After struggling with this requirement for more than a day, and reading too much information about the OAuth2 protocol, I finally was able to accomplish it, and thought it will save some time to document the process for future use.
So here are the required steps:

Read more in my company blog …

A while ago I wrote a post about integration between SharePoint 2010 and System Center Orchestrator, and the solution has been successfully used so far in my company. Since then, we moved to SharePoint 2013 and Microsoft released their new runbook engine – “Service Management Automation” (SMA) that integrated with the Windows Azure Pack (WAP). So, after we deployed WAP I was looking for an option to integrate between our SharePoint and the new runbook engine but found that the existing solutions are the same as they were for the Orchestrator – implemented by an infinity loop that queries a SharePoint list every specific interval. As I explained in my previous post this implementation is not efficient as it executes a lot of unnecessary queries and includes a delay of up to the interval time till the runbook kicks off. So I decided to adapt my previous solution to the new SMA engine. The attached solution uses SharePoint BDC to expose the SMA runbooks as an external list. The list contains a column called “InitValue” and by updating its value, the selected runbook will be triggered and the new value will be provided as the runbook’s first parameter. This external list allows users to create a SharePoint workflow (using SharePoint designer) that will execute a SMA runbook by using the “Update List Item” action, picking the desired runbook from the list and setting the parameter’s value. To send more than one parameter you can pass the current record Id as a parameter and then query the record’s values from the runbook. The solution also allows the administrator to filter the runbooks that are exposed by the external list, to include only runbooks that are tagged with a specific name.

Required Ingredients:

  1. SMA server with at least one runbooks that accepts zero or one parameter
  2. SharePoint 2013 with the BCD service and the Security storage service enabled and attached to your web application.
  3. The “SMA BDC connector” (download link at the bottom of this post)


  1. Deploy the provided WSP File. You can accomplish that by executing the following cmdlets on the SharePoint server:
    Add-SPSolution {extract path}\SmaBdcConnector.wsp
    Install-SPSolution -Identity SmaBdcConnector.wsp -GACDeployment
  2. On the Business Data Connectivity Service set the object permissions of the new “Runbook” type and give the end users the Execute permission.
  3. Create a new Secure Storage Target Application with the following configurations:
    1. Name: “C60.SmaBdcConnector”
    2. Type: “Group Restricted”Secure Storage Target Application
    3. On the fields definition page, add the last 2 fields:
      Name Type Mask
      Windows User Name Windows User Name False
      Windows Password Windows Password True
      URL Generic False
      Tag Filter Key False

      BDC Fields

    4. On the permission page, set the Members to the end users group. I used “Everyone”BDC Permissions
  4. Choose the new store application and click “Set credential”:
    1. Username/Password – user that has permission to execute the SMA’s runbooks. The username should include the domain (Domain\username). You can grant a user the required permission by adding it to the local group “SMA Administration Group” on the SMA server.
    2. URL of the SMA services. The format is (if deployed with the default port): https://{SMA Server}:9090/00000000-0000-0000-0000-000000000000
    3. Optional – to filter the runbooks list for only a specific tag, type in the “Tag Filter” field the required tag name.BDC Set Credentials Fields
  5. Create an External List based on the “SmaBdcModel” External content type.
  6. Edit one of the workflows on the list, set the value of the “InitValue” field to the value of the first parameter.
  7. Check that the runbook was executed.

Download the WSP file and source (15.2 MB)

Mail apps for Outlook makes developing Outlook customizations simple and straightforward. A mail app is just a webpage that is hosted inside Outlook. Outlook activates it and makes it available to the user contextually with respect to the item that the user is currently viewing. The user controls starting any available mail app and the app can run seamlessly across the Outlook rich clients, Outlook Web App and OWA for Devices, such that you need to install a mail app only once for a mailbox and it will work on the devices and on the Outlook clients that it is designed for.
When a user starts the app, Outlook provides a context object that contains information about the current item and also enables access to the Exchange Web Services (EWS) of the current mailbox (using the mailbox’s “makeEwsRequestAsync” method).
I have been asked to provide, inside Outlook, some statistical information about the current email’s sender like the number of messages, number of unread messages etc. After considering the available options, I have found that implementing such a requirement with a mail app is the easiest method.  The main disadvantage relative to a classic Outlook Add-in is that the app can work only on Exchange Online or Exchange Server 2013 or a later version, but this was not an issue in my environment.

