SailPoint IIQ 8.4
Iqserivce is isntalled in webapps/identityiq/iqservice
Once AD account is created, then I am calling Remote Mailbox PowerShell script which is added in a rule.
IQservice throw below error while executing at this point:
RpcResponse response=service.execute(request);
Error –
2024-08-27T20:39:06,368 DEBUG QuartzScheduler_Worker-2 sailpoint.connector.RPCService:708 - Parsing the response. Returned buffer: <?xml version="1.0" encoding="utf-8"?>
After script returned non zero exit code : 1 :
2024-08-27T20:39:06,373 ERROR QuartzScheduler_Worker-2 org.apache.bsf.BSFManager:451 - Exception:
java.security.PrivilegedActionException: null
Caused by: org.apache.bsf.BSFException: The application script threw an exception: sailpoint.tools.GeneralException: Errors returned from IQService. After script returned non zero exit code : 1 : BSF info: Trigger Exchange at line: 0 column: columnNo
at bsh.util.BeanShellBSFEngine.eval(BeanShellBSFEngine.java:197) ~[bsh-2.1.8.jar:2.1.8 2018-10-02 08:36:04]
#Code:
$logfilepath="D:\Apache\webapps\identityiq\IQService\log.txt"
$logmessage="This is a test message for the PowerShell create log file"
$logmessage >> $logfilepath
Add-type -path utils.dll
# Read the environment variables
$sReader = New-Object System.IO.StringReader([System.String]$env:Request);
$sResult = New-Object System.IO.StringReader[System.String]$env:Result);
# Form the xml reader objects
$xmlReader = [System.xml.XmlTextReader]([sailpoint.utils.xml.XmlUtil]::getReader($sReader));
$xmlReader_Result =[System.xml.XmlTextReader]([sailpoint.utils.xml.XmlUtil]::getReader($sResult));
# Create SailPoint objects
log.error ("Entering native rule");
$requestObject = New-Object sailpoint.utils.objects.AccountRequest($xmlReader);
$resultObject = New-Object sailpoint.utils.objects.ServiceResult($xmlReader_Result);
#Check if the Request was processed successfully
if($resultObject.Errors.count -eq 0){
foreach ($attribute in $requestObject.AttributeRequests)
{
if($attribute.Name -eq "sAMAccountName")
{
$username = $attribute.Value;
$logmessage = $username
$logmessage >> $logfilepath
}
if($attribute.Name -eq "UserCredential")
{
$UserCredential = $attribute.Value
$logmessage = $UserCredential
$logmessage >> $logfilepath
}
if($attribute.Name -eq "email")
{
$email = $attribute.Value
$logmessage = $email
$logmessage >> $logfilepath
}
}
}
try {
$AccountName = $username
$AdminUsername = 'domain\user'
$password = ConvertTo-SecureString $UserCredential -AsPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential ($AdminUsername,$password)
$M365Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://domain.ad.com/PowerShell/ -Authentication Kerberos -Credential $credential
Import-PSSession $M365Session
$remotetargetaddress='@TBD.mail.onmicrosoft.com'
$remotemailaddress=$AccountName+$remotetargetaddress
Enable-RemoteMailbox -Identity $AccountName -RemoteRoutingAddress $remotemailaddress
Enable-RemoteMailbox $AccountName -Archive
Set-RemoteMailbox -Identity $AccountName -emailaddresspolicyenabled $false
Remove-PSSession $M365Session
$resultObject.Messages.add("Success!");
}
catch [System.Management.Automation.RuntimeException]#PSRemotingTransportException
{
$logmessage = "Found Error in connectivity"
$logmessage >> $logfilepath
}
finally {
$resultObject.toxml() | out-file $args[0];
}
]