JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 4

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 5

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
titleUsage
Usage: operatedeploy-jociam.sh [Command] [Options] [Switches]

  Commands:
    statusget-account             --service [--controller-id
account] [--enabled] [--disabled]
    set-account     version        --service  --account [--role] [--controlleraccount-idpassword] [--agent-iddisabled] [--listforce-password-change]
    switchrename-overaccount          --service  -controller-idaccount
    restartremove-serviceaccount      --service-type
    run--service  --account
     get-account-permission  --service  -type-account
     checkset-account-licensepassword    --service  --account [--validityaccount-days]password
    get-settingsreset-account-password  --service  --account
    store-settingsenable-account          --settings
service   --account
 encrypt   disable-account          --inservice  [--infile --outfile] --cert [--java-home] [--java-lib]
 account

    get-role   decrypt             --inservice [--infile --outfilerole]
 --key [--key-password] [--java-home] [--java-lib]

  Options:
 set-role     --url=<url>           --service  --role
    rename-role       | required: JOC Cockpit URL
  --service  --user=<account> role --new-role
    remove-role             --service | required: JOC Cockpit user account --role

    get--password=<password>permission          --service  --role [--controller-id]
    set-permission          --service  --role --permission [--excluded] [--controller-id]
    rename-permission       --service  --role --permission  --new-permission [--excluded] [--controller-id]
    remove-permission       --service  --role --permission [--controller-id]

    get-folder              --service  --role [--folder] [--controller-id]
    set-folder              --service  --role  --folder [--recursive] [--controller-id]
    rename-folder           --service  --role  --folder  --new-folder [--recursive] [--controller-id]
    remove-folder           --service  --role  --folder [--controller-id]

    get-identity-service   [--service]
    set-identity-service    --service --service-type [--service-ordering] [--required] [--disabled]
                           [--authentication-scheme] [--single-factor-certificate] [--single-factor-password]
    rename-identity-service --service --new-service
    remove-identity-service --service

  Options:
    --url=<url>                        | required: JOC Cockpit URL
    --user=<account>                   | required: JOC Cockpit user account
    --password=<password>              | optional: JOC Cockpit password
    --ca-cert=<path>                   | optional: path to CA Certificate used for JOC Cockpit login
    --client-cert=<path>               | optional: path to Client Certificate used for login
    --client-key=<path>                | optional: JOC Cockpit password path to Client Key used for login
    --ca-certtimeout=<path><seconds>                   | optional: path to CA Certificate usedtimeout for JOCrequest, Cockpitdefault: login60
    --clientcontroller-certid=<path><id>               | optional: pathController toID
 Client Certificate used for login
 --account=<identifier]>     --client-key=<path>       | optional: account name
    --account-password=<password>  | optional: path to Client| Keyoptional: usedpassword for loginaccount
    --timeout=<seconds>    service=<identifier]>            | optionalrequired: timeoutidentity for request, default: 60service name
    --controllerservice-idtype=<id><identifier>        | optional: identity service type, JOC,  | optional: Controller IDLDAP, LDAP-JOC, OIDC, OIDC-JOC
    --agentservice-id=<id[,id]>ordering=<number>        | optional: identity service ordering by  | optional: Agent IDsascending number
    --new-service-type=<identifier>         | optional: service for restart such as cluster, history, dailyplan, cleanup, monitornew identity service name
    --validityauthentication-daysscheme=<number><factor>   | optional: identity service authentication scheme: SINGLE-FACTOR, TWO-FACTOR
   | optional: min. number of days for which a license should be valid, default: 60
    --settings=<json>       --role=<identifier>                | optional: role identifier
    --new-role=<identifier>            | optional: settingsnew to be stored from JSON
    --key=<path>role identifier
    --permission=<identifier>          | optional: permission identifier
    --new-permission=<identifier>      | optional: path to private key file in PEM format
new permission identifier
    --folder=<folder>        --key-password=<password>          | optional: passwordfolder forname privateassigned keya filerole
    --new-certfolder=<path><folder>              | optional: new folder name assigned a role
 | optional: path to certificate file in PEM format
 --audit-message=<string>         --in=<string>  | optional: audit log message
     --audit-time-spent=<number>           | optional: input string for encryption/decryptionaudit log time spent in minutes
    --audit-infile=<path>   link=<url>                 | optional: inputaudit file for encryption/decryptionlog link
    --log-outfiledir=<path><directory>              | optional: path to directory holding | optional: output file for encryption/decryptionthe script's log files

