Page tree
Skip to end of metadata
Go to start of metadata

Status

FunctionalityStable, limited
Support statusSupportable
Support provided byEvolveum
OriginEvolveum
Target systemsBroad range of UNIX systems
Microsoft Windows Server 2019
NotesOnly scripting operations are supported

Description

Specialized connector that provides SSH scripting capabilities.

Protocol

SSH

Framework

ConnId 1.5.x

Bundle name

com.evolveum.polygon.connector.ssh

Connector name

com.evolveum.polygon.connector.ssh.SshConnector

Source codehttps://github.com/Evolveum/connector-ssh
Documentationhttps://github.com/Evolveum/connector-ssh/blob/main/README.adoc

Capabilities and Features

SchemaNO

Provisioning

NO


Live Synchronization

NO


Password

NO


Activation

NO


Paging support

NO


Native attribute namesNO


ScriptingYESCommand execution using SSH

Versions

Version

Origin

Binary

Sources

Build Date

ConnId
Framework
Bundled with midPoint

Description

1.0Evolveum

download jar

GitHub

29 Oct 20201.5.0.0None

Initial version.

Interoperability

Following servers are supported:

  • OpenSSH server on broad range of Linux distributions, reasonably recent versions.
  • Microsoft Windows Server 20019, OpenSSH server distributed by Microsoft.

The connector may work with other SSH servers as well. However, it was not tested in these environments and there are no guarantees.

Connector is supported only in Java 11 environment.

Support

This connector is working, however its functionality is still somehow limited. In addition to that, there are explicit support limitations:

  • Only some SSH servers are supported (see above)
  • Scripting capabilities implemented in this connector are supposed to be used to supplement account administration procedures: setting up the account, create home directory, archive account data on deprovisioning and so on.
  • The connector is not designed to be used to create the account themselves. E.g. it is not supposed to create or delete Microsoft Exchange accounts. Management of Exchange accounts can be quite a complex matter, requiring complicated PowerShell scripts. You can use this connector to manage Exchange accounts if you want to. However, when it comes to the content of the scripts you are on your own. You are responsible for the content of the scripts that the connector executes. Therefore if the script does not do what you think it should be doing then you have to fix it. This is not covered by support contract. If the script is not executed at all because of a bug in the connector then it is part of the support contract. But we are not responsible for the content of the scripts, we do not provide any official guidance on how those scripts should look like and what they should do. There may be some examples or hints in the documentation. But those should be considered to be examples only. We do not guarantee that they work.

Resource Examples

<resource>
    ...
    <additionalConnector>
		<name>ssh</name>
		<connectorRef>
		    <filter>
		        <q:equal>
		            <q:path>c:connectorType</q:path>
		            <q:value>com.evolveum.polygon.connector.ssh.SshConnector</q:value>
		        </q:equal>
		    </filter>
		</connectorRef>
		<connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
		    <icfc:configurationProperties xmlns:icfcps="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-ssh/com.evolveum.polygon.connector.ssh.SshConnector">
		        <icfcps:host>localhost</icfcps:host>
		        <icfcps:username>jack</icfcps:username>
		        <icfcps:password>
		            <t:clearValue>secret</t:clearValue>
		        </icfcps:password>
		        <icfcps:argumentStyle>variables-bash</icfcps:argumentStyle>
		    </icfc:configurationProperties>
		    <icfc:resultsHandlerConfiguration>
		        <icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
		        <icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
		        <icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
		    </icfc:resultsHandlerConfiguration>
		</connectorConfiguration>
	</additionalConnector>
    ...</resource>


See Also

  • No labels