0 votes

I am trying to run this script on user delete.

$ProfilePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\TS_Profiles\" + "%userPrincipalName%" + ".edu.v2"
Remove-Item $ProfilePath -recurse -force

i get this back from your software.

The string starting: At line:1 char:1 + <<<< ".edu.v2 is missing the terminator: ".

what is wrong?, it works in my script editor.

by (80 points)
0

Also note, this script works if I use the play button to test it. Even logged in as the user i have the service registered under. I don't understand. :?:

0

Hello,

We tested your script in our environment and it works perfectly.

Does the user logon name contain double quotes?
What will be displayed in the Execution Log if you add the following line in your script?

$Context.LogMessage("%userPrincipalName%", "Information")

What error is reported for the following line:

$ProfilePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\TS_Profiles\%userPrincipalName%.edu.v2"

Try replacing double quotes with single quotes:

$ProfilePath = '\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\TS_Profiles\%userPrincipalName%.edu.v2'
0

For some reason, it started to work but i got this error on the last line of code.

Business Rules: 3 additional operations triggered

'Deleted Student Account': Run PowerShell script 'Delete TS Profile Directory' for the user
'Deleted Student Account': Run PowerShell script 'Delete User Home Directory' for the user
'Deleted Student Account': Run PowerShell script 'Delete User Redirected Folders' for the user
Error on last entry.
The specified network name is no longer available.

is this because the account was deleted and it can't find the username by the time it gets to the last line?

0

is this because the account was deleted and it can't find the username by the time it gets to the last line?

No, it is not possible. Can you post the text of the last script here?

0

I tried putting all the commands in one script and i get the same result. it randomly picks one of the deletes and fails on it.

$ProfilePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\TS_Profiles\" + "%username%" + ".edu.v2"
Remove-Item $ProfilePath -recurse -force

$HomePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\Home\" + "%username%"
Remove-Item $HomePath -recurse -force

$RedirPath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\Redirected\" + "%username%"
Remove-Item $RedirPath -recurse -force

1 Answer

0 votes
by (18.0k points)

Hello,

Your Business Rule cannot read the username property because the user object is deleted from AD (that's why a warning is shown when you save your Business Rule). The Business Rule works correctly only when the username property was cached prior to user deletion. So, to solve your problem you have two options:

1. Create another Business Rule that will be triggered BEFORE user deletion and execute the following PowerShell script:

$dummy = "%username%"

This script will cache the username property and it will be available for the Business Rule executed after user deletion.

  • OR -

2. [Recommended] Create a Business rule that will be executed before user deletion and save the user properties you need to a temporary file. The file name can contain the GUID of the user being deleted (the objectGUID property is always available after an object is deleted). The Business Rule that is executed after user deletion will read the username property from that file and do its job.

  • BEFORE user deletion:

      $fileName = $env:temp + "\%objectGuid%.adaxestmp";
      "%username%" | Out-File $fileName;
  • AFTER user deletion:

      $fileName = $env:temp + "\%objectGuid%.adaxestmp";
      $userName = Get-Content $fileName
      Remove-Item $fileName # delete the temporary file
    
      $ProfilePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\TS_Profiles\" + $userName + ".edu.v2"
      Remove-Item $ProfilePath -recurse -force
      ...
0

Ok, i could do that, but i should just be able to change the rule to run before a user delete, so, i did that and i get the same error, now i am really confused.

0

Hello,

but i should just be able to change the rule to run before a user delete

You don't need to do this. The Business Rule that deprovisions users must be executed after user deletion, as the user deletion may fail or this operation can be sent for an approval.

i did that and i get the same error, now i am really confused.

This is very strange... Add the following line to your script:

$Context.LogMessage("The username is: " + $userName , "Information")

And see what is displayed in the Execution Log.

0

This is the result of adding the line you asked me to add. i added it to each little section of code.

'Before Account is Deleted': Run PowerShell script 'Cleanup User Profiles, Home Directory, etc.' for the user

The username is:
The username is:
The term 'Context.LogMessage' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. The specified network name is no longer available.

0

Just a note, this script fails even if i run it as a custom command and not tied to an event.

$ProfilePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\TS_Profiles\" + "%username%" + ".edu.v2"
Remove-Item $ProfilePath -recurse -force

$HomePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\Home\" + "%username%"
Remove-Item $HomePath -recurse -force

$RedirPath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\Redirected\" + "%username%"
Remove-Item $RedirPath -recurse -force

Same error as before. I can't wrap my head around this. can someone call me to trouble shoot this or is there someone i can call to walk thru this. thanks.

0

Hello,

The term 'Context.LogMessage' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. The specified network name is no longer available.

You need to put a dollar sign before 'Context.LogMessage' ($Context is a predefined variable):

$Context.LogMessage("The username is: " + $userName , "Information")

Please do the following:

  1. Create a new Custom Command for User objects.

  2. Add 'Run a PowerShell script' action to the command.

  3. Configure the action to execute the following PowerShell script:

     $Context.LogMessage("Username: " + "%username%", "Information")
    
     $ProfilePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\TS_Profiles\" + "%username%" + ".edu.v2"
     $Context.LogMessage("ProfilePath: " + $ProfilePath, "Information")
    
     $HomePath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\Home\" + "%username%"
     $Context.LogMessage("HomePath: " + $HomePath, "Information")
    
     $RedirPath = "\\fs-edu1.edu.beacon-light.org\FS-EDU1_E\Redirected\" + "%username%"
     $Context.LogMessage("RedirPath: " + $RedirPath, "Information")
  4. Execute the Custom Command on a user account

  5. Post the Execution Log here.

If you want us to call you, please send me a PM with your phone number and time zone.

0

I made the changes you requested and there was no output. All i got was this.

Operation succeeded
Some additional operations triggered.

0

Can you post a screenshot here?

0

I'll give you a call in 20 minutes.

Related questions

0 votes
2 answers

Hi team, we are using a lot of custom PowerShell Scripts in our rules and actions. Is there a way to see and search through them? Are they saved somewhere in a readable ... some paths and would like to avoid to open every rule and check every PS action. Thanks

asked Mar 6 by wintec01 (1.1k points)
0 votes
1 answer

Hi All, I am currently using the 30 day free trial of Adaxes and seeing if we can use it to achieve our method of user provisioning. I am looking into server-side ... variable value within an SQL query Can this be achieved? Any help is much appreciated, Thanks

asked Feb 1 by Lewis (40 points)
0 votes
1 answer

the script repo examples are almost entirely written in ADSI, however powershell is now far more widely used, is it possible to have all scripts written in both ADSI and powershell.

asked Jan 5 by i*windows (140 points)
0 votes
1 answer

Hi, we just recently installed Adaxes and would like to implement a PowerShell script that I have previously written which cleans up user objects if they have been manually ... to perform the operation Stack trace: at &lt;ScriptBlock&gt;, &lt;No file&gt;".

asked Oct 2, 2023 by Mark.Monaco (20 points)
0 votes
1 answer

Hi team, I need to update users extensionAttribute6 after adding or removing them from a specific group. This is my setup: Group is updated based on rule set within Adaxes ... would like to update users after they were added or removed from this group. Thanks!

asked Sep 25, 2023 by wintec01 (1.1k points)
3,326 questions
3,026 answers
7,727 comments
544,678 users