Powershell Using \$cred

brandonwilson
Giga Contributor

‎05-11-2016 08:10 AM

The mid server service runs using a standard user account and I have a credential setup under Orchestration > Credentials for our admin account that will conduct the powershell orchestration.

I have the following Powershell command that removes a user and I know it works since I have tested on the mid server with the same user information stored in the credentials.

Import-Module ActiveDirectory

Remove-ADGroupMember -Identity "Share" -Members "tuser1" -Confirm:$false -credential $cred

Based on the orchestration wiki $cred uses credentials stored on the credentials table. When I run the command in the workflow, it fails and tells me insufficient rights. I am assuming it is using the mid server user not the Windows user setup in credentials. What is $cred referencing and how can run my powershell command using a different user than the mid server.

Labels:
0 Helpfuls
  • 3,524 Views
8 REPLIES 8

deepan_bhattach
Kilo Contributor

‎05-11-2016 08:27 AM

Please check the below possibilities and try again :


1. Search mid server in application navigator in service now instance and Add Capabilities for Powershell


cap.JPG


2. Go to the windows mid server and go to services.msc search for the mid server service and the properties > Logon > add account > search and user and password.


mid.JPG


Preview file
102 KB
Preview file
79 KB

brandonwilson
Giga Contributor
In response to deepan_bhattach

‎05-11-2016 09:24 AM

The mid server service user is different and only has domain user, the user cannot perform powershell. I have a user setup in the credential table that is capable of perform powershell. Based on the wiki I should be able to pass $cred and SN will user credentials from the credentials table. I have also enabled mid.powershell.use_credentials on the mid server parameter.



Import-Module ActiveDirectory


Remove-ADGroupMember -Identity "Share" -Members "tuser1" -Confirm:$false -credential $cred


0 Helpfuls

brandonwilson
Giga Contributor
In response to deepan_bhattach

‎05-11-2016 10:27 AM

I got it working by setting a parameter on the mid to not fall back on mid credentials. But I still get and error Failure with available Windows credentials from the instance. Credential tried: user *** User credentials cannot be used for local connections.


0 Helpfuls

JayGervais
Kilo Sage
In response to deepan_bhattach

‎10-03-2024 10:15 AM

I know that this is an old post but this really helped me.

0 Helpfuls