Adaxes

How to log each group removal in Adaxes script?

0 votes

When using the remove all groups script from your repository. https://www.adaxes.com/script-repository/remove-all-group-memberships-for-a-user-account-s33.htm

I need to have adaxes log each group removal. I have tried $group.Remove($Context.TargetObject.AdsPath) $context.LogMessage("$group was removed from %username%", "Information") And $group.Remove($Context.TargetObject.AdsPath) $context.LogMessage($group+" was removed from %username%", "Information")
What I get in the log is: image.png What am I doing wrong?

by (730 points)

1 Answer

+1 vote
by (250k points)

Hello,

You can use the below updated script.

$groupNamesToSkip = @("MyGroup1", "MyGroup2", "Department*") # TODO: modify me

function SkipGroup($patterns, $name)
{
    foreach ($pattern in $patterns)
    {
        if ($name -like $pattern)
        {
            return $True
        }
    }

    return $False
}

# Get all groups user is a direct member of
$groupGuids = $Context.TargetObject.GetEx("adm-DirectMemberOfGuid")

# Get the Primary Group ID
$primaryGroupId = $NULL
if ($Context.TargetObject.DirectoryType -eq 1)
{
    $primaryGroupId = $Context.TargetObject.Get("primaryGroupID")
}

foreach ($groupGuidBytes in $groupGuids)
{
    # Bind to the group
    $groupGuid = New-Object "System.Guid" (,$groupGuidBytes)
    $groupGuid = $groupGuid.ToString("B")
    $groupPath = "Adaxes://<GUID=$groupGuid>"
    $group = $Context.BindToObject($groupPath)

    if ($group.DirectoryType -eq 1)
    {
        # Skip Primary Group
        if ($group.Get("primaryGroupToken") -eq $primaryGroupId)
        {
            continue
        }

        $groupName = $group.Get("sAMAccountName")
    }
    else
    {
        $groupName = $group.Get("name")
    }

    # Skip special groups
    if (($groupNamesToSkip -ne $NULL) -and 
        (SkipGroup $groupNamesToSkip $groupName))
    {
        continue
    }

    # Remove user from the group
    $group.Remove($Context.TargetObject.AdsPath)
    $Context.LogMessage("User %fullname% removed from group $groupName", "Information")
}
0

Thank you works perfectly.

by (730 points)

Related questions

0 votes
1 answer
How to access the Adaxes service account's credentials in a PowerShell script action?

When running a PowerShell script as an action in a custom command, you can set the script to run as a different account and then use the RunAs property in the ... Is there another way to get the Adaxes service account's credentials from within the script?

asked Mar 31, 2022 by KelseaIT (320 points)
0 votes
1 answer
In Adaxes can you apply a powershell script to all users in a specific group?

For instance to execute a powershell script that enable MFA for all member in that group?

asked Jan 27 by samuel.anim-addo (20 points)
0 votes
0 answers
How to hide the message about the temporary Microsoft 365 password assignment in the execution log?

By default, in hybrid environments, when an on-premises AD object is created in Adaxes within the scope of a Microsoft 365 tenant, Adaxes will create the corresponding ... the Display the temporary password in the Execution Log checkbox. Click OK twice.

asked Nov 16, 2022 by Adaxes (530 points)
0 votes
1 answer
Trying to run PowerShell script to update group membership based on CSV. Works fine outside of Adaxes

Receive "Index operation failed; the array index evaluated to null. Stack trace: at &lt;ScriptBlock&gt;, &lt;No file&gt;: line 104&gt;" and "Index operation failed; the ... $GroupName, $GroupDN." } } #foreach write-output "" Write-Output "" Stop-Transcript

asked Apr 14, 2022 by jbahou (20 points)
0 votes
1 answer
How to retrieve username of Manager in PowerShell script

I'm working on user deprovision and need to re-assign a user's home directory to the manager's home directory after disabling. I found a PowerShell script on this site to ... retrieve the same for the Manager? I'm a PowerShell novice, so excuse my ignorance.

asked Feb 26, 2021 by mkvidera (60 points)
3,064 questions
2,777 answers
7,134 comments
430,071 users