and more in a single search tool across platforms. Read the announcement here. |
10/10/2023 08:30 AM
Has anyone used Win-PS connector to reconcile Exchange mailboxes (Exchange Online or On-Premise) in to Saviynt?
$pass=convertto-securestring $Password -asplaintext -force; $mycred=new-object -typename System.Management.Automation.PSCredential -argumentlist 'AD\SaviyntAdmin',$pass; $Session=New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://exchange.server.com/powershell/ -Authentication Kerberos -Credential $mycred; $ses=Import-PSSession $Session -DisableNameChecking -AllowClobber; Get-Mailbox -IgnoreDefaultScope -ResultSize Unlimited | Where{$_.SamAccountName -like 'A*' -or $_.SamAccountName -like 'B*'} |Select ExchangeGuid,SamAccountName,UserPrincipalName,WhenMailboxCreated,AddressListMembership,Alias,DisplayName,PrimarySmtpAddress,RecipientType,RecipientTypeDetails,WindowsEmailAddress,GrantSendOnBehalfTo,Name,DistinguishedName,Guid,EmailAddressPolicyEnabled,HiddenFromAddressListsEnabled; Remove-PSSession * -ErrorAction SilentlyContinue
We are planning to use above script to reconcile accounts. Has anyone done similar recon? Are there any other recommendations?
Solved! Go to Solution.
10/11/2023 10:15 PM - edited 10/11/2023 10:15 PM
Hello @Kramerica,
You can try putting the powershell script under WINCONNECTOR,
"SCRIPT_TO_EXECUTE_JSON"
[ "Script=\$pw = convertto-securestring 'password1234' -asplaintext -force;\$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist 'khalid.akhter',\$pw;Invoke-Command -ComputerName 'saviyntdc01' -Credential \$mycred -ScriptBlock {Get-WmiObject -Class Win32_UserAccount | select -First 100}"]
"DATA_MAPPING_JSON" for mapping the attributes
{ "Name": "ACCOUNTS.NAME", "SID": "ACCOUNTS.ACCOUNTID", "Description": "ACCOUNTS.DESCRIPTION", "__NAMESPACE": "ACCOUNTS.CUSTOMPROPERTY1", "Disabled": "ACCOUNTS.CUSTOMPROPERTY2", "FullName": "ACCOUNTS.CUSTOMPROPERTY3", "Lockout": "ACCOUNTS.CUSTOMPROPERTY4", "Status": "ACCOUNTS.CUSTOMPROPERTY5", "PasswordExpires": "ACCOUNTS.CUSTOMPROPERTY6", "PasswordRequired": "ACCOUNTS.CUSTOMPROPERTY7", "Path": "ACCOUNTS.CUSTOMPROPERTY8", "Caption": "ACCOUNTS.CUSTOMPROPERTY9", "__PATH": "ACCOUNTS.CUSTOMPROPERTY10" }
Thanks
10/13/2023 06:27 PM - last edited on 10/14/2023 09:13 AM by Sunil
@sudeshjaiswal Thank you for getting back. I am using a similar way to achieve this and making REST call to get the data back. I have attached importAccountJSON for your reference. Is there a way to do pagination here, since I am using the REST call? can you please advise looking at my account JSON.
[This message has been edited by moderator to mask IP]
10/14/2023 05:59 PM
Can you share APi response
10/14/2023 06:13 PM - last edited on 10/16/2023 08:10 AM by Sunil
10/14/2023 06:15 PM
JSON does not have details about pagination, if pagination details exists it can be achieved else not
10/14/2023 06:20 PM
Fair enough. Actually that's how I have implemented it for other customers, without pagination I mean. However, for my current client, we are facing timeout issue while trying to reconcile more than 40K records using the script/configurations and Saviynt support suggested to implement pagination which didn't make sense to me, so I asked the forums. When I configure script to return 20K records, it works but with 40K it fails with timeout issue. Even though, every timeout configured is adequate. I can see that our script is returning 40K records in 7 minutes. So not sure where the bottle neck is.
10/14/2023 06:22 PM
reduce the columns which are only required.