Create AD Orchestration stripping escape characters?

robpickering · ‎07-01-2014

All,

Having an issue with the "Create AD Object" orchestration activity. Specifically, I'm trying to add a Manager to the User object I'm creating. My understanding of PowerShell (which is what the Orchestration Activities use underneath) is that the comma in the CN needs to be escaped, as such:

CN=Lastname\, Firstname,OU=Blue,OU=Information Services,OU=Employees,DC=MyCompany,DC=com

Within my script, I'm printing out my variable being passed:

workflow.scratchpad.managerDN: LDAP://10.100.69.202/CN=Lastname\, Firstname,OU=Blue,OU=Information Services,OU=Employees,DC=MyCompany,DC=com

I then use that string in my AD Object Creation activity, as such:

{
   "givenName" : "${workflow.scratchpad.firstname}",
   "SN" : "${workflow.scratchpad.lastname}",
   "title" : "${workflow.scratchpad.title}",
   "department" : "${workflow.scratchpad.department}",
   "departmentNumber" : "${workflow.scratchpad.accountNumber}",
   "physicalDeliveryOfficeName" : "${workflow.scratchpad.location}",
   "description" : "${workflow.scratchpad.description}",
   "displayName" : "${workflow.scratchpad.displayname}",
   "name" : "${workflow.scratchpad.displayname}",
   "manager" : "${workflow.scratchpad.managerDN}",
   "company" : "${workflow.scratchpad.company}",
   "streetaddress" : "${workflow.scratchpad.streetaddr}",
   "l" : "${workflow.scratchpad.city}",
   "st" : "${workflow.scratchpad.state}",
   "postalCode" : "${workflow.scratchpad.zip}",
   "co" : "${workflow.scratchpad.country}"
}

Everything appears to be working fine, but then the Create AD Object explodes in a stack trace. Looking at the ECC Queue output I see the following XML (snippet) that was sent:

`nmanager=LDAP://10.100.69.202/CN=Lastname, Firstname,OU=Blue,OU=Information Services,OU=Employees,DC=MyCompany,DC=com

I'm concerned that the comma between Lastname and Firstname isn't staying escaped, I also believe this is what is causing the stack trace. The specific error I'm seeing is:

A constraint violation occurred.Stack Trace:

at System.DirectoryServices.DirectoryEntry.CommitChanges()at CommitChanges(Object , Object[] )at System.Management.Automation.DotNetAdapter.AuxiliaryMethodInvoke(Object target, Object[] arguments, MethodInformation methodInformation, Object[] originalArguments)

As such, I cannot create the AD User as the Manager object causes the stack trace. If I remove the manager in the Create AD user activity, it works fine.

Is anyone using this and seeing something similar? Any idea why the output in the ECC Queue is stripping the escape character?

How do I escape that comma if the ECC Queue is just stripping it?

-Rob

DrewW · ‎07-01-2014

If memory serves you have to use more than one \, so \\ or \\\\, I forget which. The reason is that two \\ escape down to one \ and then I think there is a second round of escaping that happens which is why you mite need \\\\. But I would try \\ first.

View solution in original post

DrewW · ‎07-01-2014

If memory serves you have to use more than one \, so \\ or \\\\, I forget which. The reason is that two \\ escape down to one \ and then I think there is a second round of escaping that happens which is why you mite need \\\\. But I would try \\ first.

ddiroma · ‎06-11-2015

I know this is an old post, but I found it so others might find it too. in my case two backslashes worked. Four returned an error basically stating the DN was invalid. It looks like in Robert's original post four worked. I am using the default orchestration create AD activity in Fuji, and adding this to object data as "manager" : "CN=Lastname\\, Firstname,OU=OUofmanager,DC=your,DC=domain,DC=com"

opencrest · ‎08-11-2017

Can you please help me with this issue? Pass User Objects in AD Create Object - Orchestration

robpickering · ‎07-01-2014

I'm already using two in my JavaScript so the string contains one, I'll try four so that the resulting string has two, so that the resulting PowerShell may have 1. Good thought.