0 votes

Hello, we want to setup a scheduled report with all our teams (security groups) and their respective team-leader (specified in "managedBy" of security group).

I get the name of the team-leader in the report, but i also need the attribute "employeeNumber" of the team-leader. And this is my problem...

Can you help me with this problem?

by (850 points)
0

Hello,

For us to suggest a solution, please, specify how exactly the report is currently generated. If it is generated by a script, please, post the script here or send to us (support[at]adaxes.com).

0

I copied a default report "objects in OU", so i think it is generated by the following script

# Get parameter values
$objectTypes = $Context.GetParameterValue("param-ObjectTypes")
$scope = $Context.GetParameterValue("param-Scope")
$subtreeScope = $scope -eq "ADS_SCOPE_SUBTREE"

# Custom column identifiers
$ouColumnID = "{44db2afb-5559-4d2f-a1f7-e623e3a6c815}"

# Create a searcher for child objects
$childObjSearcher = New-Object Softerra.Adaxes.Adsi.Search.DirectorySearcher $NULL, $False
$childObjSearcher.SearchParameters.SearchScope = $scope
$childObjSearcher.SearchParameters.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$childObjSearcher.SearchParameters.Filter = "(|" + $objectTypes + ")"
$childObjSearcher.SearchParameters.PageSize = 500
$childObjSearcher.SetPropertiesToLoad($Context.DirectorySearcher.GetPropertiesToLoad())

# Add properties necessary to generate the report
$propertiesForOUs = @("objectClass", "objectGuid", "distinguishedName")
$Context.DirectorySearcher.SetPropertiesToLoad($propertiesForOUs)

# Search filter
$filter = "(objectCategory=organizationalUnit)"
$Context.DirectorySearcher.AppendFilter($filter)

# Generate report
try
{
    $searchIterator = $Context.DirectorySearcher.ExecuteSearch()
    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current

        $ouDN = $searchResult.GetPropertyByName("distinguishedName").Values[0]
        $columnValues = @{ $ouColumnID = $ouDN; }

        # Search for child objects
        $hasChildObjects = $False
        $childObjSearcher.SearchParameters.BaseObjectPath = $searchResult.AdsPath
        try
        {
            $childObjSearchIterator = $childObjSearcher.ExecuteSearch()
            while ($Context.MoveNext($childObjSearchIterator))
            {
                $childObjSearchResult = $childObjSearchIterator.Current
                if ($subtreeScope -and ($childObjSearchResult.AdsPath -eq $searchResult.AdsPath))
                {
                    # Subtree scope includes the base object. We don't need the object in the report.
                    continue
                }

                $hasChildObjects = $True
                # Add the object to the report
                $Context.Items.Add($childObjSearchResult, $columnValues, $NULL)
            }
        }
        finally
        {
            if ($childObjSearchIterator) { $childObjSearchIterator.Dispose() }
        }

        if ($hasChildObjects -eq $False)
        {
            # The OU is empty
            if ($styleNoChildObjects -eq $NULL)
            {
                $styleNoChildObjects = $Context.Items.CreateItemStyle("#3d3d3d", $NULL,
                    "ADM_LISTITEMFONTSTYLE_REGULAR")
            }
            $Context.Items.Add(-1, "<Keine Objekte>", "Information", $columnValues, $styleNoChildObjects)
        }
    }
}
finally
{
    if ($searchIterator) { $searchIterator.Dispose() }
}
0

Hello,

Sorry for the confusion, but we are not sure what report exactly you need. Should it only include security groups located in the selected OU and the report columns should display group names, group owners (specified in the Managed By property) and Employee Numbers of the owners?

If that is not so, please, provide all the possible details regarding the desired report with live examples.

0

You are exactly right. Security Groups in selected OU and in the columns the name of the group, group owner and employeeNumber of the owner.

1 Answer

0 votes
by (187k points)

Hello,

Thank you for the confirmation. To create the desired report:

  1. Launch Adaxes Administration Console.
  2. In the Console Tree, right-click your service node.
  3. In the context menu, navigate to New and click Report. image.png
  4. Enter a report name and click Next. image.png
  5. Click New.
  6. Click Next twice and then click Finish.
  7. Click Next twice.
  8. In the Report-specific columns section, click Add. image.png
  9. Enter a custom column name (e.g. Owner Employee Number) and click Next. image.png
  10. In the Script field, paste the below script:
$group = $Context.GetADObject()
try
{
    $groupOwnerDN = $group.Get("managedBy")
    $groupOwner = $Context.BindToObjectByDN($groupOwnerDN)
    $employeeNumber = $groupOwner.Get("employeeNumber")
}
catch
{
    $employeeNumber = $NULL
}

$Context.Value = $employeeNumber
  1. Click Finish.
  2. Click Next.
  3. In the Search filter field, enter the following:
(groupType:1.2.840.113556.1.4.803:=2147483648)
  1. Click Next and finish creating the report.
0

Thanks for your help, it works great!

Related questions

0 votes
1 answer

Hi, I would need to set a random plaintext in the header of the login page of one of the contexts (via custom HTML). This plaintext must be aligned with a ... . This would serve as a pseudo verification code for entering in the console. Thanks, Daniele

asked May 26 by dmaggiolo (250 points)
0 votes
1 answer

Hi, is there any function to get all direct an indirect memberships, with the multiple one? If we check the indirect membership checkbox there are only shown every "group" once. ... groups he is getting the same permissions and so on. Is there a way? Regards

asked Jan 29, 2018 by plesen (510 points)
0 votes
0 answers

I'm trying to setup a quick automations to drop a notification into a Micrsoft Teams feed using their Webhook integration. I've managed to make Webhooks work ... -body $body -ContentType 'application/json' Any assistance with this would be gratefully received

asked Jan 20 by richarddewis (1.5k points)
0 votes
1 answer

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19 by bavery (1.3k points)
0 votes
1 answer

Where are the result options located for Reports? I have several admins that do a All Users report search then click on the User Name, from the Menu on the left ... the user does not have the option to select these options. Standard Password Configuration:

asked Sep 2 by dknapp (690 points)
2,330 questions
2,085 answers
5,671 comments
92,803 users