• State Suggested Answer
  • Locked Locked
  • Replies 20 replies
  • Answers 1 answer
  • Subscribers 62 subscribers
  • Views 16845 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Launch Powershell script from ARS Web Interface

ggr
over 11 years ago

Sorry if I'm missing something obvious (we've just recently deployed ActiveRoles Server), but I cant seem to find an easy way to launch a standalone powershell script from within the ActiveRoles server Web Interface.

I have a simple script which exports a list of user objects from our Deprovisioned Users OU to a CSV file, and I'd like our Help Desk staff to be able to launch this script from the WEB UI by clicking a custom menu item like "Generate Deprovisioned Users Report"

Can anyone point me in the direction of any existing documents that show me how to do this?

  • 0 over 6 years ago
    Hmm, then I'm stuck again - unfortunately as I'm working with user properties in that script.
    Please find excerpts following.


    # get user mail address
    $usermail = (Get-QADUser $Request.GUID -IncludedProperties PrimarySMTPAddress -DontUseDefaultIncludedProperties).PrimarySMTPAddress

    # get user URI
    $UserURI = (Get-QADUser $Request.GUID -IncludedProperties "msRTCSIP-PrimaryUserAddress" -DontUseDefaultIncludedProperties)."msRTCSIP-PrimaryUserAddress"

    #define E-Mail from
    $from = "<mail address>"

    #define relay server
    $smtpserver="<relay server>"

    #send Welcome-Email
    Set-CsPinSendCAWelcomeMail -UserEmailAddress $usermail -UserURI $UserURI -From $from -smtpserver $smtpserver -force
  • 0 over 6 years ago
    I think you need to explain your use case as I don't understand how your script is supposed to find out who's properties it's supposed to read?

    $Request.GUID will get you the GUID of an in-process user but this only works if you are running this code after some action has taken place on a user such as a create or modify.
  • 0 over 6 years ago
    I want to send a welcome mail to the user which is marked, therefore pulling out some attributes to correctly send the message.
  • 0 over 6 years ago
    Who is going to be initiating this process? Is it the end-user themselves or another person, say help desk staff? If it is help desk for example, would this process then search for all users that are "marked" (using a virtual attribute perhaps) to send this welcome email to?
  • 0 over 6 years ago
    So, your script will contain properties of the person who kicked off the script? We call that the "Initiator".
  • 0 over 6 years ago
    Helpdesk and admins and only on behalf. I now went down the road of a workflow checking for a change in an extension attribute and then executing the script.
  • 0 over 6 years ago
    My interpretation is that he wants the user to select an object in the web interface (i.e. check the box beside it) and then use that as the target object for the script (read that's object's properties to send the welcome message).

    Tricky stuff...not readily explained here.
  • 0 over 6 years ago
    Apologies for late reply guys and not being specific enough, I'll try to do that now.
    JohnnyQuest was guessing quite good already.

    I managed to suit my needs now, even if I had to "sell" another extension attribute for this but it's working fine.

    I created a menu entry which updates the extension attribute which I "monitor" by way of the workflow which then executes the script, reading neccessary user information, generating the PIN and sending the welcome message.
    Everything's working fine as expected.
    Link is only been displayed if the user is EnterpriseVoice enabled on SkypeForBusiness
    (msRTCSIP-OptionFlags being 385).

    For the records, the script:

    function LyncSendWelcomeMail ($Request)
    {

    # check if object is a user
    if ($Request.Class -ne "user") {
    return
    }

    # check if user is lync-enabled
    $usertosend=(Get-QADUser $Request.DN -IncludedProperties msRTCSIP-UserEnabled -DontUseDefaultIncludedProperties)."msRTCSIP-UserEnabled"


    if ($usertosend -ne $true) {
    return
    }

    # open remote PowerShell session to SfB Server
    $username = <username>
    $pwdTxt = <not needed to mention>
    $securePwd = $pwdTxt | ConvertTo-SecureString
    $credobject = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $securePwd
    $lync_session = New-PSSession -ConnectionUri "https://<servername>/OcsPowershell" -Credential $credobject
    Import-PSSession $lync_session

    # get user mail address
    $usermail = (Get-QADUser $Request.GUID -IncludedProperties PrimarySMTPAddress -DontUseDefaultIncludedProperties).PrimarySMTPAddress

    # get user URI
    $UserURI = (Get-QADUser $Request.GUID -IncludedProperties "msRTCSIP-PrimaryUserAddress" -DontUseDefaultIncludedProperties)."msRTCSIP-PrimaryUserAddress"

    #define E-Mail from
    $from = "<from_address>"

    #define relay server
    $smtpserver="<relayhost>"


    # load function to send WelcomeMail
    . C:\scripts\ps\SfB_WelcomeMail\sfb_welcome_mail.ps1

    #send Welcome-Email
    Set-CsPinSendCAWelcomeMail -UserEmailAddress $usermail -UserURI $UserURI -From $from -smtpserver $smtpserver -force

    #close remote PowerShell Session
    Remove-PSSession $lync_session

    }
  • 0 over 6 years ago
    Does the extension attribute that the workflow is queueing off of need to be stored in AD? If that attribute is simply a trigger attribute for kicking off the workflow, you could consider using a virtual attribute in ARS. This way, you can free up that extension attribute in AD.
  • 0 over 6 years ago
    No, there's no need to store it in AD. It gets cleared after the workflow kicked in anyway. Could you detail the virtual attribute way Richard?