Safest Way to Invoke Remote Script Synchronously

[Will]

What is the safest way to invoke a script remotely on a Windows host
synchronously, and retrieving a return code to the caller at program
termination?

Because the target system is in a no man's land, I do not want to open up
RPC port, and God forbid with have to involve the abomination that is DCOM.
I want something extremely simple and special purpose, with good
authentication features on the program server.

What are my options? Commercial software is okay.

--
Will

 

[Roger Abell [MVP]]

"Will" <westes-usc@noemail.nospam> wrote in message
newstqdnQwFHKXkGnrbnZ2dnUVZ_gWdnZ2d@giganews.com...
> What is the safest way to invoke a script remotely on a Windows host
> synchronously, and retrieving a return code to the caller at program
> termination?
>
> Because the target system is in a no man's land, I do not want to open up
> RPC port, and God forbid with have to involve the abomination that is
> DCOM. I want something extremely simple and special purpose, with good
> authentication features on the program server.
>
> What are my options? Commercial software is okay.
>

Will

Is that a preplaced script, or ad hoc capability?
Do you have identified issues with .Net remoting ?
http://google.com/search?q=.net+remoting+authentication

Roger

 

[jwgoerlich@gmail.com]

I have used the Global Event Control Server by Vinzant. This is a
client-server scheduling application that does not use RPC or DCOM,
but rather their own protocol over TCP 2000 and 2010.

J Wolfgang Goerlich


Vinzant Software: Global ECS
http://www.vinzantsoftware.com/global_ecs.asp

On Sep 12, 2:30 am, "Will" <westes-...@noemail.nospam> wrote:
> What is the safest way to invoke a script remotely on a Windows host
> synchronously, and retrieving a return code to the caller at program
> termination?
>
> Because the target system is in a no man's land, I do not want to open up
> RPC port, and God forbid with have to involve the abomination that is DCOM.
> I want something extremely simple and special purpose, with good
> authentication features on the program server.
>
> What are my options? Commercial software is okay.
>
> --
> Will

 

[Will]

"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
news:uKDFJKR9HHA.3548@TK2MSFTNGP06.phx.gbl...
> "Will" <westes-usc@noemail.nospam> wrote in message
> newstqdnQwFHKXkGnrbnZ2dnUVZ_gWdnZ2d@giganews.com...
> > What is the safest way to invoke a script remotely on a Windows host
> > synchronously, and retrieving a return code to the caller at program
> > termination?
> >
> > Because the target system is in a no man's land, I do not want to open
up
> > RPC port, and God forbid with have to involve the abomination that is
> > DCOM. I want something extremely simple and special purpose, with good
> > authentication features on the program server.
> >
> > What are my options? Commercial software is okay.
> >
>
> Will
>
> Is that a preplaced script, or ad hoc capability?
> Do you have identified issues with .Net remoting ?
> http://google.com/search?q=.net+remoting+authentication

Hi Roger. Yes, it would be a set of two preplaced scripts on the remote
host.

I don't want RPC or DCOM ports open on an Internet exposed computer, even
with a firewall restriction on who gets to those paths.

I find the number and types of objects listed in DCOMCNFG to be utterly
incomprehensible. The number of objects, how they are used by remote
users, and how to secure them, would take an army of security experts 10
years to figure out. Forgive me but I want something stupid, simple, and
virtually impossible to defeat without substantial resources. I just don't
have the time or the resource to mess with that.

--
Will

 

[Will]

On Sep 12, 2:30 am, "Will" <westes-...@noemail.nospam> wrote:
> > What is the safest way to invoke a script remotely on a Windows host
> > synchronously, and retrieving a return code to the caller at program
> > termination?
> >
> > Because the target system is in a no man's land, I do not want to open
up
> > RPC port, and God forbid with have to involve the abomination that is
DCOM.
> > I want something extremely simple and special purpose, with good
> > authentication features on the program server.
> >
> > What are my options? Commercial software is okay.

<jwgoerlich@gmail.com> wrote in message
news:1189598738.749055.220250@g4g2000hsf.googlegroups.com...
> I have used the Global Event Control Server by Vinzant. This is a
> client-server scheduling application that does not use RPC or DCOM,
> but rather their own protocol over TCP 2000 and 2010.

