• State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 62 subscribers
  • Views 4505 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

First.Last to DN Workflow

dylan smith
over 5 years ago

We've got Okta pushing manager first.last to extensionAttribute3 in ARS. I need a workflow that will convert that to a DN to drop into the manager field. However, no matter what I do, it doesn't want to get from any attributes.

Workflow setup:

On Demand
EA3 Search - Filters from an OU with 4 users. No other filters in place. --> Run Script: First.Last to DN


First.Last to DN script

function onPostModify($Request)
{
$sourceObj = $workflow.FoundObject("EA3").get("DN")
$manager = get-aduser -identity $sourceObj -properties extensionattribute3 | select -expandproperty extensionattribute3
$managerDN = (get-aduser -id $manager).distinguishedname	
$dirobj.put("manager", $managerDN)
$DirObj.SetInfo()
}



The error I get when I try to run the workflow with the script is:

At line: 3 char:1. Exception calling "Get" with "1" argument(s): "Object reference not set to an instance of an object."

 

Parents
  • 0 over 5 years ago

    I'm wondering why you are dealing with "Found Object" at all.

    Your start condition should simply intercept the EA3 modification and then pick up the EA3 of the object using $Request.Get("extensionattribute3").

    The object being modified you can get with $Request.GUID or $Request.DN.

    So:

    Function OnPostModify ($Request)

    {

    $ManagerFirstLast = $Request.Get("extensionattribute3")

    $manager = $(get-aduser -identity $ManagerFirstLast  -filter * -properties *).distinguishedname

    $CurrentObject = $Request.DN

    Set-qaduser -identity $CurrentObject -ManagedBy $Manager

    }

  • 0 over 5 years ago in reply to JohnnyQuest

    Unfortunately I'm still getting the same error on the get. Which is weird because it's literally searching an OU with four test users, three of which definitely have first.last strings in extensionAttribute3. 

    It's also executing on all four users. I can see it fail four times. 

    Ultimately my search is doing the following:

    EA3
    Search in the Organizational Unit or Container
    Find Users in IT-Testing OU
    When searching the organizational Unit or container: retrieve any objects held in the OU or container
    Retrieve ALL RECIPIENTS
    No further filters.

    Then it kicks off the script. All but one user in that OU have extensionAttribute3 defined in a first.last string.

  • 0 over 5 years ago in reply to dylan smith

    You don't need to use a search.

    Why don't you just have the workflow react in real time to the setting of the EA3?  (by setting its Start condition to user property modification | EA3 )

    Then, you can just fire the script code I suggested above as a script activity.

Reply
  • 0 over 5 years ago in reply to dylan smith

    You don't need to use a search.

    Why don't you just have the workflow react in real time to the setting of the EA3?  (by setting its Start condition to user property modification | EA3 )

    Then, you can just fire the script code I suggested above as a script activity.

Children
No Data