![Page 1: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/1.jpg)
1
Orchestrator Use Cases
Appalachian StateIllinois
Andrew SandersErik Coleman
![Page 2: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/2.jpg)
Information Technology Services2
AppState Environment
Single server:• SQL instance• Runbook server• Web console• Runbook Designer
Runbook Designer also on clients
![Page 3: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/3.jpg)
Information Technology Services3
Current Uses
Four Runbooks:• SCCM application requests• Endpoint Protection Remediation• Endpoint Protection Remediation clean-up• Help-desk software process
![Page 4: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/4.jpg)
Information Technology Services4
Endpoint Protection Remediation
![Page 6: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/6.jpg)
Current Environment
• Single Orchestrator Server: – SQL instance with custom DB– Runbook server – Web console – Runbook Designer – In process of moving SQL DB's to separate server
• Custom ASP.NET Web Front End
![Page 7: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/7.jpg)
Current Uses
• Lync Account Provisioning– Person Accounts– Role-based (non-person) Accounts– Common Area Phones– Add/Delete/Change
![Page 8: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/8.jpg)
Lync Account Provisioning Workflow
• Need for phone endpoint• Telecom Unit Coordinator (TUC) submits service
request• Phone Number Assigned• Submit Ticket to Lync Team• Manual Actions by Lync Team (LCP or
PowerShell)• Respond/Close Ticket
Use Orchestrator
![Page 9: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/9.jpg)
LyncProcessingMain Runbook
![Page 10: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/10.jpg)
LyncScripts Child Runbook
![Page 11: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/11.jpg)
Anatomy of our Scripts
• “Run .NET Script” Activity:– Grab data from SQL table– Initialize Lync and Exchange Remote PS Sessions– Invoke Script as 64-bit– Call local Lync-PowerShell Scripts
![Page 12: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/12.jpg)
Typical PowerShell “Wrapper” Code
# Function to initialize Lync and Exchange connectionsFunction ConnectSessions{$pass = ConvertTo-SecureString ”{LyncServiceCredential} -AsPlainText -Force$cred = New-Object System.Management.Automation.PSCredential ("{LyncServiceAccount}",$pass)Import-Module ActiveDirectory$LyncSession = New-PSSession -Name LyncSCORCH –ConnectionURI {LyncConnectionURI} -Credential $credImport-PSSession $LyncSession$ExchangeSession = New-PSSession -Name ExchangeSCORCH –ConfigurationName Microsoft.Exchange -ConnectionUri {ExchangeConnectionURI} -Authentication Kerberos -Credential $credImport-PSSession $ExchangeSession}
![Page 13: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/13.jpg)
Typical PowerShell “Wrapper” Code
# Initialize Remote PowerShell SessionsInvoke-Command –ScriptBlock ${function:ConnectSessions}
# Actual script execution: Grab appropriate script from variables and pass args.$scriptPath = {LyncScriptPath}{LyncAddPersonScript}$argumentList = @()$argumentList += ("-Username",$netid)
$output = Invoke-Expression "& `"$scriptPath`" $argumentList 2>&1" -ErrorAction Continue
Remove-PSSession -Name LyncSCORCHRemove-PSSession -Name ExchangeSCORCH
![Page 14: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/14.jpg)
Is Orchestrator Worth the Time?
• Activating a Lync Account• O = 3180 minutes (53 man-hours)• T = 8 minutes• Nt = 200/month
• T x Nt = 1980 minutes/month saved• Using Orchestrator was “worth it” after 2
months in production
![Page 15: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/15.jpg)
Tips and Tricks
• Avoid Counters• Some Activities not thread-safe, like Append
Line• Junctions are not what they seem• Logging is not centralized (DB, text, and
EventLogs)• Edit PowerShell in PowerGUI (or equiv.)• Native PowerShell 2.0 engine is 32-bit only
![Page 16: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/16.jpg)
Future Orchestrator Uses
• Some things already done with PowerShell• Identity Changes• VM Provisioning
![Page 17: Orchestrator Use Cases Appalachian State Illinois](https://reader031.vdocuments.site/reader031/viewer/2022020102/568135b9550346895d9d1ef2/html5/thumbnails/17.jpg)
Questions?