I have a SPD 2010 workflow that uses the start approval process task. This activity allows user to approve or deny a request from the task item. If the user rejects the item, then the workflow status gets set to "Rejected".
My question is how do i get the current workflow status value?
i.e. if the user rejects it, then i want the workflow to branch. But how do i branch based on workflow status?
I tried Current Item: Approval Status. But that does not seem to be correct.
thanks
The workflow status are constants (integers), so you'll need to refer to a list like:
Status: Value
Not Started: 0
Failed on Start: 1
In Progress: 2
Error Occurred: 3
Canceled: 4
Completed: 5
Failed on Start(Retrying): 6
Error Occurred (Retrying): 7
Canceled: 15
Approved: 16
Rejected: 17
So you'd need to check if Approval Status equals 17.
Related
Starting July 1st, 2021, SQL Server Agent fails when using sp_send_dbmail to execute a stored procedure containing a linked server. If I remove the linked server portion of the code from the stored procedure the job runs successfully.
The job simply executes the following SQL statement:
EXECUTE msdb.dbo.sp_send_dbmail
#recipients = 'My.Name#MyEmailAddress',
#subject = 'Daily Security Check',
#query = 'EXECUTE MyDatabase.sec.pr_LinkedServerQuery',
#attach_query_result_as_file = 1
I can successfully run this code manually from a query window while logged on as the Agent. But if I R-click the job and select “Start job at step…” the agent job fails. Also, if I edit the job by removing the dbmail procedure and simply run EXECUTE MyDatabase.sec.pr_LinkedServerQuery the agent job is successful. It is only when nested inside the dbmail procedure that it fails. This job has previously run successfully for over a year.
I am using SQL Server 2017.
The logs show an error about sp_send_dbmail but searches on this error don’t seem to reflect the issue I am having.
Executed as user: HCI\AgentName. Microsoft (R) SQL Server Execute Package Utility Version 14.0.3381.3 for 64-bit Copyright (C) 2017 Microsoft. All rights reserved. Started: 2:19:52 PM Progress: 2021-07-06 14:19:52.96 Source: {457716A2-22BF-47F5-A08E-8A48A218911F} Executing query "DECLARE #Guid UNIQUEIDENTIFIER EXECUTE msdb..sp...".: 100% complete End Progress Error: 2021-07-06 14:19:53.11 Code: 0xC002F210 Source: Execute T-SQL Statement Task Execute SQL Task Description: Executing the query "EXECUTE msdb.dbo.sp_send_dbmail #recipients = '..." failed with the following error: "Failed to initialize sqlcmd library with error number -2147467259.". Possible failure reasons: Problems with the query, "ResultSet" property not set correctly, parameters not set correctly, or connection not established correctly. End Error Warning: 2021-07-06 14:19:53.11 Code: 0x80019002 Source: Subplan_1 Description: SSIS Warning Code DTS_W_MAXIMUMERRORCOUNTREACHED. The Execution method succeeded, but the number of errors raised (1) reached the maximum allowed (1); resulting in failure. This occurs when the number of errors reaches the number specified in MaximumErrorCount. Change the MaximumErrorCount or fix the errors. End Warning Progress: 2021-07-06 14:19:53.16 Source: Notify Operator Task Executing query "EXECUTE msdb.dbo.sp_notify_operator #name=N'Andy H...".: 100% complete End Progress DTExec: The package execution returned DTSER_FAILURE (1). Started: 2:19:52 PM Finished: 2:19:54 PM Elapsed: 1.719 seconds. The package execution failed. The step failed
This issue has bested me so far. Thank you for any insight into slaying this beast!
Thank you Ramya Makam for your article.
After I ran the profiler I got a real error:
Linked servers cannot be used under impersonation without a mapping for the impersonated login.
With that it was easy to edit Linked Servers and I am back up and running!
since 5 days every pipeline run is canceled (not failed) automatically after round about 30 minutes.
The pipeline stage shows the error message:
Response status code does not indicate success: 403 (Identity does not have permissions for Microsoft.MachineLearningServices/workspaces/experiments/runs).
