Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null

[clyates4]

Each time a command is executed, the following error is displayed before the command runs:

Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null.
Parameter name: s"
At C:\Users\cyates\OneDrive - Company
Energy\Documents\WindowsPowerShell\Modules\SailPointIdentityNow\1.1.5\scripts\Get-IdentityNowAuth.ps1:167 char:5

• $clientSecretv3 = [System.Runtime.InteropServices.marshal]::PtrTo ...
  

• ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  

  • CategoryInfo : NotSpecified: (:) [], MethodInvocationException
  • FullyQualifiedErrorId : ArgumentNullException

Here is the code referenced in the error:

Generate the account hash

$hashUser = Get-HashString $adminUSR.ToLower() 
$adminPWD = Get-HashString "$($adminPWDClear)$($hashUser)"  

$clientSecretv3 = [System.Runtime.InteropServices.marshal]::PtrToStringAuto([System.Runtime.InteropServices.marshal]::SecureStringToBSTR($IdentityNowConfiguration.v3.Password))

Here is the org configuration

$orgName = "our-org"
Set-IdentityNowOrg -orgName $orgName

# IdentityNow Admin User
$adminUSR = "identityNow_admin_User"
$adminPWD = 'idnAdminUserPassword'
$adminCreds = [pscredential]::new($adminUSR, ($adminPWD | ConvertTo-SecureString -AsPlainText -Force))

# IdentityNow Personal Access Token as generated through the IdentityNow Portal and your personal identity profile preferences
$patClientID = 'd3d1f84bb7112212b26e59cd02242a50'
$patClientSecret = '60132a77b0b64959dbcea23ace211f3afb4f11ab8aae92fe4fcdabe0a8379a88'
$patCreds = [pscredential]::new("$($patClientID)", ($patClientSecret | ConvertTo-SecureString -AsPlainText -Force))

Set-IdentityNowCredential -AdminCredential $adminCreds -PersonalAccessToken $patCreds
Save-IdentityNowConfiguration

[darrenjrobinson]

I've gone through and setup a new machine with the module using PowerShell 5.1.
I then tested the creds using Test-IdentityNowCredentials
I only set it up using a personal access token (v3 creds) so the v2 creds did fail as expected.

    $orgName = "myOrg"
    Set-IdentityNowOrg -orgName $orgName

    # IdentityNow Admin User
    $adminUSR = "identityNow_admin_User"
    $adminPWD = "idnAdminUserPassword"
    $adminCreds = [pscredential]::new($adminUSR, ($adminPWD | ConvertTo-SecureString -AsPlainText -Force))

    # IdentityNow Personal Access Token as generated through the IdentityNow Portal and your personal identity profile preferences
    $patClientID = "yourClientID"
    $patClientSecret = "yourClientSecret"
    $patCreds = [pscredential]::new("$($patClientID)", ($patClientSecret | ConvertTo-SecureString -AsPlainText -Force))

    Set-IdentityNowCredential -AdminCredential $adminCreds -PersonalAccessToken $patCreds
    Test-IdentityNowCredentials 

I can't reproduce your error.
Can you test/validate your credentials using Test-IdentityNowCredentials

[clyates4]

Classification: DCL-Internal I added $patClientID and $patClientSecret to the org setup file, but I did not add values for $adminUSR and $adminPWD. Then I ran get-identitynowauth before running the following: PS C:\temp\powershell\IdentityNow> Test-IdentityNowCredentials APIv2 credentials not stored in IdentityNow Configuration. APIv3 credentials not stored in IdentityNow Configuration. Validated Personal Access Token. PS C:\temp\powershell\IdentityNow> Maybe it is because I need values for $adminUSR and $adminPWD? Thanks for your help From: Darren Robinson ***@***.***> Sent: Monday, May 23, 2022 8:36 PM To: darrenjrobinson/powershell_module_identitynow ***@***.***> Cc: Chris Yates ***@***.***>; Author ***@***.***> Subject: [EXTERNAL] Re: [darrenjrobinson/powershell_module_identitynow] Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null (Issue #56) I've gone through and setup a new machine with the module using PowerShell 5.1. I then tested the creds using Test-IdentityNowCredentials I only set it up using a personal access token (v3 creds) so the v2 creds did fail as expected. $orgName = "myOrg" Set-IdentityNowOrg -orgName $orgName # IdentityNow Admin User $adminUSR = "identityNow_admin_User" $adminPWD = "idnAdminUserPassword" $adminCreds = [pscredential]::new($adminUSR, ($adminPWD | ConvertTo-SecureString -AsPlainText -Force)) # IdentityNow Personal Access Token as generated through the IdentityNow Portal and your personal identity profile preferences $patClientID = "yourClientID" $patClientSecret = "yourClientSecret" $patCreds = [pscredential]::new("$($patClientID)", ($patClientSecret | ConvertTo-SecureString -AsPlainText -Force)) Set-IdentityNowCredential -AdminCredential $adminCreds -PersonalAccessToken $patCreds Test-IdentityNowCredentials [image]<https://urldefense.proofpoint.com/v2/url?u=https-3A__user-2Dimages.githubusercontent.com_384733_169930406-2Dd587b531-2Db989-2D4cc4-2Dbb2a-2D0c7c5f257577.png&d=DwMCaQ&c=M7nMI6M-Uv3ihEfN-QJ3_sQdVexoO64eU4Ftr4lnVk0&r=4FccT72olMQ5-sl17o1hoSJbgd3j_D33DS4sHpjj_XM&m=xwqqsT_F5fJzhmCuqEQ_fp3L83Z45TWonWA4XGcplQJ_LI9BUid5u86Z2mxsa4Zl&s=6awb1HB0bk96pTsbJlPKyMBfDYX_PNdvEU1aXdmQqMo&e=> I can't reproduce your error. Can you test/validate your credentials using Test-IdentityNowCredentials - Reply to this email directly, view it on GitHub<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_darrenjrobinson_powershell-5Fmodule-5Fidentitynow_issues_56-23issuecomment-2D1135305137&d=DwMCaQ&c=M7nMI6M-Uv3ihEfN-QJ3_sQdVexoO64eU4Ftr4lnVk0&r=4FccT72olMQ5-sl17o1hoSJbgd3j_D33DS4sHpjj_XM&m=xwqqsT_F5fJzhmCuqEQ_fp3L83Z45TWonWA4XGcplQJ_LI9BUid5u86Z2mxsa4Zl&s=k830wZ7eu7jOVcQvP7o0P6DRC_IZ3Oc3CLCwGmFTxPc&e=>, or unsubscribe<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_AZIFFKE2ZCWYRDBBSICS52LVLQXA7ANCNFSM5WPN43XQ&d=DwMCaQ&c=M7nMI6M-Uv3ihEfN-QJ3_sQdVexoO64eU4Ftr4lnVk0&r=4FccT72olMQ5-sl17o1hoSJbgd3j_D33DS4sHpjj_XM&m=xwqqsT_F5fJzhmCuqEQ_fp3L83Z45TWonWA4XGcplQJ_LI9BUid5u86Z2mxsa4Zl&s=ZTWKs6lo66YWuAnXGivT5gkF7_fIOFGq1Xa0lhqoinc&e=>. You are receiving this because you authored the thread.Message ID: ***@***.******@***.***>>

