Kaseya Community

passing parameters from kaseya to powershell script

  • Hi,

    Anybody experience as to how pass parameters from kaseya 6.3 towards powershell script.

    The powershell script on it own is functionning ( output created and mail sent ), however whatever I try from within the kaseya interface 6.3 nothing is happening.

    the command, statement used is the follwing :

    powershell -command "& {#path#\Test-ExchangeServerHealth.ps1 -server #MachId# -mailext #mailext# -reportmode $true -sendemail $true}"

    rgds,

    Ronny

  • The only way I've managed to pass variables is using the built in powershell options.

    ie. executePowershellCommand

  • Are you executing the procedure with the proper Powershell step, e.g. execute as user (needed for almost all Powershell procedures) vs. Execute as System?

  • Alreafy tried that ou but no difference, no output file created. It is as If Kaseya is not able to submit the command, probably syntax errors in the editor of Kaseya constructing the command.

  • What is the exact procedure step  you are using and what are the exact parameters you are putting in?

  • Hi Ben,

    using the executeshell command ( see above )

    I'm not interested that result of the powershell is savec in a global....

    the .ps1 should create an output and mail it, same as executing it directly on the computer

  • powershell -command "& {#path#\Test-ExchangeServerHealth.ps1 -server #MachId# -mailext #mailext# -reportmode $true -sendemail $true}"

  • Could you screenshot the editor for the procedure so we can get an idea of what is going on?

  • Any comment about whether you are executing as user vs. system and 32 vs. 64-bit?

  • Ben
    Any comment about whether you are executing as user vs. system and 32 vs. 64-bit?

    Agree with Ben... I've had issues with this script (http://exchangeserverpro.com/test-exchangeserverhealth-ps1-v1-06-now-available/) where it's very picky about the account it's executed under.

    Remember that running as User with a User logged on will run it as whoever is logged on.  Running it as System will run as the SYSTEM user, which you can test by running your command in a command prompt/powershell running as the SYSTEM user (http://blogs.technet.com/b/askds/archive/2008/10/22/getting-a-cmd-prompt-as-system-in-windows-vista-and-windows-server-2008.aspx).  Using the useCredential() command followed by executePowershell as User will run it as whatever your stored Agent Credential is.

    I find that many times, particularly if %ENVIRONMENT_VARIABLES% are used, running as SYSTEM won't produce the right results.  Definitely check via the 2nd link I pasted above Smile

  • Also of note: SYSTEM oftentimes does not have access to connect to the Exchange instance via this particular powershell script.  You'll find this out quickly using that method I outlined.

  • Hi Brian,

    what does this mean when you simply want to submit it through Kaseya interface ?

    rgds

  • This should clarify how each execute-type command runs as a different user.  Import and run this script:

    <?xml version="1.0" encoding="utf-8"?>
    <ScriptExport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.kaseya.com/vsa/2008/12/Scripting">
    <Procedure name="WhoAmI?" treePres="3" id="236727900" folderId="958200014642532" treeFullPath="_.Agent Procedure Testing, Debugging &amp; Dry Firing">
    <Body description="">
    <Statement description="Running as System" name="Execute Shell Command - Get Results to Variable" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Parameter1" value="whoami" />
    <Parameter xsi:type="StringParameter" name="Parameter2" value="False" />
    <Parameter xsi:type="StringParameter" name="Parameter3" value="System" />
    </Statement>
    <Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Comment" value="executeShellCommand as System's username = #global:cmdResults#" />
    </Statement>
    <If description="Write who is logged in (so the executeShellCommand as User has context)">
    <Condition name="UserIsLoggedIn">
    <Parameter xsi:type="StringParameter" name="UserName" value="" />
    </Condition>
    <Then>
    <Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Comment" value="#vMachine.LoginName# is currently logged in" />
    </Statement>
    </Then>
    <Else>
    <Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Comment" value="Ain't nobody logged in, y'all!" />
    </Statement>
    </Else>
    </If>
    <Statement description="Running as User" name="Execute Shell Command - Get Results to Variable" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Parameter1" value="whoami" />
    <Parameter xsi:type="StringParameter" name="Parameter2" value="False" />
    <Parameter xsi:type="StringParameter" name="Parameter3" value="User" />
    </Statement>
    <Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Comment" value="executeShellCommand as User's username = #global:cmdResults#" />
    </Statement>
    <Statement description="Using the Agent Credential, running as User" name="UseCredential" continueOnFail="false" osType="Windows" />
    <Statement name="Execute Shell Command - Get Results to Variable" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Parameter1" value="whoami" />
    <Parameter xsi:type="StringParameter" name="Parameter2" value="False" />
    <Parameter xsi:type="StringParameter" name="Parameter3" value="User" />
    </Statement>
    <Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
    <Parameter xsi:type="StringParameter" name="Comment" value="executeShellCommand (useCredential) as User's username = #global:cmdResults#" />
    </Statement>
    </Body>
    </Procedure>
    </ScriptExport>

