0 votes

Code is below. But the subject says it all. When I run the command targeted in this function via the Adaxes GUI or the web interface, it runs without issue. When run using this code, I just get "No operations executed" in the log. When checking the Adaxes log, the information in the log is exactly the same as when I run the command successfully via the GUI.

function create-PltAccount {
    [CmdletBinding(SupportsShouldProcess = $true)]
    param(
        [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
        $identity,
        [string] $commandGuid = "9D8EF2CC-21D8-4843-9FFE-F21E7FE356E4",
        [Parameter(Mandatory = $true)]
        [ValidateSet("user","sa","da")]
        [string] $accountType,
        [Alias("domain","server")]
        [string] $managedDomain = "domain.com",
        [string] $adaxesService = $global:adaxesService,
        [Alias("saCred")]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        $credential
    )
    begin {
        [Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") > $null
        $admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
        $credUser = $credential.UserName
        $credPwd = $credential.GetNetworkCredential().Password
        $admService = $admNS.GetServiceDirectly($adaxesService)
    }
    process {
        try {
            $objectDn = $identity.DistinguishedName
            $objectName = $identity.Name
            write-host "Adaxes://$managedDomain/$objectDn"
            $adaxesObject = $admNS.OpenObject($adaxesService,"Adaxes://$managedDomain/$objectDn", $credUser, $credPwd, 195)
            $command  = $admNS.OpenObject($adaxesService,"Adaxes://<GUID=$commandGuid>", $credUser, $credPwd, 195)
            switch ($accountType) {
                "user" { $paramAccountType = "Domain Account"; break }
                "sa" { $paramAccountType = "SA Account"; break }
                "da" { $paramAccountType = "DA Account"; break }
            }
            $arguments = $command.CreateArguments()
            $arguments.SetParameterValue("param-AccountType", $paramAccountType)
            if ($psCmdlet.ShouldProcess($objectName, "Run 'PLT - Create-PLT-DomainAccount' against user '$($identity.name)' creating '$paramAccountType' account")) {
                write-progress "Waiting for command to complete..."
                $adaxesObject.ExecuteCustomCommand($command.CommandId, $arguments)
                #retrieve status
                sleep -sec 15 #sleep to allow log entry to show up
                $logRecord = $adaxesObject.getModificationLog().log.getPage(0) | select -first 1
                if (($logRecord.State -ne 4) -or ($logRecord.state -ne "OPERATION_STATE_COMPLETED")) {
                    write-warning "$commandName failed on '$objectName'"
                    write-warning $logRecord.getExecutionLog().message
                } else {
                    if ($logRecord.getExecutionLog().message) {
                        write-output $logRecord.getExecutionLog().message
                    }
                }
                write-progress "Waiting for command to complete..." -completed
            }
        } catch {
            $psCmdlet.WriteError($_); return 
        }  finally { $adaxesObject = $null }
    }
    end {
        $admNS = $admService = $credUser = $credPwd = $null
    }
}
by (20 points)

1 Answer

0 votes
by (294k points)

Hello,

It means that the command is executed successfully. Most probably, there are some conditions in your custom command that are not met for the user you execute the command on.

0

I am providing the parameter information correctly. I can tell via the logging. The only condition in the custom command is what type of account is needed. I am setting that as a valid parameter to the command. There is something else missing, but I do not know what it is. I used to be able to run custom commands by providing the parameters but I have not been able to run a custom command using ADSI in quite some time. Did something change with the latest release? I can open a support ticket if necessary.

0

Hello,

As you mentioned in the initial request, the result is the same when you execute the custom command via Adaxes UI (if we understood you right). As such, it can only be about the condition you have in the command not being met. If you cannot provide the command screenshot here, please, send it to our support email.

0

The result is definitely not the same when run via ADSI vs the GUI. When run from the GUI, the command runs without issue and executes 3 operations, successfully completing "the thing" the command is designed to do.

See attached for custom command screenshot and logging, which shows the input data to the command is the same when the command works and when it does not.

adaxes_log_adsi_fail.jpg adaxes_log_gui_success.jpg adaxes_custom_cmd.jpg

0

Hello,

Thank you for all the provided details. Now the difference is clear. We do not see the full operation description for the command execution via the script, but it looks like the value passed to the parameter does not match any of those in the parameters. Maybe, there is some unprintable character or something else influencing the value. As a test, you can use one of the examples from the following SDK article instead of your function: https://adaxes.com/sdk/SampleScripts.ExecutingCustomCommands.

Related questions

0 votes
1 answer

We have a number of PowerShell scripts I'd love to expose to normal users simply by adding them as Custom Commands, my problem is they require additional ... with the intuitive GUI and utilise existing Adaxes features regarding PowerShell and Custom Commands.

asked Nov 13, 2017 by Staj (350 points)
0 votes
1 answer

Hi Guys, Short question. In our organisation we have a buch of the security group that have a specific "class". The class is simple number stored in the ExtensionAttribute1. I'd ... tried to do the something like that with ADSI :cry: Could you please help me?

asked Dec 8, 2014 by axmaster (510 points)
0 votes
0 answers

I have created a Custom action to create some "standard" sub OUs to a particular type of OU in our AD. I wanted to create a script to look in the OU you are executing ... 'Users') -or ($child.Name -eq 'Computer Systems')) {$Context.ConditionIsMet = $False } }

asked Aug 31, 2016 by ggallaway (300 points)
0 votes
1 answer

I am trying to see if I can implement this in Adaxes somehow to support role-based provisioning to external apps (using appropriate Powershell scripts) but struggling to work ... to invest in a full-blown role-based provisioning platform (would rather not!).

asked Dec 24, 2019 by Bernie (310 points)
0 votes
1 answer

We have in our standard deprovision script to activate or modify m365 account set to deactivate with both revoke licenses and to block sign in checked. When it runs we get an error 'no exchange organization found'

asked Sep 10 by EnbyAdmin (60 points)
3,588 questions
3,277 answers
8,303 comments
548,079 users