Trouble with special characters and powershell orchestration

Go to solution
adamrasmussen
Giga Contributor

‎04-04-2017 09:26 AM

Inside our AD environment we have several users that have special characters, such as commas or apostrophes in their distinguished names.  I've tried using .replace and .split, and various other methodologies of inserting the backslash as an escape character before these values (e.g. "\," or "\'", but everytime it appears as if ServiceNow is stripping them out before sending them over to the midserver for execution.

For example, when attempting a rename-adobject via Run Powershell activitity, what I need to send is:

rename adobject -Identity "CN=Test\, Bob,OU=Users,OU=domain,OU=com" -NewName "Bob Test"

 

What actually gets sent to the ECC queue is:

rename adobject -Identity "CN=Test, Bob,OU=Users,OU=domain,OU=com" -NewName "Bob Test"

 

Notice the missing slash before the common in the DN.  This leads to the ECC Queue error of:  

Cannot find an object with identity: 'CN=Bob, Test,OU=Users,OU=Users,DC=domain,DC=com' under: 'DC=domain,DC=com'.Stack Trace: at   Microsoft.ActiveDirectory.Management.Commands.ADFactoryUtil.GetADObjectSearcherFromIdentity(ADEntity identityObj, String searchRoot, Boolean showDeleted, IADOPathNode structuralObjectFilter, IADOPathNode identityFilter, IdentityResolverDelegate[] identityResolvers, CmdletSessionInfo cmdletSessionInfo)at   Microsoft.ActiveDirectory.Management.Commands.ADFactory`1.GetDirectoryObjectFromIdentity(T identityObj, String searchRoot, Boolean showDeleted)at Microsoft.ActiveDirectory.Management.Commands.ADRenameCmdletBase`3.ADRenameCmdletBaseProcessC SRoutine()at Microsoft.ActiveDirectory.Management.CmdletSubroutinePipeline.Invoke()at   Microsoft.ActiveDirectory.Management.Commands.ADCmdletBase`1.ProcessRecord()

 

Issuing the command via Powershell directly and inserting the appropriate backslash works fine.

 

I have the same issue with someone whose last name is O'Conner.

 

Any help would be appreciated.

Labels:
0 Helpfuls
  • 3,785 Views
1 ACCEPTED SOLUTION

Go to solution
adamrasmussen
Giga Contributor

‎04-04-2017 12:35 PM

Here was my final code solution... since .slice() method didn't seem to be supported, I had to resort to a lot of splits.   I'll move this to internal variables since nothing needs to be available outside this condition except the workflow.scratchpad.emp_dn.   This assume's that you have already run your QueryAD to find your employee record and have sanitized the .path value from that query into the workflow.scratchpad.emp_dn variable.



var fIdx = workflow.scratchpad.emp_dn.indexOf(",");


var lIdx = workflow.scratchpad.emp_dn.indexOf(",OU=");




if (fIdx < lIdx){


        // comma found in name


        workflow.scratchpad.foundComma = 'yes';


        workflow.scratchpad.oName = workflow.scratchpad.emp_dn.split(",OU=")[0];


        workflow.scratchpad.oPath = workflow.scratchpad.emp_dn.split(workflow.scratchpad.oName)[1];


        workflow.scratchpad.fPart = workflow.scratchpad.oName.split(", ")[0];


        workflow.scratchpad.lPart = workflow.scratchpad.oName.split(", ")[1];


        workflow.scratchpad.emp_dn = workflow.scratchpad.fPart + "\\, " + workflow.scratchpad.lPart + workflow.scratchpad.oPath + "";


}


View solution in original post

11 REPLIES 11

Go to solution
oharel
Kilo Sage

‎04-04-2017 10:02 AM

Hi Adam,



Try: / before the \' as in:


CN=Test/\,


It would look like this:


var bobTestDN = "CN=/\Test, Bob,OU=Users,OU=domain,OU=com"


I had the same issue with: c:\folder\somefile.txt, where I changed it to c:/\folder/\somefiile.txt


harel


0 Helpfuls

Go to solution
adamrasmussen
Giga Contributor
In response to oharel

‎04-04-2017 10:25 AM

Was a good suggestion, but sadly it's still not working.   We're still on Fuji for what it's worth.



Code I am using looks like this:



var firstIdx = workflow.scratchpad.emp_dn.indexOf(",");


var lastIdx = workflow.scratchpad.emp_dn.indexOf(",OU");


if (firstIdx < lastIdx){


        workflow.scratchpad.emp_dn.replace(',','/\,');


        workflow.scratchpad.foundComma = 'yes'; //debug to ensure this triggered


}



I'm seeing the foundComma value, in my debug output so I know it's firing, but the workflow.scratchpad.emp_dn value remains without the backslash.


0 Helpfuls

Go to solution
adamrasmussen
Giga Contributor
In response to adamrasmussen

‎04-04-2017 10:48 AM

To be clear, it's only the comma in the CN portion of the DN that's causing the issue.   The commas in the OU portion are fine and expected and the code works fine when the CN doesn't contain a comma.


0 Helpfuls

Go to solution
oharel
Kilo Sage
In response to adamrasmussen

‎04-04-2017 11:08 AM

Hi Adam,



This works for me, maybe it will set you on a path to solve it:


I created a UI action and sent this to the ECC Queue:


the CN is ldap:CN=\id4, id4,OU=All Accounts,DC=myCompany,DC=dmn;



thisEcc();

   function thisEcc() {


   var thisName = 'ldap:CN=' + '\\' + 'id4, id4,OU=All Accounts,DC=myCompany,DC=dmn';

   var ecc = new GlideRecord('ecc_queue');


   ecc.initialize();

   ecc.agent = 'harel';

   ecc.topic = 'HAREL';

   ecc.queue = 'output';

   ecc.name = thisName;

   ecc.insert();

   }


harel


Please mark as correct or helpful based on impact.


Go to solution
adamrasmussen
Giga Contributor
In response to oharel

‎04-04-2017 11:47 AM

I think you're onto something there.   It looks to me as if the .replace method is the culprit.   I'm setting up to split the code and to manually concatenate the strings and backslashes, etc.



Will get back soon.


0 Helpfuls