I called them, but they said they have no ability for a calling program to
call a remote program synchronously and get a return code.

Their minimum license fee of $2500 is way over my budget. I would spend up
to $400 on this problem.

--
Will

 

[jwgoerlich@gmail.com]

Either I or the person at Vinzant must have misunderstood you. I
launch jobs synchronously and get results back all of the time. But
you are correct, the price is high.

I wonder if you could use something like SSH and script your jobs. I
have not tried this myself, but the following link looks promising:

http://www.cs.bham.ac.uk/~smp/projects/ssh-windows/

Regards,

J Wolfgang Goerlich

On Sep 12, 5:12 pm, "Will" <westes-...@noemail.nospam> wrote:
>
> I called them, but they said they have no ability for a calling program to
> call a remote program synchronously and get a return code.
>
> Their minimum license fee of $2500 is way over my budget. I would spend up
> to $400 on this problem.
>
> --
> Will

 

[Roger Abell [MVP]]

"Will" <westes-usc@noemail.nospam> wrote in message
news:3bydnf2NRrq4pnXbnZ2dnUVZ_qOknZ2d@giganews.com...
> "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
> news:uKDFJKR9HHA.3548@TK2MSFTNGP06.phx.gbl...
>> "Will" <westes-usc@noemail.nospam> wrote in message
>> newstqdnQwFHKXkGnrbnZ2dnUVZ_gWdnZ2d@giganews.com...
>> > What is the safest way to invoke a script remotely on a Windows host
>> > synchronously, and retrieving a return code to the caller at program
>> > termination?
>> >
>> > Because the target system is in a no man's land, I do not want to open
> up
>> > RPC port, and God forbid with have to involve the abomination that is
>> > DCOM. I want something extremely simple and special purpose, with good
>> > authentication features on the program server.
>> >
>> > What are my options? Commercial software is okay.
>> >
>>
>> Will
>>
>> Is that a preplaced script, or ad hoc capability?
>> Do you have identified issues with .Net remoting ?
>> http://google.com/search?q=.net+remoting+authentication
>
> Hi Roger. Yes, it would be a set of two preplaced scripts on the remote
> host.
>
> I don't want RPC or DCOM ports open on an Internet exposed computer, even
> with a firewall restriction on who gets to those paths.
>
> I find the number and types of objects listed in DCOMCNFG to be utterly
> incomprehensible. The number of objects, how they are used by remote
> users, and how to secure them, would take an army of security experts 10
> years to figure out. Forgive me but I want something stupid, simple, and
> virtually impossible to defeat without substantial resources. I just
> don't
> have the time or the resource to mess with that.
>

Understood from your first posting Will, but who said DCOM ?
I was speaking of a communication within SSL.

Roger

 

[Will]

"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
news:OAVn7v09HHA.5948@TK2MSFTNGP04.phx.gbl...
> "Will" <westes-usc@noemail.nospam> wrote in message
> news:3bydnf2NRrq4pnXbnZ2dnUVZ_qOknZ2d@giganews.com...
>> "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
>> news:uKDFJKR9HHA.3548@TK2MSFTNGP06.phx.gbl...
>>> "Will" <westes-usc@noemail.nospam> wrote in message
>>> newstqdnQwFHKXkGnrbnZ2dnUVZ_gWdnZ2d@giganews.com...
>>> > What is the safest way to invoke a script remotely on a Windows host
>>> > synchronously, and retrieving a return code to the caller at program
>>> > termination?
>>> >
>>> > Because the target system is in a no man's land, I do not want to open
>> up
>>> > RPC port, and God forbid with have to involve the abomination that is
>>> > DCOM. I want something extremely simple and special purpose, with good
>>> > authentication features on the program server.
>>> >
>>> > What are my options? Commercial software is okay.
>>> >
>>>
>>> Will
>>>
>>> Is that a preplaced script, or ad hoc capability?
>>> Do you have identified issues with .Net remoting ?
>>> http://google.com/search?q=.net+remoting+authentication
>>
>> Hi Roger. Yes, it would be a set of two preplaced scripts on the remote
>> host.
>>
>> I don't want RPC or DCOM ports open on an Internet exposed computer, even
>> with a firewall restriction on who gets to those paths.
>>
>> I find the number and types of objects listed in DCOMCNFG to be utterly
>> incomprehensible. The number of objects, how they are used by remote
>> users, and how to secure them, would take an army of security experts 10
>> years to figure out. Forgive me but I want something stupid, simple,
>> and
>> virtually impossible to defeat without substantial resources. I just
>> don't
>> have the time or the resource to mess with that.
>>
>
> Understood from your first posting Will, but who said DCOM ?
> I was speaking of a communication within SSL.

