I am trying to provision the Lync account through the Powershell Script. I have the script added to the IDM build and am calling the script from the java stub.
The script actually connects to the remote machine(https://) (From with in the IDM application) to create a new session and download lync commandlets to do its processing.
New-PSSession -ConnectionUri https://machinename/context -Credential $username
$username has access to the Lync user admin roles.
The script works fine when ran from the command prompt from IDM machine and even through the java stub when ran manually using $username. But I get the remote connection failed.Access denied error when i run the script throug the workflow. But I could connect to the http:// link and download the 2010 exchange mailbox cmdlets through a similar PS script with the same service account. Our IDM is hosted on http protocol
Techinally since i am using the $username to connect to remote machine, if it works in command prompt, I would expect it would also work through the workflow..But I am stumbled. Only reason I could think of is that the lync machine is the https:// site and needs SSL verified and our IDM is not.
I am guessing , the issue is more of unsecured site connecting to secured site .Any thoughts and pointers would be really appreciated.
I assume you are doing this through a connector?
I have hacked some lync and exchange stuff on the side for the adapter to call
if the cert's are making problems for you you could possibly try adding some session options
specifically -SkipCACheck -SkipCNCheck and -SkipRevocationCheck
also, you might need to fix the right to run a script for the "local" run
when I was working with it, it worked fine from prompt, but when activated by IdM it needed the
to be able to start the powershellscript from IdM in the actual script that kicked off the script.
Don't know how it works when you can use the powershell.dll provided with the IdM
Sorry, I have actually missed that this question seemed directed at me :P
I dont use the AD connector, we use the old AD Adapter since we could not get a conversion to work properly for the time available.
So we ended up with me writing a powershell script that runs on the gateway nodes (always running).
The IdM then uses the usual after action script to write a small file with the nessesary info in ( a jobfile )
the PowerShell scripts sees this file and runs a series of tests and commands to the exchange and lync servers to fulfill whatever commands were given in the jobfile.
It's been doing it for two weeks now with no real troubles.
for lync it basically does three things...
it enables a lync sipaddress when the primary smtp address has been created through exchange
it disables a lync sipaddress
it reenables a lync sipaddress when the primary smtp address changes
this was my first real powershell script, so I am sure its not well written, but it does work.
powershell is quite powerful at some stuff and really backwards in other areas...