I have a powershell that kicks off a workflow in SharePoint but my system is not allowing me to run it. The error I'm getting is as follows:
Get-SPWeb: Cannot find an SPWeb object with id or URL: xxx.com and site Url xxx.com
At C:\cert.ps1:1 char:17
+ $web = Get-SPWeb <<<< -Identity "xxx.com"
+ CategoryInfo : InvalidData (Microsoft.Share....SPCmdletGetWeb:SPCmdletGetWeb) [Get-SPWeb], SPCmdletPipeBindException
+ FullyQualifiedErrorId : Microsoft.SharePoint.Powershell.SPCmdletGetWeb
I tried adding Add-PSSnapin Microsoft.Sharepoint.Powershell but I the get an error saying its already been added.
Here's the script:
$web = Get-SPWeb -Identity "xxx.com"
$manager = $web.Site.WorkFlowManager
$list = $web.Lists["Certificate Tracking"]
$assoc = $list.WorkflowAssociations.GetAssociationByName("Certificate Notification","en-US")
$view = $list.Views["All Items"] #All Items
$items = $list.GetItems($view)
$data = $assoc.AssociationData
foreach ($item in $items) {
$wf = $manager.StartWorkFlow($item,$assoc,$data)
}
$web.Dispose()
The -Identity parameter for Get-SPWeb can be either a full or relative path, or a path with a wildcard * character. Additionally:
The identity param expects a valid URL in the form http://server_name or a relative path in the form of /SubSites/MySubSite.
Try this instead using the -Site param, which I think might be what you're looking for:
Get-SPWeb -Site http://sitename/sites/site1
Related
I want to change SSRS data source credential retrieval from using the following credentials to without any credentials with powershell and script fails.
I want to change value 'Store' to 'None' according to this article:
https://learn.microsoft.com/en-us/dotnet/api/reportservice2010.credentialretrievalenum?view=sqlserver-2016#ReportService2010_CredentialRetrievalEnum_None
This is my code:
$uri ='http://ServerName/ReportServer/ReportService2010.asmx?wsdl'
$reporting = New-WebServiceProxy -uri $uri -UseDefaultCredential -namespace "ReportingWebService"
$DataSources = $reporting.ListChildren('/', $true) | Where-Object {$_.Name -eq "DataSourceName"}
foreach($Object in $DataSources) {
$dataSource =$reporting.GetDataSourceContents($Object.path)
#$dataSource.CredentialRetrieval="None"
$dataSource.CredentialRetrieval=[ReportingWebService.CredentialRetrievalEnum]::None
$reporting.SetDataSourceContents($Object.path,$dataSource)
}
This is the error:
Exception calling "SetDataSourceContents" with "2" argument(s): "The combination of values for the fields UserName and CredentialRetrieval are not valid. --->
Microsoft.ReportingServices.Diagnostics.Utilities.InvalidElementCombinationException: The combination of values for the fields UserName and CredentialRetrieval are not valid."
At line:13 char:4
+ $reporting.SetDataSourceContents($Object.path,$dataSource)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : SoapException
The issue was that i actually did not change existent credential retrieval settings 'Store' with required Username parameter.
To resolve it i should create new data source definition with new credential retrieval settings and apply it to my data source:
$uri ='http://servername/ReportServer/ReportService2010.asmx?wsdl'
$reporting = New-WebServiceProxy -uri $uri -UseDefaultCredential
$type=$reporting.GetType().Namespace
$DataSources = $reporting.ListChildren('/', $true) | Where-Object {$_.Name -eq "Data source name"}
foreach($Object in $DataSources) {
$dataSource =$reporting.GetDataSourceContents($Object.path)
$dataSourceDefinitionType = ($type + '.DataSourceDefinition');
$dataSourceDefinition = New-Object ($dataSourceDefinitionType);
$dataSourceDefinition.Extension = $dataSource.Extension; #get data from existent data source definition
$dataSourceDefinition.ConnectString = $dataSource.ConnectString #get data from existent data source definition
$credentialRetrievalDataType = ($type + '.CredentialRetrievalEnum');
$credentialRetrieval = new-object ($credentialRetrievalDataType);
$credentialRetrieval.value__ = 3;
$dataSourceDefinition.CredentialRetrieval = $credentialRetrieval;
$dataSourceDefinition.WindowsCredentials = $dataSource.WindowsCredentials; #get data from existent data source definition
$dataSourceDefinition.Enabled = $dataSource.Enabled; #get data from existent data source definition
$dataSourceDefinition.EnabledSpecified = $dataSource.EnabledSpecified; #get data from existent data source definition
$reporting.SetDataSourceContents($Object.path,$dataSourceDefinition)
}
i am trying to modify a permission to multiple computers in my domain so that they are allowed to authenticate cross domain.
My code is simple however i keep getting an error.
