• State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 62 subscribers
  • Views 4520 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

QARS Workflow/Policy Script to capture onPostModify of the mail attribute for a user and then write user's employeeID and mail attribute to a CSV file for export to our Workday HR system

james.huddy_64575
over 5 years ago

I need to implement a workflow/policy script that triggers onPostModify of the mail attribute, both for new users and changes to the mail attribute of existing users, and writes the user's employeeID and mail attribute to a CSV file and uploads it to an sFTP site for collection by our Workday HR system.

I can manage the poweshell script to create the CSV and upload it to the sFTP site.

It is the configuration of the workflow/policy that I am a little unclear on.

Does anybody have any pointers please? Or perhaps a link?

Parents
  • 0 over 5 years ago

    You would setup a "change workflow" where the start conditions of the workflow trigger on User, properties change...for the mail attribute.  Into it you would insert a script "activity" containing the PoSh code you mention above.

    The Posh code itself has to be setup as a "script module" of type "Policy script".

     The only other thing to note is that you need to setup the PoSh code as a Function so:

    Function ExportMailAndUpload ($Request)

    {

    # PoSh code goes here

    # Note, here's a good way to grab the newly changed mail attribute (assuming the change was made through Active Roles)

    $NewMail = $Request.Get("mail")

    }

    Then, in the script activity you insert into the workflow, reference the above named Function.

    Hope this helps.

  • 0 over 5 years ago in reply to JohnnyQuest

    Hi Johnny,

    When you say a "chage request", if I configure the workflow 'Operation' to 'Modify...' filtered on 'mail, then will it also capture the 'mail' attribute being set upon the creation of a new user? Or do I need to have two workflows, one for 'Create' and one for 'Modify'?

    Also, presumably, in my PoSh script, when I Get-QADUser, I would do something like this (I only need to send mail and employeeID to the HR system):

    Get-QADUser -Proxy -Identity $Request.DN -IncludedProperties mail,employeeID -DontUseDefaultIncludedProperties

    I suppose that $Request would send other -Identity attributes attributes such as GUID, samAccountName, UPN, mail etc?

    It is this part of the workflow, passing the $Request from the onPostModify is the bit that I am least familiar with.

  • 0 over 5 years ago in reply to james.huddy_64575

    You would have to test it but I believe that setting the mail attribute upon user create is a separate "change" so you would only need the one workflow.

    Yes, your code for obtaining the new mail contents and the employeeID is correct - to be "cleaner", you could add '| select mail,employeeID' to the end.  That way you have less properties in the returned data.

Reply
  • 0 over 5 years ago in reply to james.huddy_64575

    You would have to test it but I believe that setting the mail attribute upon user create is a separate "change" so you would only need the one workflow.

    Yes, your code for obtaining the new mail contents and the employeeID is correct - to be "cleaner", you could add '| select mail,employeeID' to the end.  That way you have less properties in the returned data.

Children
No Data