• State Verified Answer
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 61 subscribers
  • Views 165 views
  • Users 0 members are here
Options
Related

Query regarding script to recheck attribute using a workflow

charleneforbes
12 days ago

Hi everyone

I'm hoping for some assistance with a script I'm working on.  I have a script that checks for a user having an Office licence which then sets a custom attribute edsvaRemoteMailboxCreation to true, which triggers another workflow to add exchange attributes (there are probably slicker ways of doing that but it works for us).  That check can fail if the user wasn't given a licence but is then given one later, and because the backsync has already set edsvaOffice365Enabled to true it doesn't pick up the licence being added so the script doesn't run.  That attribute is read only so I tried setting it to False if the licence check failed but it wouldn't take it.  Instead I've created another custom attribute, edsvaNoLicence.  I then created a Managed Unit that looks for everyone with that attribute set to true, and I'm trying to create a scheduled workflow which will regularly do the licence check against those users and trigger the second workflow and set the custom attribute back to false.  I hope that makes sense!  I'm getting an error on the new workflow, At line 3 char 1: Cannot validate argument on parameter 'Identity'. The argument is null or empty.  I'm guessing this is the script not getting the UPN of the users, before I added the for each line the error was the same but it was on the second last line instead so I thought it was getting the name passed through but failing on something else.

function onPostModify($Request)
{
ForEach-Object{
#Get account attributes
$UserUPN = $workflow.SavedObjectProperties("Get UserPrincipalName").get("UserPrincipalName")
$Licencecheck = (Get-qaduser $UserUPN -IncludedProperties edsvaAzureObjectID,edsaAzureUserPrincipalName,edsaAzureUserAssignedLicenses -proxy).edsaAzureUserAssignedLicenses
$licence = $licencecheck | ConvertFrom-Json
#Check for A3 for faculty (teachers)
if($licence.skuid -eq "4b590615-0888-425a-a965-b3bf7789848d")
{
Set-QADUser $UserPN -proxy -objectAttributes @{edsvaRemoteMailboxCreation=$true} 
Set-QADUser $UserPN -proxy -objectAttributes @{edsvaNoLicence=$false}
}
#Check for E3 (corp staff)
elseif($licence.skuid -eq "05e9a617-0261-4cee-bb44-138d3ef5d965")
{
Set-QADUser $UserPN -proxy -objectAttributes @{edsvaRemoteMailboxCreation=$true} 
Set-QADUser $UserPN -proxy -objectAttributes @{edsvaNoLicence=$false}
}
else{$FALSE}
}
}

Does anyone have any ideas why I might be getting this error?  The workflow that does the same check on backsync works fine, all I've added is the lines for setting edsvaNoLicence to false, the foreach line and starting it with a managed unit instead of the Read only attribute.

Parents
  • +1 11 days ago

    If you are running all of this through a combination of a (scheduled) Automation workflow and a Managed Unit, where are you enumerating the Managed Unit?

    To level set, you have two options:

    1) Use a Search Activity in your workflow and then have the script process each returned object or,
    2) Enumerate the MU in the script itself using get-qaduser -proxy -SearchRoot <managed unit>

  • 0 11 days ago in reply to JohnnyQuest

    Hi,


    Thanks for the reply, the managed unit is set in a Search for Objects action within the workflow, and the MU is populated by looking for the NoLicence attribute to be true.

    I figured out what I'd done and it was the simplest of errors - I'd copied the scripts from a couple of others and the $UserUPN was different in one of them. Cue scripting facepalm! Once I fixed that it worked fine.

Reply
  • 0 11 days ago in reply to JohnnyQuest

    Hi,


    Thanks for the reply, the managed unit is set in a Search for Objects action within the workflow, and the MU is populated by looking for the NoLicence attribute to be true.

    I figured out what I'd done and it was the simplest of errors - I'd copied the scripts from a couple of others and the $UserUPN was different in one of them. Cue scripting facepalm! Once I fixed that it worked fine.

Children
No Data