Author: Sekhar Roy
MuleSoft PowerShell Connector
PowerShell Connector enables you to connect to any machine, local or remote, to execute script files and commands on those machines. You can use SSH to execute PowerShell scripts on a remote Windows or Linux (Ubuntu) machine and have the result processed within the Mule runtime engine (Mule).
Possible Use Case:Â We have an LDAP connector in the Mule to manage the active directory.Â
But only a few commands can be achieved through LDAP.
For managing active directories in Microsoft, there are lots of commands available which can only be run directly in the Microsoft exchange server.
We need to be able to connect to the client server through a PowerShell connector to do that.
Configuration:
To work with PowerShell Connector, you must first install an SSH server on a Windows or Linux (Ubuntu) remote machine.
Basically, make sure your client machine has SSH installed and same goes for the local system as well.
Use the below link to install SSH on the local machine.
https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH
Open the command prompt in administrator mode.
Run Get-WindowsCapability -Online | Where-Object Name -like ‘OpenSSH*.
You must see:
Run Restart-Service SSHD if SSH is stopped.
To connect to the local system through a PowerShell connector, we need a local user in the machine.
Create a new user, we don’t need a Microsoft account user, just a local machine user is enough.
Below is the reference to create the user in your local machine.
Below is how a local machine to PowerShell config can look like:
Test connection will be successful if SSH is running on a local machine.
Possible issue with PS7: We ran into an issue while running any command with a client-server. Below is the issue:
Below is my analysis and workaround:
1. The PowerShell Connector Module is not actually a PowerShell Remoting Connector Module. It is an SSH connector Module that has an Execute Command connector and Executes Script connector for PowerShell. These connector “controls” actually do NOT send native PowerShell Commands they send the following string where $lines are the command in the Command field.
powershell -command "$lines=while(($x=read-host) -ne 'EOF'){$x};$lines | Out-String | Invoke-Expression" This is in fact a cmd.exe shell command to call PowerShell using shell batch syntax. It will always return an Out-String and Invoke-Expression in the pipeline. We commented on this several times that this was what was being audited and throwing the error.
2. The reason the client was having issues is that their servers running PowerShell were already upgraded to PowerShell 7 (.Net core based) and have NATIVE SSH remoting available as a startup subsystem for PowerShell. When this was set up the registry for OpenSSH had been updated to use PowerShell.exe as the default shell for new sessions. You cannot execute cmd.exe batch command syntax inside of a PowerShell it won’t understand where to get $lines and the command isn’t properly escaped. It should be in brackets, not quotes.
3. While Installing OpenSSH in the server includes an optional step for changing the default OpenSSH shell to PowerShell. You need to explicitly state to NOT change it, and leave it as is or change it to cmd.exe for Windows and bash for Linux. Basically make sure that your machines default shell is not changed to PowerShell. A PowerShell terminal will open with PS.
4. PowerShell 7 will work with PowerShell Connector Module as long as the SSH subsystem is not configured inside PowerShell. This is of course due to port binding being limited to a single host.
5. This of course also means that native SSH PowerShell remoting and the MuleSoft PowerShell Connector module are mutually exclusive. You can run native PowerShell remoting in PS 7, or you can run a functional MuleSoft Connector Module but you can’t operate them both against the same server.