Notifications

83 views

Description

This KB will demonstrate how to process the output of Query AD activity, and store a property from the output as a workflow scratchpad variable.

This KB will also explain the changes made in Madrid release.

Release or Environment

Below is the workflow we'll use for this demonstration:

Case 1: Store a single property in workflow scratchpad

Query AD activity properties:

 

The above activity retrieves attributes of AD user Abel Tuter.

In the following Run Script activity, we get the output of the QueryAD activity, then we store the DN attribute in a workflow scratchpad variable:

 

We'll need to use temp[0] instead of temp because the output of QueryAD activity is wrapped by square brackets, making it an array.

For example, QueryAD output:

[{"givenname":"Abel","..."lastlogon":"131584597508720606","distinguishedname":"CN=abel tuter,CN=Users,DC=lab01,DC=com",...,"path":"LDAP://172.16.34.177/CN=abel tuter,CN=Users,DC=lab01,DC=com"}]

 

Another way of doing it is to replace the square brackets. For example:

var temp = data.get(3).output.replace(/((^\[)|(\]$))/g, "");

temp = new JSON().decode(temp);

workflow.scratchpad.userDN = ""+temp.distinguishedname;

 

 

Case 2: Store multiple properties in workflow scratchpad

In the Query AD activity, change Search Filter to:

(&(objectCategory=group)(member=CN=abel tuter,CN=Users,DC=lab01,DC=com))

 

This activity will query AD to retrieve all the groups that user Abel Tuter belongs to.

Then we would use the Run Script activity to store the "samaccountname" value for each of the groups that were retrieved in the workflow scratchpad variables.

 

In the activity "Run Script" - Test, the below script is used:

 

var temp = new global.JSON().decode(data.get(3).output); 

for (var i=0;i<temp.length;i++) {

var index = '';

index = 'group'+i;

workflow.scratchpad[index] = temp[i].samaccountname;

}

 

Sample Output of workflow scratchpad:

 

Issues introduced in Madrid:

In Madrid, we start using ConvertTo-Json to process powershell command outputs in MID server script file: ActiveDirectory.psm1.

 

This has two issues:

1> One more pair of square brackets "[]" is introduced to the final outputs.

In London, the activity output is [{...}].

In Madrid, the activity output is [[{...}]].

As a result above demonstrations won't work.

This is documented in PRB1337502 and KB0749408.

Please follow KB0749408 to track the issue and apply workaround.

 

2>

The same code change also introduces square brackets "[]" to the value of properties returned from AD.

In London,  the attribute in the output is like: "samaccountname\":\"abel.tuter\"

In Madrid, the attribute in the output is like: "samaccountname\":[\"abel.tuter\"]

However if following the procedure in this KB, this doesn't have any impact.

 

 

 

Article Information

Last Updated:2019-08-22 19:35:40
Published:2019-08-23