0 votes

Hi we are trying to add users to a group based on the values of their "Office" and "Description" attributes within Active Directory.

We have populated the below script to search a defined hashtable for the values however this doesn't seem to be populating the results we are after.

All advice welcome!

Import-Module Adaxes

$officeDescriptionToGroup = @{ "Site1-Job1" = "CN=ROLE_Test1,OU=Site1,OU=Site,OU=Domain Role Groups,DC=company,DC=com" "Site2-Job2" = "CN=ROLE_Test2,OU=Site2,OU=Site,OU=Domain Role Groups,DC=company,DC=com"

}

$userOffice = $Context.TargetObject.OfficeLocations $userDescription = $Context.TargetObject.Description $combination = "$userOffice-$userDescription"

if ($officeDescriptionToGroup.ContainsKey($combination)) {

$groupDN = $officeDescriptionToGroup[$combination] $userObject = Get-AdmUser -Filter { Name -eq $Context.TargetObject.Name }

if ($userObject -ne $null) { Add-AdmGroupMember -DN $groupDN -Members $userObject $Context.LogMessage("User $($Context.TargetObject.Name) added to group $groupDN.") } else { $Context.LogMessage("Error: User $($Context.TargetObject.Name) not found.")

} }

else { $Context.LogMessage("No matching criteria found for User $($Context.TargetObject.Name).") }

by (20 points)

1 Answer

0 votes
by (274k points)

Hello,

First of all, you can make the groups rule-based. As a result, no scripts will be required to adjust membership. For details, see section Rule-based groups of the following tutorial: https://www.adaxes.com/help/AddUsersToGroupsByDepartment/#dynamicgroups.

If you still want to use a script, have a look at the following one from our repository: https://www.adaxes.com/script-repository/update-group-membership-based-on-two-properties-s510.htm.

Related questions

0 votes
1 answer

We manage employee user accounts in our on-premise Active Directory and synchronize them to Azure Active Directory using Azure AD Connect. We'd like to be able to generate ... if this is possible so we can easily identify user accounts that are truly inactive.

asked May 9, 2023 by RickWaukCo (320 points)
0 votes
1 answer

Forgive me if this topic has been discussed elsewhere i searched and didn't find anything. What I would like to have adaxes do is on a nightly basis 1. go to a folder it ... disabled by adaxes $date" } Is this possible #4 eludes me a bit. Thank you in advance.

asked Jun 19, 2018 by dexion11 (50 points)
0 votes
1 answer

Hello, We would like to implement a form / extend one where a user (eventually created before) is made member of a security group defining his/her role, and ... guarantee the membership to a single role? Apologize if the question seems convoluted. Thanks!

asked Jun 6, 2023 by IT Division (20 points)
0 votes
1 answer

Is it possible to add a user to a group based on hardware ? There are users with a Windows device and a MacOS device. I want to be able to choose this when ... the user via Adaxes and automatically link them to a specific group based on the chosen hardware.

asked Apr 16 by Cas (150 points)
0 votes
1 answer

Is it possible to script having users added (or removed) from a Security Group based on another AD Attribute? I have found ways to do this in Powershell (something like): ... just utilize the PS script and just run it through Adaxes on a timed fashion? Thanks!

asked Oct 7, 2014 by PunkinDonuts (360 points)
3,386 questions
3,085 answers
7,840 comments
545,546 users