Adaxes

How can I create a scheduled task to remove all group memberships of a user after the account is disabled?

0 votes

Currently, when I disable a user account in Adaxes, the group memberships of the user remain intact. I'd like to automate the removal of group memberships such as distribution lists and security groups from the user after I disable his/her account. I want to set it up with email notifications that shows a list of groups/DL that the user was previously in and removed from. Thanks!

by (20 points)

1 Answer

0 votes
by (251k points)

Hello Jayden,

To automatically remove a user from all the groups after disabling their account, you need to use a Business rule triggering After disabling a user account. In the rule, use the following script from our repository: https://www.adaxes.com/script-repository/remove-all-group-memberships-for-a-user-account-s33.htm.

However, if a user is disabled outside of Adaxes (e.g. using Active Directory Users and Computers), the business rule will not trigger. For such cases, you can use the script in a scheduled task like below: image.png

0

Thank you! I have a quick question, for the script that sends an email notification, how should the format of this line be?

'$to = "recipient@domain.com"' I tried doing '$to = "recipient1@domain.com", "recipient2@domain.com"' and when I disable a user account, only recipient2 gets the notification email..

by (20 points)
0

Hello Jayden,

The line should be like below:

$to = "recipient1@domain.com, recipient2@domain.com"
by (251k points)

Related questions

0 votes
1 answer
How can I set up a scheduled task to run, but only once instead of against all objects?

The script create two reports of inactive workstation operating systems. The report is too detailed to run from one of the adaxes reports. Basically how can I set the script up to ... sure How I did this but I can't find it now (probably something simple).

asked Nov 30, 2022 by mightycabal (730 points)
0 votes
1 answer
Is it possible to generate a report of all of the business rules carried out on a user when they are disabled?

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19, 2020 by bavery (250 points)
0 votes
1 answer
On the built in Create User, how can I get the ability for the user to choose a different domain in the username field?

Using this built in function: There is no option to change the domain on the user account, however this is not the domain we use for UPN. However after creating a user, you can change it but trying to avoid going back into the object.

asked Apr 14 by mightycabal (730 points)
0 votes
1 answer
Copy all groups of a user, create a new group add the groups copied in this group

How can I create a script that does these things For internal audit. objective Even removing all groups of a disconnected user, we will still know which groups the ... in the created group (audit)-sAMAccountName-access add the (user)-sAMAccountName in members

asked Jul 2, 2022 by alancardoso (20 points)
0 votes
1 answer
Can I create a rule to count members in a group and send an email if the number approaches a set point?

We have a 3rd party vendor that we are able to add users based on AD security groups. What I need to do is set a parameter for the number of available licenses and whenever ... the group is 495 I would like an email to trigger telling me to add more licenses.

asked Oct 12, 2022 by A_Pastor (70 points)
3,071 questions
2,784 answers
7,155 comments
434,080 users