ScriptRunner Server

How ScriptRunner Server works

ScriptRunner Server is the main component of the ScriptRunner software platform. It manages, controls, monitors, and logs all your PowerShell activities.

Centralization Standardization Delegation Automation Monitoring

ScriptRunner Server centrally manages all resources you need for system administration and automation with PowerShell.

Per default, scripts and credentials are stored on the ScriptRunner Server, but it can also be configured to access resources in external repositories, like password servers or code repositories.

Centralization assures, that every user works with the same, up-to-date resources and thus increases reliability and quality.

One could say, that scripted tasks are standardized per se, since a script always follows the same steps each time it’s executed.

But ScriptRunner takes this concept further by offering the means to define the conditions under which the script may be executed.

These execution policies are defined during the creation process of a ScriptRunner Action and are verified by ScriptRunner Server when the Action is executed.

The possibility to delegate scripted tasks to end users is the major feature of the ScriptRunner software platform. It gives Sysadmins the freedom to hand over tasks, leaving them time for more important tasks.

But saving time is not the only advantage: Some tasks are simply better off in the specialist departments. So it’s not only admins who benefit from delegation, but also the end users, especially since ScriptRunner Apps are designed with a special focus on usability and ease of use.

ScriptRunner Server also features the functionality for automated execution of PowerShell scripts. When creating a ScriptRunner Action, you can decide whether the Action should be triggered manually, e.g. by a help desk user, or automated.

In the first case, ScriptRunner automatically generates a graphical user interface, so that a ScriptRunner App-user can easily and comfortably run the Action per mouse-click.

In the second case you can choose a scheduled automation or an event-based automation and ScriptRunner Server will execute the Action accordingly.

ScriptRunner Server monitors and logs all PowerShell activities so you can always trace who executed which script in ScriptRunner and with which result. By default, these reports are stored in an integrated circulation database, on the ScriptRunner Server, but with the Report/Audit DB Connector you can additionally transfer all information from Action reports to an external SQL database for long-term storage.

CENTALIZATION

ScriptRunner Service centrally manages all resources you need for system administration and automation with PowerShell.

Per default, scripts and credentials are stored on the ScriptRunner host, but it can also be configured to access resources in external repositories, like password servers or code repositories.

Centralization assures, that every user works with the same, up-to-date resources and thus increases reliability and quality.

STANDARDIZATION

One could say, that scripted tasks are standardized per se, since a script always follows the same steps each time it’s executed.

But ScriptRunner takes this concept further by offering the means to define the conditions under which the script may be executed.

These execution policies are defined during the creation process of a ScriptRunner Action and are verified by ScriptRunner Service when the Action is executed.

AUTOMATION

ScriptRunner Service also features the functionality for automated execution of PowerShell scripts. When creating a ScriptRunner Action, you can decide whether the Action should be triggered manually, e.g. by a help desk user, or automated.

In the first case, ScriptRunner automatically generates a graphical user interface, so that a ScriptRunner App-user can easily and comfortably run the Action per mouse-click.

In the second case you can choose a scheduled automation or an event-based automation and ScriptRunner Service will execute the Action accordingly.

DELEGATION

The possibility to delegate scripted tasks to end users is the major feature of the ScriptRunner software platform.

It gives Sysadmins the freedom to delegate routine tasks to end users, leaving them time for more important tasks.

MONITORING

ScriptRunner Service monitors and logs all PowerShell activities so you can always trace who executed which script in ScriptRunner and with which result. By default, these reports are stored in an integrated circulation database, on the ScriptRunner host, but with the Report/Audit DB Connector you can additionally transfer all information from Action reports to an external SQL database for long-term storage.

ScriptRunner Actions

A ScriptRunner Action can be described as “PowerShell task kit”, consisting of

Resources: PowerShell script, target system/s
Rights context: administrative access rights, execution environment, user role
Instructions: Execution policies, scheduling and automation options

Actions can be

Automated: scheduled or event-based
Delegated: to service desk, business users, other administrators
Run manually: through the Admin App

Security and Control

Security is always a core issue when it comes to system administration and IT Operations. ScriptRunner follows Security-by-Design.
ScriptRunner addresses these concerns with a well-founded security concept: ScriptRunner uses different user roles to restrict or prevent direct, unhindered access to central resources. ScriptRunner Server acts as an execution proxy for controlling and executing PowerShell scripts.

Minimal Access

Different administrator and user roles guarantee the minimum required access to resources, settings and actions in ScriptRunner.

All users, from administrators to end users, interact with ScriptRunner through the Web GUI of ScriptRunner Apps or ScriptRunner Web Parts as part of their own website.

Access to resources and the control to execute actions is handled exclusively by ScriptRunner Server.

Requirements

For the ScriptRunner Server, we recommend at least Windows Server 2016 with 2 cores, 8 GB RAM and 64 GB SSD storage and a fast network connection. For more information on system requirements, visit the ScriptRunner Guide on Installation & Update.

The principle for secure delegation

ScriptRunner actions can be securely delegated to other administrators, service desks or end users. In this way, modern multi-zone security concepts can be implemented at the same time. Users from service desk and departments work in a context without administrative rights. Only assigned actions are available to them for execution. Direct access to the systems in the infrastructure is effectively prevented.

If an action is called, ScriptRunner Server starts the associated PowerShell script as an administrative deputy on the basis of the stored guidelines. The script is executed on the target system with the stored system rights. The execution log and the results are stored centrally.

Administrators and users can access the reports and get informed.

ScriptRunner Server

How ScriptRunner Server works

ScriptRunner Actions

The principle for secure delegation

You need this to…

What you can do…

How it works…

More Information…