Invoking Powershell script from Rule

Prathyusha_174 · May 23, 2023, 7:22am

Hi All,

We have tried to invoke the PowerShell script through rule, it is creating the .ps1 file , but script is not getting executed.

If we try the same script from application connector Rule(native rule), it is working.

Any help will be appreciated!!.

Code snippet We are using to create the file :

FileCreationRule.xml

$value = New-Item -Path ‘\ServerPath\E$\test\testfile1112.emp’ -ItemType “File”;
$log.Debug(“exiting New-FileCreation”);
return $value;

code snippet to invoke the PowerShell script from rule:

String ruleName= "FileCreationRule";
Rule rules = context.getObject(Rule.class, ruleName);
Application ad = context.getObject(Application.class, "Active Directory");
List iqServiceConfig = ad.getAttributes().get("IQServiceConfiguration");
Map iqServiceConfigMap = iqServiceConfig.get(0);
String host = iqServiceConfigMap.get("IQServiceHost");
int port = Integer.parseInt(iqServiceConfigMap.get("IQServicePort"));
Map dataMap = new HashMap();
dataMap.put("postScript", rules);
dataMap.put("Application", ad.getAttributes());
RPCService service = new RPCService(host, port,false, false);
service.setConnectorServices(new sailpoint.connector.DefaultConnectorServices());
RpcRequest request = new RpcRequest("ScriptExecutor", "runAfterScript", dataMap);
RpcResponse response = service.execute(request);
if (response == null) {
return null;
}
if (response.getErrors() != null &amp;&amp; response.getErrors().size() > 0) {
throw new IllegalStateException(response.getErrors().toString());
}

return response.toXml();

Thanks,
Prathyusha

brian_weigel · May 23, 2023, 3:50pm

In the example Compass post I shared in your original post - Creating file in Windows shared location from Sail Point IIQ - I didn’t see service.setConnectorServices(new sailpoint.connector.DefaultConnectorServices()); in the sample code.

As a basic troubleshooting step, I’d try creating a “dummy” powershell script that does something really simple, like writing some warning messages (via something like Write-Warning or Write-Error and create a local file/folder on the IQService host itself. That should help provide some indication of whether the issue is with the invocation of the script itself, or there’s something in the script that’s failing and not returning the failed status back to your rule’s invocation.

ismaelmoreno1 · June 13, 2023, 6:38pm

hi @Prathyusha_174

The code to invoke Powershell looks fine.
Could you try add following line in FileCreationRule.xml file at the beginig of the rule?

Add-type -path C:\<IQServicePath>\Utils.dll

As you mentioned, rule works properly though application connector Rule, because you are using IQService to provision, but when you try execute powershell code using external rule, in the code you are not importing IQService Library

system · August 12, 2023, 6:39pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Passing attributes to PowerShell script IIQ Discussion and Questions identityiq	7	607	December 25, 2023
After Modify Connector Rule to trigger Powershell script ISC Discussion and Questions rules , identity-security-cloud	5	1070	July 19, 2023
Issues running Remote powershell - IIQ Discussion and Questions rules , identityiq	7	283	February 10, 2024
Before Script returned non-zero exit code : 1 ISC Discussion and Questions rules , identity-security-cloud	5	1105	June 26, 2023
Issues running Remote powershell after upgrading from 8.0->8.3p3 IIQ Discussion and Questions identityiq , provisioning	11	862	July 25, 2023

Invoking Powershell script from Rule

Related Topics