As long as we are willing to rewrite the scripts in .NET, I guess this
works. The scripts already exist as VBScript. Do you know if someone
has already written a command line tool and server that use this interface
but present it with a higher abstraction that would let you submit commands
to execute remotely?

--
Will

 

[Roger Abell [MVP]]

"Will" <westes-usc@noemail.nospam> wrote in message
news:sb6dnRgs-qE-snHbnZ2dnUVZ_oaonZ2d@giganews.com...
> "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
> news:OAVn7v09HHA.5948@TK2MSFTNGP04.phx.gbl...
>> "Will" <westes-usc@noemail.nospam> wrote in message
>> news:3bydnf2NRrq4pnXbnZ2dnUVZ_qOknZ2d@giganews.com...
>>> "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
>>> news:uKDFJKR9HHA.3548@TK2MSFTNGP06.phx.gbl...
>>>> "Will" <westes-usc@noemail.nospam> wrote in message
>>>> newstqdnQwFHKXkGnrbnZ2dnUVZ_gWdnZ2d@giganews.com...
>>>> > What is the safest way to invoke a script remotely on a Windows host
>>>> > synchronously, and retrieving a return code to the caller at program
>>>> > termination?
>>>> >
>>>> > Because the target system is in a no man's land, I do not want to
>>>> > open
>>> up
>>>> > RPC port, and God forbid with have to involve the abomination that is
>>>> > DCOM. I want something extremely simple and special purpose, with
>>>> > good authentication features on the program server.
>>>> >
>>>> > What are my options? Commercial software is okay.
>>>> >
>>>>
>>>> Will
>>>>
>>>> Is that a preplaced script, or ad hoc capability?
>>>> Do you have identified issues with .Net remoting ?
>>>> http://google.com/search?q=.net+remoting+authentication
>>>
>>> Hi Roger. Yes, it would be a set of two preplaced scripts on the
>>> remote
>>> host.
>>>
>>> I don't want RPC or DCOM ports open on an Internet exposed computer,
>>> even
>>> with a firewall restriction on who gets to those paths.
>>>
>>> I find the number and types of objects listed in DCOMCNFG to be utterly
>>> incomprehensible. The number of objects, how they are used by remote
>>> users, and how to secure them, would take an army of security experts 10
>>> years to figure out. Forgive me but I want something stupid, simple,
>>> and
>>> virtually impossible to defeat without substantial resources. I just
>>> don't
>>> have the time or the resource to mess with that.
>>>
>>
>> Understood from your first posting Will, but who said DCOM ?
>> I was speaking of a communication within SSL.
>
> As long as we are willing to rewrite the scripts in .NET, I guess this
> works. The scripts already exist as VBScript. Do you know if
> someone has already written a command line tool and server that use this
> interface but present it with a higher abstraction that would let you
> submit commands to execute remotely?
>
I was mostly considering the ad hoc capabilities of remoting, as you
do now with the added mention of a service I'll assume. The script
as a start is largely there, some syntax tweaks and new objects, chance
at basic design adjustment, etc.. How much do you plan to invest is at
some point the point. If only limited ad hoc & on the moment is needed a
simple service that can be authenticated by a means at your SQL server
satisfies.
You might find more in webservices by way of popular samples for
ways to trigger processing on the remote system, or of sending/receiving
work queue items to/at (at/to ?) the service. But really a language of few
action commands emitted by SQL when the service fires a proc is all you
really need (w/ authN handled).

Roger