Hi Team,
When I am trying to modify plan (sAMAccounName) in beforeCreate script. The value is getting updated in the plan but is not getting set.
Kindly suggest how should I proceed ?
I am trying to use U and incremental value.
Pls find my code :
##############################################################################################################################
# SETUP
# Instructions (for each IQService host that could run the script):
# - Update the path to Utils.dll (can be an unqualified path like "Utils.dll" since script is copied to IQService folder for execution)
# - Make sure Utils.dll is in the specified folder on each IQService host
# - Be sure the account that runs IQService has appropriate permissions to create directories and set permissions on them
# - Be sure to set the "run as" account for the IQService in Windows Service to the above-specified account instead of just the "logged on" user
# - Set a proper location for the $logFile variable
# - Set the $enableDebug flag to $true or $false to toggle debug mode
###############################################################################################################################
param (
[Parameter(Mandatory=$true)][System.String]$requestString
)
#include SailPoint library
Add-type -path "C:\Users\Administrator\Downloads\IQService\utils.dll";
#import AD cmdlets
Import-Module activeDirectory
#log file info
$logDate = Get-Date -UFormat "%Y%m%d"
$logFile = "c:\SailPoint\IQService\AD-BeforeCreate_$logDate.log"
$enableDebug = $true
#save logging files to a separate txt file
function LogToFile([String] $info) {
$info | Out-File $logFile -Append
}
function GenerateSamAccountName {
param (
[string]$prefix,
[int]$startValue
)
$increment = 1
$samAccountName = ""
do {
$samAccountName = $prefix + ($startValue + $increment)
$user = Get-ADUser -Filter "samAccountName -eq '$samAccountName'" -ErrorAction SilentlyContinue
$increment++
} until (-not $user)
return $samAccountName
}
if($enableDebug) {
LogToFile("Entering IDN_AD_BeforeCreate PS")
}
try{
LogToFile("IDN AD After create: try block")
$sReader = New-Object System.IO.StringReader([System.String]$env:Request);
$xmlReader = [System.xml.XmlTextReader]([sailpoint.utils.xml.XmlUtil]::getReader($sReader));
$requestObject = New-Object Sailpoint.Utils.objects.AccountRequest($xmlReader);
$requestAsString = $env:Request
LogToFile("IDN AD After create: variables read")
$sAMAccountName = $null
foreach ($attribute in $requestObject.AttributeRequests) {
if ($attribute.Name -eq "sAMAccountName"){
$sAMAccountName = $attribute.value
LogToFile("IDN AD Before create sAMAccountName: $sAMAccountName")
# Example usage:
$prefix = "U"
$startValue = 10000
$uniqueSamAccountName = GenerateSamAccountName -prefix $prefix -startValue $startValue
LogToFile("new name $uniqueSamAccountName")
# Example usage:
LogToFile($attribute.value)
$attribute.value=$uniqueSamAccountName
LogToFile($attribute.value)
LogToFile( "Request Object after addition: " + $requestObject.toxml())
# # Return New AttributeRequest in requestObject to IQService
# $requestObject.toxml() | out-file output.txt
}
}
$requestObject.toxml()|out-file $args[0];
# Set-ADUser -Identity $sAMAccountName -SamAccountname $uniqueSamAccountName
LogToFile("IDN AD Before create: Complete")
} catch {
$ErrorMessage = $_.Exception.Message
$ErrorItem = $_.Exception.ItemName
LogToFile("Error: Item = $ErrorItem -> Message = $ErrorMessage")
}
if($enableDebug) {
LogToFile("Exiting IDN_AD_BeforeCreate")
}