dd
Actual obtained value: yyyy/mm/dd
(c) Time data
Displayed value: hh:mm
Value entered in cell: hh:mm:ss
Actual obtained value: hh:mm:ss
(d) Percentage
Displayed value: ~% (Example: 10%)
Value entered in cell: ~% (Example: 10%)
Actual obtained value: 0.~ (Example: 0.1)
(e) Mathematical expression
Displayed value: (Result of mathematical expression)
Value entered in cell: (Mathematical expression)
Actual obtained value: (Result of mathematical expression)
To obtain values for the data in (a), (d), or (e) exactly as they are entered in the cell, add a single quotation mark (') at the start of the entry.
If the target file being loaded is a CSV file, the values contained in the cells can be obtained without any changes.
(10) If the cells contain any of the data types in (9), make the entries so that the data excluding the column with the column names is a single data type only. If multiple data types are mixed in a single column, the obtained data may be null.
- Notes when the JP1/AO server is running in a UNIX environment
(1) If the agent server OS is UNIX, do not use multibyte characters for the content of the user information file.
(2) If the agent server OS is Windows, multibyte characters can be specified for an OS user name only. If specifying an OS user name, specify no more than 20 bytes.
(3) After confirming the specifications for the OS user/JP1 user whose password is to be changed, create the OS user information file and JP1 user information file. The following characters cannot be specified in the fields of the user information file:
<, >, |, ;, &, control characters (0x00 to 0x1f), double quotation marks (") except at each end, and a trailing \.
(4) If there are blank rows between data rows of the reading target file, the blank rows are also counted in the number of rows. Even if the number of rows containing data is 99 or less, if the number of rows counted by including blank rows in between is 100 or more, the task is abnormally terminated.
(5) Commas (,) cannot be used in data. If you attempt to use commas in data, columns cannot be separated correctly, making it impossible to acquire data.
(6) Any number of single-byte spaces or tab characters at the beginning or end of a row in a user information file are ignored.
[Other notes]
(1) If this service is executed for a UNIX environment, check beforehand that the OS user where the change will be made exists.
(2) Specify an integer value of 255 or less for the column number of the reading target file. Note that blank columns between data rows are also included in the number of columns.
Version
02.50.00
Tags
Configure JP1,Base
Property list
The following shows the list of the property groups set in the property:
Property group |
Description |
Initial display |
---|---|---|
Information on the user information file |
Specify the information of the OS user information file or JP1 user information file. |
Y |
Details of the OS user information file |
Specify the detailed information of the OS user information file. Specify all the properties when changing the OS user information. |
Y |
Details of the JP1 user information file |
Specify the detailed information of the JP1 user information file. Specify all the properties when changing the JP1 user information. |
Y |
The following shows the list of the properties to be displayed in the "Service Definition" window:
- (Legend)
-
R: The property must be specified.
O: The property can be omitted. However, the property might be mandatory depending on what is specified for other properties. See the Description of each property.
