Snow-Shell / servicenow-powershell

PowerShell module to automate ServiceNow service and asset management. This module can be used standalone, with Azure Automation, or Docker.
Apache License 2.0
361 stars 171 forks source link

Auth via ADFS? #105

Closed dave2ym closed 4 years ago

dave2ym commented 4 years ago

Hello,

I was trying to use your module and it seems I fail to authenticate with credentials via ADFS. Is it coded in because it's unclear? And -Debug switches do not get much out.

PS C:\Windows\system32> Get-ServiceNowUser -Credential $cred2 -ServiceNowURL OBFUSCATEDl.service-now.com -Verbose -Debug VERBOSE: Testing url: OBFUSCATED.service-now.com VERBOSE: GET https://OBFUSCATED.service-now.com/api/now/v1/table/sys_user?sysparm_display_value=true&sysparm_query=ORDERBYDESCname&s ysparm_limit=10 with 0-byte payload Invoke-RestMethod : The remote server returned an error: (401) Unauthorized. At C:\Program Files\WindowsPowerShell\Modules\servicenow\1.8.0\Public\Get-ServiceNowTable.ps1:132 char:16

  • ... $Result = (Invoke-RestMethod -Uri $Uri -Credential $Credential -Body ...
  • 
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
    eption
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

You cannot call a method on a null-valued expression. At C:\Program Files\WindowsPowerShell\Modules\servicenow\1.8.0\Public\Get-ServiceNowUser.ps1:90 char:34

  • ... Each-Object{$_.PSObject.TypeNames.Insert(0,"ServiceNow.UserAndUserGro ...
  • 
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

It is even more complicated in my case because the company I work for offers only complicated options in the ADFS. That is PKI, SMS or OTP.

Rick-2CA commented 4 years ago

The module won't support auth like that. You'd want to ask for a service account with the proper rights to use REST in that case.