The 'agent' sub command can only be used toward GLPI agent with Inventory Server Plugin enabled.
glpi-remote - A tool to scan, manage and initialize virtual remote agents
glpi-remote [options] [--server server|--local path] [command] [command options]
Options: -h --help this menu -t --timeout <SECS> requests timeout in seconds (defaults to 10) -p --port <LIST> remote ports list to scan (defaults to '22,5985,5986') --ssh connect using SSH --ssl connect using SSL (winrm or with agent sub-command) --no-ssl-check do not check agent SSL certificate (winrm or agent sub-command) --ca-cert-dir <PATH> CA certificates directory --ca-cert-file <FILE> CA certificates file (winrm or for agent sub-command) --ssl-fingerprint <FINGERPRINT> Trust server certificate if its SSL fingerprint matches the given one --ssl-cert-file Client certificate file (winrm) -u --user authentication user -P --password authentication password -X --show-passwords (list command) show password as they are masked by default -c --credentials credentials list for scan -v --verbose verbose mode --debug debug mode -C --no-check don't check given remote is alive when adding -i --inventory don't register remotes, but run inventory on found remotes -T --threads <NUM> number of threads while scanning (defaults to 1) -A --add add scanned remotes to target so they always be inventoried by RemoteInventory task -U --useragent set used HTTP User-Agent for requests --vardir <PATH> use specified path as storage folder for agent persistent datas Target definition options: -s --server=<URI> agent will send tasks result to that server -l --local=<PATH> agent will write tasks results locally --target=<TARGETID> use target identified by its id (see list targets command) Remote GLPI agent having inventory server plugin enabled options: -b --baseurl <PATH> remote base url if not /inventory -K --token <TOKEN> token as shared secret -I --id <ID> request id to identify requests in agent log --no-compression ask to not compress sent XML inventories Sub-commands list [targets] list known remotes or targets add <url>+ add remote with given URL list del[ete] <index|deviceid>+ delete remote with given list index or given deviceid or current known one when alone or all remotes while using __ALL__ as id scan <first> [last] [TODO] scan given ip range for remote access or just <first> and register it/them as remote agent agent [hosts] remotely claim an inventory to given remote hosts with a GLPI agent having inventory server plugin enabled (see https://glpi-agent.rtfd.io/inventory-server-plugin.html) Supported environment variables: USERNAME PASSWORD PORT CA_CERT_PATH CA_CERT_FILE SSL_CERT_FILE CREDENTIALS Examples: glpi-remote list glpi-remote list targets glpi-remote add ssh://admin:firstname.lastname@example.org glpi-remote add ssh://admin:email@example.com --no-check glpi-remote add winrm://admin:firstname.lastname@example.org --no-check --target server0 glpi-remote delete 1 glpi-remote scan 192.168.43.1 192.168.43.254 glpi-remote scan 10.0.0.1 10.0.10.254 --inventory -s https://myglpi/ glpi-remote scan 10.0.0.1 10.0.10.254 --inventory -l /var/tmp/remotes glpi-remote scan --inventory glpi-remote scan 192.168.48.99 | glpi-injector -url https://myglpi/ Examples for agent command: glpi-remote -T strong-shared-secret agent 192.168.43.236 glpi-remote -v -T strong-shared-secret agent 192.168.43.237 | \ glpi-injector -url https://myglpi/ glpi-remote -T strong-shared-secret -d /var/remote agent 192.168.43.236 192.168.43.237
The glpi-remote tool is used to manage virtual agents known locally by glpi-agent. A virtual agent is used to make remote inventories and is essentially defined by a remote access. A remote access can be defined by ssh authorization for unix/linux platforms or WinRM authorizations for a WinRM enabled platform like win32.
Most of the options are available in a short form and a long form. For example, the two lines below are all equivalent:
% glpi-agent -s localhost % glpi-agent --server localhost
Target definition options
- -s, --server=URI
Send the results of tasks execution to given server.
Multiple values can be specified, using comma as a separator.
- -l, --local=PATH
Write the results of tasks execution locally.
Use the given TARGETID to look for the expected target for result submission.
For example, server0 is the first server target setup in agent configuration.
target option is generaly mandatory while adding remote or scanning for remotes
if one server and only one is still setup in the agent it will be selected as default target
when scanning and making inventory, uses any target option or each inventory will be sent to standard output
- -t, --timeout=SECS
Set the timeout for network requests (defaults to 10 seconds).
- -p, --port=LIST
A list of ports used when making a scan and to discover remote computers. The defaults is to scan the standard ssh port and winrm ports: 22,5985,5986.
Use ssh protocol for connection.
Use SSL protocol for connecting with WinRM protocol or to a remote agent with inventory server plugin enabled.
CA certificates directory.
CA certificates file.
SSL certificate file for authentication
Do not check server SSL certificate.
- -u USER, --user=USER
Use USER for remote authentication.
- -P, --password=PASSWORD
Use PASSWORD for remote authentication.
- -X, show-passwords
By default, list sub-command won't show remotes passwords. This option asks to unmask them during remotes listing.
- -c, --credentials=LIST
List of credentials to try during a scan.
- -v, --verbose
Enable verbose mode.
Turn the debug mode on. You can use the parameter up to 2 times in a row to increase the verbosity (e.g: --debug --debug).
- -C, --no-check
Don't check remote is alive while adding it.
- -i, --inventory
Don't register remotes as they are discovered but just run the inventory task on them.
- -T, --threads=NUM
Setup number of threads while doing a scan. By default, the agent only uses one thread.
- -A, --add
Add discovered remotes to local remotes list.
- -U, --useragent=USER-AGENT
Define HTTP user agent for request (mostly if required for winrm).
agent sub-command options
- -b, --baseurl=PATH
Remote base url if the default /inventory has been changed in the remote plugin configuration.
- -K, --token=TOKEN
Shared secret required to request an inventory to the remote plugin.
- -I, <--id>=ID
Request-ID to identify the request in the agent log.
Ask to skip requested inventory compression.
list known remotes or list targets
add remote with given URL list
Delete remote with given:
current and only one known when no index is given
all known remotes while using the __ALL__ magic word as index
scan first [last]
TODO: This sub-command is still not implemented.
Scan given ip range for remote access or just first and register it/them as remote agent
Remotely claim an inventory to given remote hosts with a GLPI agent having inventory server plugin enabled.
See online documentation for details: https://glpi-agent.rtfd.io/inventory-server-plugin.html
For security reasons, you can set few environment variables to store sensible datas.
USERNAME to setup connection user
PASSWORD to setup connection password
PORT to setup connection port
CA_CERT_FILE to setup the SSL CA certificate file
SSL_CERT_FILE to setup the SSL client certificate file
CREDENTIALS to setup a list of credentials