Adaxes

[SOLVED] Scheduled task failing.

0 votes

UPDATE: Fixed this, turns out there was a request with no approver, denied the request and it works as normal now.

I have a scheduled task that has been working for some time now but started failing on 18th June for no obvious reason.
Error as below:

Exception calling "GetObject" with "1" argument(s): "One or more input parameters are invalid "

I don't think anything has changed in the code and logging seems to reflect no changes. Can you give me more insight into the error message please?

Here's the script: 

$requestExpirationDays = 5 # TODO: modify me to change the number of overdue days

# Sets new approvers for the request
function HandleExpiredRequest($request)
{
    $approversInfo = $request.GetApproversInfo()
    $approvers = $approversInfo.GetApproversEx($request.Requestor, $request.TargetObject)
    $trustee = $approversInfo.ApproverTrustees

    if ($approvers.Count -gt 1)
    {
        return
    }

    $approver = $approvers.GetObject(0)
    try
    {
        $newApproverDNs = $approver.Get("seeAlso")
    }
    catch
    {
        return # No new approvers specified
    }

    foreach ($approverDN in $newApproverDNs)
    {
        $approver = $Context.BindToObjectByDN($approverDN)
        if ($approversInfo.IsApproverEx($approver, $request.Requestor, $request.TargetObject))
        {
            continue
        }
        $trustee.Add($approver)
    }

    $request.SetApproversInfo($approversInfo)
    $request.SetInfo()
}

# Bind to the Approval Requests container
$containerPath = $Context.GetWellKnownContainerPath("ApprovalRequests")
$container = $Context.BindToObject($containerPath)

# Get all pending approval requests
$requests = $container.GetApprovalRequests("ADM_APPROVALSTATE_PENDING")

foreach ($requestID in $requests)
{
    # Bind to the approval request
    $guid = [Guid]$requestID
    $request = $Context.BindToObject("Adaxes://<GUID=$guid>")

    # Check whether the request has expired
    $requestExpDate = $request.CreationDate.AddDays($requestExpirationDays)

    if ([System.DateTime]::Now -lt $requestExpDate)
    {
        continue
    }

    HandleExpiredRequest($request)
}
by (840 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

We've modified the script to handle such situations. The version of the script that you can find below will not cause such an error. Also, it will send a notification e-mail to an administrator so that appropriate action can be taken.

Parameters in the script:

  • $requestExpirationDays - specifies the number of days an Approval Request needs to remain pending to become outdated.
  • $adminMail - specifies the administrator's e-mail address.
  • $noApproversMailSubject - specifies the subject of the notification message.
  • $noApproversMailTemplate - specifies a template for the notification message. In the template, {0} will be replaced with a link to the approval request that triggered the notification.
$requestExpirationDays = 3 # TODO: modify me
$adminMail = "AdminMail@domain.com" # TODO: modify me
$noApproversMailSubject = "A request without approvers has been found" # TODO: modify me
$noApproversMailTemplate = "<b>The following approval request does not have any approvers:</b><br/>{0}<br/>Please take appropriate action.<hr /><p><i>Do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

# Sets new aprovers for the request and sends out e-mail notifications
function HandleExpiredRequest($request, $adminMail, $subject, $webInterfaceAddress, $message)
{
    $approversInfo = $request.GetApproversInfo()
    $approvers = $approversInfo.GetApproversEx($request.Requestor, $request.TargetObject)
    $trustee = $approversInfo.ApproverTrustees

    # Send mail to admin if request does not have approvers
    if ($approvers.Count -eq 0)
    {
        $requestGuid = [Guid]$request.Get("objectGuid")
        $requestDescription = $request.DescriptionOfOperationToApprove
        $requestLink = "<a href='$webInterfaceAddress`ViewObject.aspx?guid=$requestGuid'>$requestDescription</a>"
        $message = [System.String]::Format($message, $requestLink)
        $Context.SendMail($adminMail, $subject, $NULL, $message)
        return
    }

    if ($approvers.Count -gt 1)
    {
        return
    }

    $approver = $approvers.GetObject(0)
    try
    {
        $newApproverDNs = $approver.Get("seeAlso")
    }
    catch
    {
        return # No new approvers specified
    }

    foreach ($approverDN in $newApproverDNs)
    {
        $approver = $Context.BindToObjectByDN($approverDN)
        if ($approversInfo.IsApproverEx($approver, $request.Requestor, $request.TargetObject))
        {
            continue
        }
        $trustee.Add($approver)
    }

    $request.SetApproversInfo($approversInfo)
    $request.SetInfo()
}

# Bind to the Approval Requests container
$containerPath = $Context.GetWellKnownContainerPath("ApprovalRequests")
$container = $Context.BindToObject($containerPath)

# Get all pending approval requests
$requests = $container.GetApprovalRequests("ADM_APPROVALSTATE_PENDING")

# Get the default Web Interface address
$webInterfaceAddress = "%adm-WebInterfaceUrl%"
if ([System.String]::IsNullOrEmpty($webInterfaceAddress))
{
    $Context.LogMessage("Default web interface address not set for Adaxes service. For details, see http://www.adaxes.com/help/?HowDoI.ManageService.RegisterWebInterface.html", "Warning")
}

foreach ($requestID in $requests)
{
    # Bind to the approval request
    $guid = [Guid]$requestID
    $request = $Context.BindToObject("Adaxes://<GUID=$guid>")

    # Check whether the request has expired
    $requestExpDate = $request.CreationDate.AddDays($requestExpirationDays)

    if ([System.DateTime]::Now -lt $requestExpDate)
    {
        #continue
    }

    HandleExpiredRequest $request $adminMail $noApproversMailSubject $webInterfaceAddress $noApproversMailTemplate

    # Send additional email to approvers
    $request.NotifyApprovers()
}
0

Thanks that looks pretty good.

Much appreciated.

by (840 points)

Related questions

0 votes
1 answer
Scheduled task failing to delete domain admin user objects

Hi We have a couple of scheduled tasks set up to remove accounts which have been disabled for a perios of time. This works fine for normal user accounts, but we ... and former domain admin accounts? We're running the latest version of Adaxes Thanks Matt

asked Oct 26, 2022 by chappers77 (2.0k points)
0 votes
1 answer
***SOLVED***Schedule Task to create export fails

In the Admin Console, I've created a scheduled task to create an export. I get this error, "The execution of the external program or script took longer than 600000 milliseconds ... it manually at a command line, it generates the file in a matter of seconds.

asked Mar 9, 2015 by sbanks (270 points)
0 votes
1 answer
How can I use PowerShell code to get a list of scheduled task whose name match a partial search?

Using the powershell module, I know how to create a scheduled task, and also how to bind to a scheduled task that is already known. I also have used code to try creating ... same time as another. These are all one-time tasks and will be removed once executed.

asked Jan 19 by aweight (40 points)
0 votes
1 answer
new hire scheduled task

So I have custom forms for onboarding / offboarding users. We sometimes know 2-3 weeks in advance so I would like to add the ability to schedule these for the future. I ... to take all the data that was inputed and then process the request on the given date?

asked Aug 4, 2023 by thatcher (120 points)
0 votes
1 answer
Remove User Groups from User with account expires after one month with a scheduled task

Hello! how do i manage do get adaxes to remove all groups from the user after one month? We have a Business Rule where you can add an end of Date when the Account ... value field the powershell script works but not with the +1 Month. Thanks for your help!

asked Jun 14, 2023 by eww ag (140 points)
3,348 questions
3,049 answers
7,791 comments
545,047 users