I “inherited” an ancient Microsoft System Center Service Manager instance used for internal helpdesk self-service for various user provisioning, changes etc.
It is a nightmare to change or maintain (not mentioning LONG out of support), so we have long been wanting to replace it. We have thought of replacing with Power Automate and Power Apps - but PowerShell Universal look promising as we also do a lot of PowerShell scripts for all kinds of things.
So I just want to hear of any experiences with using PowerShell Universal as a selfservice portal for Helpdesk - and maybe even towards end users for certain things.
And does it support 2-way communication in forms and scripts, so it is possible to validate input before runinng a script? (The Service Manager instance is (at least in our setup) a fire-and-forget type of “order-job-system”, so if you type something wrong into a field the job will just fail - or do something bad pending on the script).
What are the primary use for people? Sky’s the limit?
PSU’s Apps are basically web forms written in PowerShell. So you can do your validation in the App itself. You can include a validation in the input control itself. It has pretty good support for different controls like textbox, date selector, radio buttons etc. For example in about 20 lines I was able to build an App that pulled in data from a SQL query and display it in a table. PSU’s tables in Apps have full featured sorting/searching/filtering. It’s great for help desk type self service, but you will have to set appropriate security, I’ve found the built in Roles very easy to use for that. Think of it as a web GUI front end with a PowerShell back end, so if you can do it in PowerShell, you can do it in PSU.
PSU also has scheduled scripting to you can set up your batch jobs to run periodically. For example if you have something like a script that needs to move a certain file every day, you can script it and schedule it. This is similar to the Windows Job Scheduler except PSU has more useful features, like job history, and direct code editing.
hi @nra , we got on the PSUniversal bandwagon a few weeks ago for the same reason and have been working through various bits and bobs like this too.
Some examples we use it for atm are:
User Offboarding - we have a Script that disables a persons AD Account (and any related admin accounts) that the Service Desk run using the portal, and the same script is also run by our Identity system via a PSU API - so consistent disable by person or automation
Account Onboarding - we have an app with a few of pages for creating various account types - Admin, Service, etc that dont come via the identity system. Its standardized this creation to one point for multiple support teams.
Certificate Creation - we have an internal PKI that an app gives, anyone we grant access to, the ability to generate a certificate - the app validates values for name, SANs, etc and also presents only the templates each group should be able to make based on the PSURole - eg only “Infra Admins” can make wildcard certs (through app logic)
Info visibility through apps - we surface/summarize information out of multiple systems by caching the data on a schedule and simple pages that show it for things like DHCP Scopes, DNS Zones, IPAM values - things where the app security cannot let us grant support teams access, but we can control that vis at PSU
When we publish a Script to the portal the Write-Information/Write-Error data is presented to them on running the script. In an App you write your own error handling and display to make it “Pretty”
Our initial use case for PUD was actually this situation. We have a very extensive front end that our techs are able to use to manage users, groups, teams, shared mailboxes and even Teams telephony. The front end system is setup in such a way that the techs are limited to make changes in only an approved manner and we use a SQL proxy back-end where they submit the request to so they don’t need direct permissions to make the necessary changes. This also allows us to log all changes that are made with a who, when, where.
