Invoke PS Scripts

IdentityIQ (IIQ) IIQ Discussion and Questions
, ,
1

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

Hello community,
I’m creating a rule of type “ConnectorAfterCreate” to run a powershell script. I would like to know if there is a possibility to invoke other ps scripts from different folders.
I called the script directly but it doesn’t seem to work ==> $PSScriptRoot/myScript1.ps1

Thank you!

2

Hi @eneffati,

This is for IIQ or IdentityNow?

Thanks

3

Hi @eneffati

Welcome to SailPoint Developer Community.

Just invoke a PowerShell script from the ConnectorAfterCreate native Rule, don’t write much code in this Rule template, just use it as a template to call PS script.

You can call any number of scripts from this PS script file, just make sure that IQ Service account you are using in your AD source config has enough privileges to access the folders.

It is better if you can login to IQ Service server using the same service account.

Check this doc for more informatrion: Before and After Operations on Source Account Rule | SailPoint Developer Community

Thanks
Krish

3 Likes
4

Hi @eneffati and welcome,

As Krishna said, you can call multiple scripts, I’m just questioning why you would want to.
Personally, I have just the one script that does many things depending upon the input variables. It makes maintenance easier.

Phil

5

It depends on requirements.

For example: In one implementation, I had to make below operations on AD account creation

  1. Notify user AD password to the user’s manager
  2. Enable Remote Mailbox
    …etc

I feel it is not good idea to keep all the logics in single script, so I prefer to have different PS scripts, If something goes wrong, it is easy to troubleshoot and no need to touch entire code.

It is better for understanding and maintenance.

Thanks
Krishna

3 Likes
6

Yes indeed I wanted it to be more orgnaized and more important it’s a security matter.
To invoke the ps scripts you used the normal PS command to call a script please?

7

Yes, see the below code snippet.

try {
    #3 Exchange : Enable user mail box
    $exchange = "C:\SailPoint\Exchange_onprem.ps1"
    $command3 = -join ($exchange, " -samAccountName '$samAccountName' -mailPfx '$mailPfx' -mail '$mail'")
    $exchange_result = Invoke-Expression $command3
} catch {
    $ErrorMessage = $_.Exception.Message 
  	$ErrorItem = $_.Exception.ItemName
  	LogToFile("Mailbox Error: Item = $ErrorItem -> Message = $ErrorMessage")
}

By the way, why not keep all the PS scripts in same folder, convenient rite.

Thanks
Krish

5 Likes
8

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.