Adaxes

Custom Command Question

0 votes

I have noticed, and maybe I am doing something wrong, but it appears even though i have a Security Role that deny's full control to all objects (your blind role modified), users can still run custom commands via the web interface. But, if i deny them the ' Execute all custom commands' in any other rule it works like its supposed to. i don't understand. Why doesn't the full control cover executing custom commands.

the problem is that everytime we add a new rule, we don't want to go exclude it somewhere.

by (80 points)

1 Answer

0 votes
by (18.0k points)

Hello,

If you deny the Full Control permission for a user, the user will not be able to neither perform any operation in AD (including execution of Custom Commands), nor view any object in Active Directory. In your case, I think something is wrong with the user assignment. Could you send me a screenshot with the assignments of the role?

the problem is that everytime we add a new rule, we don't want to go exclude it somewhere.

Do you mean Custom Command (not rule)? When you create a Custom Command, by default, users don't have the right to execute it. However, some built-in Security Roles (e.g. Help Desk) grant the Execute All Custom Commands permission. If you don't want users to be able to execute Custom Commands, just delete that permission from the Security Roles assigned to the users.

Related questions

0 votes
1 answer
PowerShell script with parameters, pass them to Custom Command

We've the following script we want to use in Adaxes to create as part of user creation, to ask if the user will need a AWS workspace, then asks employeetype for different ... "Error") exit(-1) } else { $Context.LogMessage("Created workspace", "Information") }

asked 2 days ago by Plusa (20 points)
0 votes
2 answers
Date/time picker for custom command parameter not working properly

I've had a couple custom commands configured since 6/2023 and they've been working just fine up until recently (sometime within the past few weeks or so). Here's a general ... something obvious here. But I can't make sense of why this is suddenly an issue.

asked Mar 20 by msinger (110 points)
0 votes
1 answer
Business Rule and Custom Command - After adding members to group - Member not correct

Hi team, I have a follow up to this question https://www.adaxes.com/questions/14234/business-after-adding-members-powershell-script-executed Let me explain my setup A rule- ... area% failed due to the following exception: $($_.Exception.Message)", "Error") }

asked Feb 13 by wintec01 (1.1k points)
0 votes
1 answer
custom command to get input from UI

Hi, When we add custom command action in UI, when a user selects 1 or more users for that custom commands, is there a way to integrate those selected users as input value into that custom command script and take action on those users.

asked Feb 5 by Renugopal (120 points)
0 votes
1 answer
How do I block these custom command in the web UI?

To the left of the user object there are several custom commands showing. I don't want our service desk to see them. Why are they showing? How do I remove them. Must be something simple. They only see these when looking at a user Object.

asked Jan 17 by mightycabal (1.0k points)
3,358 questions
3,057 answers
7,805 comments
545,191 users