When running a simple 'Get-PWDocumentsBySearch' command$Docs = Get-PWDocumentsBySearch -SearchName "$ProjectFolderPath\$pdfSearchName" -filename '%.pdf' -GetAttributes
I now get an error, which I never used to get beforeGet-PWDocumentsBySearch : Not logged in as a ProjectWise Administrator.
I am using the Open-PWConnection method because I don't want to use an administrator login -Admin parameter, the New-PWLogin method requires an administrator login and I don't want to use the GUI because this is on an automatic scheduled task.
ModuleType Version Name---------- ------- ----Binary 184.108.40.206 PWPS_DAB
Any assistance will be greatly appreciatedKind regards Gavin Chapman
We have updated ALL cmdlets within the PWPS_DAB module to require a ProjectWise Administrator login.
Since the inception of the PWPS_DAB PowerShell module, it has been our intention that this be used as an Administrative tool only. We are willing to expand the capabilities to the Restricted Administrators as well which will be available in future release of the module.
Ok, then we are stopped at 220.127.116.11 for the foreseeable future, or the "Restricted Administrators" comes alive and can be evaluated... do you have any timing on that effort? Days/Months/Years?
It is unfortunate that the both the PWPS and PWPS_DAB tools/modules are not separable by a "Admin Function" or "Anybody can" capability, really limits the use of the tools/modules and their uses.
Has there been any thought given to adding a "Encrypted Password" command/tool (similar to that Dave had provided for the "PWSync" tool that we had previously), where the logon to PWPS using "Open-PWConnection" could be passed the Encrypted Password, which would prevent the "Keys to the Kingdom" from being shared with a open Password?
A ditto for me. This will result in the PowerShell functions becoming absolutely useless. I am using PowerShell to produce dashboard reports from ProjectWise data (which are not available from Project Insights) and as this is just reporting data that is in ProjectWise and not changing anything, does not need Admin login rights. I don't have an Admin log in, and so far have not needed one.
Please do not make the assumption that PowerShell is only / should only be used for server administration tasks - there is far more to its capabilities and use than that.
Given Bentley have pushed PowerShell at us as a way of accomplishing our dashboard reporting (which were very well received at the recent ProjectWise LEARN Conference) for accessing information that ProjectWise can't otherwise, if you are not prepared to open these functions back up again to non-Admin users, then I guess I will just have to push my reporting requirements back to Bentley to solve.
Brian - +1 for including the Restricted Admins
As an Administrator for a number of large systems I am in full support of the Admin only usage.
The PowerShell cmdlets are not yet supported under the SELECT agreement so they should be used in a controlled manner. I have seen a major outage caused by somebody using a script - even though they were an Admin user!
That said, I can see the benefits of having a tiered approach to security - e.g. PowerShell Admins & PowerShell Users with read-only functions available to the latter - as well as an Audit trail record indicating that an action was run from PowerShell but not at the expense of slowing down the fast development cycle we are getting today.
You can see from the amount of discussion in the Communities pages and at Bentley events that the PowerShell functions have become essential tools for administering ProjectWise and for me personally save many hours of work on repetitive tasks.
Limiting this to admin only is, in my opinion, going to severely restrict the benefit of the tool. There are an increasing number of project users that have little choice than to use PS to extract data that is then used to feed Power BI. In addition to this, three are several projects that we have that are joint-venture, and PS is used by JV partners to extract copies of the data for their records.In both of these examples I have zero intention of making these users administrators, and neither do I want to be doing these tasks myself.I feel that PS should simply respect the access of the user running the script, unless there is some other reason why this will not work.