Adaxes

Approval report with customized filter

0 votes

Hello Adaxes Team I would like to create a report that shows me all approvals for the action "adding a user to an AD group".

I want to be able to filter by the following criteria:

  • AD Group Name
  • Initiator
  • TargetUser (The user who was added to the AD group)

I have copied the existing standard report "Approved request" and adapted it using the example here: https://www.adaxes.com/script-repository/users-who-are-members-of-each-specified-group-s575.htm

The filtering by group works. Can you help me to add the other two filters to the report?

If possible, I would like to have an additional column "Target User", which contains the name of the user who was added to the group.

Thanks and greetings pudong

by (670 points)
0

Hello,

For us to help you with the desired report, please, post here or send us (support@adaxes.com) the script you already have with group filtering. Also, please, specify how exactly you want to filter by initiator and the user being added to group. Should they be selected via a report parameter?

Any additional details and live examples will be much appreciated.

by (272k points)

1 Answer

0 votes
by (272k points)
selected by
Best answer

Hello,

Thank you for all the details you sent. To create the report:

  1. Launch Adaxes Administration console.

  2. In the Console Tree, navigate to Reports\All Reports\Miscellaneous\Approvals.

  3. Copy the Approved requests report to a container where you want the new report to be located.

  4. Right-click the new report and then click Edit in the context menu.

  5. Activate the Parameters tab.

  6. Click New.

  7. Select AD object picker and click Next. image.png

  8. Specify a parameter name and display name (e. g. Group).

  9. Click Next.

  10. Configure the options for selecting a group (multiple selection should be disallowed) and click Finish.

  11. Repeat steps 6-10 for the parameter that will be used to select the initiator.

  12. Finally, the Parameters tab should look like the following:

  13. Activate the Columns tab.

  14. In the Report-specific columns section, select the Initiator column and click Edit. image.png

  15. Activate the Value calculation tab.

  16. Select Template.

  17. In the Template field, specify a value reference for the parameter created on step 11 (e.g. %param-user%). image.png

  18. Click OK.

  19. In the Report-specific columns section, click Add. image.png

  20. Specify a display name for the column that will contain group description and click Next. image.png

  21. Select Template.

  22. In the Template field, specify some value (e. g. empty). The value will never be present in the report and is only required to create the custom column.

  23. Click Finish.

  24. Activate the Script tab.

  25. Paste the below script into the corresponding field. In the script, the $groupDescriptionColumnID variable specifies the identifier of the custom column that will contain group description. To get the identifier:

    • On the Columns tab, right-click the column in the Report-specific columns section.
    • In the context menu, navigate to Copy and click Column ID. image.png
    • The identifier will be copied to the clipboard.
     $groupDescriptionColumnID = "{c5c1ffaa-26da-47c6-86fd-037fd86919c7}" # TODO: modify me

 # Get parameters values
 $userDN = $Context.GetParameterValue("param-User")
 $groupDN = $Context.GetParameterValue("param-Group")
 $days = $Context.GetParameterValue("param-Days")

 $user = $Context.BindToObjectByDN($userDN) -as [Softerra.Adaxes.Interop.Adsi.PersistentObjects.IAdmUser2]
 if ($NULL -eq $user)
 {
     $Context.LogMessage("The object type is not supported.", "Error")
     return
 }

 # Get request GUIDs
 $dateFrom = [DateTime]::Now.AddDays(- $days)
 $requestGuids = $user.GetRequestsForApproval2("ADM_APPROVALSTATE_APPROVED", $dateFrom, [DateTime]::MinValue)

 # Target object filter
 $group = $Context.BindToObjectByDN($groupDN)
 $groupGuid = $group.Get("objectGuid")
 $groupGuidFilter = [Softerra.Adaxes.Ldap.FilterBuilder]::Create("adm-TargetObjectGuid", $groupGuid)

 # Get group description
 try
 {
     $description = $group.Get("description")
 }
 catch
 {
     $description = $NULL
 }

 # Create a request searcher
 $requestSearcher = $Context.CreateGuidBasedSearcher($requestGuids)
 $requestSearcher.AppendFilter($groupGuidFilter)
 $approvalsPath = $Context.GetWellKnownContainerPath("ApprovalRequests")
 $requestSearcher.BaseObjectPath = $approvalsPath
 $requestSearcher.SearchParameters.VirtualRoot = $False
 $propertiesToLoad = $Context.DirectorySearcher.GetPropertiesToLoad()
 $requestSearcher.SetPropertiesToLoad($propertiesToLoad)

 # Generate report
 try
 {
     $searchIterator = $requestSearcher.ExecuteSearch()
     while ($Context.MoveNext($searchIterator))
     {
         $searchResult = $searchIterator.Current
         $Context.Items.Add($searchResult, @{ $groupDescriptionColumnID = $description }, $NULL)
     }
 }
 finally
 {
     if ($searchIterator) { $searchIterator.Dispose() }
 }

  26. If necessary, replace names of parameters in the following lines:

      $userDN = $Context.GetParameterValue("param-User")
  $groupDN = $Context.GetParameterValue("param-Group")

  27. Click OK.

0

Thank you for the detailed instructions! I was able to create the report.

by (670 points)

Related questions

+1 vote
1 answer
Customized Questions for Forms & Approval - Not adm-customattributes

When building a form, is there a way I can request the user to answer questions? I understand there is the adm-customattributes that aren't stored in AD, but I don' ... the reason why, rather than just seeing "What" change is being requested. Thank You!

asked Mar 1, 2023 by Edogstraus00 (470 points)
0 votes
1 answer
I need to add a customized section to the HR interface with customized drop down list.

The section is not defined in the available options in Adaxes and it is in the AD as well. Eg; I need to add a section called ' Security Access' and have it ... to select from options like User Directory, Internet access, Track-It account , SAP access etc.

asked Oct 13, 2021 by Aishwarya Gavali (40 points)
0 votes
1 answer
Custom Report Based on Logging Data Filter Criteria

Hello, I'd like to create a custom Adaxes report based on the following Logging Filters - I'm currently having to filter the logs manually each time I want to gather this ... would be easier to jump on a call to discuss this further? Thank you in advance!

asked Nov 16, 2020 by sirslimjim (480 points)
0 votes
1 answer
Search/Filter by users with a shared mailbox

Hi, I'm very new to Adaxes and still getting to grips with it. Is there any way to search or filter within the web interface, users that have an Exchange Online shared mailbox? Thanks

asked Oct 14, 2020 by sysg89 (20 points)
0 votes
1 answer
Assistance with Search filter that isn't finding existing AD

I'm attaching below a snippet from a scheduled task. It's a function that receives as a parameter the employeeID, which is then used in the search filter. ... { $userInfo."$propertyName" = $searchResult.Properties[$propertyName].Value } } return $userInfo }

asked Oct 28, 2016 by sandramnc (870 points)
3,346 questions
3,047 answers
7,782 comments
544,982 users