Adaxes

400 Unique positions need group access on onboarding process.

0 votes

My company has 400+ positions, each with different access levels in our Active Directory (AD). I want to automate the new user onboarding process as much as possible. I have discovered a method for assigning users to groups using custom commands for each individual position and then incorporating over 400 IF-ELSE statements into the business rules. Is this my only option, or is there a more efficient way to manage group access for each position? I'm aware of rule-based group access, but it seems I would still need to go through each position and each group to assign them, which might be only slightly less time-consuming than creating over 400 custom commands. Any assistance would be greatly appreciated.

by (20 points)

1 Answer

0 votes
by (272k points)

Hello,

The approaches are exactly the ones you need to decide between. Using rule based groups seems to be a bit easier in terms of maintenance as each group will just have its own criteria for membership. At the same time using custom commands and a business rule triggering After creating a user will work instantly upon user creation. As such, it is a matter of your convenience as both approaches will work just fine. The following tutorial might be helpful: https://www.adaxes.com/help/AddUsersToGroupsByDepartment/.

Related questions

0 votes
1 answer
Migrating from Exchange 2019 onPrem to Exchange online - new onboarding process

Hello, currently we have an Exchange 2019 Server in Hybrid configuration with Exchange Online. During our user onboarding a mailbox for the user is being created by a ... Remote-Mailboxes in this scenario for newly created AD-Users? Thanks and KR Christian

asked Apr 18 by User0815 (40 points)
0 votes
1 answer
Access On Demand (Schedule Changing Group Membership)

I am trying to create a process where a user can request access to one or more groups via a web form that also prompts for a date/time to ... = "ADS_SCOPE_SUBTREE" $scopeItem.Exclude = $False $scopeItem.SetInfo() $task.ActivityScopeItems.Add($scopeItem)

asked Apr 15, 2016 by adaxes_user (420 points)
0 votes
1 answer
I want to remove special characters on the onboarding web form for username and mail before clicking Finish.

I want to remove special characters on the onboarding web form for username and mail before clicking Finish. Using a script like on the rule "Before User Creation" seems to to do the change to late and you can not verify the email adress before created.

asked Dec 27, 2021 by joem (20 points)
0 votes
0 answers
Cannot process argument transformation on parameter

Hello I'm trying to pass another credential than the initiator, to add a member to a group. $Server = $Context.GetObjectDomain("%distinguishedName%") $Secpasswd = ConvertTo- ... invoke this function because the current host does not implement it." - Thanks

asked Jul 8, 2016 by Boxx.dk (2.6k points)
0 votes
1 answer
Need Manager updated on edit

I'm using the Web Interface to create and edit records in AD. I have two 'fields' on the form for the attributes positionPrimarySupervisor and Manager. There is a property ... a screen capture below. Is there some other way for me to accomplish this easily.

asked Jun 2, 2016 by sandramnc (870 points)
3,351 questions
3,052 answers
7,793 comments
545,111 users