trap script error and change workflow patch via workflow

Dear all,

I would like to create a new workflow to assig local admin right to users that make a request to CSD but I'm stuck finding a way to trap the error of the script.

 

function PreExecuting($workflow, $activity){
  $tn = $activity.Runtime.Controls["ticketnum"].Value
  if ([string]::IsNullOrWhiteSpace($tn) -or -not ($tn -match '^INC\d{12}$')){
    $workflow.ActivityFailure("Please insert a valid Ticket Number")
  }  
  $hn = $activity.Runtime.Controls["systemname"].Value
  if ([string]::IsNullOrWhiteSpace($activity.Runtime.Controls["systemname"].Value)  -or -not ($hn -match '(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{1,63}(?<!-)\.)+[a-zA-Z]{2,63}$)') ){
    $workflow.ActivityFailure("Please insert a valid System Host Name")
  }  
}

function PostExecuting($workflow, $activity) {
  if ($activity.State.IsSuccess){
      $msg = '------ Ticket number ' + $activity.Runtime.Controls["ticketnum"].Value + '-----------------------------------------------'
      $global.LogError($msg)
      $msg = 'Assigning Admin Rights to user ' + $workflow.UserInfo.AccountInfo.SamAccountName
      $global.LogError($msg)
      $msg = 'System host name ' + $activity.Runtime.Controls["systemname"].Value
      $global.LogError($msg)
      $hn = $activity.Runtime.Controls["systemname"].Value
      $sam = $workflow.userinfo.accountinfo.SamAccountName
      $un = 'DOMAIN\' + $sam
      
        if ($activity.State.IsSuccess) {
                 psexec -nobanner -accepteula \\$hn  -u DOMAIN\saccount  -p xxxxxxx net localgroup Administrators $un /add 2>&1 >> c:\tmp\adminrights.txt

           if( $?) {
            $workflow.ActivityFailure("it was not possible to assign administrative privileges  for $un  on $hn. Please engage local .")
            } else {
                       $workflow.ActivitySuccess("User $un has been assinged to Local Administrator group on $hn. Assign yourself a ticket to remove the privileges within 24h.")
                      }
        }
        
        if ($activity.State.IsSuccess){
            $msg = 'Admin rights successfully assigned to the users User ' + $workflow.UserInfo.AccountInfo.name
            $global.LogError($msg)
        }  else  {
            $msg = 'it was not possible to assign administrative privileges for ' + $workflow.UserInfo.AccountInfo.name + '. Please engage local .'
            $global.LogError($msg)
        }
   }
}

 

 

 

but this section does not work properly and do not catch the errorstate of the command above.

 

   if( $?) {
            $workflow.ActivityFailure("it was not possible to assign administrative privileges  for $un  on $hn. Please engage local .")
            } else {
                       $workflow.ActivitySuccess("User $un has been assinged to Local Administrator group on $hn. Assign yourself a ticket to remove the privileges within 24h.")
                      }

 

 

 

any idea on how I can sort it out?

 

regards,

Danilo

 

apparently the outcome of the powershell