Configuring Trusted Agent with PowerShell

Role: Administrators.

Minimum Version: Ivanti Neurons for ITSM 2024.2.

You can configure an agent to automate specific tasks or workflows by executing external PowerShell scripts. Using PowerShell script an agent can receive and process requests to execute.

Prerequisites

A self-signed certificate is required during the configuration procedure. The certificate is required to sign the PowerShell script so it can be executed securely. Ensure that you have completed the following prerequisites before you configure Trusted Agent for PowerShell.

To validate the self-signed certificate, you will need a PowerShell script (.ps1) file, and locate this file on the system you are working on, taking note of the file path.

Configure a Script Policy and Add a PowerShell Execution

Follow the procedures below to add a script only connection, and then add a new PowerShell execution.

Upgrade to a Hybrid Policy

You can upgrade an existing LDAP policy to hybrid with both PowerShell and LDAP features.

When you update an LDAP policy to hybrid, you cannot revert the policy back to LDAP only.

Create a New Hybrid Policy.

You can create a new hybrid policy with both PowerShell and LDAP features.

Before starting this procedure, you need to complete the procedures as described in Prerequisites above to provide a self-signed certificate for the hybrid configuration.

Invoke a PowerShell operation with Trusted Agent

Invoke an agent that executes with PowerShell script to update a business object.

1.Log in to Neurons for ITSM as an Administrator.

2.From the Service Desk console, open the Incident workspace.

3.Open an incident, click More, and select Edit Actions.

4.Create a quick action using Graphical Action Designer.

By default, Start Block is selected.

5.Enter the Settings details for the mandatory fields Name, Description, Enter Category, Publish To, and UI Options in the Graphical Action Designer.

Manually enter "Trusted Agent" or "TrustedAgent" (the white space is not required for function) if the Trusted Agent category is not present in the Enter Category option.

6.Drag the Run Program from the Common Actions to the block.

Enter a unique name in the Block Label field.

Select the PowerShell script in the Connection drop-down.

In the Arguments field specify the argument that needs to be parsed through the Powershell script.

Declare arguments, for example: declare a 10, b 5 variables. You can also declare a variable and expression, for example, a 10, UserEmail $(PrimaryEmail), where UserEmail is a parameter in the script, and $(PrimaryEMail) is a field in the business object.

Select the Output Field to show the result of the action triggered by the PowerShell script.

7.Link the Start block to the Run Program block and click Save.

8.Go back to the Incident page, click More > TrustedAgent, and select the action you created.

Now the agent will get triggered and update the associated incident as per the PowerShell script actions.

Verify Execution

To verify the execution of the agent:

1.From the Configuration console click Extend > Integration Tools > Trusted Agent Monitoring.

2.In the Operational Logs, select a PowerShell executed operation and verify the Log Entry for the associated operation.

The Log Entry shows whether the script executed successfully with the expected result.