…

________________________________ This email (and attachments if any) is intended only for the use of the individual or entity to which it is addressed, and may contain information that is confidential or privileged and exempt from disclosure under applicable law. If the reader of this email is not the intended recipient, or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by return email and destroy all copies of the email (and attachments if any).

[darrenjrobinson]

Hi @clyates4
v1.1.6 of the module addresses this error.
It is currently in this branch which you can download an manually update your environment with. https://github.com/darrenjrobinson/powershell_module_identitynow/tree/V3API-CMDLET-Options

It also includes a number of other enhancements for changes to the IDN APIs.
I'll be looking to finalise that version in the next week, merge it with Main and publish v.1.1.6 to the PowerShell Gallery.

[clyates4]

Classification: DCL-Internal Thanks Darren! Sent from a mobile device.

…

________________________________ From: Darren Robinson ***@***.***> Sent: Tuesday, October 11, 2022 2:26:09 PM To: darrenjrobinson/powershell_module_identitynow ***@***.***> Cc: Chris Yates ***@***.***>; Mention ***@***.***> Subject: [EXTERNAL] Re: [darrenjrobinson/powershell_module_identitynow] Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null (Issue #56) Hi @clyates4<https://urldefense.com/v3/__https://github.com/clyates4__;!!NMiH8OWLS8U!WK6WlxDWTsmUWydqmWxuODSia2rvAExcB10-qB_szPh0I3JTcKrZhwjrXVxofOieOGx6UboBrmjAdOPG-D0jhxvp$> v1.1.6 of the module addresses this error. It is currently in this branch which you can download an manually update your environment with. https://github.com/darrenjrobinson/powershell_module_identitynow/tree/V3API-CMDLET-Options<https://urldefense.com/v3/__https://github.com/darrenjrobinson/powershell_module_identitynow/tree/V3API-CMDLET-Options__;!!NMiH8OWLS8U!WK6WlxDWTsmUWydqmWxuODSia2rvAExcB10-qB_szPh0I3JTcKrZhwjrXVxofOieOGx6UboBrmjAdOPG-L7ZMMzZ$> It also includes a number of other enhancements for changes to the IDN APIs. I'll be looking to finalise that version in the next week, merge it with Main and publish v.1.1.6 to the PowerShell Gallery. — Reply to this email directly, view it on GitHub<https://urldefense.com/v3/__https://github.com/darrenjrobinson/powershell_module_identitynow/issues/56*issuecomment-1275170279__;Iw!!NMiH8OWLS8U!WK6WlxDWTsmUWydqmWxuODSia2rvAExcB10-qB_szPh0I3JTcKrZhwjrXVxofOieOGx6UboBrmjAdOPG-DisQGg9$>, or unsubscribe<https://urldefense.com/v3/__https://github.com/notifications/unsubscribe-auth/AZIFFKFDKIYLM4R27QIIZKLWCW5NDANCNFSM5WPN43XQ__;!!NMiH8OWLS8U!WK6WlxDWTsmUWydqmWxuODSia2rvAExcB10-qB_szPh0I3JTcKrZhwjrXVxofOieOGx6UboBrmjAdOPG-C2XDWo5$>. You are receiving this because you were mentioned.Message ID: ***@***.***>

________________________________ This email (and attachments if any) is intended only for the use of the individual or entity to which it is addressed, and may contain information that is confidential or privileged and exempt from disclosure under applicable law. If the reader of this email is not the intended recipient, or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by return email and destroy all copies of the email (and attachments if any).