Custom commands
Let's cut straight to the chase – what is a custom command? A custom command is essentially a predefined workflow of several actions that Adaxes executes one after another when you run the command. As simple as that. Custom commands enable you to simplify multi-step processes by combining every step into a single fluid operation.
One more important bit – you cannot just fling a custom command in the air. It has to target something, a directory object e.g. a user. That target can be scrutinized by Adaxes to adjust the workflow on the fly. For instance, Adaxes can check the property values of the target user, their group membership, mailbox parameters, and then perform different actions based on the result of these checks.
User offboarding is a great example. A plethora of standard operations that must be executed before safely saying goodbye to an employee. They have to be done by the book, on time, and maybe slightly different for each leaver. Adaxes enables you to combine all the operations into a custom command and offboard users in one click.
You can also add parameters to custom commands, for extra flexibility. They come in different shapes and sizes – checkboxes, text fields, drop-down lists, etc., and allow you to request input from the user who executes the command. The input values can then be handled inside the command to adjust the workflow on the go.
Let's use the same offboarding command as an example. You can enhance it by adding an object picker parameter – to select where to forward the emails of the offboarded user. A checkbox parameter can be used to skip entire portions of the workflow when they are not required. A text field can be used to preserve crucial information about the deprovisioned account in its description. You get the idea.
All this enables you to create dynamic and reliable workflows that are an order of magnitude faster to execute than doing every step manually. Even if a custom command initiates long-running processes, you don't have to be there to watch. Adaxes will take care of everything and log every action that was executed.
How to create a custom command
Using scripts in custom commands
Custom commands can be used to run PowerShell scripts straight from the Web interface. You can add a script to a command just like any other action. This offers an array of opportunities – delegating script execution to non-technical staff, building integrations with third-party systems, or simply creating elaborate workflows with a healthy mix of scripts and built-in actions.
Remember that custom commands always target an object? Well, it is incredibly easy to obtain all the information about that object in scripts. For example, you can use value references – they are templates like %department% or %username% that will be substituted by the property values of the target when the command is launched.
If you are familiar with PowerShell scripting, you will feel at home when scripting in Adaxes. It is basically the same but with plenty of Adaxes-specific functions that make your life better. If scripting is not your forte but you cannot achieve what you need with built-in actions, you can always sift through the Adaxes script repository. Who knows, maybe you won't need to write a single line of code yourself.
Delegation of custom commands
Given how easy it is to launch custom commands, it's only natural you would seek to delegate them to someone else. And Adaxes delivers. To delegate a custom command, all you need to do is to grant that person the rights to execute it. You don't need to grant the rights to perform every operation within the command which means you never over-privilege your users.
If the command is meant to be executed only on objects from a particular OU, you can restrict the scope of the permissions respectively. On top of that, you can create virtual collections of objects called business units, and grant the rights to execute custom commands only on business unit members.
For example, let's say you have a standard procedure for remote employees going on vacation. Just create a custom command with all the steps that must be taken, create a business unit that contains only the users whose employee type is remote, and voila – you can easily delegate this procedure to your HR department. They will not be able to execute the command on a non-remote employee and they will never get any of the steps wrong.
If you still have delegation anxiety, Adaxes can help you get rid of it with the help of approval-based workflows. You can request approval for the execution of an entire custom command or strategically place an approval step before a sensitive operation. When a user launches the command, Adaxes will not perform any operations that require approval until it is granted by the designated employee.
Custom commands are about complete control over your workflows, and approvals let you achieve that final bit of control. Even custom commands with destructive operations like user account deletion can be delegated safely. In the worst-case scenario, you will need to spend a minute reviewing a request and clicking the Deny button.
Custom commands in automated workflows
Some workflows are not meant for manual execution. However, they can still benefit from custom commands. You can configure all the logic of an automated workflow in a custom command and then define when this command should be executed – after certain events in your directory, or simply on a schedule.
For example, a workflow that manages the group membership of your users according to your policies is best executed at multiple points in the user account lifetime, to maintain consistency.
If, at some point, any of your policies change, all you need to do is edit a single custom command. All the modifications will automatically apply to all the places where that workflow is used.
Custom commands are a versatile tool that Adaxes adds to your arsenal. They let you turn even the most complex processes into one-click actions. They let you delegate workflows that previously were too dangerous to delegate. They act as a stepping stone that lets you start your journey towards true automation. And automation is a weird thing. It first seems difficult on paper, but once you develop a taste for it, there is no going back.
