We are getting ready to go into production with federated accounts. For ProjectWise, I've written a PowerShell script to update set the user Identity and set the user to a federated account.
========================================================================================
import-module pwps_dab -DisableNameChecking
# Connect to ProjectWise TEST$PWord = ConvertTo-SecureString -String "******" -AsPlainText -Force$value = New-PWLogin -UserName admin -Password $PWord -DatasourceName datasource
$Users = Get-PWUsersByMatch -Email "*@acme.com" -LoginInfo | Where-Object {$_.Type -like "Windows*"} # $Users | Out-GridViewforeach ($u in $Users) { $currentUser = Set-PWUserIdentity -Users $u -Identity $u.Email $currentUser = Convert-PWUserToFederated -InputUser $u -IdentityName $u.Email}
=========================================================================================
Version Module----------- --------------------- 23.0.3.0 pwps_dab
The user lookup works successfully.
I can set the UserIdentity successfully.
The Convert-PWUserToFederated returns: "WARNING: Error creating database view" and does not update the user.
Any suggestions are appreciated? Are there anymore updates that need to be made at the user level for ProjectWise?
Since you set the -Identity option in Set-PWUserIdentity I don't think you need to set it again in the Convert-PWUserToFederated -IdentityName option, or alternatively skip the Set-PWUserIdentity and do just the Convert, with the -IdentityName specified.
Not sure why any of that would generate the message you're seeing though.
Also, not the cause of your error but doing this:
$PWord = ConvertTo-SecureString -String "******" -AsPlainText -Force
Is poor security. You now need to protect your script to the same level you do the passwords. Storing plaintext passwords in scripts is a common source of escalating to administrative accounts in network breaches.
See the Save-SecureStringToEncryptedFile and Get-SecureStringFromEncryptedFile for a better way to have passwords for scripts.
It looks like you are logging into ProjectWise with admin credentials. Please verify. You may want to try "the" administrator account that the datasource was first created with. At any rate, it looks like ProjectWise has insufficient database privileges for the cmdlet to function. I will look into this further at our end.
Sorry for the inconvenience,
Mark Weisman | Bentley Systems
Yes, I am using an administrator account for my ProjectWise system, the same one that created the datasource. Appreciate the assistance.
I have verified that with sufficient database privileges, you should be able to execute this cmdlet repeatedly. I'm afraid you'll have to get your DBAs involved. The database user that ProjectWise logs in with on the backend needs to have the privilege to create views.
This privilege came automatically for me. But my database is not significant enough to require DBAs to protect it from security threats.
I have requested permission to create view(s). I'll update once I have access. Thank you.