Error executing after modify AD rule - After script returned non zero exit code : 255

Hi! I am dealing with an after modify AD rule. When I try to execute this simple line, rule (and operation) fails:

"test" | Out-File "c:\SailPoint\SampleSourceBeforeCreateScript.log" -Append

But when I try this:

dir > c:\dir.txt

dir.txt file is created correctly.

What I see on VAs log is:

{"exception":{"stacktrace":"sailpoint.tools.GeneralException: Error(s) reported back from the IQService - After script returned non zero exit code : 255 : \n\tat sailpoint.connector.ADLDAPConnector.processResponse(ADLDAPConnector.java:6174)\n\tat sailpoint.connector.ADLDAPConnector.handleObjectRequest(ADLDAPConnector.java:6736)\n\tat sailpoint.connector.ADLDAPConnector.provision(ADL.....

I also found this entry:

IQService Returned Non Zero Exit Code 255 - Compass.

I leveraged iqs log server, but it logs no error.

Executing directly where iqs is installed, works correctly. Service user is domain administrator.

Check the permissions of the account that is running the script that it can write to that log file location.

Thanks @ethompson for response!

I found an entry in compass that helped me, I was lacking of the attributes part:

IQService Returned Non Zero Exit Code 255 - Compass.

{
    "description": "Rule powershell after operation",
    "type": "ConnectorAfterModify",
    "signature": {
        "input": [
            {
                "name": "Application",
                "description": "Map of the application configuration.",
                "type": "System.Collections.Hashtable"
            },
            {
                "name": "Request",
                "description": "Reference to the account request provisioning instructions.",
                "type": "SailPoint.Utils.objects.AccountRequest"
            },
            {
                "name": "Result",
                "description": "Reference to the provisioning result that can be manipulated if necessary.",
                "type": "SailPoint.Utils.objects.ServiceResult"
            }
        ],
        "output": null
    },
    "sourceCode": {
        "version": "1.0",
        "script": "\"SomeTeste\" | Out-File \"c:\\SailPoint\\SampleSourceBeforeCreateScript.log\" -Append"
    },
    "attributes": {
            "ObjectOrientedScript": "true",
            "extension": ".ps1",
            "sourceVersion": "2021-02-22 18:18:20",
            "disabled": "false",
            "program": "powershell.exe",
            "timeout": "300"
    },
    "id": "6f9f59967fc740c7a32a9c21a8c41da0",
    "name": "ADAfterModify",
    "created": "2024-06-18T14:27:27.866Z",
    "modified": "2024-06-18T14:27:27.866Z"
}
1 Like

I opened a bug because the official documentation is completely inadequate in this area and suggests we send a full XML data structure as the script.

Thank you for posting this, I spent the whole morning following the documentation…

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.