0 votes

Hi we are trying to add users to a group based on the values of their "Office" and "Description" attributes within Active Directory.

We have populated the below script to search a defined hashtable for the values however this doesn't seem to be populating the results we are after.

All advice welcome!

Import-Module Adaxes

$officeDescriptionToGroup = @{ "Site1-Job1" = "CN=ROLE_Test1,OU=Site1,OU=Site,OU=Domain Role Groups,DC=company,DC=com" "Site2-Job2" = "CN=ROLE_Test2,OU=Site2,OU=Site,OU=Domain Role Groups,DC=company,DC=com"

}

$userOffice = $Context.TargetObject.OfficeLocations $userDescription = $Context.TargetObject.Description $combination = "$userOffice-$userDescription"

if ($officeDescriptionToGroup.ContainsKey($combination)) {

$groupDN = $officeDescriptionToGroup[$combination] $userObject = Get-AdmUser -Filter { Name -eq $Context.TargetObject.Name }

if ($userObject -ne $null) { Add-AdmGroupMember -DN $groupDN -Members $userObject $Context.LogMessage("User $($Context.TargetObject.Name) added to group $groupDN.") } else { $Context.LogMessage("Error: User $($Context.TargetObject.Name) not found.")

} }

else { $Context.LogMessage("No matching criteria found for User $($Context.TargetObject.Name).") }

by (20 points)

1 Answer

0 votes
by (284k points)

Hello,

First of all, you can make the groups rule-based. As a result, no scripts will be required to adjust membership. For details, see section Rule-based groups of the following tutorial: https://www.adaxes.com/help/AddUsersToGroupsByDepartment/#dynamicgroups.

If you still want to use a script, have a look at the following one from our repository: https://www.adaxes.com/script-repository/update-group-membership-based-on-two-properties-s510.htm.

Related questions

0 votes
1 answer

We manage employee user accounts in our on-premise Active Directory and synchronize them to Azure Active Directory using Azure AD Connect. We'd like to be able to generate ... if this is possible so we can easily identify user accounts that are truly inactive.

asked May 9, 2023 by RickWaukCo (320 points)
0 votes
1 answer

Forgive me if this topic has been discussed elsewhere i searched and didn't find anything. What I would like to have adaxes do is on a nightly basis 1. go to a folder it ... disabled by adaxes $date" } Is this possible #4 eludes me a bit. Thank you in advance.

asked Jun 19, 2018 by dexion11 (50 points)
0 votes
1 answer

Hello, We would like to implement a form / extend one where a user (eventually created before) is made member of a security group defining his/her role, and ... guarantee the membership to a single role? Apologize if the question seems convoluted. Thanks!

asked Jun 6, 2023 by IT Division (20 points)
0 votes
1 answer

We are working with an HR package that will send us a CSV file every 4 hours with a list of users that need to be created, modified or deleted from our environment. The CSV ... change, etc.) Is there a script that can manage all of that on a scheduled basis?

asked Sep 2, 2020 by RayBilyk (240 points)
0 votes
1 answer

Is it possible to add a user to a group based on hardware ? There are users with a Windows device and a MacOS device. I want to be able to choose this when ... the user via Adaxes and automatically link them to a specific group based on the chosen hardware.

asked Apr 16 by Cas (150 points)
3,504 questions
3,196 answers
8,148 comments
547,431 users