There is no right answer. What roles need to manage the appserver? What roles need other kinds of access on the appserver (eg snapshot/audit) ?
What role are you trying to run your nsh/blcli script as, and why are you targeting the appserver?
I was told that you shouldn't push any ACL's to the BLApp server and you should leave it as the default.
Basically I have written a BLCLI script that does the following:
Once Developers have built the application BLPackages in the BL Dev environment the Packages are moved into our production environment and locked so they cannot be editted.
My script has to inputs, Release version and "Ready to release to UAT <yes/no>"
The Developers then run my script which generates all the Jobs/BatchJobs for the given release in Dev, UAT and Production. Making the UAT and Production job readonly.
Once approval has been given another then applies an ACLP "Enable for Release" which just enables DeployJob for the correct Team.
This is going to be a fairly common method for our application deployment as it ensures that there is absolutely no changes implemented from environment to environment.
The theory being once a Package is known to work it becomes an approved package and gets submitted to a much shorter change management process.
Unfortunately this means that all our developers (and probably our Change Control team) are going to need to be able to run NSH scripts against the AppServer.
I'd be very happy to have you tell me differently :-)
Oh and I can supply the script if needed but its 400 plus lines.
why do they need to run the script against the appserver for this? use the type 2 nsh script and check the 'run w/o targets'. that ought to work.
as far as acls... you shouldn't push ACLs to the File Server Agent, and you need to configure the acls on it to allow everyone write access to the 'storage' directory. And then you don't manage the file server like other servers.
Maybe I'm missing something here.
I'm running 7.6 and I've checked tried creating a new NSHScript and a new NSHScriptJob but I can't see where there's a type 2 option (unless you mean one of the 4 script types? maybe "Execute the script once, pass the host list as a parameter to the script" ?
Also I can't see a 'run w/o targets' anywhere, is that a version 8 option?
That might be only in v8. I think in v7 it will work if you don’t specify a target.
Hmm what about the type 2 option?
When I have no target I get:
Didn't find any target servers for job 'ISPProvAdmin Job Creator'
Any other thoughts?
Maybe it won’t work in v7. You can target another server the role the server has the ability to run scripts against.
So I could run it on serverA and still have it work?
Is there something special I need to install on the server they're allowed to run scripts against?
Currently it just has the RSCD installed.
it will run ‘against’ serverA, but it’s still using the blcli from the appserver, unless you are nexec’ing blcli.
Excellent thanks Bill, I'll try that in a few minutes.