I'm a casual and mostly inexperienced LSF user, so please bear with...
I develop software in a corporate setting that submits jobs to LSF for processing. We have a set of machines that we want to use for a specific application but not open up to the public at large for any other usage. There is something in place now that allowsa few specific users access to use the machines. But we also want any user to use them IF they are running a certain application (a shell script that runs a perl script in this case).
I suppose registering the application(s) would be one approach. Another might be to pass a secret/encrypted token or key. Or maybe there are other mechanisms for this.
Is there an LSF based solution for this ?
Thanks
There's a couple of LSF features that can help here. A queue or application profile can have dedicated hosts, and users (the HOSTS and USERS parameters).
Queues can have a job starter to check and reject invalid job commands.
Related
Maybe an easy question for someone who knows Powershell and O365 well. Is there a way to configure it so when a command is run for example to pull all access to a shared mailbox, that either a service account is permissioned each time to pull that information or the user who is running the script? I looked at connecting an SA to the script but it would have too much access to 0365 to give it the specific permissions. So the account is not permissioned for the access by default but every time the script/command is ran its permissioned for that inquiry which it shows then it won't have access until the next time its called.
Looking to add this type of function to a script which we only want the helpdesk people to see the information when they run the script and the specific command in the script.
Hopefully explained clear enough :)
Thanks all.
I don't think there is a way to do that natively. You could fiddle something with Azure PIM but that's more for one-off operations than minute action that are done often.
You could however circumvent that by making some sort of web interface that triggers commands on another server using a privileged SA and returns the output through the web interface. You can just make it so that the interface can only request one specific command to be run, and the only thing you have to worry about is sanitizing your parameters well to avoid unwanted injection.
Alternatively, what are you trying to protect against by restricting access so much ? Isn't it something that could be done more easily using a read-only account and some clearly defined policy ? If your helpdesk people overstep their allowed scope, that's a management/HR problem as much as a technical one.
I'm developing a website (using a LAMP stack) which must handle many user-made scheduling tasks. It works as following: an user creates an event and sets a date, and others users (as many as 63) may join. A few hours before the set date, the system must email each user subscribed to that event. And that's it.
However, I have never handled scheduling, and the only tools I know (poorly) are cron and at. My plan is to create an at job for each event, which will call a script that gets all subscribers emails and mails them.
My question is: is my plan/design good? Is it scalable? Are there better options that I should be aware of?
Why a separate cron job for each event? I've done something similar thing for a newsletter with a cron job just running once per hour and if there are any newsletters to be sent it just handles them. In your case you'd have a script that runs once every hour and gets a list of users for events that happen in the desired time interval since.
It will work. As far as scalability, at the minimum make sure that the script runs in it's own process so it doesn't bog down the server unnecessarily.
Create a php-cli script perhaps?
I'm doing most of my work in Rails nowadays, and there's a wealth of background processing libraries one of them is Resque it uses the redis server to keep track of the jobs
I found a PHP clone https://github.com/chrisboulton/php-resque
Might be overkill for your use case, but give it a shot perhaps
If you would consider a proper framework that uses an application server (and not a simple webserver), Spring has a task scheduling layer that's simple to use. Scheduling jobs on the server really requires more than what a simple LAMP install can do, but I haven't used PHP in a while so maybe there's an equivalent.
Here's an article that compares some of your options.
Is there a way under Citrix for my application to make a call to the Citrix host to find out how many copies of my application are presently running? We want to limit this in our license and we need to have a way to verify it in the code.
thanks - dave
No, Citrix XenApp (which is their best-known product and probably the one you are asking about) does not offer any APIs or services that can be used for application license checking.
The closest you could get via Citrix is to use the Powershell SDK and call Get-XASessionProcess to get a process list. The problem with this approach is you need to be a Citrix admin, and it's a fairly round about way of doing this.
If I wanted to implemented a simple concurrent limit for license enforcement I would look at two options:
Implement a simple web-service somewhere that my app talks to, to get a license.
Create a simple Windows service that tracks processes to maintain a count of concurrent instances of your app. When the configured license count is exceeded you could set a flag in a shared memory section in the global namespace. Then in your app you check this flag at startup and exit immediately when it is set.
You could track processes using WMI, e.g.
http://weblogs.asp.net/whaggard/archive/2006/02/11/438006.aspx
I'm looking forward to develop an automated notification and logging-off system that
notifies and logs off accounts from a computer. So far I planned an example when a class is
scheduled, except accounts that are registered on the scheduled class. It may
notify the logged-in users a certain period of time before the class time and
log them off just before the class time. Or, it could limit their access, for
example to the printer once the class has started.
So my Question is can I use PowerShell to develop this project ? How far can it be useful, or I should think about using python!
Thanks Fellas!
I'm not sure PowerShell brings anything special to the party. What you are talking about would require a PowerShell session running in the background and perhaps even tying into some sort of eventing, perhaps with the timer class. It might be just as easy to automate something using the task scheduler. At the appointed time check the logged on user and if they don't meet the requirement log them off. You could use PowerShell to create the tasks and handle the processing or any other language really.
I want to write a workflow application that routes a link to a document. The routing is based upon machines not users because I don't know who will ever be at a given post. For example, I have a form. It is initially filled out in location A. I now want it to go to location B and have them fill out the rest. Finally, it goes to location C where a supervisor will approve it.
None of these locations has a known user. That is I don't know who it will be. I only know that whomever it is is authorized (they are assigned to the workstation and are approved to be there.)
Will Microsoft Windows Workflow do this or do I need to build my own workflow based on SQL Server, IP Addresses, and so forth?
Also, How would the user at a workstation be notified a document had been sent to their machine?
Thanks for any help.
I think if I was approaching this problem workflow would work to do it. It is a state machine you want that has three states:
A Start
B Completing
C Approving
However workflow needs to work in one central place (trust me on this, you only want to have one workflow run time running at once, otherwise the same bit of work can be done multiple times see our questions on MSDN forum). So a central server running the workflow is the answer.
How you present this to the users can be done in multiple ways. Dave suggested using an ASP.NET site to identify the machines that are doing the work, which is probably how I would do it. However you could also write a windows forms client that would do the same thing. This would require using something like SOAP / WCF to facilitate communication between client form applications and the central workflow service. This would have the advantage that you could use a system try icon to alert the user.
You might also want to look at human workflow engines, as they are designed to do things such as this (and more), I'm most familiar with PNMsoft's Sequence
You can design a generic "routing" workflow that will cause data to go to a workstation. The easiest way to do this would be to embed the workflow in an ASP.NET application. Each workstation should visit the application with a workstation ID in the querystring:
http://myapp/default.aspx?wid=01
When the form is filled out at workstation A, the workflow running in the web app can enter it into the "work bin" of the next workstation. Anyone sitting at the computer for which the form is destined will see it appear in their list of forms to review. You can use AJAX to make it slick and auto-updating.