diff --git a/powershell/Configs/DataServicesResponse.ini b/powershell/Configs/DataServicesResponse.ini deleted file mode 100644 index ba2bd5e69..000000000 --- a/powershell/Configs/DataServicesResponse.ini +++ /dev/null @@ -1,113 +0,0 @@ -### #property.CMSAUTHENTICATION.description# -cmsauthentication=secEnterprise - -### CMS administrator password -cmspassword=$bods_admin_password - -### #property.CMSUSERNAME.description# -cmsusername=Administrator - -### #property.CMSAuthMode.description# -dscmsauth=secEnterprise - -### #property.CMSEnabledSSL.description# -dscmsenablessl=0 - -### CMS administrator password -dscmspassword=$bods_admin_password - -### #property.CMSServerPort.description# -dscmsport=6400 - -### #property.CMSServerName.description# -dscmssystem=HostnameOfMasterCMSinstance - -### #property.CMSUser.description# -dscmsuser=Administrator - -### #property.DSCommonDir.description# -dscommondir=F:\BODS_COMMON_DIR\ - -### #property.DSConfigCMSSelection.description# -dsconfigcmsselection=install - -### #property.DSConfigMergeSelection.description# -dsconfigmergeselection=skip - -### #property.DSExistingDSConfigFile.description# -dsexistingdsconfigfile= - -### #property.DSInstallTypeSelection.description# -dsinstalltypeselection=Custom - -### #property.DSLocalCMS.description# -dslocalcms=true - -### #property.DSLoginInfoAccountSelection.description# -dslogininfoaccountselection=system - -### #property.DSLoginInfoThisUser.description# -dslogininfothisuser=Hostname\sso-robertsweetman - -### Installation folder for SAP products -installdir=E:\SAP BusinessObjects\ - -### #property.IsCommonDirChanged.description# -iscommondirchanged=1 - -### #property.MasterCmsName.description# -mastercmsname=HostnameOfMasterCMSinstance - -### #property.MasterCmsPort.description# -mastercmsport=6400 - -### Keycode for the product. -productkey=$data_services_product_key - -### *** property.SelectedLanguagePacks.description *** -selectedlanguagepacks=en - -### Available features -### ------------------ -### root -### DataServicesServer -### DataServicesJobServer -### DataServicesAccessServer -### DataServicesClient -### DataServicesDesigner -### DataServicesManagementConsole -### DataServicesEIMServices -### DataServicesMessageClient -### TextDataProcessingLanguages -### TextDataProcessingArabic -### TextDataProcessingBokmal -### TextDataProcessingCatalan -### TextDataProcessingChinese -### TextDataProcessingCroatian -### TextDataProcessingCzech -### TextDataProcessingDanish -### TextDataProcessingDutch -### TextDataProcessingFarsi -### TextDataProcessingFrench -### TextDataProcessingGerman -### TextDataProcessingGreek -### TextDataProcessingHebrew -### TextDataProcessingHungarian -### TextDataProcessingItalian -### TextDataProcessingJapanese -### TextDataProcessingKorean -### TextDataProcessingNynorsk -### TextDataProcessingPolish -### TextDataProcessingPortuguese -### TextDataProcessingRomanian -### TextDataProcessingRussian -### TextDataProcessingSerbian -### TextDataProcessingSlovakn -### TextDataProcessingSlovenian -### TextDataProcessingSpanish -### TextDataProcessingSwedish -### TextDataProcessingThai -### TextDataProcessingTurkish -### DataServicesDataDirect -### DataServicesDocumentation -features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataServicesDesigner,DataServicesClient,DataServicesManagementConsole,DataServicesEIMServices,DataServicesMessageClient,DataServicesDataDirect,DataServicesDocumentation diff --git a/powershell/Configs/IPSResponse.ini b/powershell/Configs/IPSResponse.ini deleted file mode 100644 index 3f1a41745..000000000 Binary files a/powershell/Configs/IPSResponse.ini and /dev/null differ diff --git a/powershell/Configs/NCR_tnsnames_PP_BODS.ora b/powershell/Configs/NCR/tnsnames_PP_BODS.ora similarity index 100% rename from powershell/Configs/NCR_tnsnames_PP_BODS.ora rename to powershell/Configs/NCR/tnsnames_PP_BODS.ora diff --git a/powershell/Configs/NCR_tnsnames_T2_BODS.ora b/powershell/Configs/NCR/tnsnames_T1_BODS.ora similarity index 100% rename from powershell/Configs/NCR_tnsnames_T2_BODS.ora rename to powershell/Configs/NCR/tnsnames_T1_BODS.ora diff --git a/powershell/Configs/NCROracle19Response.rsp b/powershell/Configs/NCROracle19Response.rsp deleted file mode 100644 index dfbd684ef..000000000 --- a/powershell/Configs/NCROracle19Response.rsp +++ /dev/null @@ -1,118 +0,0 @@ -############################################################################### -## Copyright(c) Oracle Corporation 1998,2019. All rights reserved. ## -## ## -## Specify values for the variables listed below to customize ## -## your installation. ## -## ## -## Each variable is associated with a comment. The comment ## -## can help to populate the variables with the appropriate ## -## values. ## -## ## -############################################################################### - - -#------------------------------------------------------------------------------- -# Do not change the following system generated value. -#------------------------------------------------------------------------------- -oracle.install.responseFileVersion=/oracle/install/rspfmt_clientinstall_response_schema_v19.0.0 - -#------------------------------------------------------------------------------- -# Unix group to be set for the inventory directory. -#------------------------------------------------------------------------------- -UNIX_GROUP_NAME= -#------------------------------------------------------------------------------- -# Complete path of the Oracle Home -#------------------------------------------------------------------------------- -ORACLE_HOME=C:\app\client\product\19.0.0\client_1 -#------------------------------------------------------------------------------- -# Complete path of the Oracle Base. -#------------------------------------------------------------------------------- -ORACLE_BASE=C:\app\client -#-------------------------------------------------------------------------------------------- -# Specify the Oracle Home user. -# -# Use Built-in Account or specify a Windows User Account with limited privilege to -# install and configure the Oracle Home. -# -# Set oracle.install.IsBuiltInAccount to true if you want to use BuiltIn Account. -# -# Set oracle.install.IsBuiltInAccount to false if you want to use Windows Account -# user as Oracle Home user. -#-------------------------------------------------------------------------------------------- -oracle.install.IsBuiltInAccount=true -oracle.install.OracleHomeUserName= -oracle.install.OracleHomeUserPassword= -#------------------------------------------------------------------------------ -#Name : INSTALL_TYPE -#Datatype : String -#Description: Installation type of the component. -# -# The following choices are available. The value should contain -# only one of these choices. -# - Administrator -# - Runtime -# - InstantClient -# - Custom -# -#Example : INSTALL_TYPE = Administrator -#------------------------------------------------------------------------------ -oracle.install.client.installType=Administrator - -#------------------------------------------------------------------------------- -# Name : oracle.install.client.customComponents -# Datatype : StringList -# -# This property is considered only if INSTALL_TYPE is set to "Custom" -# -# Description: List of Client Components you would like to install -# -# The following choices are available. You may specify any -# combination of these choices. The components you choose should -# be specified in the form "internal-component-name:version" -# Below is a list of components you may specify to install. -# -# oracle.sqlj:19.0.0.0.0 -- "Oracle SQLJ" -# oracle.rdbms.util:19.0.0.0.0 -- "Oracle Database Utilities" -# oracle.javavm.client:19.0.0.0.0 -- "Oracle Java Client" -# oracle.sqlplus:19.0.0.0.0 -- "SQL*Plus" -# oracle.dbjava.jdbc:19.0.0.0.0 -- "Oracle JDBC/THIN Interfaces" -# oracle.ldap.client:19.0.0.0.0 -- "Oracle Internet Directory Client" -# oracle.rdbms.oci:19.0.0.0.0 -- "Oracle Call Interface (OCI)" -# oracle.precomp:19.0.0.0.0 -- "Oracle Programmer" -# oracle.xdk:19.0.0.0.0 -- "Oracle XML Development Kit" -# oracle.network.aso:19.0.0.0.0 -- "Oracle Advanced Security" -# oracle.oraolap.mgmt:19.0.0.0.0 -- "OLAP Analytic Workspace Manager and Worksheet" -# oracle.network.client:19.0.0.0.0 -- "Oracle Net" -# oracle.network.cman:19.0.0.0.0 -- "Oracle Connection Manager" -# oracle.network.listener:19.0.0.0.0 -- "Oracle Net Listener" -# oracle.ordim.client:19.0.0.0.0 -- "Oracle Multimedia Client Option" -# oracle.odbc:19.0.0.0.0 -- "Oracle ODBC Driver" -# oracle.has.client:19.0.0.0.0 -- "Oracle Clusterware High Availability API" -# oracle.dbdev:19.0.0.0.0 -- "Oracle SQL Developer" -# oracle.rdbms.scheduler:19.0.0.0.0 -- "Oracle Scheduler Agent" -# oracle.ntoramts:19.0.0.0.0 -- "Oracle Services For Microsoft Transaction Server" -# oracle.ntoledb:19.0.0.0.0 -- "Oracle Provider for OLE DB" -# oracle.ntoledb.odp_net_2:19.0.0.0.0 -- "Oracle Data Provider for .NET" -# oracle.aspnet_2:19.0.0.0.0 -- "Oracle Providers for ASP.NET" -# -# Example : oracle.install.client.customComponents="oracle.precomp:19.0.0.0.0","oracle.oraolap.mgmt:19.0.0.0.0","oracle.rdbms.scheduler:19.0.0.0.0" -#------------------------------------------------------------------------------- -oracle.install.client.customComponents= - -#------------------------------------------------------------------------------- -# Host name to be used for by the Oracle Scheduler Agent. -# This needs to be entered in case oracle.rdbms.scheduler is selected in the -# list of custom components during custom install -# -# Example : oracle.install.client.schedulerAgentHostName = acme.domain.com -#------------------------------------------------------------------------------ -oracle.install.client.schedulerAgentHostName= - -#------------------------------------------------------------------------------ -# Port number to be