lithnet/miis-powershell

Management Agent not found Scheduled Task

rschre opened this issue · 8 comments

rschre commented

I have a Script which runs "Get-ManagementAgent -Name $Maname.
The script runs fine when I start it from the shell, when I start the script in a scheduled task the following error is logged:

PSMessageDetails :
Exception : System.InvalidOperationException: Management agent Equitrac Import was
not found
at Lithnet.Miiserver.Client.ManagementAgent.MANameToID(String name)
at Lithnet.Miiserver.Client.ManagementAgent.GetManagementAgent(String
name)
at
Lithnet.Miiserver.Automation.MiisController.GetManagementAgent(String
name, Boolean reload)
at Lithnet.Miiserver.Automation.GetManagementAgent.ProcessRecord()
at System.Management.Automation.CommandProcessor.ProcessRecord()
TargetObject :
CategoryInfo : NotSpecified: (:) [Get-ManagementAgent], InvalidOperationException
FullyQualifiedErrorId : System.InvalidOperationException,Lithnet.Miiserver.Automation.GetManagemen
tAgent
ErrorDetails :
InvocationInfo : System.Management.Automation.InvocationInfo
ScriptStackTrace : at , D:\MIMConfig\Scripts\Invoke-HourlyMARuns.ps1: line 82
at , : line 1
PipelineIterationInfo : {}

The MA "Equitrac Import" does exist.

ryannewington commented

Hi @rschre,

The sync engine's COM components do not like impersonation, which is what scheduled tasks use to run something as a user.

How is the scheduled task configured to run? Under a domain account with the password saved?

@Manjunath-hk1 I think we ran into something similiar in our environment. Do you know if we solved it?

Have you had a look at using AutoSync for scheduling your MA runs?

Ryan

rschre commented

Hi @ryannewington
Thank you for replying so quickly!
Ah I see, yes the scheduled task is configured to run under a domain account with the password saved.

I just found out about AutoSync today after I already changed my old script to work with the Lithnet-Module. You think I would benefit greatly from installing AutoSync?

ryannewington commented

That configuration is the best chance of having it working. I'll ask around but I know it's been an issue running tasks against miis before. It's not a lithnet specific thing.

Yeah i do recommend autosync instead of manually running profiles. It's very intelligent about what it does. You tell autosync when to import (either on a schedule or when there is a known change in a connected system), and it automatically determines what syncs and exports are required. Even if you do something as simple as running hourly imports, it's going to automate the rest for you. Very easy to set up.

rschre commented

It does work when I run the scheduled Task with an account that is a local Administrator. Can't really explain the behavior.

I will check out AutoSync, thank you!

Manjunath-hk1 commented
rschre commented

@Manjunath-hk1

Thank you for your help, I'll start with the documentation and get back to you if any questions arise.

Manjunath-hk1 commented

@rschre : Sorry the access right need to be "logon as a batch" and should be member of FIM Sync access groups. Let us know if this resolves the issue.

rschre commented

@Manjunath-hk1 The user had "logon as batch job" and was member of MIMSyncAdmins.
I don't think it's a permission issue, since the scheduled task ran the script and the script could be executed when logged in as the user without an issue.