Microsoft.RelInfra.Common.Exceptions.ErrorResponseException: Identity does not have permissions for Microsoft.MachineLearningServices/workspaces/experiments/runs/read actions.
runs
I verified that my user has the rights of the role (owner and contributor). So every write/ read access should be there.
access rights
I created a completly new machine learning ressource and tried with different users (role contributor).
The error message does not make sense, because the pipeline starts and runs for 30 minutes (every user right is there?!) and is canceled automatically after some time. If I re-run the pipeline step from the ML studio, the step succeed.
I am working with Azure Machine Learning for 4 months and everything went fine.
The pipeline is created with a local python SDK.
The abonnement contains the payed version.
EDIT:
The 70_driver_log log does not show any error message - it stops after printing some own messages.
70_driver_log.txt
7%|█ | 10388/139445 [12:55<2:00:20, 17.87it/s]
7%|█ | 10390/139445 [12:55<3:04:23, 11.67it/s]
executionlogs.txt:
[2021-05-25 12:00:47Z] Job is running, job runstatus is Running
[2021-05-25 12:02:49Z] Cancelling the job
Context of my environment: I have run an custom organisation policy where i add these to my azure devops ci/cd pipeline.
Next to that i added the resource group AzSKRG and with the command Get-AzSKAzureServicesSecurityStatus Been adding attestation statusses to some of the controls I found it not necessary to fail the pipeline. But with the last step I have some problems
I am trying to make some of the manual and verify controls to "passed" so that my developing team can run this flawless in the pipeline and i just verify the controls once every 90 days (the expiration days).
The problem i have ATM is that i can't add attestation statusses to these controlID's
Azure_APIManagement_AuthZ_Restrict_Caller_IPs
Azure_APIManagement_DP_Restrict_Critical_APIs_Access
Azure_KeyVault_AuthZ_Grant_Min_Access_policies
Azure_APIManagement_DP_Use_Secure_TLS_Version
Azure_APIManagement_DP_Dont_Reveal_Backend_Info
Azure_APIManagement_AuthZ_Enable_Requires_Approval
for the keyvault i have no clue why i can't add the attestation status. this is my output of my powershell command
================================================================================
AzSK Version: 3.8.0
================================================================================
Method Name: Get-AzSKAzureServicesSecurityStatus (GRS)
Input Parameters:
Name Alias Value
---- ----- -----
SubscriptionId s xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
DoNotOpenOutputFolder dnof True
ResourceType rt Microsoft.KeyVault/vaults
ResourceGroupNames rgns xxxxxxxxxx
ControlIds cids Azure_KeyVault_AuthZ_Grant_Min_Access_policies
ControlsToAttest cta All
AttestationStatus as NotAnIssue
JustificationText jt Quarterly check
You can also use: grs -s xxxxxxxxxxxxxxxxx -dnof -rt Microsoft.KeyVault/vaults -rgns xxxxxxxx Azure_KeyVault_AuthZ_Grant_Min_Access_policies -cta All -as NotAnIssue -jt Quarterly check
================================================================================
Running AzSK cmdlet using security policy...
Number of resources: 1
Number of resources for which security controls will be evaluated: 1
================================================================================
Starting analysis: [FeatureName: KeyVault] [ResourceGroupName: xxxxxxxxx] [ResourceName: xxxxxxxxxx]
--------------------------------------------------------------------------------
Checking: [KeyVault]-[All Key Vault access policies must be defined with minimum required permissions to keys and secrets]
--------------------------------------------------------------------------------
Completed analysis: [FeatureName: KeyVault] [ResourceGroupName: xxxxxxxxxxxx] [ResourceName: xxxxxxxx]
================================================================================
Summary Total Verify
------- ----- ------
High 1 1
------ ------ ------
Total 1 1
------ ------ ------
================================================================================
** Next steps **
Look at the individual control evaluation status in the CSV file.
a) If the control has passed, no action is necessary.
b) If the control has failed, look at the control evaluation detail in the LOG file to understand why.
c) If the control status says 'Verify', it means that human judgement is required to determine the final control stat
us. Look at the control evaluation output in the LOG file to make a determination.
d) If the control status says 'Manual', it means that AzSK (currently) does not cover the control via automation OR A
zSK is not able to fetch the data. You need to manually implement/verify it.
