Capturing output of Win32_Process

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Capturing output of Win32_Process

Martin Richter
Hi there,
 
I'm trying to execute a command on a remote Windows machine, say e.g.
 
  ipconfig /all
 
Using
 
  wsman invoke --method "create" --prop commandline='ipconfig /all' \
      [ ... authentication, host, ... ] \
      'http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/Win32_Process'
 
I seem to be able to launch a process -- at least I get a
 
    <p:create_OUTPUT xmlns:xsi="[... snip ...]">
      <p:ProcessId>5000</p:ProcessId>
      <p:ReturnValue>0</p:ReturnValue>
    </p:create_OUTPUT>
 
as result. Is it possible to get the output of the process as well?
 
Thank you very much,
Martin

 PS: I'm a bit afraid that this question is not directly related to openwsman -- it is more about WMI but I'm getting a bit desperate as I'm simply unable to find an answer. The only examples available seem to be to launch 'notepad.exe' ... which is not what my question is about as there no output is to be captured at all.

------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Openwsman-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/openwsman-devel
Reply | Threaded
Open this post in threaded view
|

Re: Capturing output of Win32_Process

Klaus Kaempf
* Martin Richter <[hidden email]> [Aug 02. 2013 11:10]:
> Hi there,
>  
> I'm trying to execute a command on a remote Windows machine, say e.g.
[...]
>  
> as result. Is it possible to get the output of the process as well?
>  
> Thank you very much,
> Martin
>
>  PS: I'm a bit afraid that this question is not directly related to openwsman -- it is more about WMI but I'm getting a bit desperate as I'm simply unable to find an answer.

Well, Openwsman implementation follows the WS-Management standard. So
you need to look at winrm to find an answer.

Microsoft documentation points to 'winrs' (windows remote shell) to
achieve this
  http://technet.microsoft.com/en-us/library/dd163506.aspx

Afaik, winrs is based on winrm. So there should be a possibility to
capture the output of a remote command.

Googling a bit found this: https://github.com/WinRb/WinRM
The example section shows how to run "ipconfig /all" and capture
stdout and stderr.


Hth,

Klaus
--
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
Maxfeldstraße 5, 90409 Nürnberg, Germany

------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Openwsman-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/openwsman-devel
Reply | Threaded
Open this post in threaded view
|

Re: Capturing output of Win32_Process

Klaus Kaempf
* Klaus Kaempf <[hidden email]> [Aug 02. 2013 11:28]:
>
> Googling a bit found this: https://github.com/WinRb/WinRM
> The example section shows how to run "ipconfig /all" and capture
> stdout and stderr.

This is working nicely actually, but it needs a fair amount of
WS-Management messages going back and forth.

You need to
- create a remote shell
- run a remote command
- receive output of the remote command
  (Winrm does not respond with clear text but Base64 encoded)
- terminate the remote shell
- delete the shell

This all requires using Microsoft-specific XML namespaces, header
options and whatnot.

It might be possible to code this against the Openwsman client API,
but certainly not(!) using the wsman cli tool.

If you're interested, I can make xml files with the raw request and
responses available.

Hth,

Klaus
--
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
Maxfeldstraße 5, 90409 Nürnberg, Germany

------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________
Openwsman-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/openwsman-devel
Reply | Threaded
Open this post in threaded view
|

Re: Capturing output of Win32_Process

Martin Richter

Hello Klaus,
 
thanks for your kind reply -- it gave me valuable hints on how to do this. I managed to start a shell on the remote machine -- so far, so good. I basically followed the steps described here:
 
4.8 Remote Shell Examples [ http://msdn.microsoft.com/en-us/library/cc251731.aspx ]
4.8.1 Create Shell [ http://msdn.microsoft.com/en-us/library/cc251739.aspx ]
4.8.2 Execute Command [ http://msdn.microsoft.com/en-us/library/cc251740.aspx ]
4.8.3 Receive Output [ http://msdn.microsoft.com/en-us/library/cc251741.aspx ]

Sending the xml mentioned in 4.8.1 worked well. But trying to continue with step 4.8.2 was not as successful. I think I might be using the wrong set of option and action on the wsman commandline. I tried this one:

wsman invoke --method ExecuteCommand \
  --username ... --password ... --hostname ... --port 5985 --auth basic \
  -J run_command.xml 'http://schemas.microsoft.com/wbem/wsman/1/windows/shell/cmd'

where `run_command.xml` contains the xml code given in 4.8.2 above (having replaced the ShellId with the Id returned by the successful invokation in step 4.8.1). This unfortunately gives a segmentation fault [1] but the debug output is also verbose enough to tell that the server responds with an Internal Server Error (500) beforehand:

< HTTP/1.1 100 Continue
< HTTP/1.1 500
< Content-Type: application/soap+xml;charset=UTF-8
< Server: Microsoft-HTTPAPI/2.0
< Date: Tue, 06 Aug 2013 06:57:50 GMT
< Content-Length: 1440
* HTTP error before end of send, stop sending
<
Aug  6 08:58:10  write_handler: recieved 1440 bytes, all = 1440

Could you please give me a hint on which action / method to use? Then I can dig down further on this.

