0 votes

We want to check, if the number of a new team (group) is unique. The number is stored in the attribute "gidNumber". I have a business rule executing before creating group. The following script is executed, but it doesn't check the number. Am i missing something?

Import-Module Adaxes

if ($Context.IsPropertyModified("gidNumber"))
{
    # Get the value
    $value = $Context.GetModifiedPropertyValue("gidNumber")

    # Validate the value
    if (([System.String]::IsNullOrEmpty($value)) -or (-not($value.Contains("-"))))
    {
        $Context.Cancel("Ung├╝ltige Team-Nummer!")
        return
    }

    # Check whether the value is unique
    if ((Get-AdmGroup -Filter 'gidNumber -eq $value') -ne $NULL)
    {
        $Context.Cancel("Ein Team mit dieser Team-Nummer existiert bereits!")
        return
    }
}
by (850 points)
0

Hello,

The script looks just fine. For us to help you with a solution, please, specify the following:

  • Where exactly is the script executed? Is it a Business Rule triggering Before updating a group or Before creating a group? Could you, please, post here or send us (support[at]adaxes.com) a screenshot?
  • What exactly do you mean by it doesn't check the number?
  • Do you face any error messages? If so, please, post here or send us (support[at]adaxes.com) screenshots.
  • Is gidNumber the LDAP name of the property or its display name?
0

The script is in a custom command. I have a business rule triggering before creating a group, which executes the custom command, with scope on all objects

Every team has a number set in the attribute gidNumber image.png

This number has to be unique, no other team should have the same number.

In case a new team (group) is created, the gidNumber of all existing teams must be checked. If the gidNumber of the new team already exists on another team, there should be an error.

Now, the business rule triggers, the script is executed and gives me no error. I can create a team with an existing gidNumber, without an error.

1 Answer

0 votes
by (187k points)

Hello,

To achieve the desired behavior, you need to move the script into the Business Rule triggering Before creating a group. It will never work in a Custom Command. Also, you need to remove the check for dashes being present in the property value as it is an integer property and it cannot have dashes. Find the updated script below.

Import-Module Adaxes

if ($Context.IsPropertyModified("gidNumber"))
{
    # Get the value
    $value = $Context.GetModifiedPropertyValue("gidNumber")

    # Validate the value
    if ([System.String]::IsNullOrEmpty($value))
    {
        $Context.Cancel("Ung├╝ltige Team-Nummer!")
        return
    }

    # Check whether the value is unique
    if ((Get-AdmGroup -Filter 'gidNumber -eq $value') -ne $NULL)
    {
        $Context.Cancel("Ein Team mit dieser Team-Nummer existiert bereits!")
        return
    }
}

Related questions

0 votes
1 answer

Hello, I have a web service that checks if a user is a member of a group. I am not concerned if they are a direct member or an indirect member of a group, but if the user is in the ... I pass it User A and Group 1. I am using ADSI, c# (.Net 4.0), and WCF.

asked Feb 23, 2014 by mbcalvin (1.1k points)
0 votes
1 answer

Hi, I'd like to implement a rule to ensure that telephoneNumber value is unique accross the domain for each user, either after creation or updates. I tried to implement a ... one (before change). How to get the new value in the script ? Thanks Stephen

asked May 31, 2011 by sroux (7k points)
0 votes
1 answer

Hello, I want to check if a user is alredy a member of a specific group before doing sometings. This is the piece of code that works well if I execute it on Powershell ... .LogMessage($_.Exception.Message, "Warning") } } So what's wrong?? Thanks in advance!

asked Jun 29, 2016 by tentaal (5.8k points)
0 votes
0 answers

I am trying to find a way to create Groups based off an OU and a list of options (check boxes) within the portal For example: Select the Target OU to add groups ... 3 - Remote Administrators Option 3 - Remote Developers Option 4 - Readers Option 4 - Writers

asked Sep 11 by dknapp (690 points)
0 votes
1 answer

Hi, I am making business rule which calls powershell script and inside the script I need to check whether account which is added to group is security group. I am using Get- ... , the same command return, that group type is security So what am I doing wrong?

asked Feb 20 by KIT (3.1k points)
2,330 questions
2,085 answers
5,671 comments
92,815 users