itzsam91
July 11, 2024, 9:15pm
1
Version 8.3
Hi there,
Is it possible to configure inside a SailPoint IdentityAttributeTarget type rule to also run a PowerShell command before returning a value? For example…
If (x, y) condition is true, run a PowerShell script located at (script path). Then return the value generated from the PowerShell script for use in an attribute for “Target Mapping”
Any insights would be appreciated!
kjakubiak
July 12, 2024, 12:39pm
2
Well in theory yes - as beanshell is actualy Java so you should be able to use for example
to execute any PowerShell command - of course you will have to live with consequencies of using it.
It will be slow - if you put it into TargetMapping rule - it will impact performance of your Identity Refresh task
You have to ensure that powershell is available on the machines which can execute the rule (all task servers)
You have to ensure network connectivity to wherever you want to connect
Remove network calls in TargetMapping rule will slow down identity refresh even more.
1 Like
nick01king
July 12, 2024, 12:40pm
3
You can use a rule and reference the PowerShell script from the local host.
Example:
import java.lang.Process;
import java.lang.Runtime;
import sailpoint.tools.GeneralException;
String var = "something";
String s = null;
String stdLast = "";
String command = "cmd /c powershell -ExecutionPolicy RemoteSigned -noprofile -noninteractive C:\\PowerShell\\script.ps1 " + "\"" + var + "\"";
Process process = Runtime.getRuntime().exec(command);
BufferedReader stdInput = new BufferedReader(new InputStreamReader(process.getInputStream()));
while ((s = stdInput.readLine()) != null) {
if (s.endsWith("something")) {
//parse each line output
}
stdLast = s;
}
process.waitFor();
if (process.exitValue() != 0) {
throw new GeneralException("Something went wrong");
}
1 Like
itzsam91
July 16, 2024, 8:26pm
4
Thank you so much, this was extremely helpful!
system
September 14, 2024, 8:26pm
5
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.