0 votes

Hi, I need business rule that will forbid changing group membership type to rule-based for selected groups.

Additionally I need PowerShell script for adding more groups to be watched by this rule.

Thanks in advance!

by (910 points)

1 Answer

0 votes
by (270k points)

Hello,

I need business rule that will forbid changing group membership type to rule-based for selected groups.

Do we understand correctly that you have groups set as rule-based and want to prohibit anybody from changing the type to assigned? If that is correct, you can use a business rule like below. image.png Pay attention that the Activity Scope should include the groups themselves, not their members.

Additionally I need PowerShell script for adding more groups to be watched by this rule.

For information on how to update the Activity Scope of a business rule using scripts, have a look at the following SDK article: https://adaxes.com/sdk/DefiningScopeOfActivity.

0

To be more specific I want to forbid adding rule-based groups to specific group(s). But at the same time I need to forbid changing already added groups (even nested ones!) to rule-based group. So I assume I will have to use something like image.png But I am unsure what should goes to the right side of the equals operator?

And then scope this rule to group and its members (so even nested groups cannot be rule-based)? image.png

+1

Hello,

To be more specific I want to forbid adding rule-based groups to specific group(s).

In this case, you need to use a business rule like the following: image.png In the condition, use the below script:

$Context.ConditionIsMet = $False

# Get member group type
if ("%adm-MemberObjectType%" -eq "group")
{
    $member = $Context.BindToObject("Adaxes://%member%")
    $memberGroupType = $member.MembershipType
}
else
{
    return
}

$Context.ConditionIsMet = $memberGroupType -eq 1

But at the same time I need to forbid changing already added groups (even nested ones!) to rule-based group.

There is no need to do anything about that. It is not possible to add members to rule-based groups manually. They will only be added automatically based on the rules you specify.

0

Perfect!

Related questions

0 votes
1 answer

Rule-based membership fails for security enabled distribution group with error "The term 'Add-DistributionGroupMember' is not recognized as the name of a cmdlet, function, ... Exchange Online before running this PowerShell command. Here is rule based set up.

asked Mar 7, 2023 by KIT (910 points)
0 votes
1 answer

I have a Rule-Based group with users. Every time a users gets added or removed from this group I want to trigger a Business Rule for "Atter adding or removing a member ... Rules be triggered by a Rule-Based group adding or removing a user? Morten A. Steien

asked Mar 27, 2023 by Morten A. Steien (300 points)
0 votes
1 answer

Receive "Index operation failed; the array index evaluated to null. Stack trace: at <ScriptBlock>, <No file>: line 104>" and "Index operation failed; the ... $GroupName, $GroupDN." } } #foreach write-output "" Write-Output "" Stop-Transcript

asked Apr 14, 2022 by jbahou (20 points)
0 votes
1 answer

Hi, I need same functionality as is rule-base membership for AD groups, but for AAD groups. To be more specific, I want to have AAD group that contains all user members from all selected groups (even nested ones!)

asked Mar 6, 2023 by KIT (910 points)
0 votes
1 answer

We would like to be able to, possibly through a script or report, search for attributes that equal specific values and find all rule-based groups that used those rules. An ... and being able to list all rule-based groups that use that in their query set.

asked Oct 5, 2022 by wesmcmillan (20 points)
3,326 questions
3,026 answers
7,727 comments
544,682 users