Property key |
Property name |
Description |
I/O type |
Shared |
Required |
Property group |
---|---|---|---|---|---|---|
OS.fileOpenRetryCount |
Retry count for reading a file: Windows specific |
Specifies the number of times to retry when reading an each user information file fails (only applicable to Windows). This value multiplied by the retry interval gives the maximum waiting time. If "0" is specified, a retry is not performed. |
Input |
Disabled |
R |
Information on the user information file |
OS.fileOpenRetryInterval |
Retry interval for reading a file: Windows specific |
Specifies the retry interval in seconds for when reading an each user information file fails (only applicable to Windows). |
Input |
Disabled |
R |
Information on the user information file |
The following shows the list of the properties to be displayed on the "Service Definition" window and the "Submit Service" window:
Property key |
Property name |
Description |
I/O type |
Shared |
Required |
Property group |
---|---|---|---|---|---|---|
OS.osUserInfoFilePath |
Path of the OS user information file |
Specifies the path of the file containing the OS user information stored in the JP1/AO server as a full path. One of the following file extensions is required: csv, xls, xlsx, or xlsm. |
Input |
Disabled |
O |
Information on the user information file |
OS.osUserInfoSheetName |
Sheet name of the OS user information file |
If the OS user information file is an Excel file, specify the sheet name containing the user information. |
Input |
Disabled |
O |
Information on the user information file |
OS.osUserInfoKeyColumn |
Column number of key information of the OS user information file |
Specifies the column number containing the "key information" in the OS user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the OS user information file |
common.targetHostNameColumn |
Column number of host name of agent server |
Specifies the column number containing the "Agent server host name" in the OS user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the OS user information file |
jp1base.jp1BaseLHostNameColumn |
Column number of JP1/Base logical host name of agent server |
Specifies the column number containing the "Agent server JP1/Base logical host name" in the OS user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the OS user information file |
OS.osUserNameColumn |
Column number of the OS user name |
Specifies the column number containing the "OS user name" in the OS user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the OS user information file |
OS.osUserNewPasswordColumn |
Column number of new password of the OS user |
Specifies the column number containing the "new password of the OS user" in the OS user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the OS user information file |
OS.osUserTypeColumn |
Column number of the OS user type |
Specifies the column number containing the "OS user type" in the OS user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the OS user information file |
jp1base.updatePasswordInfoColumn |
Column no. of JP1/Base psswrd mngmnt info update required column |
Specifies the column number containing the "JP1/Base password management information update requirement" in the OS user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the OS user information file |
jp1base.jp1UserInfoFilePath |
Path of JP1 user information file |
Specifies the path of the file containing the JP1 user information stored in the JP1/AO server as a full path. One of the following file extensions is required: csv, xls, xlsx, or xlsm. |
Input |
Disabled |
O |
Information on the user information file |
jp1base.jp1UserInfoSheetName |
Sheet name of JP1 user information file |
If the JP1 user information file is an Excel file, specify the sheet name containing the user information. Always specify when the JP1 user information file is an Excel file. |
Input |
Disabled |
O |
Information on the user information file |
jp1base.jp1UserInfoKeyColumn |
Column number of key information of JP1 user information file |
Specifies the column number containing the "key information" in the JP1 user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the JP1 user information file |
jp1base.certHostNameColumn |
Column number of host name of JP1 authentication server |
Specifies the column number containing the "JP1 authentication server host name" in the JP1 user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the JP1 user information file |
jp1base.certHostLHostNameColumn |
Column number of logical host name of JP1 authentication server |
Specifies the column number containing the "JP1 authentication server logical host name" in the JP1 user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the JP1 user information file |
jp1base.jp1UserNameColumn |
Column number of JP1 user name |
Specifies the column number containing the "JP1 user name" in the JP1 user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the JP1 user information file |
jp1base.jp1UserOldPasswordColumn |
Column number of old password of JP1 user |
Specifies the column number containing the "old password of the JP1 user" in the JP1 user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the JP1 user information file |