used for by the Oracle Scheduler Agent. -# This needs to be entered in case oracle.rdbms.scheduler is selected in the -# list of custom components during custom install -# -# Example: oracle.install.client.schedulerAgentPortNumber = 1500 -#------------------------------------------------------------------------------ -oracle.install.client.schedulerAgentPortNumber= diff --git a/powershell/Configs/tnsnames_PP_BODS.ora b/powershell/Configs/ONR/tnsnames_PP_BODS.ora similarity index 100% rename from powershell/Configs/tnsnames_PP_BODS.ora rename to powershell/Configs/ONR/tnsnames_PP_BODS.ora diff --git a/powershell/Configs/tnsnames_T2_BODS.ora b/powershell/Configs/ONR/tnsnames_T2_BODS.ora similarity index 100% rename from powershell/Configs/tnsnames_T2_BODS.ora rename to powershell/Configs/ONR/tnsnames_T2_BODS.ora diff --git a/powershell/Configs/ONROracle19cResponse.rsp b/powershell/Configs/ONROracle19cResponse.rsp deleted file mode 100644 index edc9cd0d1..000000000 --- a/powershell/Configs/ONROracle19cResponse.rsp +++ /dev/null @@ -1,118 +0,0 @@ -############################################################################### -## Copyright(c) Oracle Corporation 1998,2019. All rights reserved. ## -## ## -## Specify values for the variables listed below to customize ## -## your installation. ## -## ## -## Each variable is associated with a comment. The comment ## -## can help to populate the variables with the appropriate ## -## values. ## -## ## -############################################################################### - - -#------------------------------------------------------------------------------- -# Do not change the following system generated value. -#------------------------------------------------------------------------------- -oracle.install.responseFileVersion=/oracle/install/rspfmt_clientinstall_response_schema_v19.0.0 - -#------------------------------------------------------------------------------- -# Unix group to be set for the inventory directory. -#------------------------------------------------------------------------------- -UNIX_GROUP_NAME= -#------------------------------------------------------------------------------- -# Complete path of the Oracle Home -#------------------------------------------------------------------------------- -ORACLE_HOME=E:\app\client\oracle\product\19.0.0\client_1 -#------------------------------------------------------------------------------- -# Complete path of the Oracle Base. -#------------------------------------------------------------------------------- -ORACLE_BASE=E:\app\client\oracle -#-------------------------------------------------------------------------------------------- -# Specify the Oracle Home user. -# -# Use Built-in Account or specify a Windows User Account with limited privilege to -# install and configure the Oracle Home. -# -# Set oracle.install.IsBuiltInAccount to true if you want to use BuiltIn Account. -# -# Set oracle.install.IsBuiltInAccount to false if you want to use Windows Account -# user as Oracle Home user. -#-------------------------------------------------------------------------------------------- -oracle.install.IsBuiltInAccount=true -oracle.install.OracleHomeUserName= -oracle.install.OracleHomeUserPassword= -#------------------------------------------------------------------------------ -#Name : INSTALL_TYPE -#Datatype : String -#Description: Installation type of the component. -# -# The following choices are available. The value should contain -# only one of these choices. -# - Administrator -# - Runtime -# - InstantClient -# - Custom -# -#Example : INSTALL_TYPE = Administrator -#------------------------------------------------------------------------------ -oracle.install.client.installType=Administrator - -#------------------------------------------------------------------------------- -# Name : oracle.install.client.customComponents -# Datatype : StringList -# -# This property is considered only if INSTALL_TYPE is set to "Custom" -# -# Description: List of Client Components you would like to install -# -# The following choices are available. You may specify any -# combination of these choices. The components you choose should -# be specified in the form "internal-component-name:version" -# Below is a list of components you may specify to install. -# -# oracle.sqlj:19.0.0.0.0 -- "Oracle SQLJ" -# oracle.rdbms.util:19.0.0.0.0 -- "Oracle Database Utilities" -# oracle.javavm.client:19.0.0.0.0 -- "Oracle Java Client" -# oracle.sqlplus:19.0.0.0.0 -- "SQL*Plus" -# oracle.dbjava.jdbc:19.0.0.0.0 -- "Oracle JDBC/THIN Interfaces" -# oracle.ldap.client:19.0.0.0.0 -- "Oracle Internet Directory Client" -# oracle.rdbms.oci:19.0.0.0.0 -- "Oracle Call Interface (OCI)" -# oracle.precomp:19.0.0.0.0 -- "Oracle Programmer" -# oracle.xdk:19.0.0.0.0 -- "Oracle XML Development Kit" -# oracle.network.aso:19.0.0.0.0 -- "Oracle Advanced Security" -# oracle.oraolap.mgmt:19.0.0.0.0 -- "OLAP Analytic Workspace Manager and Worksheet" -# oracle.network.client:19.0.0.0.0 -- "Oracle Net" -# oracle.network.cman:19.0.0.0.0 -- "Oracle Connection Manager" -# oracle.network.listener:19.0.0.0.0 -- "Oracle Net Listener" -# oracle.ordim.client:19.0.0.0.0 -- "Oracle Multimedia Client Option" -# oracle.odbc:19.0.0.0.0 -- "Oracle ODBC Driver" -# oracle.has.client:19.0.0.0.0 -- "Oracle Clusterware High Availability API" -# oracle.dbdev:19.0.0.0.0 -- "Oracle SQL Developer" -# oracle.rdbms.scheduler:19.0.0.0.0 -- "Oracle Scheduler Agent" -# oracle.ntoramts:19.0.0.0.0 -- "Oracle Services For Microsoft Transaction Server" -# oracle.ntoledb:19.0.0.0.0 -- "Oracle Provider for OLE DB" -# oracle.ntoledb.odp_net_2:19.0.0.0.0 -- "Oracle Data Provider for .NET" -# oracle.aspnet_2:19.0.0.0.0 -- "Oracle Providers for ASP.NET" -# -# Example : oracle.install.client.customComponents="oracle.precomp:19.0.0.0.0","oracle.oraolap.mgmt:19.0.0.0.0","oracle.rdbms.scheduler:19.0.0.0.0" -#------------------------------------------------------------------------------- -oracle.install.client.customComponents= - -#------------------------------------------------------------------------------- -# Host name to be used for by the Oracle Scheduler Agent. -# This needs to be entered in case oracle.rdbms.scheduler is selected in the -# list of custom components during custom install -# -# Example : oracle.install.client.schedulerAgentHostName = acme.domain.com -#------------------------------------------------------------------------------ -oracle.install.client.schedulerAgentHostName= - -#------------------------------------------------------------------------------ -# Port number to be used for by the Oracle Scheduler Agent. -# This needs to be entered in case oracle.rdbms.scheduler is selected in the -# list of custom components during custom install -# -# Example: oracle.install.client.schedulerAgentPortNumber = 1500 -#------------------------------------------------------------------------------ -oracle.install.client.schedulerAgentPortNumber= diff --git a/powershell/Scripts/UserDataScripts/NartClient.ps1 b/powershell/Scripts/UserDataScripts/NartClient.ps1 deleted file mode 100644 index 2ca7beeda..000000000 --- a/powershell/Scripts/UserDataScripts/NartClient.ps1 +++ /dev/null @@ -1,419 +0,0 @@ -$GlobalConfig = @{ - "all" = @{ - "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" - "WindowsClientS3Folder" = "hmpps/ncr-packages" - "Oracle19c64bitClientS3File" = "WINDOWS.X64_193000_client.zip" - "ORACLE_19C_HOME" = "C:\app\oracle\product\19.0.0\client_1" - "ORACLE_BASE" = "C:\app\oracle" - # "BIPWindowsClient43" = "BIPLATCLNT4303P_300-70005711.EXE" # Client tool 4.3 SP 3 - # "BIPWindowsClient42" = "5104879_1.ZIP" # Client tool 4.2 SP 9 - "BIPWindowsClient43" = "BIPLATCLNT4301P_1200-70005711.EXE" # Client tool 4.3 SP 1 Patch 12 as per Azure PDMR2W00014 - } - "nomis-combined-reporting-development" = @{ - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" - "NcrShortcuts" = @{ - } - } - "nomis-combined-reporting-test" = @{ - # "tnsorafile" = "tnsnames_T2_BODS.ora" TODO: NOT IMPLEMENTED YET - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" - "NcrShortcuts" = @{ - } - } - "nomis-combined-reporting-preproduction" = @{ - # "tnsorafile" = "tnsnames_PP_BODS.ora" TODO: NOT IMPLEMENTED YET - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" - "NcrShortcuts" = @{ - } - } - "nomis-combined-reporting-production" = @{ - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" - "NcrShortcuts" = @{ - } - } -} - -# IMPORTANT: This script installs Client Tools 4.3 SP 1 Patch 12 and the Oracle 19c client software. - -# }}} functions -function Get-Config { - $tokenParams = @{ - TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600} - Method = 'PUT' - Uri = 'http://169.254.169.254/latest/api/token' - } - $Token = Invoke-RestMethod @tokenParams - - $instanceIdParams = @{ - TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token" = $Token} - Method = 'GET' - Uri = 'http://169.254.169.254/latest/meta-data/instance-id' - } - $InstanceId = Invoke-RestMethod @instanceIdParams - - $awsParams = @( - 'ec2', - 'describe-tags', - '--filters', - "Name=resource-id,Values=$InstanceId" - ) - - $TagsRaw = & aws @awsParams - - $Tags = $TagsRaw | ConvertFrom-Json - $EnvironmentNameTag = ($Tags.Tags | Where-Object { $_.Key -eq "environment-name" }).Value - - if (-not $GlobalConfig.Contains($EnvironmentNameTag)) { - Write-Error "Unexpected environment-name tag value $EnvironmentNameTag" - } - - Return $GlobalConfig.all + $GlobalConfig[$EnvironmentNameTag] -} - -function Get-Installer { - param ( - [Parameter(Mandatory)] - [string]$Key, - - [Parameter(Mandatory)] - [string]$Destination - ) - - $s3Params = @{ - BucketName = $Config.WindowsClientS3Bucket - Key = ($Config.WindowsClientS3Folder + "/" + $Key) - File = $Destination - Verbose = $true - } - - Read-S3Object @s3Params -} - -function Get-SecretValue { - param ( - [Parameter(Mandatory)] - [string]$SecretId, - [Parameter(Mandatory)] - [string]$SecretKey - ) - - try { - $secretJson = aws secretsmanager get-secret-value --secret-id $SecretId --query SecretString --output text - - if ($null -eq $secretJson -or $secretJson -eq '') { - Write-Host "The SecretId '$SecretId' does not exist or returned no value." - return $null - } - - $secretObject = $secretJson | ConvertFrom-Json - - if (-not $secretObject.PSObject.Properties.Name -contains $SecretKey) { - Write-Host "The SecretKey '$SecretKey' does not exist in the secret." - return $null - } - - return $secretObject.