Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

WINPS -NEW Account Task is Failing - EnableMailBox

ashutoshkumar16
New Contributor II
New Contributor II

Hi All,

We have Windows Connector to enable remote mailbox after AD account is created. We have written the Powershellscript to enable the mailbox and placed it in the CREATEACCOUNTJSON below

{
"CREATEACC": [
"script=\$pw=convertto-securestring '${PSSCRIPT_PASSWORD}' -asplaintext -force;\$mycred=new-object -typename System.Management.Automation.PSCredential-argumentlist '<Username>',\$pw;\$Session=New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://XXXXXX/PowerShell/ -Authentication Kerberos -Credential \$mycred;Invoke-Command -Session \$Session -ScriptBlock{enable-remotemailbox -Identity '${user.username}' -remoteroutingaddress '${task.accountName}'}"
],
"SuccessResponses": "No results returned"
}

When the new Account request is created for WINPS, it enables the remotemailbox successfully but create account task is failing.

We think it has to do success response value in create account JSON.

We have tried below successresponses but it did not work, any input on how to debug or what might be the issue in this case ?

"SuccessResponses": { "OBJECTTOREAD": "get(0).PSShowComputerName", "SUCCESSVALUE": "TRUE"

"SuccessResponses": "No results returned"

 "SuccessResponses": { "OBJECTTOREAD": "get(0).PSComputerName ", "SUCCESSVALUE": "<Machine Name>" 

 

 

8 REPLIES 8

DixshantValecha
Saviynt Employee
Saviynt Employee

Hi @ashutoshkumar16,

We are checking on your request and we will keep you posted.

DixshantValecha
Saviynt Employee
Saviynt Employee

Hi @ashutoshkumar16,

Kindly share more details and snapshot of the logs/error as well.

Hi @DixshantValecha 

Upon further investgation, We can see the successful response comming to the saviynt in the log but some how it is not able to read response.

Below is the response  comming in the logs  

,"PSShowComputerName":"True",

Below is the success value we have in create account JSON which is still failing 

SuccessResponses": { "OBJECTTOREAD": "get(0).PSShowComputerName", "SUCCESSVALUE": "TRUE"

ashutoshkumar16
New Contributor II
New Contributor II

Please find attached logs 

 

llay1
New Contributor
New Contributor

Hi @DixshantValecha

Any updates on this request?

DixshantValecha
Saviynt Employee
Saviynt Employee

Hi @ashutoshkumar16,

It appears that there was an issue while creating an account with the name 202***@<DomainName>. The error message indicates that the API call resulted in a false response, and an error occurred during the account creation process.

Here are some observations from the log:

  • The account name being created is 202***@<DomainName>.
  • The password policy rule is null.
  • The binding map contains information related to the task and user.
  • The fetch command involves reading ACCOUNTEXISTJSON.

To troubleshoot further, consider the following steps:

  1. Review the API Call:

    • Check the API call that was made and verify if it’s correctly configured.
    • Ensure that the necessary parameters (such as account name, password, etc.) are provided correctly.
  2. Check the Error Details:

    • Investigate the specific error message: “Error occurred while creating account -202**4@<DomainName>”.
    • Look for any additional logs or error codes that might provide more context.
  3. Inspect the Environment:

    • Ensure that the necessary permissions and connectivity are in place.
  4. Password Policy:

    • If the password policy rule is relevant, ensure that it aligns with the requirements for account creation.
  5. Connection Attributes:

    • Review the connection attributes added to the binding map.
    • Confirm that they are accurate and complete.

Hi @DixshantValecha ,

In the createaccountJSON we have Script to enable the RemoteMailBox, which is enabling remotemailbox successfully.

So, API Call, Enviroment and connection is correctly configured and to verify that we have also traced the logs and we are getting successful response back to saviynt. 

PFB.

Capture.PNG

,"PSShowComputerName":"True",

Below is the success value we have in create account JSON which is still failing 

SuccessResponses": { "OBJECTTOREAD": "get(0).PSShowComputerName", "SUCCESSVALUE": "TRUE"

and PSShowComputerName is also is in the response. 

Somehow saviynt is not able to read the response correctly. Please check.

And We are not using ACCOUNTEXISTJSON and passwordpolicy.

Thanks,

Ashutosh

 

 

DixshantValecha
Saviynt Employee
Saviynt Employee

Hi @ashutoshkumar16,

It seems like you’re having an issue with Saviynt not being able to read the response correctly, even though PSShowComputerName is in the response and the SUCCESSVALUE is set to TRUE.

 

Here are a few things you could check:

  1. Response Format: Ensure that the response from the API is in the expected format that Saviynt can parse. If the response format has changed or is not as expected, it might lead to issues.
  2. Case Sensitivity: Kindly double Check if the case of the SUCCESSVALUE and PSShowComputerName in the response matches with that in the SuccessResponse. Just to eliminate case-sensitivenes.
 

Whitespace or Special Characters: Sometimes, invisible characters like whitespace or special characters in the response might cause issues. Make sure the response doesn’t contain any such characters.

 
Please let me know if you are seeing any error in the logs, Which can help us in further triage and help in debugging the issue effectively.