• State Suggested Answer
  • Replies 16 replies
  • Answers 1 answer
  • Subscribers 63 subscribers
  • Views 13525 views
  • Users 0 members are here
Options
Related

Synchronization Service - Step Handlers

todd harrison
over 4 years ago

Hi,

We just recently implemented the Active Roles Synchronization Service in our organization to aid in employee onboarding.

I am wondering what the "Step Handlers" can be used for? The documentation says the following:

"Sync workflow step handlers allow you to automatically perform custom actions either before running a workflow step or after the workflow step run results have been committed (written) to the data system. Out of the box, Synchronization Service includes a single predefined handler type that can automatically execute your custom PowerShell script and thus perform the desired action."

 

I was hoping to be able to use this to read the data collected from our HR software, check a specific attribute we are receiving from that system, and if it is set to a specific value, trigger an alert.

I tried using the $Srcobj hash table that is detailed in the documentation, but this appears to be only be available in the "Creation Rules".

Is there a way to reference objects in the source location from scripts running in the "Step Handlers" step?

 

Cheers

Parents
  • 0 over 4 years ago

    Step handlers are generally used to perform some kind of special processing on the data coming from the source connected system or in some cases to add to that data based on a lookup in another system that is separate from the source.

    If you could provide us some more detail on the type of change or addition you want to make, perhaps we can suggest an implementation approach.

Reply
  • 0 over 4 years ago

    Step handlers are generally used to perform some kind of special processing on the data coming from the source connected system or in some cases to add to that data based on a lookup in another system that is separate from the source.

    If you could provide us some more detail on the type of change or addition you want to make, perhaps we can suggest an implementation approach.

Children
  • 0 over 1 year ago in reply to JohnnyQuest

    Hello everyone from Rainy California !.  Great information on this discussion.  I have a similar but different scenario and I am trying to determine if ARSS can perform the task.  Here is the overview.

    We currently Sync users from AD to Azure AD and M365 using the connectors.  When new users are created by a provision workflow step, I then need to run afterwards, a completely separate few lines of Azure AD powershell against each created user.  I am not sure if this can be done by trying to use the $destObj and if so, where to place this code to run it.  Any advice or links to samples or information would be great if you have any ideas.

    I was trying to find more examples on Step Handlers as a post step.  I was also not sure if each of the 3 lines of pshell below need to be a separate step in the step handler, or just 1 step with all the code together.  I guess I'm just trying to sort out what, where,. how.

    Here is the detail:

    Users source from Active Directory

    1.  Run a workflow step that provisions new users in the destination (Azure AD)

    Each user has a unique 8 character ID that we place to the left of the @ sign on the UPN

    Each users email address is included when the user is created.

    I was thinking that variable to get the UPN and Mail by $destObj but not sure how or where to try it.

    2.  Once the Azure AD user is created, I need to run this code.  However, I am not sure how or where to try and run it within ARSS steps, handlers, etc.

    Example of 1 user: 37579337@example.onmicrosoft.com

    #STEP 1: Set Variable to collect the existing Azure AD user.
    $ADGraphUser = Get-AzureADUser -objectID 37579337@example.onmicrosoft.com

    #STEP 2: Set Variable for msgraph
    $msGraphUser = New-Object Microsoft.Open.MSGraph.Model.User -ArgumentList $ADGraphUser.ObjectId

    #STEP 3: convert member to external member
    New-AzureADMSInvitation -InvitedUserEmailAddress Danny.Ocean11@example.com -SendInvitationMessage $False -InviteRedirectUrl http://myapps.microsoft.com -InvitedUser $msGraphUser

    Any thoughts or advice would be much appreciated.  Thank you for your time.