$SecretKey - } - catch { - Write-Host "An error occurred while retrieving the secret: $_" - return $null - } -} - - -function Get-InstanceTags { - $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds"=3600} -Method PUT -Uri http://169.254.169.254/latest/api/token - $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token} -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id - $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" - $Tags = $TagsRaw | ConvertFrom-Json - $Tags.Tags -} - -function Clear-PendingFileRenameOperations { - $regPath = "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" - $regKey = "PendingFileRenameOperations" - - if (Get-ItemProperty -Path $regPath -Name $regKey -ErrorAction SilentlyContinue) { - try { - Remove-ItemProperty -Path $regPath -Name $regKey -Force -ErrorAction Stop - Write-Host "Successfully removed $regKey from the registry." - } - catch { - Write-Warning "Failed to remove $regKey. Error: $_" - } - } - else { - Write-Host "$regKey does not exist in the registry. No action needed." - } -} - -function Move-ModPlatformADComputer { - [CmdletBinding()] - param ( - [Parameter(Mandatory=$true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, - [Parameter(Mandatory=$true)][string]$NewOU - ) - - $ErrorActionPreference = "Stop" - - # Do nothing if host not part of domain - if (-not (Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain) { - return $false - } - - # Get the computer's objectGUID with a 5-minute timeout - $timeout = [DateTime]::Now.AddMinutes(5) - do { - $computer = Get-ADComputer -Credential $ModPlatformADCredential -Identity $env:COMPUTERNAME -ErrorAction SilentlyContinue - if ($computer -and $computer.objectGUID) { break } - Start-Sleep -Seconds 5 - } until (($computer -and $computer.objectGUID) -or ([DateTime]::Now -ge $timeout)) - - if (-not ($computer -and $computer.objectGUID)) { - Write-Error "Failed to retrieve computer objectGUID within 5 minutes." - return - } - - # Move the computer to the new OU - $computer.objectGUID | Move-ADObject -TargetPath $NewOU -Credential $ModPlatformADCredential - - # force group policy update - gpupdate /force -} - -function Test-WindowsServer2012R2 { - $osVersion = (Get-WmiObject -Class Win32_OperatingSystem).Version - return $osVersion -like "6.3*" -} - -function Install-Oracle19cClient { - param ( - [Parameter(Mandatory)] - [hashtable]$Config - ) - - # Check if Oracle 19c client is already installed - if (Test-Path $Config.ORACLE_19C_HOME) { - Write-Host "Oracle 19c client is already installed." - return - } - - $WorkingDirectory = "C:\Software" - Set-Location -Path $WorkingDirectory - - # Prepare installer - Get-Installer -Key $Config.Oracle19c64bitClientS3File -Destination (".\" + $Config.Oracle19c64bitClientS3File) - Expand-Archive (".\" + $Config.Oracle19c64bitClientS3File) -Destination ".\OracleClient" - - # Create response file for silent install - $oracleClientResponseFileContent = @" -oracle.install.responseFileVersion=/oracle/install/rspfmt_clientinstall_response_schema_v19.0.0 -ORACLE_HOME=$($Config.ORACLE_19C_HOME) -ORACLE_BASE=$($Config.ORACLE_BASE) -oracle.install.IsBuiltInAccount=true -oracle.install.client.installType=Administrator -"@ - - $oracleClientResponseFileContent | Out-File -FilePath "$WorkingDirectory\OracleClient\client\client_install.rsp" -Force -Encoding ascii - - # Install Oracle 19c client - $OracleClientInstallParams = @{ - FilePath = "$WorkingDirectory\OracleClient\client\setup.exe" - WorkingDirectory = "$WorkingDirectory\OracleClient\client" - ArgumentList = "-silent", "-noconfig", "-nowait", "-responseFile $WorkingDirectory\OracleClient\client\client_install.rsp" - Wait = $true - NoNewWindow = $true - } - - Start-Process @OracleClientInstallParams - - # Install Oracle configuration tools - $oracleConfigToolsParams = @{ - FilePath = "$WorkingDirectory\OracleClient\client\setup.exe" - WorkingDirectory = "$WorkingDirectory\OracleClient\client" - ArgumentList = "-executeConfigTools", "-silent", "-nowait", "-responseFile $WorkingDirectory\OracleClient\client\client_install.rsp" - Wait = $true - NoNewWindow = $true - } - - Start-Process @oracleConfigToolsParams - - # Set environment variable - [Environment]::SetEnvironmentVariable("ORACLE_HOME", $Config.ORACLE_19C_HOME, [System.EnvironmentVariableTarget]::Machine) -} - -function New-TnsOraFile { - param ( - [Parameter(Mandatory)] - [hashtable]$Config - ) - - $tnsOraFilePath = Join-Path $PSScriptRoot -ChildPath "..\..\Configs\$($Config.tnsorafile)" - - if (Test-Path $tnsOraFilePath) { - Write-Host "Tnsnames.ora file found at $tnsOraFilePath" - } else { - Write-Error "Tnsnames.ora file not found at $tnsOraFilePath" - exit 1 - } - - # check if ORACLE_HOME env var exists, if it does then use that. If not then set it from the Config values. - - if (-not $env:ORACLE_HOME) { - [Environment]::SetEnvironmentVariable("ORACLE_HOME", $Config.ORACLE_19C_HOME, [System.EnvironmentVariableTarget]::Machine) - $env:ORACLE_HOME = $Config.ORACLE_19C_HOME # Set in current session - } - - $tnsOraFileDestination = "$($env:ORACLE_HOME)\network\admin\tnsnames.ora" - - Copy-Item -Path $tnsOraFilePath -Destination $tnsOraFileDestination -Force - -} - -function Add-BIPWindowsClient43 { - param ( - [Parameter(Mandatory)] - [hashtable]$Config - ) - - # Check if BIP Windows Client 4.3 is already installed - $installDir = "C:\Program Files (x86)\SAP BusinessObjects" - if (Test-Path $installDir) { - Write-Host "BIP Windows Client 4.3 is already installed." - return - } - - $BIPClientTools43ResponseFileContent = @" -### Installation Directory -Installdir=C:\Program Files (x86)\SAP BusinessObjects\ -### Language Packs Selected to Install -selectedlanguagepacks=en -### Setup UI Language -setupuilanguage=en -features=WebI_Rich_Client,Business_View_Manager,Report_Conversion,Universe_Designer,QAAWS,InformationDesignTool,Translation_Manager,DataFederationAdministrationTool,biwidgets,ClientComponents,JavaSDK,WebSDK,DotNetSDK,CRJavaSDK,DevComponents,DataFed_DataAccess,HPNeoView_DataAccess,MySQL_DataAccess,GenericODBC_DataAccess,GenericOLEDB_DataAccess,GenericJDBC_DataAccess,MaxDB_DataAccess,SalesForce_DataAccess,Netezza_DataAccess,Microsoft_DataAccess,Ingres_DataAccess,Greenplum_DataAccess,IBMDB2,Informix_DataAccess,Progress_Open_Edge_DataAccess,Oracle_DataAccess,Sybase_DataAccess,TeraData_DataAccess,SAPBW_DataAccess,SAP_DataAccess,PersonalFiles_DataAccess,JavaBean_DataAccess,OpenConnectivity_DataAccess,HSQLDB_DataAccess,Derby_DataAccess,Essbase_DataAccess,PSFT_DataAccess,JDE_DataAccess,Siebel_DataAccess,EBS_DataAccess,DataAccess -"@ - - Set-Location -Path $WorkingDirectory - - Get-Installer -Key $Config.BIPWindowsClient43 -Destination (".\" + $Config.BIPWindowsClient43) - - $BIPClientTools43ResponseFileContent | Out-File -FilePath "$WorkingDirectory\bip43_response.ini" -Force -Encoding ascii - - choco install winrar -y - - New-Item -ItemType Directory -Path "$WorkingDirectory\BIP43" -Force - - Clear-PendingFileRenameOperations - - # Extract the BIP 4.3 self-extracting archive using WinRAR's UnRAR command line tool - Start-Process -FilePath "C:\Program Files\WinRAR\UnRAR.exe" -ArgumentList "/wait x -o+ $WorkingDirectory\$($Config.BIPWindowsClient43) $WorkingDirectory\BIP43" -Wait -NoNewWindow - - $BIPClientTools43Params = @{ - FilePath = "$WorkingDirectory\BIP43\setup.exe" - ArgumentList = "/wait","-r $WorkingDirectory\bip43_response.ini" - Wait = $true - NoNewWindow = $true - } - - Start-Process @BIPClientTools43Params - - # Set up shortcuts for 4.3 client tools - $BIP43Path = "C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win64_x64\" - - # List is incomplete, add more executables as needed - $executables = @( - @{ - "Name" = "Designer" - "Exe" = "designer.exe" - }, - @{ - "Name" = "Information Design Tool" - "Exe" = "InformationDesignTool.exe" - } - ) - - # Path to all users' desktop - $AllUsersDesktop = [Environment]::GetFolderPath('CommonDesktopDirectory') - - # Create folders on all users' desktop - $Client43Folder = Join-Path -Path $AllUsersDesktop -ChildPath "4.3 Client Tools" - - New-Item -ItemType Directory -Path $Client43Folder -Force - - # Create shortcuts for each executable if the target exists - $WScriptShell = New-Object -ComObject WScript.Shell - - foreach ($executable in $executables) { - - # Shortcuts for 4.3 Client - $TargetPath43 = Join-Path -Path $BIP43Path -ChildPath $executable.Exe - if (Test-Path $TargetPath43) { - $ShortcutPath43 = Join-Path -Path $Client43Folder -ChildPath ($executable.Name + ".lnk") - $Shortcut43 = $WScriptShell.CreateShortcut($ShortcutPath43) - $Shortcut43.TargetPath = $TargetPath43 - $Shortcut43.IconLocation = $TargetPath43 - $Shortcut43.Save() - } else { - Write-Host "Executable not found: $TargetPath43" - } - } -} -# }}} end of functions - -# {{{ Prep the server for installation -$ErrorActionPreference = "Stop" -# Set the registry key to prefer IPv4 over IPv6 -Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" -Name "DisabledComponents" -Value 0x20 -Type DWord - -# Output a message to confirm the change -Write-Host "Registry updated to prefer IPv4 over IPv6. A system restart is required for changes to take effect." - -# Turn off the firewall as this will possibly interfere with Sia Node creation -Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False - -# Set local time zone to UK although this should now be set by Group Policy objects -Set-TimeZone -Name "GMT Standard Time" - -# }}} complete - add prerequisites to server - -$Config = Get-Config -$Tags = Get-InstanceTags - -$WorkingDirectory = "C:\Software" -$AppDirectory = "C:\App" - -$ModulesRepo = Join-Path $PSScriptRoot '..