Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

WinPS Connector unable to use dynamic variables in CreateAcct Script

Kshah
New Contributor II
New Contributor II

‎02/29/2024 09:27 AM

Trying to pass the following attributes in a PS script but Saviynt WinPS connector is treating them as plain text:

{
"CREATEACC": [
"Script=add-pssnapin Microsoft.exchange.management.powershell.e2010; $password=ConvertTo-SecureString 'XXXXXX' -AsPlainText -Force; $onpremcred=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList 'XXXX',$password; $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri XXXXXX.net/PowerShell/ -Credential $onpremcred; New-Mailbox -LinkedDomainController 'XXXXXXXX' -Name '${user.firstName} ${user.lastName} ${task.accountName}' -DisplayName '${user.firstName} ${user.lastName}' -OrganizationalUnit 'OU=XXXXXXXX' -Alias 'LinkedAccount' -LinkedMasterAccount 'Domain\\${task.accountName}' -UserPrincipalName '${task.accountName}@XXXXX.com' -Database 'XXXXXX' -DomainController 'XXXXXXXX.net'"
],
"SuccessResponses": [
"Objectreturned",
"List",
"Success",
"TRUE",
"True",
"SUCCESS"
]
}
 
Saviynt keeps passing the attributes as plain text strings. We have tried the following as well with the same result:
1. Using single \ and double \\ before the $ (ex. '\\${user.firstName}'
2. Using single and double \\ before the single quote (ex. \\'${user.firstName}'
 
Both result in the same plain text as shown in screenshot below from AD:

Screenshot 2024-02-29 at 12.24.59 PM.png
Screenshot 2024-02-29 at 12.25.17 PM.png

Please advise on how these variables can be passed in the WinPS create acct script. 

Thank you

 

0 Kudos
8 REPLIES 8

Dhruv_S
Saviynt Employee
Saviynt Employee

‎03/01/2024 06:24 AM

Hi @Kshah 

Please refer to the below posts which may be helpful.

WINPS Connector: Error in CreateAccount task - Saviynt Forums - 24606

Also please try the format similar to the below and see if it works.

Best Practices for Configuring PowerShell Scripts (saviyntcloud.com)

{
"CREATEACC":[
"script=\$pw = convertto-securestring '${PSSCRIPT_PASSWORD}' -asplaintext -force;\$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist 'domainname1\\\\Administrator',\$pw;Invoke-Command -ComputerName 'localhost' -Credential \$mycred -ScriptBlock {C:/Scripts/CreateADUser.ps1 \"${user.username}\" \"${user.firstname}\" \"${user.lastname}\"}"
],
"SuccessResponses":{
"OBJECTTOREAD":"get(0).PSShowComputerName",
"SUCCESSVALUE":"True"
}
}

Regards,

Dhruv Sharma

0 Kudos

Kshah
New Contributor II
New Contributor II
In response to Dhruv_S

‎03/01/2024 08:44 AM

We tested with \"${user.username}\" and the same issue occurred. Attribute gets passed as "${user.username}"

Please advise

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Kshah

‎03/02/2024 01:09 PM

Use escape character for password 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Kshah
New Contributor II
New Contributor II
In response to rushikeshvartak

‎03/04/2024 02:43 PM

We are trying escape password. Single / escape does not work and throws error. double // escape gives same issue. Variable is passed as plain text

0 Kudos

Kshah
New Contributor II
New Contributor II
In response to Kshah

‎03/04/2024 02:45 PM

For reference here is what we tried:

{
"CREATEACC": [
"Script=add-pssnapin Microsoft.exchange.management.powershell.e2010; \\$password=ConvertTo-SecureString 'XXXXXX' -AsPlainText -Force; \\$onpremcred=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList 'XXXX',\\$password; \\$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri XXXXXX.net/PowerShell/ -Credential \\$onpremcred; New-Mailbox -LinkedDomainController 'XXXXXXXX' -Name '${user.firstName} ${user.lastName} ${task.accountName}' -DisplayName '${user.firstName} ${user.lastName}' -OrganizationalUnit 'OU=XXXXXXXX' -Alias 'LinkedAccount' -LinkedMasterAccount 'Domain\\${task.accountName}' -UserPrincipalName '${task.accountName}@XXXXX.com' -Database 'XXXXXX' -DomainController 'XXXXXXXX.net'"
],
"SuccessResponses": [
"Objectreturned",
"List",
"Success",
"TRUE",
"True",
"SUCCESS"
]
}
0 Kudos

Dhruv_S
Saviynt Employee
Saviynt Employee
In response to Kshah

‎03/05/2024 01:01 AM

Hi @Kshah 

Thanks for the update. We are checking this internally and will keep you posted.

Regards,

Dhruv Sharma

0 Kudos

Dhruv_S
Saviynt Employee
Saviynt Employee
In response to Dhruv_S

‎03/05/2024 08:34 PM

Hi @Kshah 

Please use the below format and let us know if it works. 

{
"CREATEACC": [
"Script=add-pssnapin Microsoft.exchange.management.powershell.e2010; $password=ConvertTo-SecureString 'XXXXXX' -AsPlainText -Force; $onpremcred=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList 'XXXX',$password; $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri XXXXXX.net/PowerShell/ -Credential $onpremcred; New-Mailbox -LinkedDomainController 'XXXXXXXX' -Name '\${user.firstName} \${user.lastName} \${task.accountName}' -DisplayName '\${user.firstName} \${user.lastName}' -OrganizationalUnit 'OU=XXXXXXXX' -Alias 'LinkedAccount' -LinkedMasterAccount 'Domain\\\${task.accountName}' -UserPrincipalName '\${task.accountName}@XXXXX.com' -Database 'XXXXXX' -DomainController 'XXXXXXXX.net'"
],
"SuccessResponses": [
"Objectreturned",
"List",
"Success",
"TRUE",
"True",
"SUCCESS"
]
}

Regards,

Dhruv Sharma

0 Kudos

stalluri
Regular Contributor II
Regular Contributor II

‎03/10/2024 11:11 PM - edited ‎03/10/2024 11:12 PM

Here is the working JSON

 

{
    "CREATEACC": [ "Script=\$start = add-pssnapin Microsoft.exchange.management.powershell.e2010; \$password = ‘XXXXXXXX’| ConvertTo-SecureString -AsPlainText -Force; \$psCred = New-Object System.Management.Automation.PSCredential -ArgumentList ('svcSaviynt’, \$password); \$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri 'http://exchange01.company-domaincorp.net/PowerShell/' -Authentication Kerberos -Credential \$psCred; New-Mailbox -LinkedDomainController 'k01t.company-domainstores.test' -Name '${user.firstname} ${user.lastname} ${user.username}' -DisplayName '${user.lastname} ${user.firstname}' -OrganizationalUnit 'OU=PStores Mailbox Users,OU=Users,OU=company-domain,DC=company-domaincorp,DC=net' -Alias '${user.firstname}.${user.lastname}' -LinkedMasterAccount 'teststores\\\\${user.username}' -UserPrincipalName '${user.username}@company-domaincorp.com' -Database 'Database01' -DomainController 'k01.company-domaincorp.net'"
    ],
    "SuccessResponses": [
        "Objectreturned",
        "List",
        "Success",
        "TRUE",
        "True",
        "SUCCESS"
    ]
}

 


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC