Execute PowerShell Script Action

The “Execute PowerShell Script” action allows you to execute PowerShell scripts from within SharePoint Designer 2010 Workflows.

1. Add “Execute PowerShell Script” action to a SharePoint Designer Workflow

image

2. Configuration

image

Script

The PowerShell script to execute. You can use the following predefined variables:

  • $site = the current Microft.SharePoint.SPSite
  • $web = the current Microft.SharePoint.SPWeb
  • $list = the current Microft.SharePoint.SPList (null in site workflows)
  • $item= the current Microft.SharePoint.SPListItem (null in site workflows)
  • $ctx = the current workflow context Microsoft.SharePoint.WorkflowActions.WorkflowContext
  • $sharePointService = the current Microsoft.SharePoint.Workflow.ISharePointService service
  • $listItemService = the curent Microsoft.SharePoint.Workflow.IListItemService service

The process will run as system account. However, by default $site and $web will run as the current workflow initiator or author (impersonation step). When you want to impersonate the site to the system account create a site like this: $impersonatedSite = new-object Microsoft.SharePoint.SPSite($site.Id).

Avoid the usage of the SharePoint Designer Text Editor tokens in the script, because of the potential risk for script injection attacks. Instead use variable binding ($var1, $var2…)

Signature

By default every script that you want to execute must be digitally signed. However, you can change the setting to not require a digital signature (dev system). The corresponding PowerShell script is included in package.

Disable Script Signing

The script must run on a SharePoint machine

PS> & .\Set-PowerActivityScriptSigning.ps1 $false

Sign Scripts

In order to sign scripts you need the private key that has been generated during the installation of solution.

1. Export Private Key

The script must run on a SharePoint machine. Keep the private key secure.

PS> & .\Export-Key.ps1 –path “C:\private.key” –includePrivateKey $true

2. Sign the Script

After you have exported the private key you can sign the script. The signing must not be done on a SharePoint machine, you only need the private key and the script. To sign the script you have to save it temporarily to a file.

PS> & .\Sign-PowerActivityScript.ps1 –keyPath “C:\private.key” –scriptPath “C:\script.ps1”

The signature will look like this:

YoVKP2lCKF1B8Q9ZIBvy98+T2haNayr81aGTfXEPyRmFxLNII3R6pagaHVZfZ7j5L2zTga53SqetVRLgTUebiOan2WUnCR2HualqvvdXYX1LhwAZ/KdaOibqpE5aGgZTesJJln8+81Qwy4wOqSxCv3iQjIgVbJz7+D3kIm9dP7Q=

Simply copy & paste the script and the signature to the script and signature field of the “Execute PowerShell Script” action.

White spaces in the script will be ignored in the signing process.

$var1, $var2, $var3, $var4, $var5

You can bind PowerShell variables ($var1, $var2…) to workflow variables.

$web.Title = $var1

$web.Update()

The binding is two way, this means you can change the workflow variables in the script.

$var2 = “my value”

$secure

$secure is a special variable that can contain an encrypted string that will be decrypted during runtime. You could use this variable to securely store a password. The binding ot this variable is one way, means you can not set the value in the script during runtime. For how to encrypt strings read this.

Secure Store AppId

The Secure Store App have to define 2 Fields. One of type “User Name” and one of type “Password”. The Field Name doesn’t matter, important is the Field Type! You have to map the credentials of the SharePoint Service Accounts (AppPool/owstimer.exe). The secure store option will only works with SharePoint Server, not with Foundation! You can access the credentials during runtime with the $credential variable (System.Net.NetworkCredentials).

Last edited Apr 12, 2011 at 1:50 PM by cglessner, version 4

Comments

wintlu Jul 29 at 12:20 AM 
First, thank you for this great work.
Second, I had a little problem...
This Designer actions works great, except I cannot pass $var1 ~ $var5 values from script to designer...
(passing values to scripts using these variables works great)

I am doing something like:
$var1 = "my value"

Then i tried to fetch this value in later actions in Designer, but it returns null...
Any idea why it is not working?
Very much appreciate!

mvandeneijnde Apr 29 at 9:44 PM 
Hello,

I think we have got this activity working.
But we try to use the following script that does not seem to return a user:
$user = Get-SPUser -web $web -Identity DOMAIN\logon

An ideas why this does not work?