\..\Modules' - -# {{{ join domain if domain-name tag is set -# Join domain and reboot is needed before installers run -# Add $ModulesRepo to the PSModulePath in Server 2012 R2 here otherwise it can't find it -$env:PSModulePath = "$ModulesRepo;$env:PSModulePath" - -$ErrorActionPreference = "Continue" -Import-Module ModPlatformAD -Force -$ADConfig = Get-ModPlatformADConfig -if ($null -ne $ADConfig) { - $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig - if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { - # Get the AD Admin credentials - $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig - # Move the computer to the correct OU - Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) - Exit 3010 # triggers reboot if running from SSM Doc - } -} else { - Write-Output "No domain-name tag found so apply Local Group Policy" - . .\LocalGroupPolicy.ps1 -} -# }}} end of join domain - -$ErrorActionPreference = "Stop" - -New-Item -ItemType Directory -Path $WorkingDirectory -Force -New-Item -ItemType Directory -Path $AppDirectory -Force - -Install-Oracle19cClient -Config $Config -# New-TnsOraFile -Config $Config TODO: NOT IMPLEMENTED YET -Add-BIPWindowsClient43 -Config $Config diff --git a/powershell/Scripts/UserDataScripts/NcrBods.ps1 b/powershell/Scripts/UserDataScripts/NcrBods.ps1 index 9889b6b95..d855daec1 100644 --- a/powershell/Scripts/UserDataScripts/NcrBods.ps1 +++ b/powershell/Scripts/UserDataScripts/NcrBods.ps1 @@ -1,17 +1,17 @@ $GlobalConfig = @{ "all" = @{ - "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" - "WindowsClientS3Folder" = "hmpps/ncr" + "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" + "WindowsClientS3Folder" = "hmpps/ncr" "Oracle19c64bitClientS3File" = "WINDOWS.X64_193000_client.zip" - "ORACLE_19C_HOME" = "E:\app\oracle\product\19.0.0\client_1" - "ORACLE_BASE" = "E:\app\oracle" - "IPSS3File" = "51054521.ZIP" # Information Platform Services 4.2 SP8 Patch 1 - "DataServicesS3File" = "51054517_4.ZIP" # Data Services 4.2 SP 14 as per Azure machines for NCR BODS - "LINK_DIR" = "E:\SAP BusinessObjects\Data Services" - "BIP_INSTALL_DIR" = "E:\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0" - "RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon" - "LegalNoticeCaption" = "IMPORTANT" - "LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information" + "ORACLE_19C_HOME" = "E:\app\oracle\product\19.0.0\client_1" + "ORACLE_BASE" = "E:\app\oracle" + "IPSS3File" = "51054521.ZIP" # Information Platform Services 4.2 SP8 Patch 1 + "DataServicesS3File" = "51054517_4.ZIP" # Data Services 4.2 SP 14 as per Azure machines for NCR BODS + "LINK_DIR" = "E:\SAP BusinessObjects\Data Services" + "BIP_INSTALL_DIR" = "E:\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0" + "RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon" + "LegalNoticeCaption" = "IMPORTANT" + "LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information" } "nomis-combined-reporting-development" = @{ @@ -19,33 +19,33 @@ $GlobalConfig = @{ "nomis-combined-reporting-test" = @{ # "sysDbName" = "" # "audDbName" = "" - "tnsorafile" = "NCR_tnsnames_T1_BODS.ora" - "cmsPrimaryNode" = "t1-ncr-bods-1" + "tnsorafile" = "NCR\tnsnames_T1_BODS.ora" + "cmsPrimaryNode" = "t1-ncr-bods-1" # "cmsPrimaryNode" = "t1-tst-bods-asg" # Use this value when testing # "cmsSecondaryNode" = "t1-ncr-bods-2" # "cmsPrimaryNodeHostname" = "" ADD MANUALLY AFTER cmsPrimaryNode DEPLOYED - "serviceUser" = "svc_nart" - "serviceUserPath" = "OU=Service,OU=Users,OU=NOMS RBAC,DC=AZURE,DC=NOMS,DC=ROOT" - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" + "serviceUser" = "svc_nart" + "serviceUserPath" = "OU=Service,OU=Users,OU=NOMS RBAC,DC=AZURE,DC=NOMS,DC=ROOT" + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" "serviceUserDescription" = "NART service user for AWS in AZURE domain" - "domain" = "AZURE" + "domain" = "AZURE" } "nomis-combined-reporting-preproduction" = @{ # "sysDbName" = "" # "audDbName" = "" - "tnsorafile" = "NCR_tnsnames_PP_BODS.ora" - "cmsPrimaryNode" = "pp-ncr-bods-1" + "tnsorafile" = "NCR\tnsnames_PP_BODS.ora" + "cmsPrimaryNode" = "pp-ncr-bods-1" # "cmsSecondaryNode" = "pp-ncr-bods-2" # "cmsPrimaryNodeHostname" = "" ADD MANUALLY AFTER cmsPrimaryNode DEPLOYED - "serviceUser" = "svc_nart" - "serviceUserPath" = "OU=SERVICE_ACCOUNTS,OU=RBAC,DC=AZURE,DC=HMPP,DC=ROOT" - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" + "serviceUser" = "svc_nart" + "serviceUserPath" = "OU=SERVICE_ACCOUNTS,OU=RBAC,DC=AZURE,DC=HMPP,DC=ROOT" + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" "serviceUserDescription" = "NART service user for AWS in HMPP domain" - "domain" = "HMPP" + "domain" = "HMPP" } "nomis-combined-reporting-production" = @{ "domain" = "HMPP" - } + } } # {{{ functions @@ -71,12 +71,12 @@ function Test-DbCredentials { # Define an array of database configurations $dbConfigs = @( @{ - Name = "$($Config.sysDbName)" + Name = "$($Config.sysDbName)" Username = "bods_ips_system_owner" Password = $bods_ips_system_owner }, @{ - Name = "$($Config.audDbName)" + Name = "$($Config.audDbName)" Username = "bods_ips_audit_owner" Password = $bods_ips_audit_owner } @@ -100,7 +100,7 @@ function Test-DbCredentials { function Get-Config { $tokenParams = @{ TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600} + Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } Method = 'PUT' Uri = 'http://169.254.169.254/latest/api/token' } @@ -108,7 +108,7 @@ function Get-Config { $instanceIdParams = @{ TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token" = $Token} + Headers = @{"X-aws-ec2-metadata-token" = $Token } Method = 'GET' Uri = 'http://169.254.169.254/latest/meta-data/instance-id' } @@ -185,11 +185,11 @@ function Get-SecretValue { function Get-InstanceTags { - $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds"=3600} -Method PUT -Uri http://169.254.169.254/latest/api/token - $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token} -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id - $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" - $Tags = $TagsRaw | ConvertFrom-Json - $Tags.Tags + $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } -Method PUT -Uri http://169.254.169.254/latest/api/token + $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token } -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id + $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" + $Tags = $TagsRaw | ConvertFrom-Json + $Tags.Tags } function Clear-PendingFileRenameOperations { @@ -212,13 +212,13 @@ function Clear-PendingFileRenameOperations { function Test-DatabaseConnection { param ( - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [String]$typePath, - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [String]$tnsName, - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [String]$username, - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [System.Security.SecureString]$securePassword ) @@ -237,10 +237,12 @@ function Test-DatabaseConnection { $connection.Open() Write-Host "Connection successful!" return 0 - } catch { + } + catch { Write-Host "Connection failed: $($_.Exception.Message)" return 1 - } finally { + } + finally { if ($connection -and $connection.State -eq 'Open') { $connection.Close() } @@ -263,7 +265,8 @@ function New-TnsOraFile { if (Test-Path $tnsOraFilePath) { Write-Host "Tnsnames.ora file found at $tnsOraFilePath" - } else { + } + else { Write-Error "Tnsnames.ora file not found at $tnsOraFilePath" exit 1 } @@ -356,8 +359,8 @@ function Install-IPS { # set Secret Names based on environment $dbenv = ($Tags | Where-Object { $_.Key -eq "nomis-combined-reporting-environment" }).Value $siaNodeName = (($Tags | Where-Object { $_.Key -eq "Name" }).Value).Replace("-", "").ToUpper() # cannot contain hyphens - $bodsSecretName = "/sap/bods/$dbenv/passwords" - $bodsConfigName = "/sap/bods/$dbenv/config" + $bodsSecretName = "/sap/bods/$dbenv/passwords" + $bodsConfigName = "/sap/bods/$dbenv/config" $sysDbSecretName = "/oracle/database/$($Config.sysDbName)/passwords" $audDbSecretName = "/oracle/database/$($Config.audDbName)/passwords" @@ -373,8 +376,8 @@ function Install-IPS { $bods_cluster_key = Get-SecretValue -SecretId $bodsConfigName -SecretKey "bods_cluster_key" -ErrorAction SilentlyContinue $ips_product_key = Get-SecretValue -SecretId $bodsConfigName -SecretKey "ips_product_key" -ErrorAction SilentlyContinue -# Create response file for IPS silent install -$ipsResponseFilePrimary = @" + # Create response file for IPS silent install + $ipsResponseFilePrimary = @" ### Choose to integrate Introscope Enterprise Manager: integrate or nointegrate chooseintroscopeintegration=nointegrate ### Choose to integrate Solution Manager Diagnostics (SMD) Agent: integrate or nointegrate @@ -437,8 +440,8 @@ usingcmsdbtype=oracle features=JavaWebApps1,CMC.Monitoring,LCM,IntegratedTomcat,CMC.AccessLevels,CMC.Applications,CMC.Audit,CMC.Authentication,CMC.Calendars,CMC.Categories,CMC.CryptographicKey,CMC.Events,CMC.Folders,CMC.Inboxes,CMC.Licenses,CMC.PersonalCategories,CMC.PersonalFolders,CMC.Servers,CMC.Sessions,CMC.Settings,CMC.TemporaryStorage,CMC.UsersAndGroups,CMC.QueryResults,CMC.InstanceManager,CMS,FRS,PlatformServers.AdaptiveProcessingServer,PlatformServers.AdaptiveJobServer,ClientAuditingProxyProcessingService,LCMProcessingServices,MonitoringProcessingService,SecurityTokenService,DestinationSchedulingService,ProgramSchedulingService,Subversion,UpgradeManager,AdminTools "@ -# Create response file for IPS expanded install -$ipsResponseFileSecondary = @" + # Create response file for IPS expanded install + $ipsResponseFileSecondary = @" ### Choose to