Adaxes

Remove user from any group "starting with"

0 votes
  1. Every role-based-group starts with "arbg-"
  2. Users should only be in 1 arbg- group

To enforce this, on any user change I would like to remove them from any "arbg-" group they are currently in and re-add them based on the original logic (department number, Job title, etc)

In effect this is the powershell command Get-ADPrincipalGroupMembership -Identity <SamAccount> | Select Name | Where-Object {$_.Name -Like 'ARBG*'}

by (40 points)

1 Answer

0 votes
by (251k points)

Hello,

It can be done using a business rule triggering After adding a member to a group and the below PowerShell script. The rule will look like the following: image.png

$filterPart = [Softerra.Adaxes.Ldap.FilterBuilder]::Create("distinguishedName", "%distinguishedName%")

$searcher = $Context.BindToObject("Adaxes://%member%")
$searcher.SearchFilter = "(&(objectCategory=group)(name=arbg-*)(!$filterPart))"
$searcher.SearchScope = "ADS_SCOPE_BASE"
$searcher.PageSize = 500
$searcher.AttributeScopeQuery = "memberOf"

try
{
    # Execute search
    $searchIterator = $searcher.ExecuteSearch()
    $searchResults = $searchIterator.FetchAll()

    if ($searchResults.Length -eq 0)
    {
        return
    }

    foreach ($searchResult in $searchResults)
    {
        $group = $Context.BindToObjectBySearchResult($searchResult)
        $group.Remove("Adaxes://%member%")
    }
}
finally
{
    # Release resources
    if ($searchIterator){ $searchIterator.Dispose() }
}

Related questions

0 votes
1 answer
Remove user from all Office 365 group

In the de-provisioning process, I need to remove all users from all Office 365 groups (UnifiedGroups). I tried to adapt this script but unsuccessfully. https://www.adaxes.com/script-repositor ... -s360.htm Is there any way to do this?

asked Sep 22, 2019 by flaviodouglas (70 points)
0 votes
1 answer
Remove User/s after adding to a group "A" from a other group

HI Support, I'm looking for a business Rule that remove a user from a couple of groups after the User is added to a group. ie 1. The User MaxMi is added to the ... not able to create a powershell scripts for removing the added user from the other Groups. Thx,

asked Jan 4, 2016 by Napoleon (700 points)
0 votes
1 answer
Remove all user from group and add new ones from TXT

Hi Guys, I'm trying to clean all users from Local Group test_group, and next new bunch of users form TXT fiel, by executing the following script as a scheduled task Import-Module ... .txt I have only 600 users. Do you have any idea how to improve this script?

asked Feb 27, 2015 by axmaster (510 points)
0 votes
1 answer
failed with the following error message: The user "adaxes" isn't assigned to any management roles.

Our adaxes service account is able to create the mailbox when running our create user business rule, but cannot change any settings like disable OWA. What level of security will it need?

asked Apr 6, 2021 by bstone (50 points)
0 votes
1 answer
Remove from Group not listing groups

I created a task to delegateremoving users from distribution groups but i am not able to see a list of groups. The same settings are being used in teh add to distribution group which works correctly. settings:

asked Jan 23 by Derek.Axe (460 points)
3,071 questions
2,784 answers
7,155 comments
434,355 users