Kind regards
Mario

mmaltag Apr 11 at 5:31 PM 
I'm having problems tryign to run the Execute Powershell script command from SharePoint designer. I'm receiving the error "Error while executing PowerShell Script: The term is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try..."

I have tried using & f:\addwebpart.ps1, & "f:\addwebpart.ps1", $List = "f:\addwebpart.ps1", $List = f:\addwebpart.ps1, $ctx = "f:\addwebpart.ps1", $ctx = f:\addwebpart.ps1, along with all the other $list, $site, commands. The Powershell script runs fine when it's ran for a powershell window, no combination of the example syntax above successfully runs the command from SharePoint Designer using the ILoveSharePoint features. The drives that contain the script are mapped and the accoutn I'm using has full control on the drive and the drive is shared. I tried referencing the server name $list="\\servername\f$\addwebpart.ps1", using all the diffferent syntax above. The $list and $ctx syntax allows the workflow status to show as "Completed", but the script doesn't do anything. Looking for any input on how to get the .ps1 file to run for the execute powershell command in the ILoveSharePoint solution

BasKb Feb 19, 2013 at 11:48 AM 
Is it possible to execute standard SharePoint PowerShell CmdLets (like New-SPSite, Get-SPUser, etc.) from within a workflow using the "Execute PowerShell script" action?

giustis5 Nov 19, 2012 at 12:23 PM 
i have the same problem as tfranz, i can run my script and it works fine however when i try and run it from within the workflow, i get "Error while executing PowerShell Script: You cannot call a method on a null-valued expression."

Not sure what is wrong as all the variables are set and im not sure what is null. My workflow is running against a custom list and is creating a site collection with variables entered into the item when added to the list.

so the user enters the name for their site collection, the description and the url and thats it, the script looks like this. $var1, 2 and 3 are set as workflow variables and are set to be the 3 pieces of info the user entered. ive also tried with no variables set like this and doing the change/lookup to the metadata direct into the script but same result.

$url = "http://mydomain/sites/$var1"
$ContentDatabase = "contentDB"
$WebsiteName = "$var2"
$WebsiteDesc = "$var3"
$Template = "STS#0"
$PrimaryLogin = "admin account"
$PrimaryDisplay = "admins name"
$PrimaryEmail = "admins email"
$SecondaryLogin = "another admin account"
$SecondaryDisplay = "their name"
$SecondaryEmail = "their email"
$MembersGroup = "$WebsiteName Members"
$ViewersGroup = "$WebsiteName Viewers"

Add-PSSnapin Microsoft.SharePoint.PowerShell –ErrorAction SilentlyContinue
New-SPSite -Url $url –ContentDatabase $ContentDatabase -Name $WebsiteName –Description $WebsiteDesc -Template $Template -OwnerAlias $PrimaryLogin –OwnerEmail $PrimaryEmail -SecondaryOwnerAlias $SecondaryLogin -SecondaryEmail $SecondaryEmail
$web = Get-SPWeb $url
$web.CreateDefaultAssociatedGroups($PrimaryLogin,$SecondaryLogin,"")
$PrimaryAdmin = Get-SPUser $PrimaryLogin -Web $url
$PrimaryAdmin.Name = $PrimaryDisplay
$PrimaryAdmin.Update()
$SecondaryAdmin = Get-SPUser $SecondaryLogin -Web $url
$SecondaryAdmin.Name = $SecondaryDisplay
$SecondaryAdmin.Update()
$web.Dispose()

Any ideas?

tfranz Jun 1, 2012 at 6:56 PM 
If I execute the following PowerShell script, it works fine, however, if I execute it from the custom workflow action, I get an error "You cannot call a method on a null-valued expression."

$objWord = New-Object -comobject Word.Application
$objDoc = $objWord.Documents.Open("http://tfranz6/u-linc/department/Invoices/1000.docx")
$objDoc.PrintOut()
$a = $objWord.Quit()

Any help would be appreciated.

ehaze Mar 29, 2012 at 1:38 PM 
@tpullins
When you are building the Powershell script in the String Builder window, simple click on the Add or Change Lookup button to add your workflow variable.

$name = #here you would click the Add or Change Lookup button.

tpullins Feb 7, 2012 at 5:47 PM 
How would I add a designer item lookup to the powershell script?
For example I'm trying to use [%Current Item:Name%] in my powershell script but it isn't working. I've tried setting $var1 to the same variable or even $item.Name with no luck.

If I use the static file name my script will run successfully.