Aftercreate rule not working

Identity Security Cloud (ISC) ISC Discussion and Questions
, ,
1

created aftercreate rule using beta collection. this rule aims to do the following after creation of account in AD.

  • Generate initial password
  • enable remote-mailbox
  • send notification to manager

these functions will be under the client script that it will call.

rule is not working, not writing logs in the path.

btw. manually tested the client script using an existing account in AD that has disabled remote mailbox, all 3 functions are working fine. so the only problem now is the aftercreate rule itself, not triggering after account creation.

please check if the rule is correct. or am i missing something in the configuration.

image
image1147Ă—382 114 KB

account activity in sailpoint ISC:

Warnings
Create operation is successful but post script execution fa
iled : After script returned non zero exit code : 255 :

2

It doesn’t look like you’ve exactly followed the template described here:

I wouldn’t change much in that template other than the $logFile and $command. The rest of the logic should exist in the script defined by the $command variable that resides on the IQService host.

3

Hi @almallete as @MattUribe says keep the $logFile and $command. Or you can update the path of $logFile and $command in the below code and try to attach it to the AD source and test it again.

<![CDATA[

$logDate = Get-Date -UFormat "%Y%m%d"
$logFile = "c:\SailPoint\Scripts\Logs\ConnectorAfterCreate_$logDate.log"
$command = "c:\SailPoint\Scripts\SampleSource-AfterCreate.ps1"
$enableDebug = $false

#====================-------Helper functions-------====================
function LogToFile([String] $info) {
    $info | Out-File $logFile -Append
}

#====================-------Get the request object-------====================
Try{
    if($enableDebug) {
        LogToFile("Entering SailPoint rule")
    }

    Add-type -path utils.dll;
 $sReader = New-Object System.IO.StringReader([System.String]$env:Request);
 $xmlReader = [System.xml.XmlTextReader]([sailpoint.utils.xml.XmlUtil]::getReader($sReader));
 $requestObject = New-Object Sailpoint.Utils.objects.AccountRequest($xmlReader);
    $requestAsString = $env:Request

    if($enableDebug) {
        LogToFile("Request as XML object is: $requestAsString")
    }

    #Call the client script
    $command = -join ($command, " -requestString '$requestAsString'")
    Invoke-Expression $command

}Catch{
 $ErrorMessage = $_.Exception.Message
   $ErrorItem = $_.Exception.ItemName
   LogToFile("Error: Item = $ErrorItem -> Message = $ErrorMessage")
}

if($enableDebug) {
    LogToFile("Exiting SailPoint rule")
}

]]>