UNSAccountB process is not firing for INSERT events for Provisioning using Powershell Connector

I am not asking why you are using the PowerShell connector to synchronize AD and not the ootb AD connector...

But I would check:

- If the conditions in your prescript are fulfilled. Especially if the sysem type of the connection is stored at UID_UNSRoot.UID_DPRNameSpace.Ident_DPRNameSpace for your test object.

Hi Markus,

Thanks for your response.

I'm sorry for the confusion, I'm trying to use the Powershell connector in order to execute some custom PS commands so I was using that xml file (AD Sample) as an example, do you have something that helps me to create the xml file for that? Thanks

I have nothing more than what is already posted. The AD Sample is part of the tool to demonstrate the various options of the XML definition file.

I would try to search the forums for PowerShell connector entries.

Sorry.

But as I have said before, check the conditions in your process chain Pre-Script to detect, why the process is not generated. My first guess is still around the system type (PoshNet40).

Thanks again Markus.

Here's my xml definition file, Can you take a look at it? probably there's something wrong with the definition file because after this my Sync Editor tool crash....


<?xml version="1.0" encoding="utf-8" ?>
<!--
Some header data definint the id, the version and the description of this connector
-->
<PowershellConnectorDefinition Id="SamplePowershellConnector" Version="1.0" Description="Sample Powershell Connector">

<!--
Include plugin libraries for custom conversions
Custom converters can contain code to:
1. Convert output of a commandlet to a connector value (see IPSObjectValueConverter interface)
2. Convert connector values/modifications to cmdlet parameters (see IPSParameterConverter interface)
-->
<PluginAssemblies>
<!--<Assembly Path="VI.Projector.Exchange.Common.dll" />-->
</PluginAssemblies>

<!--
Define connection parameters that shall be queried from the user when
creating a new connection. Set the IsSensibleData attribute to true for passwords etc.
-->
<!--<ConnectionParameters>
<ConnectionParameter Name="ComputerName" Description="TargetServer" />
<ConnectionParameter Name="Name" Description="Account" />
<ConnectionParameter Name="Description" Description="Comments" />
</ConnectionParameters>-->

<!--
The initialization section contains all settings that are used for setting
up the runtime powershell session.
-->
<Initialization>
<!--
Specify custom script commandlets. Those commandlets are available throughout the whole
powershell session of the connector and can be used like regular commands
-->
<CustomCommands>
<CustomCommand Name="Connect-Session">
<![CDATA[
$idm = "init"
]]>
</CustomCommand>
<CustomCommand Name="Create-LocalAccount">
<![CDATA[
Invoke-Command -ComputerName "2012r2std" -ScriptBlock {New-LocalUser -Name "Test104" -Description "Description" -NoPassword}
]]>
</CustomCommand>
<CustomCommand Name="Get-LocalAccounts">
<![CDATA[
Invoke-Command -ComputerName "2012r2std" -ScriptBlock {Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount=True"}
]]>
</CustomCommand>
<CustomCommand Name="Exit-Session">
<![CDATA[
exit
]]>
</CustomCommand>

</CustomCommands>

<!--
List of all commands that are mapped in the schema types. This can either be built-in powershell commandlets
or commandlets that are loaded from modules, remote sessions or snapins. If you import sessions or modules using the
prefix parameter, you need to specify the commands including the prefix i.e. Get-PrefixADUser
-->
<PredefinedCommands>
<Command Name="Invoke-Command" />
<Command Name="New-LocalUser" />
</PredefinedCommands>

<!--
The following section contains the sequence of commands, that are executed when ...
... the powershell session is established (connect)
... the powershell session is closed (disconnect)
-->

