I just thought about this.
The ConnectorBeforeCreate rule on ISC only calls a script residing in the IQS machine.
Try{
C:\Sailpoint\isc-adrule-bc.ps1 $env:Request
}
Catch{
$ErrorMessage = $_.Exception.Message
$ErrorItem = $_.Exception.ItemName
"Error: Item = $ErrorItem -> Message = $ErrorMessage" | Out-File $logFile -Append
}
We are trying different ways of increasing timeout for the script in the IQS machine, but we didn’t modify the attribute in the ConnectorBeforeCreate.
"attributes": {
"ObjectOrientedScript": "true",
"extension": ".ps1",
"sourceVersion": "1.0",
"disabled": "false",
"program": "powershell.exe",
"timeout": "300"
},
I’m searching for more information about this timeout attribute, but I still couldn’t find some things:
- Is it in seconds?
- Does it have a limit?
- When the rule times out, the request is sent to IQS automatically?
- Is there a limit of how many processes can be running at the same time? I guess if there are too many waiting for locks/mutex (this only happens for the script residing in IQS machine) will ISC kill all of them? idk
I’ll try increasing the timeout attribute for the rule and see what happens