Read more in my company blog …

So I needed to automate some configuration tasks on a Cisco ASA firewall, and thought it will be an easy task since it has an SSH interface. But after a couple of failed tries and some searching on the web, I realized that I could not use the standard SSH command mode to access the ASA and that the only working and reliable solution out there (that I found) was on this post: “How to automate scripted commands to a Cisco ASA via ssh“. However,  it relies on the “Expect” Linux command, and in my case, I preferred to execute the script directly from the System Center Orchestrator machine, which is windows based. Some blogs mentioned the windows Plink.exe command as an option too, this solution worked but it did not allow to do validations and extra logic during the script execution, as the script is sent to the device in one block. I also found this PowerShell module “SSH from PowerShell using the SSH.NET library”  that sounded promising at first, but  works with the standard SSH command and when trying to use it, I was not able to connect to my ASA firewall.
Finally, I decided to develop my own PowerShell module …

Read more in my company blog …


Sending email notifications regarding a working item in Service Manager is a common requirement that doesn’t really exist out of the box. Travis had published, a while ago, a plug-in called “SCSM SendEmail”. This plug-in though filling that gap, still was missing some of the common requirements:

  • Supporting only Incident – you cannot send email notifications about a service request.
  • Adding new email template required a new workflow and manual updates to the management pack XML, which means the end user cannot do it alone.
  • There is no way to send notifications to email addresses that do not exist in the SCSM user list. In my environment, for example, I needed to send the notifications to all the email addresses in a specific field of the work item.
  • Does not provide a way to “Set First Response” or change the work item status to “Pending”
  • It has some multi users/messages reliability issues:
    • When you are trying to send the same message content again, even if you are changing the template, it will not send it and there will be no indication that the message was not sent.
    • When you are trying to send a second message while the work item is open in the console, the first message will not be sent and there will be no indication as well.
    • When you are trying to send a second message while the work item is not open in the console and before the previous sending workflow has been started, it will send two emails but both with the content of the second message.

All these issues forced me to develop a custom solution…

Read more in my company blog …

The Problem:
There are many blog posts and discussions about sending email notifications from Service Manager. Although Out-of-the-box, Service Manager has strong capabilities for notifications such as:

  • Template editor that allow the end user to insert relevant entity fields into the mail body
  • The ability to allow the end user to specify events conditions that will trigger specific notification, using a simple wizard.

What is missing is the capability to use this functionality from inside a SCSM Workflow.
There are some solutions provided by Travis (SendEmail) and German (http://scsmsource.blogspot.co.uk/2011/04/work-item-assignmentreassignment.html), however both these solutions do not allow customization to the workflow in the Authoring Tool.
In my SCSM environment I needed the capability to send notifications as part of more complex workflows and was also required to send the notification to external emails not defined in the SCSM users DB.

Read more in my company blog …

The problem:
SharePoint workflows, which are based on Microsoft WF, are a great way to automate processes that require human interaction and can be easily managed through SharePoint designer, without any custom development. But when it comes to automating IT processes, Microsoft provides us with another workflows engine called Orchestrator (part of System center). The Orchestrator has a variety of activities and integration packs that make him a powerful tool for implementing IT runbooks.
I needed a solution for users who design SharePoint’s workflows, using the SharePoint designer, to easily create workflows that will include execution of Orchestrator’s runbook. Using the SharePoint OIP (Orchestrator Integration Packs) you can monitor a SharePoint list for a change and execute a runbook as a result (as described here). However, this monitoring approach is based on pooling, so for example, if I’m using the default 30 seconds for pooling interval with the above approach for a task that is usually required once a week, it will generate more than 20,000 unnecessary queries against the SharePoint. Then, when the user will update the list’s item it will take up to 30 seconds before the workflow will start.
And so, it would seem that triggering the runbook from SharePoint will be a much better solution.

Read more in my company blog …



Get every new post delivered to your Inbox.