Adaxes

Custom Command Question

0 votes

I have noticed, and maybe I am doing something wrong, but it appears even though i have a Security Role that deny's full control to all objects (your blind role modified), users can still run custom commands via the web interface. But, if i deny them the ' Execute all custom commands' in any other rule it works like its supposed to. i don't understand. Why doesn't the full control cover executing custom commands.

the problem is that everytime we add a new rule, we don't want to go exclude it somewhere.

by (80 points)

1 Answer

0 votes
by (18.0k points)

Hello,

If you deny the Full Control permission for a user, the user will not be able to neither perform any operation in AD (including execution of Custom Commands), nor view any object in Active Directory. In your case, I think something is wrong with the user assignment. Could you send me a screenshot with the assignments of the role?

the problem is that everytime we add a new rule, we don't want to go exclude it somewhere.

Do you mean Custom Command (not rule)? When you create a Custom Command, by default, users don't have the right to execute it. However, some built-in Security Roles (e.g. Help Desk) grant the Execute All Custom Commands permission. If you don't want users to be able to execute Custom Commands, just delete that permission from the Security Roles assigned to the users.

Related questions

0 votes
2 answers
Date/time picker for custom command parameter not working properly

I've had a couple custom commands configured since 6/2023 and they've been working just fine up until recently (sometime within the past few weeks or so). Here's a general ... something obvious here. But I can't make sense of why this is suddenly an issue.

asked Mar 20 by msinger (110 points)
0 votes
1 answer
Business Rule and Custom Command - After adding members to group - Member not correct

Hi team, I have a follow up to this question https://www.adaxes.com/questions/14234/business-after-adding-members-powershell-script-executed Let me explain my setup A rule- ... area% failed due to the following exception: $($_.Exception.Message)", "Error") }

asked Feb 13 by wintec01 (1.1k points)
0 votes
1 answer
custom command to get input from UI

Hi, When we add custom command action in UI, when a user selects 1 or more users for that custom commands, is there a way to integrate those selected users as input value into that custom command script and take action on those users.

asked Feb 5 by Renugopal (120 points)
0 votes
1 answer
How do I block these custom command in the web UI?

To the left of the user object there are several custom commands showing. I don't want our service desk to see them. Why are they showing? How do I remove them. Must be something simple. They only see these when looking at a user Object.

asked Jan 17 by mightycabal (1.0k points)
0 votes
1 answer
Adding Custom Command Check-box-list Parameter Items using PowerShell

I need to add many check-box list items to a Custom Command, I think the best way to do this is via PowerShell rather than through the UI. What's ... Softerra.Adaxes.Interop.Adsi.Parameters.IAdmParameterCheck[]]$ItemsList # Also doesn't work $command.SetInfo()

asked Jan 4 by Viajaz (210 points)
3,350 questions
3,051 answers
7,791 comments
545,069 users