[SOLVED] Scheduled task failing.

UPDATE: Fixed this, turns out there was a request with no approver, denied the request and it works as normal now.

I have a scheduled task that has been working for some time now but started failing on 18th June for no obvious reason.
Error as below:

Exception calling "GetObject" with "1" argument(s): "One or more input parameters are invalid "

I don't think anything has changed in the code and logging seems to reflect no changes. Can you give me more insight into the error message please?

Here's the script: 

$requestExpirationDays = 5 # TODO: modify me to change the number of overdue days

# Sets new approvers for the request
function HandleExpiredRequest($request)
{
    $approversInfo = $request.GetApproversInfo()
    $approvers = $approversInfo.GetApproversEx($request.Requestor, $request.TargetObject)
    $trustee = $approversInfo.ApproverTrustees

    if ($approvers.Count -gt 1)
    {
        return
    }

    $approver = $approvers.GetObject(0)
    try
    {
        $newApproverDNs = $approver.Get("seeAlso")
    }
    catch
    {
        return # No new approvers specified
    }

    foreach ($approverDN in $newApproverDNs)
    {
        $approver = $Context.BindToObjectByDN($approverDN)
        if ($approversInfo.IsApproverEx($approver, $request.Requestor, $request.TargetObject))
        {
            continue
        }
        $trustee.Add($approver)
    }

    $request.SetApproversInfo($approversInfo)
    $request.SetInfo()
}

# Bind to the Approval Requests container
$containerPath = $Context.GetWellKnownContainerPath("ApprovalRequests")
$container = $Context.BindToObject($containerPath)

# Get all pending approval requests
$requests = $container.GetApprovalRequests("ADM_APPROVALSTATE_PENDING")

foreach ($requestID in $requests)
{
    # Bind to the approval request
    $guid = [Guid]$requestID
    $request = $Context.BindToObject("Adaxes://<GUID=$guid>")

    # Check whether the request has expired
    $requestExpDate = $request.CreationDate.AddDays($requestExpirationDays)

    if ([System.DateTime]::Now -lt $requestExpDate)
    {
        continue
    }

    HandleExpiredRequest($request)
}
by (840 points)

1 Answer

by (216k points)
Best answer
0 votes

Hello,

We've modified the script to handle such situations. The version of the script that you can find below will not cause such an error. Also, it will send a notification e-mail to an administrator so that appropriate action can be taken.

Parameters in the script:

  • $requestExpirationDays - specifies the number of days an Approval Request needs to remain pending to become outdated.
  • $adminMail - specifies the administrator's e-mail address.
  • $noApproversMailSubject - specifies the subject of the notification message.
  • $noApproversMailTemplate - specifies a template for the notification message. In the template, {0} will be replaced with a link to the approval request that triggered the notification.
$requestExpirationDays = 3 # TODO: modify me
$adminMail = "AdminMail@domain.com" # TODO: modify me
$noApproversMailSubject = "A request without approvers has been found" # TODO: modify me
$noApproversMailTemplate = "<b>The following approval request does not have any approvers:</b><br/>{0}<br/>Please take appropriate action.<hr /><p><i>Do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

# Sets new aprovers for the request and sends out e-mail notifications
function HandleExpiredRequest($request, $adminMail, $subject, $webInterfaceAddress, $message)
{
    $approversInfo = $request.GetApproversInfo()
    $approvers = $approversInfo.GetApproversEx($request.Requestor, $request.TargetObject)
    $trustee = $approversInfo.ApproverTrustees

    # Send mail to admin if request does not have approvers
    if ($approvers.Count -eq 0)
    {
        $requestGuid = [Guid]$request.Get("objectGuid")
        $requestDescription = $request.DescriptionOfOperationToApprove
        $requestLink = "<a href='$webInterfaceAddress`ViewObject.aspx?guid=$requestGuid'>$requestDescription</a>"
        $message = [System.String]::Format($message, $requestLink)
        $Context.SendMail($adminMail, $subject, $NULL, $message)
        return
    }

    if ($approvers.Count -gt 1)
    {
        return
    }

    $approver = $approvers.GetObject(0)
    try
    {
        $newApproverDNs = $approver.Get("seeAlso")
    }
    catch
    {
        return # No new approvers specified
    }

    foreach ($approverDN in $newApproverDNs)
    {
        $approver = $Context.BindToObjectByDN($approverDN)
        if ($approversInfo.IsApproverEx($approver, $request.Requestor, $request.TargetObject))
        {
            continue
        }
        $trustee.Add($approver)
    }

    $request.SetApproversInfo($approversInfo)
    $request.SetInfo()
}

# Bind to the Approval Requests container
$containerPath = $Context.GetWellKnownContainerPath("ApprovalRequests")
$container = $Context.BindToObject($containerPath)

# Get all pending approval requests
$requests = $container.GetApprovalRequests("ADM_APPROVALSTATE_PENDING")

# Get the default Web Interface address
$webInterfaceAddress = "%adm-WebInterfaceUrl%"
if ([System.String]::IsNullOrEmpty($webInterfaceAddress))
{
    $Context.LogMessage("Default web interface address not set for Adaxes service. For details, see http://www.adaxes.com/help/?HowDoI.ManageService.RegisterWebInterface.html", "Warning")
}

foreach ($requestID in $requests)
{
    # Bind to the approval request
    $guid = [Guid]$requestID
    $request = $Context.BindToObject("Adaxes://<GUID=$guid>")

    # Check whether the request has expired
    $requestExpDate = $request.CreationDate.AddDays($requestExpirationDays)

    if ([System.DateTime]::Now -lt $requestExpDate)
    {
        #continue
    }

    HandleExpiredRequest $request $adminMail $noApproversMailSubject $webInterfaceAddress $noApproversMailTemplate

    # Send additional email to approvers
    $request.NotifyApprovers()
}
by (840 points)
0

Thanks that looks pretty good.

Much appreciated.

Related questions

Scheduled task failing to delete domain admin user objects

Hi We have a couple of scheduled tasks set up to remove accounts which have been disabled for a perios of time. This works fine for normal user accounts, but we ... and former domain admin accounts? We're running the latest version of Adaxes Thanks Matt

asked Oct 26, 2022 by chappers77 (2.0k points)
0 votes
1 answer
***SOLVED***Schedule Task to create export fails

In the Admin Console, I've created a scheduled task to create an export. I get this error, "The execution of the external program or script took longer than 600000 milliseconds ... it manually at a command line, it generates the file in a matter of seconds.

asked Mar 9, 2015 by sbanks (270 points)
0 votes
1 answer
Is it possible to prevent a scheduled task to run, if the previous run is still in progress?

Hello, We have a task which checks every hour if jobs have been added to a list (CSV-File) and if so will start provisioning tasks including Microsoft Teams. If ... job has completed or is still running to prevent duplicate runs. Is this somehow possible?

asked Sep 25 by andrep (20 points)
0 votes
1 answer
How to "intake" AD group names from a scheduled task, into a PowerShell Script?

Let's say that I have a scheduled task that adds a high-level roles-based AD group to a user. As part of that same task, I'd like to run a powershell script to collect all ... the task to type in the "parent" group name, and pass it to the script that way?

asked Sep 22 by 3Jake (190 points)
0 votes
1 answer
Disabling EXO PowerShell Access via Scheduled Task

We have a security initiative to disable the default Exchnage Online (EXO) PowerShell access for users, while retaining access for Admins. I would like to implement ... com/en-us/powershell/exchange/disable-access-to-exchange-online-powershell?view=exchange-ps

asked Mar 14 by Mark.Monaco (40 points)
0 votes
1 answer