Function Add-ADGroupACL
{
param([string]$Computername,[string]$Access)
#Get a reference to the RootDSE of the current domain
$rootdse = Get-ADRootDSE
#Get a reference to the current domain
$domain = Get-ADDomain
#Create a hashtable to store the GUID value of each extended right in the forest
$extendedrightsmap = #{}
Get-ADObject -SearchBase ($rootdse.ConfigurationNamingContext) -LDAPFilter `
"(&(objectclass=controlAccessRight)(rightsguid=*))" -Properties displayName,rightsGuid |
% {$extendedrightsmap[$_.displayName]=[System.GUID]$_.rightsGuid}
#Create a hashtable to store the GUID value of each schema class and attribute
$guidmap = #{}
Get-ADObject -SearchBase ($rootdse.SchemaNamingContext) -LDAPFilter `
"(schemaidguid=*)" -Properties lDAPDisplayName,schemaIDGUID |
% {$guidmap[$_.lDAPDisplayName]=[System.GUID]$_.schemaIDGUID}
#Get the computer object for modification on
$Computer = Get-ADComputer -Identity $Computername
#get the SID of the group you wish to add to the computer.
$GroupIdentity = New-Object System.Security.Principal.SecurityIdentifier(Get-ADGroup -Identity $Access).SID
$computersADPath = "AD:\" + $Computer.DistinguishedName
$ComputerACL = Get-ACL $computersADPath
#Create a new rule to add to the object
$newAccessRule = New-Object System.DirectoryServices.ActiveDirectoryAccessRule(
$GroupIdentity,"ExtendedRight",
"Allow",
$extendedrightsmap["Allowed To Authenticate"],
"None")
$newAccessRule
#Add the rule to the ACL
$ComputerACL.AddAccessRule($newAccessRule)
#Set Rules to the ACL
Set-Acl -AclObject $ComputerACL -Path $computersADPath
}
I have posted the entire function to make it easy.
Simply call this as so
Add-ADGroupACL -Computername 'TestComputer' -Access 'TestGroup'
end here is the error message that i keep getting
Set-Acl : This security ID may not be assigned as the owner of this object
At line:88 char:5
+ Set-Acl -AclObject $ComputerACL -Path $computersADPath
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (CN=testComputer,OU=Co...C=subdomain,DC=domain:String) [Set-Acl], ADException
+ FullyQualifiedErrorId : ADProvider:SetSecurityDescriptor:ADError,Microsoft.PowerShell.Commands.SetAclCommand
The Access Rule looks right. it shows this.
ActiveDirectoryRights : ExtendedRight
InheritanceType : None
ObjectType : 68b1d179-0d15-4d4f-ab71-46152e79a7bc
InheritedObjectType : 00000000-0000-0000-0000-000000000000
ObjectFlags : ObjectAceTypePresent
AccessControlType : Allow
IdentityReference : S-1-5-21-2926237862-3770063950-2320700579-361721
IsInherited : False
InheritanceFlags : None
PropagationFlags : None
Any help would be greatly appreciated.
Thank you.
For anyone else who gets this problem, the here is the solution.
Basically, how Get-ACL and Set-ACL works is that it retrieves the entire ACL. you make edits to the ACL and then Set-ACL attempts to rewrite the entire ACL.
More Info: https://learn.microsoft.com/en-us/windows/desktop/secauthz/access-control-entries
So basically you need to just create an ACE and add it to the ACL on the fly. this can best be done buy utilising DACLS
Code:
Function Add-ADGroupACEExtendedRight
{
param(
[string]$Computername = $(throw "Computer name must be specified"),
[string]$Access = $(throw "User or group in which to give acces must be specifieds"),
[string]$ExtendedRight = $(throw "Extended Right Property Name Required")
)
#Get the computer object for modification on
$Computer = Get-ADComputer -Identity $Computername
#get the SID of the group you wish to add to the computer.
$GroupIdentity = New-Object System.Security.Principal.SecurityIdentifier(Get-ADGroup -Identity $Access).SID
#Set Permissions
dsacls $Computer.DistinguishedName /G $GroupIdentity":CA;"$ExtendedRight
}
Usage:
Add-ADGroupACEExtendedRight -Computername "TestAsset" -Access "GroupID" -ExtendedRight "Allowed To Authenticate"
you can add any extended right here.
more information on DACLS: https://technet.microsoft.com/pt-pt/library/cc787520%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
Im using this script to retrieve the OU for a list of computers. When a computer doesn't exist, I get an error:
Cannot index into a null array.
At C:\tools\scripts\get-OU5.ps1:35 char:5
+ $dn = $result.Properties["distinguishedName"]
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : NullArray
When I manually searched for the computer on the domain, it didn't exist. Also, after the error occurs, it lists the previous OU value it received from the last computer, as the result for this computer that gives the error.
I know there are error handling abilities in PowerShell, but I'm just not sure on where to put the error handling and then also report it as the result in the output.
