FIM Workflow calling PowerShell 3.0 from 2.0 pipeline

  • Article

In this scenario a customer was trying to use a PowerShell 3.0 cmdlet through a PowerShell custom activity. In this scenario we need to use remoting. I will not cover remoting in this article but provide links for your research. In this case we will be calling the local host of the FIM service machine as a caution. I would not use this a solution for high volume call. An example of this if your workflow does a ROPU on 10000 users and you will/could deadline your machine. Another option would create an EZMA to support high volume.

Issue: Most PowerShell custom activities and FIM are built on the version .NET 3.5. PS 3.0 requires .NET 4.0 thus are dilemma

First Step we need to configure remoting on the FIM Service Server:

Note: If you have more than one FIM service you will need to configure this for all Service machines

· Some things to consider during consideration is connection limits and max users

clip_image002

1. Run Set-WSManQuickConfig

2. Register-PSSessionConfiguration -Name FIMPS -ShowSecurityDescriptorUI -PSVersion 3.0

clip_image004

a. It will ask you for the Group for the ACL add the appropriate permissions based on what you need to do. (note fimservice in this test doesn’t require local admin rights)

clip_image006

3. After adding the FIM Service account to the group, restart FimService

Now let’s setup out test in this example we are going to be calling a powershell 3.0 cmdlet “Invoke-RestMethod” and return the current weather of the users zipcode entered in FIM. This is only for testing purposes to prove the concept.

This is the script we will be using

Param([string]$zipcode)

$session = New-PSSession -ConfigurationName FIMPS

$weather = Invoke-Command -Session $session -ArgumentList $zipcode {$zipcode=$args[0];Invoke-RestMethod "https://weather.yahooapis.com/forecastrss?p=$zipcode&u=f"} | Select Title, Condition, Forecast

Write-Output $weather.condition.temp

Workflow: Get the weather of the zipcode using web service /SOAP

In this example we are suing a PowerShell custom activity that can accept parameters and then a update resource activity that can update the object with the value.

clip_image008clip_image010

Results:

clip_image012
We see the Postal Code being updated:

clip_image014

We see are MPR being applied

clip_image016

Next we should see an entry for the PowerShell workflow

clip_image018

Looking at this request we see the city was updated to 48 the current temp of the city based on the return value from the web service using powershell 3.0

clip_image020

Looking at user all good

clip_image022

Reference Material
https://msdn.microsoft.com/en-us/library/dd357801.aspx
https://technet.microsoft.com/en-us/magazine/ff700227.aspx
https://blogs.technet.com/b/heyscriptingguy/archive/2013/02/12/learn-how-to-easily-troubleshoot-powershell-remoting.aspx