DEEP DIVE: Pass parameters to a script via JSON or CSV

You can transfer parameters to a script through a JSON or CSV file.

See the following sections for more information:

• Disable a user through GrantMa

• Pass the parameters to the script through a JSON or CSV file

Disable a user through GrantMA

Ordering a new user on the GrantMA Self-Service Portal is natively supported by ARM. After the order workflow is completed, you can use a script to disable a user. The combination GrantMA - Scripts - ARM webAPI provides additional options to automate documented processes.

For example, to order a user to be deactivated:

1. Define an open template and ask for the required values in a request in GrantMA.
2. When the approval is completed, the values are passed to a script.
3. The script controls ARM through the webAPI to perform the required action in ARM.
4. ARM executes the action and logs it in the ARM logbook.

See Create a user account as an HR employee for an example configuration.

In the %programdata%\Protected Networks\8MAN\data\templates directory, ARM provides a sample template for disabling users.

(Screenshot property of © 2020 Microsoft Corporation)

Copy the sample file, remove the suffix ".example", and make your adjustments as needed. The template will be loaded automatically. Errors while loading the template are displayed in the server health check.

ARM provides a sample script for disabling users in the following location:

• Old: programdata%\Protected Networks\8MAN\scripts\analyze

• New: %programdata%\SolarWinds\ARM\scripts\analyze

1. Start the Configuration application.

2. Click the Scripting tile.

   

3. Select the script.

   

   1. In the Scripting page, click the Order templates / Service actions tab.

   2. In the Usage column, select Template.

   3. Select the targeted script.

      For example:

      DeactivateAccount.ps1

4. Select the parameters that are passed to the script.

   In the following example, the authentication token and comment are passed to the script.

   

   Additionally, the following values queried in the template are passed to the script:

   • Account name to be deactivated

   • Date that the account should be deactivated

   

5. In the Name column, enter the script name. Ensure that the name matches the call in the template.

   

6. In the Configuration application, click the Data Owner tile.

   

7. In the Data Owner configuration, set the template to Requestable.

   

   1. Drag and drop the template to an organizational category

   2. Ensure that the template is requestable (default) and modifiable.

8. In GrantMA, start the request.

   

   The configurable template queries the values that will be passed as parameters to the script.

   In the following example, the account will be deactivated and the date when the account should be deactivated is displayed.

   

9. Complete and approve the order.

   When you are finished, the script is executed automatically.

10. Open the Access Rights Manager application.

11. In the task overview, you can view the job execution details. This means that the script started successfully.

    

For information about the script execution, see the ARM Log.

To diagnose script execution errors, use the linked log file.

Pass parameters to a script through a JSON or CSV file

You can transfer parameters to a script directly by disabling a user through GrantMA or through a JSON or CSV file.

Using a JSON or CSV file allowz you to pass several parameters to a script. The JSON format in PowerShell can be used immediately as an object.

Below is a sample PowerShell script that outputs the parameters passed by JSON.

Location

%ProgramData%\Protected Networks\8MAN\scripts\analyze\jsonImport.ps1

Code

param(
[string]$json
)
# example for reading json formatted data addressed by $json over command line
# Read all data from json file into an object
Write-Host $json
(Get-Content  $json) -join "`n" | ConvertFrom-Json | Write-Host
# here you can alternatively assign and compute the object

Configuring the script

1. Start the Configuration application.

2. Click the Scripting tile.

   

3. Configure the script.

   

   1. In the Script file on server column, enter the script name.

   2. In the Parameters column, click the corresponding drop-down menu and select JSON object and additional parameters.

   3. (Optional) Enter any additional parameters that will be passed to the script in addition to those contained in the JSON file.

4. In the Name field, enter the script name.

   The name must match the call in the template.

   

5. Click the command line preview icon.

   The Command Line Preview window displays the call of the JSON file.

   

   After completing the template, the JSON file is temporarily stored at the following location:

   %ProgramData%\protected-networks.com\8MAN\tmp\script\

   Additionally the file receives a file name with a time stamp.

   For example:

   jsonImport_param_20180318130028263.json

   The {jsonfile}variable can be used as the file name on the command line.

Supported field types / input options from the templates

Field type / input option	Description
Textfield	Returns the text content. If the field is empty, it will not be transported.
DropDown	Returns the selection value and not the display value.
Checkbox	Returns the text True if the box was selected. Otherwise, returns the text False.
DataPicker	Returns the text of the selected time. The output format can be influenced by the ScriptParameterFormat parameter. See Standard date and time format strings located on the Microsoft Learn website for the .NET definitions.
RadioButton	Returns the text of the selected radio button. The key is the Radio GroupId.

Example JSON file

{
	"OnBoardingUser": "Horst Peter (arm-demo\\H.Peter)",
	"FirstName": "Horst",
	"LastName": "Peter",
	"LoginName": "H.Peter",
	"VPN2": "False",
	"VPN": "True",
	"WLAN": "True",
	"Teamwarp": "True",
	"Jira": "False",
	"HomeDir": "True",
	"When": "2018-03-28T22:00:00.0000000Z",
	"DropDownValue": "Value B",
	"UserComment": "LOL"
}