Friday, August 3, 2012

Signing PowerShell Scripts

As part of my series on how to automate publishing Metastorm maps we will now talk about signing the PowerShell script.

Hey, I don't know about you but security where I work keeps us on a tight leash. We can't just run anything in production. At the very least we should be digitally signing our files.

Now, I could sit here and write a book on how to digitally sign your PowerShell scripts but what do I get out of it? How about I just point you in the right direction?

'Signing PowerShell Scripts' will get you 90% of the way there. The issue I ran into was that my script was encoded incorrectly. (Damn you, Notepad!) 'UnknownError when using Powershell ISE to Set-AuthenticodeSignature' should get you the rest of the way.
Posted by at

RSA Tokens

It it me?

I swear I can see a pattern in the "randomly" generated numbers on my SecurId token.

Maybe it's just My Beautiful Mind?
Posted by at

Publishing Metastorm Procedures

As part of implementing Continuous Integration in our environment I ran into an issue of how to automate deploying a Metastorm procedure.

Now, Metastorm has a KnowledgeBase article showing how you can use VBScript to deploy a procedure but it doesn't cover all of our use cases. Specifically, when deploying a procedure that references a library, Metastorm has a nasty habit of popping up a dialog box requiring you to click a button.

Did I also mention their example uses VBScript?

Well, your intrepid blogger decided to see if he could come up with a better\different solution.

Here's a PowerShell script that should work for you:

#This PowerShellscript is to be run to publish a Metastorm procedure 
#in unattended mode.
Param( 
    [String] $dsn = "dsn",
    [String] $userId = "userid",
    [String] $password = "password",
    [String] $procedure = "C:\procedure.xep",
    [Int] $secondsToWait = 20
)

#When publishing Metastorm procedures sometimes a dialog box pops up
#giving a status message and requiring user interaction. This script 
#checks to see if the dialog box exists and closes it so that 
#publishing can finish.
$closeMetastormDialogBox =
{
    Param( [Int] $secondsToWait )

    Add-Type -AssemblyName Microsoft.VisualBasic
    Add-Type -AssemblyName System.Windows.Forms

    Start-Sleep -s $secondsToWait

    #Is the Metastorm Designer running?
    $processExists = Get-Process | Where {$_.mainWindowTitle -eq "Metastorm Designer"} -ErrorAction SilentlyContinue
    If( $processExists -ne $null )
    {
        #Bring the Metastorm dialog box titled "Library Loading Status" 
        #into focus
        [Microsoft.VisualBasic.Interaction]::AppActivate("Library Loading Status")
        
        #Send the close command to the "Library Loading Status" dialog
        [System.Windows.Forms.SendKeys]::SendWait("%{F4}")
    }    
}

#Start the Metastorm designer
$eDesigner = New-Object -ComObject "eDesigner.eDesigner6"

#Publish the Metastorm procedure
$eDesigner.ConnectToEworkDB( $dsn, $userId, $password )

#When opening a procedure sometimes you'll get a pop up dialog 
#requiring user interaction. So, start a background task that 
#looks for the dialog and closes it.
Start-Job -ScriptBlock $closeMetastormDialogBox -ArgumentList $secondsToWait
$eDesigner.OpenProcedure( $procedure )
Remove-Job -State Completed

$eDesigner.PublishProcedure( "", $false )
$eDesigner.CloseProcedure()
$eDesigner.DisconnectFromEworkDB()

#Close the Metastorm designer
[System.Runtime.Interopservices.Marshal]::ReleaseComObject( $eDesigner )
Posted by at

Start of a beautiful friendship

Hello world!

Interesting start for a new blog. If I remember correctly "Hello World!" was the start of the Kernighan and Ritchie C book.

My forte is software development and I intend to share my views, lessons learned, and coding tidbits that I have managed to pick up along the way. I'll also throw in a dash of life stories to keep you entertained.
Posted by at
Subscribe to: Posts (Atom)