integrate Introscope Enterprise Manager: integrate or nointegrate chooseintroscopeintegration=nointegrate ### Choose to integrate Solution Manager Diagnostics (SMD) Agent: integrate or nointegrate @@ -502,43 +505,45 @@ features=JavaWebApps1,CMC.Monitoring,LCM,IntegratedTomcat,CMC.AccessLevels,CMC.A "@ -$instanceName = ($Tags | Where-Object { $_.Key -eq "Name" }).Value -$ipsInstallIni = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\ips_install.ini" + $instanceName = ($Tags | Where-Object { $_.Key -eq "Name" }).Value + $ipsInstallIni = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\ips_install.ini" -if ($instanceName -eq $($Config.cmsPrimaryNode)) { - $ipsResponseFilePrimary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii -} elseif ($instanceName -eq $($Config.cmsSecondaryNode)) { - $ipsResponseFileSecondary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii -} else { - Write-Output "Unknown node type, cannot create response file" - exit 1 -} + if ($instanceName -eq $($Config.cmsPrimaryNode)) { + $ipsResponseFilePrimary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii + } + elseif ($instanceName -eq $($Config.cmsSecondaryNode)) { + $ipsResponseFileSecondary | Out-File -FilePath "$ipsInstallIni" -Force -Encoding ascii + } + else { + Write-Output "Unknown node type, cannot create response file" + exit 1 + } -Clear-PendingFileRenameOperations + Clear-PendingFileRenameOperations -$setupExe = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\setup.exe" + $setupExe = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\setup.exe" -if (-NOT(Test-Path $setupExe)) { - Write-Host "IPS setup.exe not found at $($setupExe)" - exit 1 -} + if (-NOT(Test-Path $setupExe)) { + Write-Host "IPS setup.exe not found at $($setupExe)" + exit 1 + } -if (-NOT(Test-Path $ipsInstallIni)) { - Write-Host "IPS response file not found at $ipsInstallIni" - exit 1 -} + if (-NOT(Test-Path $ipsInstallIni)) { + Write-Host "IPS response file not found at $ipsInstallIni" + exit 1 + } -$logFile = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\install_ips_sp.log" -New-Item -Type File -Path $logFile -Force | Out-Null + $logFile = "$WorkingDirectory\IPS\DATA_UNITS\IPS_win\install_ips_sp.log" + New-Item -Type File -Path $logFile -Force | Out-Null -# add Oracle client path to the powershell session -$env:Path += ";E:\app\oracle\product\19.0.0\client_1\bin" + # add Oracle client path to the powershell session + $env:Path += ";E:\app\oracle\product\19.0.0\client_1\bin" -$env:Path -split ";" | ForEach-Object { - Write-Host $_ -} + $env:Path -split ";" | ForEach-Object { + Write-Host $_ + } -Write-Host "Starting IPS installer at $(Get-Date)" + Write-Host "Starting IPS installer at $(Get-Date)" try { "Starting IPS installer at $(Get-Date)" | Out-File -FilePath $logFile -Append @@ -572,7 +577,7 @@ function Install-DataServices { [hashtable]$Config ) - if (Get-Package | Where-Object { $_.Name -Like "SAP Data Services*"}) { + if (Get-Package | Where-Object { $_.Name -Like "SAP Data Services*" }) { Write-Output "Data Services is already installed" return } @@ -592,8 +597,8 @@ function Install-DataServices { # set Secret Names based on environment $Tags = Get-InstanceTags $dbenv = ($Tags | Where-Object { $_.Key -eq "nomis-combined-reporting-environment" }).Value - $bodsSecretName = "/sap/bods/$dbenv/passwords" - $bodsConfigName = "/sap/bods/$dbenv/config" + $bodsSecretName = "/sap/bods/$dbenv/passwords" + $bodsConfigName = "/sap/bods/$dbenv/config" # passwords from /sap/bods/$dbenv/passwords $service_user_password = Get-SecretValue -SecretId $bodsSecretName -SecretKey "svc_nart" -ErrorAction SilentlyContinue @@ -602,7 +607,7 @@ function Install-DataServices { # config values from /sap/bods/$dbenv/config $data_services_product_key = Get-SecretValue -SecretId $bodsConfigName -SecretKey "data_services_product_key" -ErrorAction SilentlyContinue -$dataServicesResponsePrimary = @" + $dataServicesResponsePrimary = @" ### #property.CMSAUTHENTICATION.description# cmsauthentication=secEnterprise ### CMS administrator password @@ -653,7 +658,7 @@ selectedlanguagepacks=en features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataServicesDesigner,DataServicesClient,DataServicesManagementConsole,DataServicesEIMServices,DataServicesMessageClient,DataServicesDataDirect,DataServicesDocumentation "@ -$domainName = ($Tags | Where-Object { $_.Key -eq "domain-name" }).Value + $domainName = ($Tags | Where-Object { $_.Key -eq "domain-name" }).Value $dataServicesResponseSecondary = @" ### #property.CMSAUTHENTICATION.description# @@ -724,7 +729,7 @@ features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataS $dataServicesInstallParams = @{ FilePath = "$WorkingDirectory\$($Config.DataServicesS3File)\DataServices\setup.exe" - ArgumentList = "-q","-r","$dsInstallIni","cmspassword=$bods_admin_password","dscmspassword=$bods_admin_password","dslogininfothispassword=$service_user_password" + ArgumentList = "-q", "-r", "$dsInstallIni", "cmspassword=$bods_admin_password", "dscmspassword=$bods_admin_password", "dslogininfothispassword=$service_user_password" Wait = $true NoNewWindow = $true } @@ -747,11 +752,13 @@ features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataS if (Test-Path $destination) { Write-Output "Copying JDBC driver to $destination" Copy-Item -Path $jdbcDriverPath -Destination $destination - } else { + } + else { Write-Output "Destination $destination does not exist, skipping" } } - } else { + } + else { Write-Output "JDBC driver not found at $jdbcDriverPath" exit 1 } @@ -761,8 +768,8 @@ features=DataServicesJobServer,DataServicesAccessServer,DataServicesServer,DataS function Move-ModPlatformADComputer { [CmdletBinding()] param ( - [Parameter(Mandatory=$true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, - [Parameter(Mandatory=$true)][string]$NewOU + [Parameter(Mandatory = $true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, + [Parameter(Mandatory = $true)][string]$NewOU ) $ErrorActionPreference = "Stop" @@ -778,7 +785,8 @@ function Move-ModPlatformADComputer { try { $computer = Get-ADComputer -Credential $ModPlatformADCredential -Filter "Name -eq '$env:COMPUTERNAME'" -ErrorAction Stop if ($computer -and $computer.objectGUID) { break } - } catch { + } + catch { Write-Verbose "Get-ADComputer failed: $_" } Start-Sleep -Seconds 5 @@ -831,7 +839,7 @@ Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameter Write-Host "Registry updated to prefer IPv4 over IPv6. A system restart is required for changes to take effect." # Turn off the firewall as this will possibly interfere with Sia Node creation -Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False +Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled False # Set local time zone to UK although this should now be set by Group Policy objects Set-TimeZone -Name "GMT Standard Time" @@ -857,17 +865,18 @@ $ErrorActionPreference = "Continue" Import-Module ModPlatformAD -Force $ADConfig = Get-ModPlatformADConfig if ($null -ne $ADConfig) { - $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig - if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { - # Get the AD Admin credentials - $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig - # Move the computer to the correct OU - Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) - Exit 3010 # triggers reboot if running from SSM Doc - } -} else { - Write-Output "No domain-name tag found so apply Local Group Policy" - . .\LocalGroupPolicy.ps1 + $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig + if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { + # Get the AD Admin credentials + $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig + # Move the computer to the correct OU + Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) + Exit 3010 # triggers reboot if running from SSM Doc + } +} +else { + Write-Output "No domain-name tag found so apply Local Group Policy" + . .\LocalGroupPolicy.ps1 } # }}} diff --git a/powershell/Scripts/UserDataScripts/NcrClient.ps1 b/powershell/Scripts/UserDataScripts/NcrClient.ps1 index 3097beede..2d94d55cc 100644 --- a/powershell/Scripts/UserDataScripts/NcrClient.ps1 +++ b/powershell/Scripts/UserDataScripts/NcrClient.ps1 @@ -1,125 +1,422 @@ $GlobalConfig = @{ "all" = @{ - "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" - "WindowsClientS3Folder" = "hmpps/ncr-packages" - "WindowsClientS3File" = "WINDOWS.X64_193000_client.zip" # Oracle 19c client SW, install 1st - "IPSS3File" = "IPS.ZIP" # IPS SW, install 2nd - "DataServicesS3File" = "DATASERVICES.ZIP" # BODS SW, install 3rd - "BIPWindowsClientFile" = "BIPLATCLNT4303P_300-70005711.EXE" # Client tool 4.3 SP 3 - "RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon" - "LegalNoticeCaption" = "IMPORTANT" - "LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information" + "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" + "WindowsClientS3Folder" = "hmpps/ncr-packages" + "Oracle19c64bitClientS3File" = "WINDOWS.X64_193000_client.zip" + "ORACLE_19C_HOME" = "C:\app\oracle\product\19.0.0\client_1" + "ORACLE_BASE" = "C:\app\oracle" + # "BIPWindowsClient43" = "BIPLATCLNT4303P_300-70005711.EXE" # Client tool 4.3 SP 3 + # "BIPWindowsClient42" = "5104879_1.ZIP" # Client tool 4.2 SP 9 + "BIPWindowsClient43" = "BIPLATCLNT4301P_1200-70005711.EXE" # Client tool 4.3 SP 1 Patch 12 as per Azure PDMR2W00014 } "nomis-combined-reporting-development" = @{ - "NcrShortcuts" = @{ + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" + "NcrShortcuts" = @{ } } "nomis-combined-reporting-test" = @{ - "NcrShortcuts" = @{ + # "tnsorafile" = "NCR\tnsnames_T1_BODS.ora" TODO: NOT IMPLEMENTED YET + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" + "NcrShortcuts" = @{ } } "nomis-combined-reporting-preproduction" = @{ - "NcrShortcuts" = @{ + # "tnsorafile" = "NCR\tnsnames_PP_BODS.ora" TODO: NOT IMPLEMENTED YET + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" + "NcrShortcuts" = @{ } } "nomis-combined-reporting-production" = @{ - "NcrShortcuts" = @{ + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" + "NcrShortcuts" = @{ } } } -$ConfigurationManagementRepo = "C:\Users\Administrator\AppData\Local\Temp\modernisation-platform-configuration-management" -$ErrorActionPreference = "Stop" -$WorkingDirectory = "C:\Temp" -# {{{ functions +# IMPORTANT: This script installs Client Tools 4.3 SP 1 Patch 12 and the Oracle 19c client software. + +# }}} functions function Get-Config { - $Token = Invoke-RestMethod ` - -TimeoutSec 10 ` - -Headers @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } ` - -Method PUT ` - -Uri http://169.254.169.254/latest/api/token - $InstanceId = Invoke-RestMethod ` - -TimeoutSec 10 ` - -Headers @{"X-aws-ec2-metadata-token" = $Token } ` - -Method GET ` - -Uri http://169.254.169.254/latest/meta-data/instance-id - $TagsRaw = aws ec2 describe-tags ` - --filters "Name=resource-id,Values=$InstanceId" - $Tags = "$TagsRaw" | ConvertFrom-Json + $tokenParams = @{ + TimeoutSec = 10 + Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } + Method = 'PUT' + Uri = 'http://169.254.169.254/latest/api/token' + } + $Token = Invoke-RestMethod @tokenParams + + $instanceIdParams = @{ + TimeoutSec = 10 + Headers = @{"X-aws-ec2-metadata-token" = $Token } + Method = 'GET' + Uri = 'http://169.254.169.254/latest/meta-data/instance-id' + } + $InstanceId = Invoke-RestMethod @instanceIdParams + + $awsParams = @( + 'ec2', + 'describe-tags', + '--filters', + "Name=resource-id,Values=$InstanceId" + ) + + $TagsRaw = & aws @awsParams + + $Tags = $TagsRaw | ConvertFrom-Json $EnvironmentNameTag = ($Tags.Tags | Where-Object { $_.Key -eq "environment-name" }).Value if (-not $GlobalConfig.Contains($EnvironmentNameTag)) { Write-Error "Unexpected environment-name tag value $EnvironmentNameTag" } + Return $GlobalConfig.all + $GlobalConfig[$EnvironmentNameTag] } function Get-Installer { param ( - $Key, - $Destination + [Parameter(Mandatory)] + [string]$Key, + + [Parameter(Mandatory)] + [string]$Destination ) - Read-S3Object ` - -BucketName $Config.WindowsClientS3Bucket ` - -Key ($Config.WindowsClientS3Folder + "/" + $Key) ` - -File $Destination ` - -Verbose + + $s3Params = @{ + BucketName = $Config.WindowsClientS3Bucket + Key = ($Config.WindowsClientS3Folder + "/" + $Key) + File = $Destination + Verbose = $true + } + + Read-S3Object @s3Params } -function Expand-Installer { +function Get-SecretValue { param ( - $File, - $Destination + [Parameter(Mandatory)] + [string]$SecretId, + [Parameter(Mandatory)] + [string]$SecretKey ) - New-Item -ItemType Directory -Path $Destination -Force - Add-Type -Assembly "System.IO.Compression.Filesystem" - [System.IO.Compression.ZipFile]::ExtractToDirectory( - ($File | Resolve-Path), - ($Destination | Resolve-Path) + + try { + $secretJson = aws secretsmanager get-secret-value --secret-id $SecretId --query SecretString --output text + + if ($null -eq $secretJson -or $secretJson -eq '') { + Write-Host "The SecretId '$SecretId' does not exist or returned no value." + return $null + } + + $secretObject = $secretJson | ConvertFrom-Json + + if (-not $secretObject.PSObject.Properties.Name -contains $SecretKey) { + Write-Host "The SecretKey '$SecretKey' does not exist in the secret." + return $null + } + + return $secretObject.$SecretKey + } + catch { + Write-Host "An error occurred while retrieving the secret: $_" + return $null + } +} + + +function Get-InstanceTags { + $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } -Method PUT -Uri http://169.254.169.254/latest/api/token + $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token } -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id + $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" + $Tags = $TagsRaw | ConvertFrom-Json + $Tags.Tags +} + +function Clear-PendingFileRenameOperations { + $regPath = "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" + $regKey = "PendingFileRenameOperations" + + if (Get-ItemProperty -Path $regPath -Name $regKey -ErrorAction SilentlyContinue) { + try { + Remove-ItemProperty -Path $regPath -Name $regKey -Force -ErrorAction Stop + Write-Host "Successfully removed $regKey from the registry." + } + catch { + Write-Warning "Failed to remove $regKey. Error: $_" + } + } + else { + Write-Host "$regKey does not exist in the registry. No action needed." + } +} + +function Move-ModPlatformADComputer { + [CmdletBinding()] + param ( + [Parameter(Mandatory = $true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, + [Parameter(Mandatory = $true)][string]$NewOU ) + + $ErrorActionPreference = "Stop" + + # Do nothing if host not part of domain + if (-not (Get-WmiObject -Class Win32_ComputerSystem).PartOfDomain) { + return $false + } + + # Get the computer's objectGUID with a 5-minute timeout + $timeout = [DateTime]::Now.AddMinutes(5) + do { + $computer = Get-ADComputer -Credential $ModPlatformADCredential -Identity $env:COMPUTERNAME -ErrorAction SilentlyContinue + if ($computer -and $computer.objectGUID) { break } + Start-Sleep -Seconds 5 + } until (($computer -and $computer.objectGUID) -or ([DateTime]::Now -ge $timeout)) + + if (-not ($computer -and $computer.objectGUID)) { + Write-Error "Failed to retrieve computer objectGUID within 5 minutes." + return + } + + # Move the computer to the new OU + $computer.objectGUID | Move-ADObject -TargetPath $NewOU -Credential $ModPlatformADCredential + + # force group policy update + gpupdate /force } -# }}} -# {{{ prepare assets -$Config = Get-Config -New-Item -ItemType Directory -Path $WorkingDirectory -Force +function Test-WindowsServer2012R2 { + $osVersion = (Get-WmiObject -Class Win32_OperatingSystem).Version + return $osVersion -like "6.3*" +} + +function Install-Oracle19cClient { + param ( + [Parameter(Mandatory)] + [hashtable]$Config + ) + + # Check if Oracle 19c client is already installed + if (Test-Path $Config.ORACLE_19C_HOME) { + Write-Host "Oracle 19c client is already installed." + return + } + + $WorkingDirectory = "C:\Software" + Set-Location -Path $WorkingDirectory + + # Prepare installer + Get-Installer -Key $Config.Oracle19c64bitClientS3File -Destination (".\" + $Config.Oracle19c64bitClientS3File) + Expand-Archive (".\" + $Config.Oracle19c64bitClientS3File) -Destination ".\OracleClient" + + # Create response file for silent install + $oracleClientResponseFileContent = @" +oracle.install.responseFileVersion=/oracle/install/rspfmt_clientinstall_response_schema_v19.0.0 +ORACLE_HOME=$($Config.ORACLE_19C_HOME) +ORACLE_BASE=$($Config.ORACLE_BASE) +oracle.install.IsBuiltInAccount=true +oracle.install.client.installType=Administrator +"@ + + $oracleClientResponseFileContent | Out-File -FilePath "$WorkingDirectory\OracleClient\client\client_install.rsp" -Force -Encoding ascii + + # Install Oracle 19c client + $OracleClientInstallParams = @{ + FilePath = "$WorkingDirectory\OracleClient\client\setup.exe" + WorkingDirectory = "$WorkingDirectory\OracleClient\client" + ArgumentList = "-silent", "-noconfig", "-nowait", "-responseFile $WorkingDirectory\OracleClient\client\client_install.rsp" + Wait = $true + NoNewWindow = $true + } + + Start-Process @OracleClientInstallParams + + # Install Oracle configuration tools + $oracleConfigToolsParams = @{ + FilePath = "$WorkingDirectory\OracleClient\client\setup.exe" + WorkingDirectory = "$WorkingDirectory\OracleClient\client" + ArgumentList = "-executeConfigTools", "-silent", "-nowait", "-responseFile $WorkingDirectory\OracleClient\client\client_install.rsp" + Wait = $true + NoNewWindow = $true + } -Set-Location -Path $WorkingDirectory -Get-Installer -Key $Config.WindowsClientS3File -Destination (".\" + $Config.WindowsClientS3File) -Get-Installer -Key $Config.IPSS3File -Destination (".\" + $Config.IPSS3File) -Get-Installer -Key $Config.DataServicesS3File -Destination (".\" + $Config.DataServicesS3File) -Get-Installer -Key $Config.BIPWindowsClientFile -Destination (".\" + $Config.BIPWindowsClientFile) - -Expand-Installer -File ( ".\" + $Config.WindowsClientS3File) -Destination ".\Client" -Expand-Installer -File ( ".\" + $Config.IPSS3File) -Destination ".\IPS" -Expand-Installer -File ( ".\" + $Config.DataServicesS3File) -Destination ".\DataServices" -# }}} - - -# {{{ install Oracle -Set-Location -Path $WorkingDirectory/Client/client -# documentation: https://docs.oracle.com/en/database/oracle/oracle-database/19/ntcli/running-oracle-universal-installe-using-the-response-file.html -# FIXME file name needs fixing -.\setup.exe -silent -noconfig -nowait -responseFile ($ConfigurationManagementRepo + "\powershell\Configs\NCROracle19Response.rsp") -# }}} - -# {{{ login text -# Apply to all environments that aren't on the domain + Start-Process @oracleConfigToolsParams + + # Set environment variable + [Environment]::SetEnvironmentVariable("ORACLE_HOME", $Config.ORACLE_19C_HOME, [System.EnvironmentVariableTarget]::Machine) +} + +function New-TnsOraFile { + param ( + [Parameter(Mandatory)] + [hashtable]$Config + ) + + $tnsOraFilePath = Join-Path $PSScriptRoot -ChildPath "..\..