We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Update script credentials in custom commands

October 25, 2021 Views: 894

The script updates the credentials in the settings of Run a program or PowerShell script actions in the specified custom commands with the given ones. To execute the script, create a custom command or scheduled task configured for the Domain-DNS object type. In case of a scheduled task, the Activity Scope should include a single managed domain.

Parameters:

  • $runAsUsername - Specifies the username to set for script execution.
  • $runAsPassword - Specifies the password to set for script execution.
  • $customCommandIDsToModifyRunAs - Specifies the identifiers of the custom commands to update. For information on how to get the identifier of a custom command, see https://adaxes.com/sdk/HowDoI.GetCustomCommandID/.
Edit Remove
PowerShell
$runAsUsername = "admin@domain.com" # TODO: Modify me
$runAsPassword = "secret" # TODO: Modify me

$customCommandIDsToModifyRunAs = @(
,"{ee9f55c4-17f4-40c5-9c39-3129b4a41bf4}"
,"{50f9c8c6-e4eb-4011-ac10-105a8f16gt7t}"
,"{3644e215-484d-4d8b-b390-af15480a2ff7}"
)# TODO: Modify me

function GetCustomCommandPath($commandId)
{
	try
    {
        # Bind to the 'Custom Commands' container
        $customCommandsPath = $Context.GetWellKnownContainerPath("CustomCommands")
        $searcher = $Context.BindToObject($customCommandsPath)
        
        # Search custom command by ID
        $guidBytes = (New-Object "System.Guid" $commandId).ToByteArray()
        $filterPart = [Softerra.Adaxes.Ldap.FilterBuilder]::Create("adm-CustomCommandID", $guidBytes)
        $searcher.SearchFilter = "(&(objectClass=adm-CustomCommand)$filterPart)"
        $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    
        # Execute search
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()
    
        if ($searchResults.Length -eq 0)
        {
            $Context.LogMessage("Custom command with ID $commandId not found.", "Warning") 
            return $NULL
        }
        else
        {
            return $searchResults[0].AdsPath
        }
    }
    catch
    {
            $Context.LogException($_.Exception)
            continue        
    }
    finally
    {
        # Release resources
        if ($searchResultIterator){ $searchResultIterator.Dispose() }
    }
}

function ModifyConditionedActions($paramsObj)
{
    $conditionedActions = $paramsObj.conditionedActions
    foreach ($set in $conditionedActions)
    {
        foreach ($action in $set.Actions)
        {
            # Skip other actions
            if($action.Class -ne "adm-RunScriptAction")
            {
                continue
            }
            $actionObj = $action.GetAction()
            
            if($actionObj.ScriptType -ne "ADM_SCRIPTTYPE_POWERSHELL")
            {
                continue
            }
            
            # Check if the supplied credentials are valid
            try
            {
                $actionObj.CanRunAs($runAsUsername, $runAsPassword)
            }
            catch
            {
                $Context.LogException($_.Exception)
                continue
            }
            
            $actionObj.RunAs($runAsUsername, $runAsPassword)
            $action.SetAction($actionObj)
            $action.SetInfo()
        }

        if ($isElseIfBlock)
        {
            continue
        }


        ModifyConditionedActions @{conditionedActions = $set.ElseIfConditionedActions; isElseIfBlock = $True;}

        if ($set.ElseActions.Count -ne 0)
        {
            # Modify Else actions
            foreach ($action in $set.ElseActions)
            {
                # Skip other actions
                if($action.Class -ne "adm-RunScriptAction")
                {
                    continue
                }
                $actionObj = $action.GetAction()
                
                if($actionObj.ScriptType -ne "ADM_SCRIPTTYPE_POWERSHELL")
                {
                    continue
                }
                
				# Check if the supplied credentials are valid
                try
                {
                    $actionObj.CanRunAs($runAsUsername, $runAsPassword)
                }
                catch
                {
                    $Context.LogException($_.Exception)
                    continue
                }
                
                $actionObj.RunAs($runAsUsername, $runAsPassword)
                $action.SetAction($actionObj)
                $action.SetInfo()
            }
        }
    }
}

foreach($customCommandId in $customCommandIDsToModifyRunAs)
{
    $commandAdsPath = GetCustomCommandPath $customCommandId
    if($null -eq $commandAdsPath)
    {
        continue
    }
    $command = $Context.BindToObject($commandAdsPath)
    ModifyConditionedActions @{ conditionedActions = $command.ConditionedActions; isElseIfBlock = $False }
}

Comments 0
Leave a comment
Loading...

Got questions?

Support Questions & Answers