Differences

This shows you the differences between two versions of the page.

--- devel:documentation:systems:dev:how_to_write_scripts_for_winrm_ad_connector [2019/09/04 13:40]
kucerar page created, sample script for python
+++ devel:documentation:systems:dev:how_to_write_scripts_for_winrm_ad_connector [2021/11/29 13:39] (current)
kucerar Write output
@@ Line 9: / Line 9: @@
 This is example create script
-<code>
+<code python>
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
@@ Line 40: / Line 40: @@
 f = open(os.environ["script"], "r")
 command = f.read()
+# this means that we replace $uid in powershell script with out uid.
+# unfortunately there is no better solution how to send params with powershell
+# that;s the reason why we need to replace them like this, because we need to send complete command
 command = command.replace("$uid", uid)
@@ Line 53: / Line 56: @@
 ====== Powershell ======
+<note important>When connector server is on Windows use Write-Output instead of Write-Host</note>
+I'll use same solution as with Python script and jump directly to some example script
+Tips:
+  * Use -Confirm:$false parameter to avoid "freezing" of your script
+  * Use -ErrorAction Stop or -ea Stop for better error handeling, because some command will print error to stdout by default so you won't be able to catch them without this parameter
+This is example search script so I can show handling of response
+<code powershell>
+# Search script, which will return information about user's exchange account
+# INPUT:
+#   uid - String - account identifier
+Write-Host "PS Search started"
+#Needed to load Exchange cmdlets
+Add-PSSnapin -Name '*Exchange*'
+# Wrap logic in try catch. If you not handle errors correctly then IdM will has no chance how to know if there was error or no. So best practice is to return exit 0 if everything is ok
+# return some other code in case of error
+# Write error messages to stderr
+try {
+    #$uid will be replace with some value from python, in case that search is for all (reconcilation) we will have empty string here that's the reason why we are assigning the value to new variable
+    $identificator = "$uid"
+    $obj
+    # check if identifier is empty or not
+    if ([string]::IsNullOrEmpty($identificator)) {
+        # save command output to variable
+        $obj = Get-RemoteMailbox
+    }
+    else {
+        # save command output to variable
+        $obj = Get-RemoteMailbox -Identity $identificator
+    }
+    # parsing properties for IdM
+    # IdM will accept JSON which is List of Maps where key is name attribute and value is value
+    # prepare list
+    $resultList = @()
+    # Iterate thru response object e.g. We get 10 users so we need to create map for each of them inside this loop and add it to list
+    foreach ($item in $obj) {
+        # prepare map
+        $resultMap = @{ }
+        # iterate thru each result attributes
+        foreach ($attr in $item.psobject.Properties) {
+            # care only about attributes which has some value
+            if (![string]::IsNullOrWhitespace($attr.Value)) {
+                $name = $attr.Name
+                $value = $attr.Value
+                $resultMap.add("$name", "$value")
+                # now we need to fill __UID__ and __NAME__ attribute as connid needs this values
+                if ($name -eq "SamAccountName") {
+                    $name = "__UID__"
+                    $resultMap.add("$name", "$value")
+                    $name = "__NAME__"
+                    $resultMap.add("$name", "$value")
+                }
+            }
+        }
+        $resultList += $resultMap
+    }
+    # convert to json
+    ConvertTo-Json $resultList
+}
+catch {
+    # Write to stderr and exit with code 1
+    [Console]::Error.WriteLine($_.Exception)
+    exit 1
+}
+Write-Host "PS Search ended"
+</code>