Thank you very much,
Martin

[1] The backtrace tells that this fault happens here:
#0  0x00007f99c65ddd75 in malloc_consolidate (av=0x7f99c6917720) at malloc.c:4265
#1  0x00007f99c65df446 in malloc_consolidate (av=0x7f99c6917720) at malloc.c:4226
#2  _int_malloc (av=0x7f99c6917720, bytes=4096) at malloc.c:3543
#3  0x00007f99c65e1fc5 in __GI___libc_malloc (bytes=4096) at malloc.c:2924
#4  0x00007f99c625c68e in xmlBufferCreate__internal_alias () at ../../tree.c:6872
#5  0x00007f99c6263755 in xmlAllocOutputBufferInternal (encoder=0x1835630) at ../../xmlIO.c:2370
#6  0x00007f99c62639f1 in xmlOutputBufferCreateFile__internal_alias (file=0x7f99c6918260, encoder=<optimized out>) at ../../xmlIO.c:2765
#7  0x00007f99c6310f5c in xmlDocFormatDump__internal_alias (f=0x7f99c6918260, cur=0x1869b80, format=1) at ../../xmlsave.c:2408
#8  0x00007f99c6d49829 in xml_parser_doc_dump (f=0x7f99c6918260, doc=0x1866360) at /who_reads_this_likes_core_dumps:-P/openwsman/openwsman/src/lib/wsman-libxml2-binding.c:828
#9  0x00007f99c6d4bd2a in ws_xml_dump_node_tree (f=0x7f99c6918260, node=0x1868810) at /who_reads_this_likes_core_dumps:-P/openwsman/openwsman/src/lib/wsman-xml.c:1418
#10 0x0000000000404b53 in wsman_output (cl=0x18358b0, doc=0x1866360) at wsman.c:440
#11 0x000000000040401c in main (argc=<optimized out>, argv=<optimized out>) at wsman.c:807

------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
Openwsman-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/openwsman-devel
Reply | Threaded
Open this post in threaded view
|

Re: Capturing output of Win32_Process

Klaus Kaempf
Hi Martin,

* Martin Richter <[hidden email]> [Aug 06. 2013 09:30]:
>
> Hello Klaus,
>  
> thanks for your kind reply -- it gave me valuable hints on how to do this. I managed to start a shell on the remote machine -- so far, so good. I basically followed the steps described here:
>  
> 4.8 Remote Shell Examples [ http://msdn.microsoft.com/en-us/library/cc251731.aspx ]
> 4.8.1 Create Shell [ http://msdn.microsoft.com/en-us/library/cc251739.aspx ]
> 4.8.2 Execute Command [ http://msdn.microsoft.com/en-us/library/cc251740.aspx ]
> 4.8.3 Receive Output [ http://msdn.microsoft.com/en-us/library/cc251741.aspx ]

just to save you from further troubles:

https://github.com/Openwsman/openwsman/blob/master/bindings/ruby/tests/winrs.rb

Enjoy ;-)

>
> Sending the xml mentioned in 4.8.1 worked well. But trying to continue with step 4.8.2 was not as successful. I think I might be using the wrong set of option and action on the wsman commandline. I tried this one:
>
> wsman invoke --method ExecuteCommand \
>   --username ... --password ... --hostname ... --port 5985 --auth basic \
>   -J run_command.xml 'http://schemas.microsoft.com/wbem/wsman/1/windows/shell/cmd'
>
> where `run_command.xml` contains the xml code given in 4.8.2 above (having replaced the ShellId with the Id returned by the successful invokation in step 4.8.1). This unfortunately gives a segmentation fault [1]

The segfault is bad. Especially because it happens in libxml2 and not
Openwsman. Can you send me the run_command.xml file please ?

> but the debug output is also verbose enough to tell that the server responds with an Internal Server Error (500) beforehand:
>
> < HTTP/1.1 100 Continue
> < HTTP/1.1 500
> < Content-Type: application/soap+xml;charset=UTF-8
> < Server: Microsoft-HTTPAPI/2.0
> < Date: Tue, 06 Aug 2013 06:57:50 GMT
> < Content-Length: 1440
> * HTTP error before end of send, stop sending

When hacking winrs.rb over the weekend, I learned that WinRM is *very*
picky about the SOAP requests and usually replies with a http 500
instead of a well-formed WS-Error reply :-(


The WinRS protocol makes use of the OptionSet tag in the SOAP request
header. Openwsman did not properly support this before, I just added
it some days ago (wsmc_add_option()).

wsmancli does _not_ support this yet but it might be crucial for
successful WinRS operation.



Klaus
--
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
Maxfeldstraße 5, 90409 Nürnberg, Germany

------------------------------------------------------------------------------
Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
Openwsman-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/openwsman-devel