ScriptRunner is the ideal platform for fast, simple, and secure integration and use of Microsoft PowerShell.


The key component of ScriptRunner Service Host is the central instance for all activities affiliated with PowerShell. Additional apps that are specifically adapted to different user groups, developers and DevOps, administrators, as well as helpdesk and support allow a simple and clear operation.

The clear separation of the role of the executing user or third-party system from the administration rights for running of scripts or Cmdlets on the target system is necessary for secure and traceable operations with scripts at all times. ScriptRunner offers this essential enhancement for PowerShell, and therefore offers everything that is needed for simple, fast, and secure automation and delegation!

Additionally, diverse integration interfaces and connectors make it possible for ScriptRunner to interact directly with other IT systems and allow the use of ScriptRunner features in other applications.

The ScriptRunner execution policies ensure that scripts can only be run by authorized users, on the correct target system, at the right time and with the appropriate administrative account.


The architecture at a glance

The ScriptRunner architecture was designed based on the most modern aspects and perfectly covers the requirements and means for automation and collaboration with PowerShell. 

The platform offers the following:

  • SR Bullet points execution policies for PowerShell for secure execution of scripts
  • SR Bullet points central repository for all settings and configurations in XML
  • SR Bullet points central script directory with option to connect to GitHub, svn, TFS, etc.
  • SR Bullet points central repository for administrative accounts
  • SR Bullet points central repository for user roles and groups with active directory or local groups/users
  • SR Bullet points central work database on the ScriptRunner host
  • SR Bullet points connection to an external report/audit database with an SQL server outbound emails for notifications, report sending, etc.
  • SR Bullet points integration of external systems with web services and inbound emails
  • SR Bullet points support for PowerShell and exchange remoting
  • SR Bullet points support for PowerShell in local mode on the ScriptRunner host
  • SR Bullet points support for execution of VB scripts
  • SR Bullet points PowerShell ScriptRunner settings module for central setup on the service host
  • SR Bullet points Windows services for the ScriptRunner service host
  • SR Bullet points ScriptRunner ISE app for developers & DevOps
  • SR Bullet points ScriptRunner admin app for administrators
  • SR Bullet points ScriptRunner delegate app for helpdesk and support

 

 

The architecture also supports complex automation scenarios:

  • SR Bullet points automation in multi-domain mode, even without trust between domains
  • SR Bullet points direct automation with third-party systems through connectors
  • SR Bullet points intelligent subsystem with automation engine for PowerShell in orchestrated IT environment with runbooks and workflows





Scriptrunner Service Host

ScriptRunner service host controls all central functions for automation, execution, monitoring, management, and development of PowerShell scripts.

When installed on a Windows server, it also monitors licenses, access rights and the host configuration.

Management of PowerShell scripts and modules and VB scripts is possible using the ScriptRunner repository as well as with GitHub, svn, TFS and other version management systems.

Execution policies, target systems, connectors, administrative accounts, roles and settings are organized in the central ScriptRunner repository.

The execution of scripts and Cmdlets is possible in both local and remote modes. Triggers, history and results of an execution are saved in a central report database and can be accessed at any time for auditing. A large number of specific Windows performance monitor counters as well as entries in the Windows event log and ScriptRunner log ensure that resource utilization, processes and system status are always traceable.


ScriptRunner apps - for admin and helpdesk

The ScriptRunner platform comes with three target group-based apps that are well suited for the respective tasks.

Every admin app comes with pre-configured settings for automation and delegation functions, e.g. configuration of the execution guidelines or management of target systems, scripts and administrative accounts. The script execution status is displayed on the dashboard and detail reports, providing you a clear overview at all times. 

The delegate app allows an execution of delegated actions with scripts by helpdesk or support employees. Screens for the necessary entries are generated automatically and the inputs checked. The user status and execution results are presented in a configurable and interactive feedback. The administrator can configure registers and display elements. 

The integrated PowerShell ISE app aids developers and DevOps in script development. The app accesses the scripts in the central repository and the scripts can always be displayed in the ISE. In case of change approval, the scripts can also be checked and modified. A version history is saved and the previous versions stored separately during the check-in process. A stage mode on the ScriptRunner host allows testing of a checked-out script using the admin app.





ScriptRunner execution guidlines

Secure use of PowerShell

The ScriptRunner execution policies help to ensure that scripts and Cmdlets are only executed within the defined context.

ScriptRunner uses the same execution guidelines to guarantee 100% reproducibility of script executions, error reduction and better traceability – regardless of whether an operation is triggered via click & run using one of the apps, event-driven automation or time-controlled execution.

One essential security feature of ScriptRunner is a clear separation of rights for execution of scripts on the target system, use of actions, and automation of third-party systems. This does not only reduce the number of users with administrative rights but also the vulnerability of the systems, applications and data.

A policy configuration wizard with smart suggestions, filters, and search functions allows for fast and simplified configuration of the policies. When necessary, parameters can easily be preset and modified during execution when necessary.


ScriptRunner integration technologies

Automation requires integration

ScriptRunner provides different interfaces and connectors for fast and easy implementation of automation scenarios in different systems.

The interfaces for interaction with third-party systems, e.g. monitoring, IT service management, helpdesk/ticketing and rights management systems as well as central orchestration platforms are a central component. Events or triggers from these systems can automatically start actions in ScriptRunner, execute them in compliance with predefined policies and process the results. 

The interface of UI commands enables easy provision of different functions of the ScriptRunner applications, e.g. the retrieval of reports, also in other management interfaces.

In addition, this allows a simplified automation of IT-supported business processes such as time-controlled data updates in Microsoft Excel, SharePoint and other content systems.