  Switches:
    -h | -java-home=<directory>-help                  | optional: Java Home directory for encryption/decryption, default: $JAVA_HOME| displays usage
    -v | -java-lib=<directory>-verbose                  | optional: Java library| directorydisplays forverbose encryption/decryption, default: ./liboutput, repeat to increase verbosity
    -p | -audit-message=<string>password           | optional: audit log message
    --audit-time-spent=<number>    | asks for password
    -a | optional: audit log time spent in minutes
 --account-password           --audit-link=<url> | asks for account password
    -f | --force-password-change       | optional: audit log link enforces password change on next login
    -e | -log-dir=<directory>enabled              | optional: path to directory holding the script's| logfilters files

for enabled Switches:accounts
    -hd | --helpdisabled                    | filters for disabled | displays usageaccounts or disables identity services
    -vx | --verboseexcluded                     | displays verbose output, repeat to increase verbositysets excluded permissions
    -pq | --passwordrequired                    | enforces asksuse of foridentity passwordservice
    -kr | --key-passwordrecursive                   | applies asksfolder foroperation keyto passwordsub-folders
    -l | --list--single-factor-certificate        | certificate allowed as single factor
    --single-factor-password           | listspassword versionallowed informationas insingle JSON formatfactor
    --show-logs                        | shows log output if --log-dir is used
    --make-dirs                        | creates directories if they do not exist

see https://kb.sos-berlin.com/x/lwTWCQ

Commands

  • status

    • Returns status information about JOC Cockpit, Controller instances and database indicated by a textual status and severity, for details see JS7 - Dashboard:

      JOC Cockpit StatusPropertyValue
      JOC Cockpit Cluster Statuscurrenttrue | false



      Controller StatusTextSeverity
      Controller Cluster Statuscoupled0

      		unknown3
      Controller Cluster Node Statusactive0

      		inactive1

      		unknown3
       Controller Component Statusoperational0

      		limited1

      		inoperable2

      		unknown3
      Controller Connection Statusestablished0

      		unstable1

      		unreachable2

      		unknown3



      Database StatusTextSeverity
      Database Component Statusoperational0

      		unknown3
      Database Connection Statusestablished0

      		unstable1

      		unreachable2

      		unknown3
  • version
    • Returns version information of JOC Cockpit, Controller and Agents.
      • When used without options, the JOC Cockpit version will be returned.
      • When usiedf with the --controller-id option, the version of the indicated Controller will be returned.
      • When used with the --agent-id option, the version of the indicated Agent will be returned. If a Cluster Agent is specified, then version information for included Director Agents and Subagents will be returned in JSON format.
    • When used with the --list switch, then information about included Controllers and/or Agents will be returned in JSON format.
  • switch-over
    • Shifts the active role to the Standby JOC Cockpit instance.
  • restart-service
    • Allows to restart JOC Cockpit background services. One of the following services can be specified using the --service-type option:
      • cluster, history, dailyplan, cleanup, monitor
    • JOC Cockpit background services will run based on events (cluster, history, monitor) or based on schedules configurable with JS7 - Settings (dailyplan, cleanup). To force a background service to start immediately the run-service command can be used.
  • run-service
    • Starts JOC Cockpit background services. One of the following services can be specified using the --service-type option:
      • dailyplan, cleanup
    • JOC Cockpit background services will run based on schedules configurable with JS7 - Settings (dailyplan, cleanup). The run-service command will force immediate execution of the service.
  • check-license
    • Checks which JS7 - License is available with JOC Cockpit and if it is valid for a predetermined period.
      • The Open Source License is valid for any period of time and will not expire.
      • The Commercial License can be perpetual or can be valid for a limited subscription period.
    • The --validity-days option specifies the number of days before expiration of the Commercial License. Default: 60 days.
    • Exit codes of the license check include: 
      • Exit code 0 signals a valid license for the period specified.
      • Exit code 2 signals an expired license or an inapplicable license check if the Open Source License is used.
      • Exit code 3 signals a valid license that is about to expire within the number of days specified.
  • get-settings
    • Returns JS7 - Settings in JSON format.
    • Users can modify settings using the jq utility and can update settings using the store-settings command.
  • store-settings
    • Updates JS7 - Settings in JOC Cockpit. 
    • Users can read settings using the get-settings command and can modify settings using the jq utility before updating settings.
  • encrypt
    • Allows to encrypt a value using the --in option. If used to encrypt a file then --infile and --outfile options must be specified.
    • The --cert option specifies the path to a file holding the Certificate used for encryption.
    • Encryption is performed by Java libraries that are looked up in the ./lib sub-directory of the  JS7 Unix Shell CLI. For details see JS7 - Encryption and Decryption.
  • decrypt
    • Allows to decrypt a value using the --in option. If used to decrypt a file then --infile and --outfile options must be specified.
    • The --key option specifies the path to the Private Key used for decryption. If the Private Key is protected by a password, then the --key-password option or switch must be specified.
    • Decryption is performed by Java libraries that are looked up in the ./lib sub-directory of the JS7 Unix Shell CLI.

...