<EnvironmentInitialization>
<!--
Commands to be executed when the powershell runspace is created
-->
<Connect>
<!--
A commandsequence contains 1 to n commands that are executed successively. They do not
share a common pipeline which means that the output of one command is not available to
the successive command. The commands are executed in the order specified by the "Order"
attribute.
-->
<CommandSequence>
<Item Command="Connect-Session" Order="1">
<!--
A "SetParameter" is one way to pass parameter values to a powershell command.
Attributes:
"Param" = contains the target Parameter
"Source" = the source for the value. Available sources are
"ConnectionParameter" ... value is taken from a passed connection parameter)
"FixedValue" ... a fixed value
"FixedArray" ... a fixed array of values
"SwitchParameter" ... a Powershell switch Parameter
"GlobalVariable" ... value of a global variable
"Value" = meaning depends on "Source"
if source is "ConnectionParameter" then "Value" contains the name of the connection parameter
if source is "SwitchParameter" then "Value" can be omitted/has no effect
if source is "FixedValue" then "Value" contains a fixed value
if source is "FixedArray" then "Value" contains a comma seperated list of elements that are passed as an array
if source is "GlobalVariable" then "Value" contains the name of the variable to use.
To set a global variable use $global:<name> = <value>

Another way to map parameters are described in the Schema section

-->
<!--<SetParameter Param="ComputerName" Source="ConnectionParameter" Value="ComputerName" />
<SetParameter Param="Name" Source="ConnectionParameter" Value="Name" />
<SetParameter Param="Description" Source="ConnectionParameter" Value="Description" />-->
</Item>
</CommandSequence>
</Connect>

<!--
Commands to be executed when the runspace is closed (free resources etc.)
-->
<Disconnect>
<CommandSequence>
<Item Command="Exit-Session" Order="1" />
</CommandSequence>
</Disconnect>

</EnvironmentInitialization>
</Initialization>

<!--
The Schema section describes how commandlet input/output is mapped to schema types
-->
<Schema>
<!--
Definition of a schema class 'user'
-->
<Class Name="User">
<!--
Definition of Properties, at least one property needs to be marked as IsUniqueKey.
-->
<Properties>

<!--
A Property element contains the definition of Schema property.
Attributes:
"Name" = The name of the property
"DataType" = The data type (valid values are String, Int, Bool, DateTime)
"IsUniqueKey" = indicates, that the property can be used to identify an object instance
"IsMandatory" = indicates, that the property is mandatory
"IsAutofill" = indicates, that the value of this property is created by the system
"IsDisplay" = indicates, that the value of this property is used as a display
"IsRevision" = indicates, that the value of this property is used as revision
-->

<Property Name="Name" DataType="String" IsUniqueKey="true" IsMandatory="true" IsAutoFill="true">
<ReturnBindings>
<Bind CommandResultOf="Get-LocalAccounts" Path="Name" />
</ReturnBindings>
<CommandMappings>
<Map ToCommand="Create-LocalAccount"/>
</CommandMappings>
</Property>

<Property Name="Description" DataType="String">
<ReturnBindings>
<Bind CommandResultOf="Get-LocalAccounts" Path="Description" />
</ReturnBindings>
<CommandMappings>
<Map ToCommand="Create-LocalAccount"/>
</CommandMappings>
</Property>

</Properties>

<!--
The read configuration is mandatory. It defines the ListingCommand which is used to pull
a list of all objects of this type from the system. Furthermore, the additional commandsequence
defines the list of commands, that need to be executed to fully load a single object with all
properties defined in the schema
-->
<ReadConfiguration>
<ListingCommand Command="Get-LocalAccounts">
<SetParameter Param="Filter" Source="FixedValue" Value="*" />
<SetParameter Param="Properties" Source="FixedArray" Value="Name" />
</ListingCommand>
<CommandSequence>
<Item Command="Get-LocalAccounts" Order="1" >
<SetParameter Param="Properties" Source="FixedArray" Value="Name,AccountType,Description,Domain" />
</Item>
</CommandSequence>
</ReadConfiguration>