Note: The 'Recommendation' column in the CSV file provides basic (generic) guidance that can help you fix a failed control. Y
ou can also use standard Azure product documentation. You should carefully consider the implications of making the required c
hange in the context of your application.
Control results may not reflect attestation if you do not have permissions to read attestation data from AzSKRG
--------------------------------------------------------------------------------
Status and detailed logs have been exported to path - C:\Users\xxxxxxxx\AppData\Local\Microsoft\AzSKLogs\xxxxxxxx\20181218_171945_GRS\
================================================================================
################################################################################
Starting Control Attestation workflow in bulk mode...
--------------------------------------------------------------------------------
Warning:
Please use utmost discretion when attesting controls. In particular, when choosing to not fix a failing control, you are taki
ng accountability that nothing will go wrong even though security is not correctly/fully configured.
Also, please ensure that you provide an apt justification for each attested control to capture the rationale behind your deci
sion.
Do you want to continue (Y/N): Y
--------------------------------------------------------------------------------
No. of candidate resources for the attestation: 1
================================================================================
Info: Starting attestation [1/1]- [FeatureName: KeyVault] [ResourceGroupName: xxxxxx] [ResourceName: xxxxxxxx]
--------------------------------------------------------------------------------
No. of controls that need to be attested: 1
--------------------------------------------------------------------------------
ControlId : Azure_KeyVault_AuthZ_Grant_Min_Access_policies
ControlSeverity : High
Description : All Key Vault access policies must be defined with minimum required permissions to keys and secrets
CurrentControlStatus : Verify
--------------------------------------------------------------------------------
Attestation summary for this resource:
ControlId EvaluatedResult EffectiveResult AttestationChoice
--------- --------------- --------------- -----------------
Azure_KeyVault_AuthZ_Grant_Min_Access_policies Verify Passed NotAnIssue
Committing the attestation details for this resource...
Commit succeeded.
--------------------------------------------------------------------------------
Completed attestation: [FeatureName: KeyVault] [ResourceGroupName: xxxxxxx] [ResourceName: xxxxxx]
```
As for the api management controlID's , I've looked inside my powershell module folder inside
C:\Program Files\WindowsPowerShell\Modules\AzSK\3.8.0\Framework\Configurations\SVT\Services
And searched for the control ID's in the apimanagement.json
But couldn't find it in the json files, Maybe inside the powershell module these control's are not present and inside the azsk pipeline task they are .
Just upgrade to the latest version and run the scan command again. This should solve your issue.
I am using the same code to trigger 13 workflow form item attachment event receiver ,but i am getting null in (SPWorkflowAssociation associationTemplate) in case of 13 workflow template ,while successfully able to trigger 10 workflow template.
Can u please guide this isssue?.
I developed a application site where one facility is FAQ in which user can post text data without any limit.
I hv two server to run the application whenever a single field (question or answer) size is huge (like one page long) one of the server is giving service unavailable. I checked in log the error detail is
-------------------
Event Type: Error
Event Source: W3SVC
Event Category: None
Event ID: 1002
Date: 1/23/2012
Time: 3:29:49 PM
User: N/A
Computer: BA5SWWW006
Description:
Application pool 'pool_name' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
--------------------
AND ALSO
-------------------
Event Type: Error
Event Source: VsJITDebugger
Event Category: None
Event ID: 4096
Date: 1/23/2012
Time: 3:29:44 PM
User: NT AUTHORITY\NETWORK SERVICE
Computer: BA5SWWW006
Description:
An unhandled win32 exception occurred in w3wp.exe [10896]. Just-In-Time debugging this exception failed with the following error: Debugger could not be started because no user is logged on.
Check the documentation index for 'Just-in-time debugging, errors' for more information.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 02 00 5c 80 ..\
------------------------
but the other server is working fine. i check all d basic setting of both is same.
and also there no such logged in error for any other module.
Even error wont occur for same module if the text in question or answer is less.
when this occur it ask for enter the user credentials i couldn't understand why it prompt for such?????
i use my-sql with longtext field to store question or answer.
May be best to try the IIS Debug Diagnostics Tool to further diagnose the problem.
This SO question has plenty of other suggestions: How to diagnose IIS fatal communication error problem