    Here's a screenshot of what the script is doing:

    This is what I was trying to outline earlier... (sorry, I had to blur out my Agent Credential username and my domain name):

    If a user is not logged in and you execute as User, it will run as nt authority\system:

    So, tying this back to what you're trying to do...

    You're running that PowerShell script, which itself needs to be able to query the Exchange Management Shell for key Exchange server heath metrics; however, depending on how you execute your powershell (as User, System, or User after selecting useCredential), you'll get a powershell instance that may be running as a different user than you used when you logged onto the server and used the powershell script directly.

    That's why I'm recommending using my script to see what I'm talking about IRL, and then, having that knowledge, use the useCredential step to impersonate the user that you've used in the Set Agent Credential screen to then executePowershell as User (after verifying that you can log into the server as that same credential specified in Set Agent Credential and run the PowerShell script directly).

    Does that help?

  • I managed to pass Kaseya variables to a powershell command successfully, let me show you what I did. I made a tool that makes it so the less tech savvy people at my company can reset users passwords through Kaseya rather than having to remote onto the server and all that.

    So first, this is my Kaseya script:

    <ScriptExport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.kaseya.com/vsa/2008/12/Scripting">
    <Procedure name="Password Reset (run on server)" treePres="3" id="2035746401" folderId="11413525213917617189218132" treeFullPath="myProcedures">
    <Body description="">
    <Statement name="GetVariable" continueOnFail="false">
    <Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt"/>
    <Parameter xsi:type="StringParameter" name="SourceContent" value="Username or Email (Exchange, Office 365, or Google Apps)"/>
    <Parameter xsi:type="StringParameter" name="VariableName" value="user"/>
    </Statement>
    <Statement name="GetVariable" continueOnFail="false">
    <Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt"/>
    <Parameter xsi:type="StringParameter" name="SourceContent" value="New Password:"/>
    <Parameter xsi:type="StringParameter" name="VariableName" value="password"/>
    </Statement>
    <Statement name="Execute Powershell" continueOnFail="false">
    <Parameter xsi:type="StringParameter" name="Parameter1" value=""/>
    <Parameter xsi:type="StringParameter" name="Parameter2" value="C:\kworking\Password-Reset.ps1 -user #user# -password #password#"/>
    <Parameter xsi:type="StringParameter" name="Parameter3" value="False"/>
    </Statement>
    </Body>
    </Procedure>
    </ScriptExport>

    So basically, I ask for two user input variables from the person running the script, the username and password they'd like reset. (So far I only have this so you have to run the procedure on the server, but I'm hoping to expand.) Then, the script runs a powershell script that in on the server that includes launch arguments: C:\kworking\Password-Reset.ps1 -user #user# -password #password#

    Now the Powershell script that it points to parses the arguments and looks like this:

    param([string]$user = "user", [string]$Password = "password")
    import-module ActiveDirectory
    $secpasswd = ConvertTo-SecureString 'THE_ADMIN_PASSWORD' -AsPlainText -Force
    $AdminCredentials = New-Object System.Management.Automation.PSCredential ("DOMAIN.local\Administrator", $secpasswd)
    ##### Reset Password ####
    Set-ADAccountPassword -Credential $AdminCredentials -Identity $user -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $Password -Force)
    Unlock-ADAccount -Identity $user

    The first line is what reads the arguments, and saves them as variables to be referenced by the rest of the script. You could do a lot more arguments I guess. The trouble I've run into with is it that it doesn't like like passwords with a $ sign in it, because Powershell uses that to signify a variable. It also pitches a fit if an apostrophe is in the name (ex: O'Brian) because it thinks it's a quote mark. So there are some limits, but In general, this works for me to pass variables from Kaseya to Powershell commands.

  • You will need to use an escape character (`) in order to use a special character like $ in Powershell.