Symantec IGA

Hello all,

I need to invoke a PowerShell script when a user is disabled.
Now, PowerShell runs on Windows obviously, and my customer is running under vApp (Linux)

So i cannot use a shell command (through PX  or Kettle) as IDM runs in the vApp.

I cannot run program exit (DLL or batch) as again, those need to be deployed in the provisioning server\bin  (again, vApp Linux).

What are my options (if any)?

Thanks!

Charly

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

^{Maybe you could use an SSH server on Windows like Cygwin, and invoke the PowerShell script through an ssh tunnel.} 

Original Message:
Sent: 11-28-2019 04:12 AM
From: Charly Setbon
Subject: Invoke ADS program exit (vAPP)

Hello all,

I need to invoke a PowerShell script when a user is disabled.
Now, PowerShell runs on Windows obviously, and my customer is running under vApp (Linux)

So i cannot use a shell command (through PX  or Kettle) as IDM runs in the vApp.

I cannot run program exit (DLL or batch) as again, those need to be deployed in the provisioning server\bin  (again, vApp Linux).

What are my options (if any)?

Thanks!

Charly

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

Original Message------

^{Maybe you could use an SSH server on Windows like Cygwin, and invoke the PowerShell script through an ssh tunnel.} 

Rajesh-
As I mentioned, PX will run a java code in the vAPP (Linux), not on a windows box.

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

Original Message:
Sent: 11-28-2019 10:23 AM
From: Rajesh Madala
Subject: Invoke ADS program exit (vAPP)

Hi Charly,

 

You can deploy custom java code which can then call Powershell on windows machine.

Java custom code should be called from PX

 

Original Message------

^{Maybe you could use an SSH server on Windows like Cygwin, and invoke the PowerShell script through an ssh tunnel.}

Original Message------

Rajesh-
As I mentioned, PX will run a java code in the vAPP (Linux), not on a windows box.

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

Hi Iyes-
Customer prefers not doing that...

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

Original Message:
Sent: 11-28-2019 08:38 AM
From: IYES DENDENI
Subject: Invoke ADS program exit (vAPP)

^{Maybe you could use an SSH server on Windows like Cygwin, and invoke the PowerShell script through an ssh tunnel.}

Original Message:
Sent: 11-28-2019 04:12 AM
From: Charly Setbon
Subject: Invoke ADS program exit (vAPP)

Hello all,

I need to invoke a PowerShell script when a user is disabled.
Now, PowerShell runs on Windows obviously, and my customer is running under vApp (Linux)

So i cannot use a shell command (through PX  or Kettle) as IDM runs in the vApp.

I cannot run program exit (DLL or batch) as again, those need to be deployed in the provisioning server\bin  (again, vApp Linux).

What are my options (if any)?

Thanks!

Charly

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

Does the PowerShell script have to be executed immediately?
If not, IM PX could write to a DB table when the user is disabled. Then have a scheduled task on Windows that runs every, say, 15 minutes. It could call PDI or PowerShell script to read the user id out of the DB table, do whatever the PS script needs to do and then delete the user from the DB (or mark the user status as updated in the DB).
Original Message:
Sent: 11-28-2019 05:25 PM
From: Charly Setbon
Subject: Invoke ADS program exit (vAPP)

Hi Iyes-
Customer prefers not doing that...

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)

Original Message:
Sent: 11-28-2019 08:38 AM
From: IYES DENDENI
Subject: Invoke ADS program exit (vAPP)

^{Maybe you could use an SSH server on Windows like Cygwin, and invoke the PowerShell script through an ssh tunnel.}

Original Message:
Sent: 11-28-2019 04:12 AM
From: Charly Setbon
Subject: Invoke ADS program exit (vAPP)

Hello all,

I need to invoke a PowerShell script when a user is disabled.
Now, PowerShell runs on Windows obviously, and my customer is running under vApp (Linux)

So i cannot use a shell command (through PX  or Kettle) as IDM runs in the vApp.

I cannot run program exit (DLL or batch) as again, those need to be deployed in the provisioning server\bin  (again, vApp Linux).

What are my options (if any)?

Thanks!

Charly

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

Hi Pearse-
This is an option I will explore.
Thanks.

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------

Original Message:
Sent: 11-29-2019 07:05 AM
From: Pearse Kennedy
Subject: Invoke ADS program exit (vAPP)

Does the PowerShell script have to be executed immediately?
If not, IM PX could write to a DB table when the user is disabled. Then have a scheduled task on Windows that runs every, say, 15 minutes. It could call PDI or PowerShell script to read the user id out of the DB table, do whatever the PS script needs to do and then delete the user from the DB (or mark the user status as updated in the DB).
Original Message:
Sent: 11-28-2019 05:25 PM
From: Charly Setbon
Subject: Invoke ADS program exit (vAPP)

Hi Iyes-
Customer prefers not doing that...

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)

Original Message:
Sent: 11-28-2019 08:38 AM
From: IYES DENDENI
Subject: Invoke ADS program exit (vAPP)

^{Maybe you could use an SSH server on Windows like Cygwin, and invoke the PowerShell script through an ssh tunnel.}

Original Message:
Sent: 11-28-2019 04:12 AM
From: Charly Setbon
Subject: Invoke ADS program exit (vAPP)

Hello all,

I need to invoke a PowerShell script when a user is disabled.
Now, PowerShell runs on Windows obviously, and my customer is running under vApp (Linux)

So i cannot use a shell command (through PX  or Kettle) as IDM runs in the vApp.

I cannot run program exit (DLL or batch) as again, those need to be deployed in the provisioning server\bin  (again, vApp Linux).

What are my options (if any)?

Thanks!

Charly

------------------------------
Senior Consultant/Architect- CA Identity Suite SME
Topspin Technologies (Partner)
------------------------------