<!--
The MethodConfiguration section describes all methods that are available for this class. In order to stay compatible with
the D1IM Projector, you schould use the name
- Insert -> Commands that create a new object
- Update -> Commands that modify an exisiting object
- Delete -> Commands that delete an exisiting object
-->
<MethodConfiguration>
<!--Define a method named "Insert"-->
<Method Name="Insert">
<!--An "Insert" consists of the following command calls-->
<CommandSequence>
<Item Command="Create-LocalAccount" Order="1">
<SetParameter Param="PassThru" Source="SwitchParameter" Value="" />
</Item>
<!--
The Condition "ModificationExisits" causes, that this command is only executed,
if one or more propert(ies) were set, that are written by this command.
-->
</CommandSequence>
</Method>
</MethodConfiguration>
</Class>
</Schema>

</PowershellConnectorDefinition>

Can you be please more specific, when you are saying it crashes? At which point in time exactly? What have you done before the crash?

The only suspicious thing in the XML is the exit in the exit-session function. You should not explicitly end the PowerShell session in the disconnect, just cleanup open resources, or handles.

It crashes after the Connection Wizard is finished, I think that's before the loading schema section .... the actual error when the tool crashes is "Dell One Identity Manager Synchronization Editor has stopped working. A problem caused the program to stop working correctly. Windows will close the program and notify you if it a solution is available"

Actually, I don't need to execute an specific cmd at the end, but the XML needs at least one, that's the reason I was using the exit, but what should be a good option instead?

Thanks again

You do not need to specify a disconnect command sequence as far as I know. You just need the Disconnect XML nodes in the definition.

And, did you validate the XML in the connector? What was he saying?

yes, everything was ok (green color) in the consistency check result..

So just define an empty Disconnect and see if it is working. You could also turn on the trace log level and check if you can see anything in the log when the crash appears.

That helped. I think everything is good with the xml file now but I'm still having the first issue:

"The UNSAccountB process is not firing for Insert Events"

I checked the conditions in my process chain Pre-Script and I fixed a few things (something was wrong with the SystemType for the DPR_GetAdHocData script) but now I'm getting a null object if I test that script: "Object reference not set to an instance of an object".

If you take a look at that script (DPR_GetAdHocData) you'll see a few parameters, and it seems that the IEntity parameter is null, that's supposed to be the UNSAccountB object, right? The rest of the parameters are ok.

Here's my actual pre-script:

If Not CBool(Connection.Variables("FULLSYNC")) AndAlso _
$FK(UID_UNSRootB).NamespaceManagedBy:String$.Equals("VISYNC",StringComparison.OrdinalIgnoreCase) Then

Try


Dim f As ISqlFormatter = Connection.SqlFormatter
Dim tmpSystemType As String = $FK(UID_UNSRootB).FK(UID_DPRNameSpace).Ident_DPRNameSpace$
values("SystemType") = Connection.GetSingleProperty("SystemType","DPRSchema", f.Comparison("Name",tmpSystemType,ValType.String,CompareOperator.Equal,FormatterOptions.IgnoreCase))
values("AdHocDataFound") = False


Imports System.Collections.Generic
Dim data As IDictionary(Of String,string) = DPR_GetAdHocData($FK(UID_UNSRootB).XObjectKey$,values("SystemType").ToString(),"","Insert")

If Not data is Nothing
values("AdHocDataFound") = True
values("NeedExecute") = DPR_NeedExecuteWorkflow(data("ProjectionConfigUID").ToString(),entity)
values("ObjectKey") = New DbObjectKey(base.Tablename,$UID_UNSAccountB$).ToXmlString()
values("UID_DPRSystemVariableSet") = data("VariableSetUID")
values("UID_DPRProjectionConfiguration") = data("ProjectionConfigUID")
values("UID_QBMServer") = data("ExecutionServerUID")
End if

Catch ex as Exception
values("AdHocDataFound") = False
End Try

End If


Thanks again