I would use the following script to retrieve the information. It uses the built-in error handling capabilities in PowerShell:
function Get-ComputerProperties{
[CmdletBinding()]
#requires -version 3
param(
[parameter(ParameterSetName = "ComputerName", Mandatory = $true, ValueFromPipeline = $true, Position = 0)]
$ComputerName
)
begin{
Import-Module ActiveDirectory
function Get-ADParent ([string] $dn) {
$parts = $dn -split '(?<![\\]),'
$parts[1..$($parts.Count-1)] -join ','
}
}
process {
$result = $Null
try{
$result = Get-ADComputer -Filter {Name -eq $ComputerName} -ErrorAction Stop
if($result){
New-Object PSObject -Property #{"Name" = $ComputerName; "OU" = (Get-ADParent $result.DistinguishedName)}
}
} catch {
Write-Warning "Error while retrieving Computer properties for ComputerName $Computername ($($_.Exception.Message))"
}
}
end{
Remove-Module ActiveDirectory
}
}
You can use the script in the following way:
Get-ComputerProperties -ComputerName "Computer1"
or
"Computer1","Computer2" | Get-ComputerProperties
or with a text file:
Get-Content "C:\computers.txt" | %{ Get-ComputerProperties }
I need a document set create for every name in this SharePoint 2010 list. The Document set title is the first and last name of the person and the document set has committee name property that needs to be set as well. The committee name comes from the same SharePoint list.
I don't understand wrong with my code:
$ErrorActionPreference = "Stop"
$url = "http://SERVER/etest"
$listName = "Advisory Committee"
$doclib = "TACM Application Docments"
$web = Get-SPWeb $url;
$list = $web.Lists[$listName];
$item = $list.Items;
$item | ForEach-Object {
$fullName = $_['Last Name'] + ", " + $_['First Name']
$committeeName = $_['Committee Name']
$cType = $list.ContentTypes["Document Set"]
[Hashtable]$docsetProperties = #{"Committee Name"=$committeeName}
$newDocumentSet = [Microsoft.Office.DocumentManagement.DocumentSets.DocumentSet]::Create($doclib.RootFolder,
$fullName,$cType.Id, $docsetProperties)
}
$web.Dispose()
I get the following error:
ForEach-Object : Cannot find an overload for "Create" and the argument count: "4".
At C:\Users\ev\desktop\docset.ps1:10 char:23
+ $item | ForEach-Object <<<< {
+ CategoryInfo : NotSpecified: (:) [ForEach-Object], MethodException
+ FullyQualifiedErrorId : MethodCountCouldNotFindBest,Microsoft.PowerShell
.Commands.ForEachObjectCommand
DocumentSet.Create method expects the first parameter to be a folder (SPFolder type):
parentFolder
Type: Microsoft.SharePoint.SPFolder
The folder in which to create the new DocumentSet object.
In your case you are passing an invalid object $doclib.RootFolder since $doclib is a string variable, probably you want something like this:
$doclibName = "TACM Application Docments"
$doclib = $web.Lists[$doclibName];
$newDocumentSet = [Microsoft.Office.DocumentManagement.DocumentSets.DocumentSet]::Create($doclib.RootFolder,$fullName,$cType.Id, $docsetProperties)
Example
$url = "http://contoso.intranet.com"
$listTitle = "Documents"
$web = Get-SPWeb $url;
$list = $web.Lists[$listTitle]
$docSetContentType = $list.ContentTypes["Document Set"]
[Hashtable]$docSetProperties = #{}
$docSetName = "Archive"
$docSet = [Microsoft.Office.DocumentManagement.DocumentSets.DocumentSet]::Create($list.RootFolder,$docSetName,$docSetContentType.Id, $docSetProperties)
$web.Dispose()
How to add Document Set content type into library
Go to Library Settings, then click Advanced Settings
set Allow management of content types? to Yesand click Ok button
click Add from existing site content types link and select
Document Set content type, then click Ok button
Below C# code I have used to update the folder property in shared document, same concept I have tried in PowerShell but I didn't get any clue.
SPFolder newFolder = folders.Add(ParentURL + FolderURL + "/" + FolderName);
//Added Title Property to newFolder
newFolder.AddProperty("vti_title", FolderName);
//newFolder.Update();
In PowerShell:
> $web = Get-SPWeb "http://server/sites/4tmdk9h7qc4g"
> $site=$web $list = $web.Lists["Shared Documents"]
foreach ($item in $list.Folders)
{
write-host $item["Title"]
/?? HOW TO UPDATE HERE
$item.Update()
}
$item is a SPListItem object. Use SPListItem.Folder to access the SPFolder object:
$item.Folder
Finally this code loop all the site document folder and updated the title
$inputUrl =Read-Host "Enter the site URL"
$site = Get-SPSite -identity $inputUrl
$site | Get-SPWeb -limit |ForEach-Object
{
$web = Get-SPWeb $_.Url
$list =$web.lists["Shared Documents"]
Write-Host $_.Url
foreach($item in $list.folders)
{
$item["Title"]="ayyappan"
$item.update()
Write-Host $item["Title"]
}
}