powershell script is not working in flow designer

chandan2212 · 3 weeks ago

Hi Team,

This script is not working in the custom application:

We are giving the user name.

Import-Module ActiveDirectory -WarningAction SilentlyContinue

# Try to get the username from the environment variable
if (Test-Path env:\SNC_userName) {
$username = $env:SNC_userName
} else {
Write-Host "Environment variable 'SNC_userName' not found. Please provide a username."
exit
}

# Clean up the username if needed
$username = $username -replace "%27", "'"

# Validate the username
if ([string]::IsNullOrWhiteSpace($username)) {
Write-Host "Username is empty or invalid."
exit
}

# Get the user object
$userObj = Get-ADUser -Identity $username -Properties MemberOf

if ($null -eq $userObj) {
Write-Host "User '$username' not found in Active Directory."
exit
}

# Loop through each group and remove the user
foreach ($group in $userObj.MemberOf) {
Remove-ADGroupMember -Identity $group -Members $userObj -Confirm:$false
Write-Host "Removed $username from group $group"
}

Can you advise how to correct it?

Thanks and regards,

Chandan

Vishal_Jaiswal · 3 weeks ago

Hi @chandan2212 ,

Your script looks great, but could you please verify the following things?

- The user account that runs the MID Server service on your Windows host must have "Write" or "Modify" permissions in Active Directory to manage group memberships.
- By default, the MID Server service often runs as the Local System account, which has no rights in your domain.
- Fix: Your MID Server service must be configured to run as a domain service account. This service account must then be given delegated permissions in ActiveDirectory to "Modify Group Membership" for the OUs (Organizational Units) where your users and groups reside.
- Action: Contact your Windows or Active Directory administrator. Ask them, "What service account is our MID Server running as, and does it have delegated rights to remove users from AD groups?"

Regards,

Vishal

chandan2212 · 3 weeks ago

@Vishal_Jaiswal :while running this script we are receving this :

{
    "Step Status": {
        "code": 1,
        "message": "Error:  E,Detail: Unexpected token: E"
    }
}

Can you help me resolve the issue .

Thanks and Regards,

Chandan

Vishal_Jaiswal · 3 weeks ago

Hi @chandan2212 ,

I can see in your script that, username is incorrectlt defined so system is unable to find the user.

Please use this: $username = "SNC_userName" instead of $username = $env:SNC_userName

Regards,

Vishal

chandan2212 · 3 weeks ago

Hi @Vishal_Jaiswal .

Now i am Receving the error :Encountered error executing instruction: OpInstruction{id=4, opClass=com.snc.process_flow.operation.script.ScriptOperation, io=ReadOnlyDefaultOutputsIo{input={mid_selection=StringValue{fValue='auto_select'}, capabilities=StringValue{fValue=''}, responseBody=FlowReference{value=s2o.output}, mid_server=StringValue{fValue=''}, mid_cluster=StringValue{fValue=''}, user_name=FlowReference{value=s1o.user...

Can you help me to resolve the error.

Thanks and Regards,

Chandan