jp1base.jp1UserNewPasswordColumn |
Column number of new password of JP1 user |
Specifies the column number containing the "new password of the JP1 user" in the JP1 user information file. Specify the column number as an integer from 1 to 255. |
Input |
Disabled |
O |
Details of the JP1 user information file |
The following shows the list of the properties to be displayed in the "Task Details" window only:
Property key |
Property name |
Description |
I/O type |
Shared |
---|---|---|---|---|
common.osUserChangeResult |
Repeat task execution result (OS user password change process) |
Success (true) or failure (false) results for each task of the password change process of the OS user are separated by commas and output. |
Output |
Disabled |
common.jp1UserChangeResult |
Repeat task execution result (JP1 user password change process) |
Success (true) or failure (false) results for each task of the password change process of the JP1 user are separated by commas and output. |
Output |
Disabled |
The following shows the restrictions on inputs to the properties displayed in the "Service Definition" window:
Property key |
Characters that can be input |
---|---|
OS.fileOpenRetryCount |
Integer value in the range from 0 to 32767. |
OS.fileOpenRetryInterval |
Integer value in the range from 1 to 60. |
The following shows the restrictions on inputs to the property displayed on the "Service Definition" window and the "Submit Service" window:
Property key |
Characters that can be input |
---|---|
OS.osUserInfoFilePath |
Enter from 8 to 255 characters. Do not include the following characters: < > | ; & * ? " % [ ] ! or a trailing \ or / |
OS.osUserInfoSheetName |
Enter from 1 to 31 characters. Do not include the following characters: < > | ; : & * ? " % / \ ! ` { [ ] |
OS.osUserInfoKeyColumn |
Enter an integer value from 1 to 255. |
common.targetHostNameColumn |
Enter an integer value from 1 to 255. |
jp1base.jp1BaseLHostNameColumn |
Enter an integer value from 1 to 255. |
OS.osUserNameColumn |
Enter an integer value from 1 to 255. |
OS.osUserNewPasswordColumn |
Enter an integer value from 1 to 255. |
OS.osUserTypeColumn |
Enter an integer value from 1 to 255. |
jp1base.updatePasswordInfoColumn |
Enter an integer value from 1 to 255. |
jp1base.jp1UserInfoFilePath |
Enter from 8 to 255 characters. Do not include the following characters: < > | ; & * ? " % [ ] ! or a trailing \ or / |
jp1base.jp1UserInfoSheetName |
Enter from 1 to 31 characters. Do not include the following characters: < > | ; : & * ? " % / \ ! ` { [ ] |
jp1base.jp1UserInfoKeyColumn |
Enter an integer value from 1 to 255. |
jp1base.certHostNameColumn |
Enter an integer value from 1 to 255. |
jp1base.certHostLHostNameColumn |
Enter an integer value from 1 to 255. |
jp1base.jp1UserNameColumn |
Enter an integer value from 1 to 255. |
jp1base.jp1UserOldPasswordColumn |
Enter an integer value from 1 to 255. |
jp1base.jp1UserNewPasswordColumn |
Enter an integer value from 1 to 255. |
Flow specification details
The following table shows the detailed specification of the flow:
Hierarchy |
Display name |
Plug-in |
||
---|---|---|---|---|
Plug-in name |
Description |
Error recovery method |
||
1 |
osGetOsInfo |
Output OS type |
Outputs the OS of the JP1/AO server. |
Eliminate the cause of the error, and then re-execute the service. |
2 |
osChangePassword |
Flow Plug-in |
Changes the OS user password. |
-- |
2-3 |
Compatible Plug-in |
Determines whether the path of the OS user information file is specified. |
After removing the cause of the error, run the service again. |
|
2-4 |
Flow Plug-in |
Executes the main process that changes the OS user password. |
-- |
|
2-4-1 |
Acquisition of column data from a CSV/Excel file |
Reads the key information from the file. |
After removing the cause of the error, run the service again. |
|
2-4-2 |
Repeated Execution Plug-in |
Repeatedly changes the OS user password based on the read key information. |
After removing the cause of the error, run the service again. |
|
3 |
jp1baseChangePassword |
Flow Plug-in |
Changes the JP1 user password registered in JP1/Base. |
-- |
3-3 |
Compatible Plug-in |
Determines whether the path of the JP1 user information file is specified. |
After removing the cause of the error, run the service again. |
|
3-4 |
Flow Plug-in |
Executes the main process that changes the JP1 user password. |
After removing the cause of the error, run the service again. |
|
3-4-1 |
Acquisition of column data from a CSV/Excel file |
Reads the key information from the file. |
After removing the cause of the error, run the service again with only the JP1 user information file specified. (The processing of the OS user has ended normally.) |
|
3-4-2 |
Repeated Execution Plug-in |
Repeatedly changes the JP1 user password based on the read key information. |
After removing the cause of the error, checks with common.jp1UserChangeResult for the displayed order of "false". Execute the service using a file that contains the line with the same order of the failure (if it is the nth failure, the nth line) and the subsequent lines extracted. |