Register Sign in Need help? FAQ SailPoint directory
Help
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IQService Returned Non Zero Exit Code 255

IQService Returned Non Zero Exit Code 255

Symptoms

Suppose, you are trying to execute a native rule and you are getting non zero exit code 255 while trying to invoke PowerShell script from IDN native rule then you must below things -

 

Depending on our shell, exit code 255 might mean that the returned exit code is outside of the 0-255 range.

If the error code is 255 then there is something wrong in the native rule and Powershell script which is not understood by cmd.exe or shell.

Please follow the below diagnosis -

 

Diagnosis

Enable the info log of IQService - using the below steps

  1. Stop the IQService service.
  2. Go to IQService folder and hit the command - IQService.exe -l 2 -f IqserviceInfo.txt
  3. Restart the IQService.

Analyze the IQService logs, if something wrong in the RPCRequest and Response.

Validate the attributes of native rule is seem like below -

 

 

"attributes": {
            "ObjectOrientedScript": "true",
            "extension": ".ps1",
            "sourceVersion": "1.0",
            "disabled": "false",
            "program": "powershell.exe",
            "timeout": "300"
},

 

 

Solution

If native rule's attribute are not like above mentioned then update those in native rule.

Pass the exact path of Utils.dll in native rule and Powershell script.

Try to pass only nativeidentity via command in native rule toPowershell script rather than passing rpcrequest in the command.

 

Thanks,

IAM_PDU

Labels (1)
Labels:
Comments
ssalens2
‎Jul 05, 2022 09:13 AM
‎Jul 05, 2022 09:13 AM

Could you provide an example for parts 2 and 3 of the solution?

IAMpdu
‎Jul 07, 2022 03:01 AM
‎Jul 07, 2022 03:01 AM

Hello @ssalens2 ,

 

please find the below code snippet.

 

Add-Type -Path "C:\SailPoint\IQService\Utils.dll";
$sReader = New-Object System.IO.StringReader([System.String]$env:Request);
$xmlReader = [System.xml.XmlTextReader]([sailpoint.utils.xml.XmlUtil]::getReader($sReader));
$requestObject = New-Object Sailpoint.Utils.objects.AccountRequest($xmlReader);
$requestAsString = $requestObject.nativeIdentity
$command = "C:\SailPoint\IQService\test.ps1"
$command = -join ($command, " -requestString '$requestAsString'")
Invoke-Expression $command

 Thanks,

IAM_PDU

sidharth_tarlapally
‎Nov 12, 2024 01:04 AM
‎Nov 12, 2024 01:04 AM

Thank you so much !!!!!

Version history
Revision #:
6 of 6
Last update:
‎May 27, 2022 08:10 PM
Updated by:
Community Administrator
 
View Article History
Contributors
Top