cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ToShellArgs stop executing the powershell script all of a sudden

former_member1295755
Explorer

on ‎09-03-2014 1:56 PM

0 Kudos

Hi Experts

We have an IdM 7.2 SP08 implementation. I am using pass type 'ToShellArgs' to call power shell script to create exchange accounts. It was all working fine until last month and now it suddenly stopped working. I am able to execute the power shell directly and can create the exchange accounts, but through IdM it doesn't create exchange account though there is no errors in the logs. From further trouble shooting I understand that this pass not even executing the script. Please help me to solve this issue

BR

Shiju

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member1295755
Explorer
‎09-11-2014 2:08 PM
0 Kudos

Ok I disabled the arguments and just execute the pass as below

The powershell ISE window got opened up but was showing this error below on the screen even though the power shell command prompt was seen in next line

Full error :

File C:\Windows\SysWOW64\WindowsPowerShell\v1.0\profile.ps1 cannot be loaded because running scripts is disabled on this system. For more information, see about_Execution_Policies at http://g

o.microsoft.com/fwlink/?LinkID=135170.

At line:0 char:0

Will this be a problem ? Do I need to enable the scripting ? Then why the scripts are able to execute directly ?

BR

Shiju

Show replies
Show replies
Former Member
‎09-12-2014 10:33 AM
0 Kudos

Start powershell manually and run

     Set-ExecutionPolicy Unrestricted

This should allow the script to run, but it is a security risk. You can also try to start powershell with the parameter

     –ExecutionPolicy Bypass

added as an argX in the pass configuration.

If this solves it then there's probably a windows update or policy update on the server that caused the problem.

Br,

Per Christian

Steffi_Warnecke
Active Contributor
‎09-03-2014 2:27 PM
0 Kudos

Hello Shiju,

is the task executed? Did you check the dispatcher, that is assigned to this task, if that is running? Did you re-start it yet?

Regards,

Steffi.

Show replies
Show replies
former_member1295755
Explorer
‎09-03-2014 2:30 PM
0 Kudos

Hi Steffi,

The dispatcher is running and yes the task executed without any error.

Thanks

BR

Shiju

Former Member
‎09-05-2014 1:17 PM
0 Kudos

Did you uninstall and install the dispatcher service perhaps? If so you might need to verify that the dispatcher service has the correct authorization (username/password) setting instead of the system account. An easy way to test that is to run the dispatcher in testmode as it will user your login credentials while executing powershell and the script.

Br,

Per Christian

former_member1295755
Explorer
‎09-05-2014 2:03 PM
0 Kudos

Hi Per

Yes I tried with the test mode and found that it is not because of any authorization issue. Thanks for your suggestion

BR

Shiju

former_member2987
Active Contributor
‎09-05-2014 3:12 PM
0 Kudos

Shiju,

I'd look at two things:

1. As Chris referenced, check the permissions on the service account running the dispatchers.  Make sure there were no changes to the account.

2. In the pass where you invoke powershell. try changing the cmd argument so it start with "cmd /c" to invoke a separate command shell session.

Also have you tried the Test Provisioning task on the Provision AM Exchange User task? If that runs fine as is, then your issue is with the workflow, not the provision task.

Matt

former_member1295755
Explorer
‎09-05-2014 3:51 PM
0 Kudos

Hi Matt

1 . I checked this and found there is no permission issues

2 . Sorry I am not much familiar with the DOS commands, is it like the below ?

Attribute     Value

------------------------------------------------------------

cmd           "cmd /C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"

And I checked the Test provisioning task and the task executed without any error, but it never executed the shell script, not even called the script.

BR

Shiju

former_member2987
Active Contributor
‎09-05-2014 7:15 PM
0 Kudos

Shiju,

Try doing this with a "Sell Execute" pass type instead.

Take a look here for more info.

http://help.sap.com/saphelp_nwidmic72/en/managing_passes/to_passes/dse_to_shell_dest.htm

BTW, you will have to use the cmd /c option here.

Matt

Former Member
‎09-09-2014 2:23 PM
0 Kudos

Just did a quick test here and found that my script was blocked. To verify, run the dispatcher in test-mode, replace the call to powershell.exe to powershell_ise.exe (interactive scripting environment, or debugger...)

My To_Shell pass is:

powershell_ise C:\temp\myps.ps1

Run the pass, powershell_ise loads the script, Run/Continue to see what happens:

Which is this:

And thats a system policy setting.

Former Member
‎09-09-2014 2:41 PM
0 Kudos

Next I ran into problems where the powershell.exe process still hang (seen in Task Manager just sitting idly along with a java.exe runtime)... A search gave me this workaround, execute:

     cmd /c "echo . | powershell c:\temp\myps.ps1"

instead of

     powershell c:\temp\myps.ps1

And for some reason that worked.

See:

Why does PsExec hang after successfully running a powershell script? - Server Fault

for additional info

former_member1295755
Explorer
‎09-10-2014 7:31 AM
0 Kudos

Hi Per Krabsetsve,

Thanks for your quick help.

I tried as you mentioned and I got the below result. The dispatcher in test mode seems to be fine in terms of authorization. But the power shell in interactive mode throws an error about

Error processing arguments : to open multiple files..... as in the screenshot below.

Below is the pass which is causing this issue, can you please help further

HI Matt,

Thanks for your help.

I did as you mentioned as well, but it results the same, just not invoked the power shell script at all.

BR

Shiju

Former Member
‎09-11-2014 11:39 AM
0 Kudos

Seems like the ISE is not capable of accepting parameters so that won't work after all. Sorry.

I tried adding logging to file in my script to see if it was started at all using this at the top of my powershell script file



$stream = [System.IO.StreamWriter] "C:\temp\param.txt"


$stream.WriteLine("Begin parameters:");


foreach ($arg in $args)


{


  $stream.WriteLine("$arg");


}


$stream.WriteLine("End parameters");


$stream.close();

The ToShellArgs pass worked just fine and all argX values from IdM were logged succesfully to the param.txt file. Since you write that your script isn't even started it seems I've not reproduced your scenario after all.

former_member1295755
Explorer
‎09-11-2014 12:19 PM
0 Kudos

Hi Per Krabsetsve,

Thanks for digging in to it. In fact I too put a statement in the script so that I know whenever it is called. But that script never ever called when I execute this pass. If I execute the power shell script directly it was executed perfectly fine. So the issue is my ToShellArgs never called this power shell script.But now I am wondering that this pass is able to at least trying to open power shell when it is in ISE mode. Another hint is that this same pass was working fine until last month, we never made any changes to the IdM configurations. Will there be anything to check on windows OS updates on the IdM server ?

BR

Shiju

Ask a Question