0 votes

When I create a user from adaxes I also want it to be added to MS Teams groups.

At this moment i create the account in adaxes after that i need to add this user in all groups that we have in MS Teams so i what to automate this when i create a new usuer.

by (40 points)

1 Answer

0 votes
by (8.4k points)

Hello,

Yes, it is possible using a business rule, scheduled task, and a PowerShell script. The business rule triggering After creating a user will enable a Microsoft 365 account for the user, assign a license and mark the user by setting a custom Boolean attribute to true. The mark is required as the user creation in Microsoft Teams requires some time and the user will be added to the teams in a scheduled task. The task will process only the users that were marked in the business rule. A PowerShell script executed in the task will connect to Microsoft Teams, check if the user account exists, and if it does, the script will add the user to all teams. Then the script will clear the mark set by the business rule. To create the rule and the task:

i. Creating the business rule

  1. Launch Adaxes Administration console.
  2. In the Console Tree, right-click your service node.
  3. In the context menu, navigate to New and then click Business Rule. image.png
  4. On step 2 of the Create Business Rule wizard, select the User object type.
  5. Select After creating a user. image.png
  6. Click Next.
  7. Click Add an action.
  8. Select Activate or modify Microsoft 365 account.
  9. In the Actions Parameters section, select the Activate option.
  10. Select the required Microsoft 365 license. image.png
  11. Click OK.
  12. Right-click the created action and then click Add New Action. image.png
  13. Select Update the user.
  14. Click Add. image.png
  15. In the Property to modify field, select custom Boolean attribute (e.g. CustomAttributeBoolean1). The attribute will be used to mark the user for further processing in a scheduled task.
  16. In the New value field, select True. image.png
  17. Click OK twice.
  18. Click Next and finish creating the business rule.

ii. Creating the scheduled task

  1. Launch Adaxes Administration console.
  2. In the Console Tree, right-click your service node.
  3. In the context menu, navigate to New and then click Scheduled Task. image.png
  4. On step 3 of the Create Scheduled Task wizard, select the User object type.
  5. Click Next.
  6. Click Add an action.
  7. Select Run a program or PowerShell script.
  8. Paste the below script into the Script field. In the script, the $markAttributeName variable specifies the LDAP name of the custom Boolean attribute used to mark the created users for further processing in the scheduled task. Must be the same as the one you specified on step 16 in section i.
$markAttributeName = "adm-CustomAttributeBoolean1" # TODO: modify me

# Get saved credentials
$username = $Context.RunAs.UserName
$password = $Context.RunAs.Password | ConvertTo-SecureString -AsPlainText -Force
$credential = New-Object System.Management.Automation.PsCredential($username, $password)

try
{
    # Get the object ID in Microsoft 365
    $objectId = ([Guid]$Context.TargetObject.Get("adm-O365ObjectId")).ToString()
}
catch
{
    return # The user doesn't have a Microsoft 365 account
}

try
{
    # Get the user in Microsoft Teams
    Connect-MicrosoftTeams -Credential $credential
    $user = Get-CsOnlineUser -Filter "Identity -eq '$objectId'"

    if ($NULL -eq $user)
    {
        $Context.LogMessage("The user does not have a Microsoft Teams account", "Information")
        return # User does not exist in Microsoft Teams
    }

    # Get all teams in Microsoft Teams
    $teams = Get-Team

    foreach ($team in $teams)
    {
        # Add the user to the team
        Add-TeamUser -GroupId $team.GroupId -User $user.Identity
    }

    # Clear the mark attribute
    $Context.TargetObject.Put($markAttributeName, $NULL)
    $Context.TargetObject.SetInfo()
}
finally
{
    # Close the connection and release resources
    Disconnect-MicrosoftTeams
}
  1. Specify a description for the script. image.png
  2. In the Run As section, select the This account option.
  3. Click Specify. image.png
  4. Specify username and password of the Microsoft 365 account that has permission to add users to teams in Microsoft Teams. image.png
  5. Click OK twice.
  6. Right-click the created action and then click Add Condition. image.png
  7. Select If <property> <relation> <value>.
  8. Select If CustomAttributeBollean1 equals True. The specified attribute must be the same as the one whose name you specified in the $markAttributeName variable on step 8. image.png
  9. Click OK.
  10. Click Next and finish creating the scheduled task.

Related questions

+1 vote
1 answer

I am trying to connect to teams via powershell in adaxes to run the following commands. Set-CsUser -Identity &lt;UPN&gt; -EnterpriseVoiceEnabled $true -HostedVoiceMail $true ... (policyname)" I am not able to run the following though, Connect-MicrosoftTeams

asked Apr 22, 2021 by TJ_Umredkar (140 points)
0 votes
1 answer

I would like users to use Adaxes to add themselves or others to a group, but instead of it just working, it has to go thru an approval process and be approved by the group owner before they are added. Thanks!

asked Jun 30, 2021 by RayBilyk (220 points)
0 votes
2 answers

Here we use BambooHR but we only have the conection thrue a group in AD with SML in BambooHR, so can we have a conection way thrue ADAXES to change setings, Examle Manager, Departament etc...

asked Jun 7, 2022 by abisaigomezm (40 points)
0 votes
1 answer

Our Help Desk currently 'mirrors' the group membership of a new user based on another existing user in our AD. I'd like to be able to automate this so that the initiator ... and 'paste' it on the new user being created. Any help on this would be appreciated!

asked Apr 21, 2020 by RayBilyk (220 points)
0 votes
1 answer

When we deprovision a user the member of groups are deleted and the power shell scrips only runs as removing all memberships. I can't see what was removed. Is there a scrips I can run prior to removing those memberships that will e-mail what they are?

asked Oct 15, 2019 by meyerm (50 points)
3,008 questions
2,726 answers
7,021 comments
217,634 users