\Configs\$($Config.tnsorafile)" + + if (Test-Path $tnsOraFilePath) { + Write-Host "Tnsnames.ora file found at $tnsOraFilePath" + } + else { + Write-Error "Tnsnames.ora file not found at $tnsOraFilePath" + exit 1 + } + + # check if ORACLE_HOME env var exists, if it does then use that. If not then set it from the Config values. + + if (-not $env:ORACLE_HOME) { + [Environment]::SetEnvironmentVariable("ORACLE_HOME", $Config.ORACLE_19C_HOME, [System.EnvironmentVariableTarget]::Machine) + $env:ORACLE_HOME = $Config.ORACLE_19C_HOME # Set in current session + } + + $tnsOraFileDestination = "$($env:ORACLE_HOME)\network\admin\tnsnames.ora" + + Copy-Item -Path $tnsOraFilePath -Destination $tnsOraFileDestination -Force + +} + +function Add-BIPWindowsClient43 { + param ( + [Parameter(Mandatory)] + [hashtable]$Config + ) + + # Check if BIP Windows Client 4.3 is already installed + $installDir = "C:\Program Files (x86)\SAP BusinessObjects" + if (Test-Path $installDir) { + Write-Host "BIP Windows Client 4.3 is already installed." + return + } + + $BIPClientTools43ResponseFileContent = @" +### Installation Directory +Installdir=C:\Program Files (x86)\SAP BusinessObjects\ +### Language Packs Selected to Install +selectedlanguagepacks=en +### Setup UI Language +setupuilanguage=en +features=WebI_Rich_Client,Business_View_Manager,Report_Conversion,Universe_Designer,QAAWS,InformationDesignTool,Translation_Manager,DataFederationAdministrationTool,biwidgets,ClientComponents,JavaSDK,WebSDK,DotNetSDK,CRJavaSDK,DevComponents,DataFed_DataAccess,HPNeoView_DataAccess,MySQL_DataAccess,GenericODBC_DataAccess,GenericOLEDB_DataAccess,GenericJDBC_DataAccess,MaxDB_DataAccess,SalesForce_DataAccess,Netezza_DataAccess,Microsoft_DataAccess,Ingres_DataAccess,Greenplum_DataAccess,IBMDB2,Informix_DataAccess,Progress_Open_Edge_DataAccess,Oracle_DataAccess,Sybase_DataAccess,TeraData_DataAccess,SAPBW_DataAccess,SAP_DataAccess,PersonalFiles_DataAccess,JavaBean_DataAccess,OpenConnectivity_DataAccess,HSQLDB_DataAccess,Derby_DataAccess,Essbase_DataAccess,PSFT_DataAccess,JDE_DataAccess,Siebel_DataAccess,EBS_DataAccess,DataAccess +"@ + + Set-Location -Path $WorkingDirectory + + Get-Installer -Key $Config.BIPWindowsClient43 -Destination (".\" + $Config.BIPWindowsClient43) + + $BIPClientTools43ResponseFileContent | Out-File -FilePath "$WorkingDirectory\bip43_response.ini" -Force -Encoding ascii + + choco install winrar -y + + New-Item -ItemType Directory -Path "$WorkingDirectory\BIP43" -Force + + Clear-PendingFileRenameOperations + + # Extract the BIP 4.3 self-extracting archive using WinRAR's UnRAR command line tool + Start-Process -FilePath "C:\Program Files\WinRAR\UnRAR.exe" -ArgumentList "/wait x -o+ $WorkingDirectory\$($Config.BIPWindowsClient43) $WorkingDirectory\BIP43" -Wait -NoNewWindow + + $BIPClientTools43Params = @{ + FilePath = "$WorkingDirectory\BIP43\setup.exe" + ArgumentList = "/wait", "-r $WorkingDirectory\bip43_response.ini" + Wait = $true + NoNewWindow = $true + } + + Start-Process @BIPClientTools43Params + + # Set up shortcuts for 4.3 client tools + $BIP43Path = "C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win64_x64\" + + # List is incomplete, add more executables as needed + $executables = @( + @{ + "Name" = "Designer" + "Exe" = "designer.exe" + }, + @{ + "Name" = "Information Design Tool" + "Exe" = "InformationDesignTool.exe" + } + ) + + # Path to all users' desktop + $AllUsersDesktop = [Environment]::GetFolderPath('CommonDesktopDirectory') + + # Create folders on all users' desktop + $Client43Folder = Join-Path -Path $AllUsersDesktop -ChildPath "4.3 Client Tools" + + New-Item -ItemType Directory -Path $Client43Folder -Force + + # Create shortcuts for each executable if the target exists + $WScriptShell = New-Object -ComObject WScript.Shell + + foreach ($executable in $executables) { + + # Shortcuts for 4.3 Client + $TargetPath43 = Join-Path -Path $BIP43Path -ChildPath $executable.Exe + if (Test-Path $TargetPath43) { + $ShortcutPath43 = Join-Path -Path $Client43Folder -ChildPath ($executable.Name + ".lnk") + $Shortcut43 = $WScriptShell.CreateShortcut($ShortcutPath43) + $Shortcut43.TargetPath = $TargetPath43 + $Shortcut43.IconLocation = $TargetPath43 + $Shortcut43.Save() + } + else { + Write-Host "Executable not found: $TargetPath43" + } + } +} +# }}} end of functions + +# {{{ Prep the server for installation $ErrorActionPreference = "Stop" -Write-Output "Add Legal Notice" - -if (-NOT (Test-Path $Config.RegistryPath)) { - Write-Output " - Registry path does not exist, creating" - New-Item -Path $Config.RegistryPath -Force | Out-Null +# Set the registry key to prefer IPv4 over IPv6 +Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters" -Name "DisabledComponents" -Value 0x20 -Type DWord + +# Output a message to confirm the change +Write-Host "Registry updated to prefer IPv4 over IPv6. A system restart is required for changes to take effect." + +# Turn off the firewall as this will possibly interfere with Sia Node creation +Set-NetFirewallProfile -Profile Domain, Public, Private -Enabled False + +# Set local time zone to UK although this should now be set by Group Policy objects +Set-TimeZone -Name "GMT Standard Time" + +# }}} complete - add prerequisites to server + +$Config = Get-Config +$Tags = Get-InstanceTags + +$WorkingDirectory = "C:\Software" +$AppDirectory = "C:\App" + +$ModulesRepo = Join-Path $PSScriptRoot '..\..\Modules' + +# {{{ join domain if domain-name tag is set +# Join domain and reboot is needed before installers run +# Add $ModulesRepo to the PSModulePath in Server 2012 R2 here otherwise it can't find it +$env:PSModulePath = "$ModulesRepo;$env:PSModulePath" + +$ErrorActionPreference = "Continue" +Import-Module ModPlatformAD -Force +$ADConfig = Get-ModPlatformADConfig +if ($null -ne $ADConfig) { + $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig + if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { + # Get the AD Admin credentials + $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig + # Move the computer to the correct OU + Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) + Exit 3010 # triggers reboot if running from SSM Doc + } } +else { + Write-Output "No domain-name tag found so apply Local Group Policy" + . .\LocalGroupPolicy.ps1 +} +# }}} end of join domain -$RegistryPath = $Config.RegistryPath -$LegalNoticeCaption = $Config.LegalNoticeCaption -$LegalNoticeText = $Config.LegalNoticeText +$ErrorActionPreference = "Stop" -Write-Output " - Set Legal Notice Caption" -New-ItemProperty -Path $RegistryPath -Name LegalNoticeCaption -Value $LegalNoticeCaption -PropertyType String -Force +New-Item -ItemType Directory -Path $WorkingDirectory -Force +New-Item -ItemType Directory -Path $AppDirectory -Force -Write-Output " - Set Legal Notice Text" -New-ItemProperty -Path $RegistryPath -Name LegalNoticeText -Value $LegalNoticeText -PropertyType String -Force -# }}} +Install-Oracle19cClient -Config $Config +# New-TnsOraFile -Config $Config TODO: NOT IMPLEMENTED YET +Add-BIPWindowsClient43 -Config $Config diff --git a/powershell/Scripts/UserDataScripts/OnrBods.ps1 b/powershell/Scripts/UserDataScripts/OnrBods.ps1 index 78e16f501..77448db44 100644 --- a/powershell/Scripts/UserDataScripts/OnrBods.ps1 +++ b/powershell/Scripts/UserDataScripts/OnrBods.ps1 @@ -20,7 +20,7 @@ $GlobalConfig = @{ "oasys-national-reporting-test" = @{ "sysDbName" = "T2BOSYS" "audDbName" = "T2BOAUD" - "tnsorafile" = "tnsnames_T2_BODS.ora" + "tnsorafile" = "ONR\tnsnames_T2_BODS.ora" "cmsPrimaryNode" = "t2-onr-bods-1" # "cmsPrimaryNode" = "t2-tst-bods-asg" # Use this value when testing "cmsSecondaryNode" = "t2-onr-bods-2" @@ -36,7 +36,7 @@ $GlobalConfig = @{ "oasys-national-reporting-preproduction" = @{ "sysDbName" = "PPBOSYS" "audDbName" = "PPBOAUD" - "tnsorafile" = "tnsnames_PP_BODS.ora" + "tnsorafile" = "ONR\tnsnames_PP_BODS.ora" "cmsPrimaryNode" = "pp-onr-bods-1" "cmsSecondaryNode" = "pp-onr-bods-2" "cmsPrimaryNodeHostname" = "EC2AMAZ-669VK3E" # ADD MANUALLY AFTER cmsPrimaryNode DEPLOYED diff --git a/powershell/Scripts/UserDataScripts/OnrClient.ps1 b/powershell/Scripts/UserDataScripts/OnrClient.ps1 index 8e97249d0..aed4db418 100644 --- a/powershell/Scripts/UserDataScripts/OnrClient.ps1 +++ b/powershell/Scripts/UserDataScripts/OnrClient.ps1 @@ -1,54 +1,54 @@ $GlobalConfig = @{ - "all" = @{ - "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" - "WindowsClientS3Folder" = "hmpps/onr" - "BOEWindowsClientS3File" = "51048121.ZIP" - # "Oracle11g32bitClientS3File" = "V20606-01.zip" - "Oracle11g64bitClientS3File" = "V20609-01.zip" - "Oracle19c64bitClientS3File" = "WINDOWS.X64_193000_client.zip" # Oracle 19c client SW, install 1st" - "ORACLE_19C_HOME" = "C:\app\oracle\product\19.0.0\client_1" - "ORACLE_11G_HOME" = "C:\app\oracle\product\11.2.0\client_1" - "ORACLE_BASE" = "C:\app\oracle" - "RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon" - "LegalNoticeCaption" = "IMPORTANT" - "LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information" + "all" = @{ + "WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001" + "WindowsClientS3Folder" = "hmpps/onr" + "BOEWindowsClientS3File" = "51048121.ZIP" + # "Oracle11g32bitClientS3File" = "V20606-01.zip" + "Oracle11g64bitClientS3File" = "V20609-01.zip" + "Oracle19c64bitClientS3File" = "WINDOWS.X64_193000_client.zip" # Oracle 19c client SW, install 1st" + "ORACLE_19C_HOME" = "C:\app\oracle\product\19.0.0\client_1" + "ORACLE_11G_HOME" = "C:\app\oracle\product\11.2.0\client_1" + "ORACLE_BASE" = "C:\app\oracle" + "RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon" + "LegalNoticeCaption" = "IMPORTANT" + "LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information" } - "oasys-national-reporting-dev" = @{ - "OnrShortcuts" = @{ - } + "oasys-national-reporting-dev" = @{ + "OnrShortcuts" = @{ + } } - "oasys-national-reporting-test" = @{ - "serviceUser" = "svc_nart" - # "tnsorafile" = "tnsnames_T2_BODS.ora" TODO: NOT IMPLEMENTED YET - "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" - "domain" = "AZURE" - "OnrShortcuts" = @{ - "Onr CmcApp" = "http://t2-onr-web-1-a.oasys-national-reporting.hmpps-test.modernisation-platform.service.justice.gov.uk:7777/CmcApp" - } + "oasys-national-reporting-test" = @{ + "serviceUser" = "svc_nart" + # "tnsorafile" = "ONR\tnsnames_T2_BODS.ora" TODO: NOT IMPLEMENTED YET + "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=NOMS,DC=ROOT" + "domain" = "AZURE" + "OnrShortcuts" = @{ + "Onr CmcApp" = "http://t2-onr-web-1-a.oasys-national-reporting.hmpps-test.modernisation-platform.service.justice.gov.uk:7777/CmcApp" + } } "oasys-national-reporting-preproduction" = @{ "serviceUser" = "svc_nart" - # "tnsorafile" = "tnsnames_PP_BODS.ora" TODO: NOT IMPLEMENTED YET + # "tnsorafile" = "ONR\tnsnames_PP_BODS.ora" TODO: NOT IMPLEMENTED YET "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" "domain" = "HMPP" - "OnrShortcuts" = @{ - } + "OnrShortcuts" = @{ + } } - "oasys-national-reporting-production" = @{ + "oasys-national-reporting-production" = @{ "serviceUser" = "svc_nart" "nartComputersOU" = "OU=Nart,OU=MODERNISATION_PLATFORM_SERVERS,DC=AZURE,DC=HMPP,DC=ROOT" "domain" = "HMPP" - "OnrShortcuts" = @{ - } + "OnrShortcuts" = @{ + } } - } +} # {{{ functions function Get-Config { $tokenParams = @{ TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600} + Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } Method = 'PUT' Uri = 'http://169.254.169.254/latest/api/token' } @@ -56,7 +56,7 @@ function Get-Config { $instanceIdParams = @{ TimeoutSec = 10 - Headers = @{"X-aws-ec2-metadata-token" = $Token} + Headers = @{"X-aws-ec2-metadata-token" = $Token } Method = 'GET' Uri = 'http://169.254.169.254/latest/meta-data/instance-id' } @@ -82,11 +82,11 @@ function Get-Config { } function Get-InstanceTags { - $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds"=3600} -Method PUT -Uri http://169.254.169.254/latest/api/token - $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token} -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id - $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" - $Tags = $TagsRaw | ConvertFrom-Json - $Tags.Tags + $Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600 } -Method PUT -Uri http://169.254.169.254/latest/api/token + $InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token } -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id + $TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId" + $Tags = $TagsRaw | ConvertFrom-Json + $Tags.Tags } function Get-Installer { @@ -108,10 +108,10 @@ function Get-Installer { Read-S3Object @s3Params } - function Add-BOEWindowsClient { +function Add-BOEWindowsClient { [CmdletBinding()] param ( - [hashtable]$Config + [hashtable]$Config ) $ErrorActionPreference = "Stop" @@ -163,7 +163,7 @@ ADVERTISE="" # Install BOE Windows Client Start-Process -FilePath (([System.IO.Path]::GetTempPath()) + "\BOE\setup.exe") -ArgumentList "-r $ResponseFile" -Wait -NoNewWindow - # Create a desktop shortcut for BOE Client Tools + # Create a desktop shortcut for BOE Client Tools $WScriptShell = New-Object -ComObject WScript.Shell $targetPath = [System.IO.Path]::Combine([environment]::GetFolderPath("CommonStartMenu"), "Programs\BusinessObjects XI 3.1\BusinessObjects Enterprise Client Tools") $shortcutPath = [System.IO.Path]::Combine([environment]::GetFolderPath("CommonDesktopDirectory"), "BOE Client Tools.lnk") @@ -171,60 +171,60 @@ ADVERTISE="" $shortcut.TargetPath = $targetPath $shortcut.Save() | Out-Null Write-Output "Shortcut created at $shortcutPath" - } - - function Get-SecretValue { - param ( - [Parameter(Mandatory)] - [string]$SecretId, - [Parameter(Mandatory)] - [string]$SecretKey - ) - - try { - $secretJson = aws secretsmanager get-secret-value --secret-id $SecretId --query SecretString --output text - - if ($null -eq $secretJson -or $secretJson -eq '') { - Write-Host "The SecretId '$SecretId' does not exist or returned no value." - return $null - } - - $secretObject = $secretJson | ConvertFrom-Json - - if (-not $secretObject.PSObject.Properties.Name -contains $SecretKey) { - Write-Host "The SecretKey '$SecretKey' does not exist in the secret." - return $null - } - - return $secretObject.$SecretKey - } - catch { - Write-Host "An error occurred while retrieving the secret: $_" - return $null - } - } - - function Add-Shortcuts { - [CmdletBinding()] - param ( - [hashtable]$Config - ) - - $ErrorActionPreference = "Stop" - Write-Output "Add Shortcuts" - Write-Output " - Removing existing shortcuts" - Get-ChildItem "${SourcePath}/*Onr*" | ForEach-Object { Join-Path -Path $SourcePath -ChildPath $_.Name | Remove-Item } - - foreach ($Shortcut in $Config.OnrShortcuts.GetEnumerator()) { - $Name = $Shortcut.Name - $Url = $Shortcut.Value - Write-Output " - Add $Name $Url" - $Shortcut = New-Object -ComObject WScript.Shell - $SourcePath = Join-Path -Path ([environment]::GetFolderPath("CommonDesktopDirectory")) -ChildPath "\\$Name.url" - $SourceShortcut = $Shortcut.CreateShortcut($SourcePath) - $SourceShortcut.TargetPath = $Url - $SourceShortcut.Save() - } +} + +function Get-SecretValue { + param ( + [Parameter(Mandatory)] + [string]$SecretId, + [Parameter(Mandatory)] + [string]$SecretKey + ) + + try { + $secretJson = aws secretsmanager get-secret-value --secret-id $SecretId --query SecretString --output text + + if ($null -eq $secretJson -or $secretJson -eq '') { + Write-Host "The SecretId '$SecretId' does not exist or returned no value." + return $null + } + + $secretObject = $secretJson | ConvertFrom-Json + + if (-not $secretObject.PSObject.Properties.Name -contains $SecretKey) { + Write-Host "The SecretKey '$SecretKey' does not exist in the secret." + return $null + } + + return $secretObject.$SecretKey + } + catch { + Write-Host "An error occurred while retrieving the secret: $_" + return $null + } +} + +function Add-Shortcuts { + [CmdletBinding()] + param ( + [hashtable]$Config + ) + + $ErrorActionPreference = "Stop" + Write-Output "Add Shortcuts" + Write-Output " - Removing existing shortcuts" + Get-ChildItem "${SourcePath}/*Onr*" | ForEach-Object { Join-Path -Path $SourcePath -ChildPath $_.Name | Remove-Item } + + foreach ($Shortcut in $Config.OnrShortcuts.GetEnumerator()) { + $Name = $Shortcut.Name + $Url = $Shortcut.Value + Write-Output " - Add $Name $Url" + $Shortcut = New-Object -ComObject WScript.Shell + $SourcePath = Join-Path -Path ([environment]::GetFolderPath("CommonDesktopDirectory")) -ChildPath "\\$Name.url" + $SourceShortcut = $Shortcut.CreateShortcut($SourcePath) + $SourceShortcut.TargetPath = $Url + $SourceShortcut.Save() + } } function Clear-PendingFileRenameOperations { @@ -248,8 +248,8 @@ function Clear-PendingFileRenameOperations { function Move-ModPlatformADComputer { [CmdletBinding()] param ( - [Parameter(Mandatory=$true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, - [Parameter(Mandatory=$true)][string]$NewOU + [Parameter(Mandatory = $true)][System.Management.Automation.PSCredential]$ModPlatformADCredential, + [Parameter(Mandatory = $true)][string]$NewOU ) $ErrorActionPreference = "Stop" @@ -368,7 +368,7 @@ function Install-Oracle19cClient { # Retrieve credentials $Tags = Get-InstanceTags $dbenv = ($Tags | Where-Object { $_.Key -eq "oasys-national-reporting-environment" }).Value - $bodsSecretName = "/sap/bods/$dbenv/passwords" + $bodsSecretName = "/sap/bods/$dbenv/passwords" $service_user_password = Get-SecretValue -SecretId $bodsSecretName -SecretKey "svc_nart" -ErrorAction SilentlyContinue if ([string]::IsNullOrEmpty($service_user_password)) { @@ -423,8 +423,8 @@ oracle.install.client.installType=Administrator } function Test-WindowsServer2012R2 { - $osVersion = (Get-WmiObject -Class Win32_OperatingSystem).Version - return $osVersion -like "6.3*" + $osVersion = (Get-WmiObject -Class Win32_OperatingSystem).Version + return $osVersion -like "6.3*" } function New-TnsOraFile { @@ -437,7 +437,8 @@ function New-TnsOraFile { if (Test-Path $tnsOraFilePath) { Write-Host "Tnsnames.ora file found at $tnsOraFilePath" - } else { + } + else { Write-Error "Tnsnames.ora file not found at $tnsOraFilePath" exit 1 } @@ -460,9 +461,9 @@ function New-TnsOraFile { $ErrorActionPreference = "Stop" # Install PowerShell 5.1 if running on PowerShell 4 or below if ( $PSVersionTable.PSVersion.Major -le 4 ) { - choco install powershell -y - # reboot when run from ssm doc - exit 3010 + choco install powershell -y + # reboot when run from ssm doc + exit 3010 } # Set the registry key to prefer IPv4 over IPv6 @@ -492,35 +493,36 @@ $ErrorActionPreference = "Continue" Import-Module ModPlatformAD -Force $ADConfig = Get-ModPlatformADConfig if ($null -ne $ADConfig) { - $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig - if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { - # Get the AD Admin credentials - $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig - # Move the computer to the correct OU - Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) - Exit 3010 # triggers reboot if running from SSM Doc - } -} else { - Write-Output "No domain-name tag found so apply Local Group Policy" - . .\LocalGroupPolicy.ps1 + $ADCredential = Get-ModPlatformADJoinCredential -ModPlatformADConfig $ADConfig + if (Add-ModPlatformADComputer -ModPlatformADConfig $ADConfig -ModPlatformADCredential $ADCredential) { + # Get the AD Admin credentials + $ADAdminCredential = Get-ModPlatformADAdminCredential -ModPlatformADConfig $ADConfig + # Move the computer to the correct OU + Move-ModPlatformADComputer -ModPlatformADCredential $ADAdminCredential -NewOU $($Config.nartComputersOU) + Exit 3010 # triggers reboot if running from SSM Doc + } +} +else { + Write-Output "No domain-name tag found so apply Local Group Policy" + . .\LocalGroupPolicy.ps1 } # confirm group policy has been applied Start-Process -FilePath "C:\Windows\System32\gpupdate.exe" -ArgumentList "/force" -Wait -NoNewWindow | Out-Null -Start-Process -FilePath "C:\Windows\System32\gpresult.exe" -ArgumentList "/f","/h","$WorkingDirectory\gpresult.html" -Wait -NoNewWindow | Out-Null +Start-Process -FilePath "C:\Windows\System32\gpresult.exe" -ArgumentList "/f", "/h", "$WorkingDirectory\gpresult.html" -Wait -NoNewWindow | Out-Null # }}} # {{{ Run installers - choco install winscp.install -y +choco install winscp.install -y - $ErrorActionPreference = "Stop" +$ErrorActionPreference = "Stop" - Install-Oracle11gClient -Config $Config - Install-Oracle19cClient -Config $Config - # New-TnsOraFile -Config $Config TODO: NOT YET IMPLEMENTED - Add-BOEWindowsClient $Config - Add-Shortcuts $Config +Install-Oracle11gClient -Config $Config +Install-Oracle19cClient -Config $Config +# New-TnsOraFile -Config $Config TODO: NOT YET IMPLEMENTED +Add-BOEWindowsClient $Config +Add-Shortcuts $Config # }}} end of installers