Saviynt Forums

Chirag_Gupta · ‎07/30/2024

Hi Team,

In Exchange integration for mailbox management, we are inovking the following script as a httpParams via REST. The requirement is
1. Scan the given folder and remove any files older than 30 days
2. Check if mailbox already exists if not enable mailbox
3. Generate logs for the transactions

With below script, i am seeing following error,
{"message":"Unrecognized character escape '$' (code 36)\n at [Source: {\"script\":\"\\$systemDate = Get-Date; \\$systemDateString = (Get-Date).ToString('yyyy-MM-dd'); \\$LogFileDirectory = 'D:\\\\\\Logs\\\\\\ps'; \\$AgeLimit = 30; \\$LogFiles = Get-ChildItem -Path \\$LogFileDirectory -File; foreach (\\$LogFile in \\$LogFiles) { \\$FileAge = \\$SystemDate - \\$LogFile.LastWriteTime; if (\\$FileAge.TotalDays -gt \\$AgeLimit) { Remove-Item -Path \\$LogFile.FullName -Force; } };\\$Password = '${connection.PS_Password}' | ConvertTo-SecureString -AsPlainText -Force; \\$mycred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList ('${connection.PS_Username}', \\$Password); \\$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri 'http://exchange/PowerShell/' -Authentication Kerberos -Credential \\$mycred; Import-PSSession -Session \\$Session -DisableNameChecking -AllowClobber;\\$samAccountName = '${user?.systemUserName}';if (\\$Session) { \\$LogFile = \\$LogFileDirectory + '\\\\ExecutionLog_' + \\$systemDateString + '.log'; \\$mailbox = Get-RemoteMailbox -Identity \\$samAccountName -ErrorAction SilentlyContinue; \\$startTime = Get-Date -Format 'MM/dd/yyyy HH:mm K'; \\$Logs = if (\\$mailbox) { 'Mailbox already exists for: ' + \\$samAccountName; } else { 'User RemoteRoutingAddress: ' + \\$RemoteRoutingAddress; 'User Primary SMTP Address: ' + \\$PrimarySMTP; 'Mailbox does not exist for: ' + \\$samAccountName; Enable-RemoteMailbox -Identity '${user?.systemUserName}' -RemoteRoutingAddress '${user?.email}.Split('@')[0]@Domain.mail.onmicrosoft.com'; if (\\$?) { 'Success::Enabled mailbox for user: ' + \\$samAccountName; } else { 'ERROR::while enabling mailbox for user: ' + \\$samAccountName; } }; Write-Output \\\"\\$startTime, \\$samAccountName, \\$Logs\\\" | Out-File -FilePath \\$LogFile -Append;Remove-PSSession -Session \\$Session;}\"}; line: 1, column: 14]","status":"Failed"}

{
    "accountIdPath": "accountName",
    "responseColsToPropsMap": {},
    "call": [
        {
            "name": "call1",
            "connection": "acctAuth",
            "url": "https://Windowser:443/Saviynt/PS/ExecutePSScript",
            "httpMethod": "POST",
            "httpParams": "{\"script\":\"\\$systemDate = Get-Date; \\$systemDateString = (Get-Date).ToString('yyyy-MM-dd'); \\$LogFileDirectory = 'D:\\\\Logs\\\\ps'; \\$AgeLimit = 30; \\$LogFiles = Get-ChildItem -Path \\$LogFileDirectory -File; foreach (\\$LogFile in \\$LogFiles) { \\$FileAge = \\$SystemDate - \\$LogFile.LastWriteTime; if (\\$FileAge.TotalDays -gt \\$AgeLimit) { Remove-Item -Path \\$LogFile.FullName -Force; } };\\$Password = '${connection.PS_Password}' | ConvertTo-SecureString -AsPlainText -Force; \\$mycred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList ('${connection.PS_Username}', \\$Password); \\$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri 'http://Exchange/PowerShell/' -Authentication Kerberos -Credential \\$mycred; Import-PSSession -Session \\$Session -DisableNameChecking -AllowClobber;\\$samAccountName = '${user?.systemUserName}';if (\\$Session) { \\$LogFile = \\$LogFileDirectory + '\\\\ExecutionLog_' + \\$systemDateString + '.log'; \\$mailbox = Get-RemoteMailbox -Identity \\$samAccountName -ErrorAction SilentlyContinue; \\$startTime = Get-Date -Format 'MM/dd/yyyy HH:mm K'; \\$Logs = if (\\$mailbox) { 'Mailbox already exists for: ' + \\$samAccountName; } else { 'User RemoteRoutingAddress: ' + \\$RemoteRoutingAddress; 'User Primary SMTP Address: ' + \\$PrimarySMTP; 'Mailbox does not exist for: ' + \\$samAccountName; Enable-RemoteMailbox -Identity '${user?.systemUserName}' -RemoteRoutingAddress '${user?.email}.Split('@')[0]@domain.mail.onmicrosoft.com'; if (\\$?) { 'Success::Enabled mailbox for user: ' + \\$samAccountName; } else { 'ERROR::while enabling mailbox for user: ' + \\$samAccountName; } }; Write-Output \\\"\\$startTime, \\$samAccountName, \\$Logs\\\" | Out-File -FilePath \\$LogFile -Append;Remove-PSSession -Session \\$Session;}\"}",
            "httpHeaders": {
                "Authorization": "${access_token}"
            },
            "httpContentType": "application/json",
            "successResponses": {
                "response[9].Objectreturned": [
                    "Success"
                ]
            },
            "unsuccessResponses": {
                "response[9].Objectreturned": [
                    "Failure"
                ]
            }
        }
    ]
}

Wanted to understand, if it is feasible to have the complext PowerShell script in httpParams ? Thanks for help

Thanks,

Chirag Gupta

sudeshjaiswal · ‎07/31/2024

Hello @Chirag_Gupta,

Yes, this should be feasible, you need to check in the target if you are able to execute this powershell script in your end before running on the saviynt.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

Chirag_Gupta · ‎07/31/2024

Hello @sudeshjaiswal

We're successfully running our PowerShell script as expected, but now we aim to execute the entire script as a parameter within a single payload. Can you please share a sample with a complex logic executed as a command? Your assistance would be greatly appreciated.

Thanks,

Chirag Gupta

Saviynt Forums

Feasibility of PowerShell Scripts in HTTP Params for Exchange Mailbox Management Integration has con