Business Rule and Custom Command - After adding members to group - Member not correct

Question

Hi team,

I have a follow up to this question https://www.adaxes.com/questions/14234/business-after-adding-members-powershell-script-executed

Let me explain my setup

1. A rule-based group (A) is updated daily
2. A scheduled task is running daily to copy members from group A to B
3. A business rule is triggered against group B if a user is added
   1. The business rule is calling a custom command with a parameter
4. The custom command runs a Powershell script against the added user and set a attribute to the send over parameter

Issue: The PS Script is always executed against the same person

This is my PowerShell code

$member = $Context.BindToObjectEx("Adaxes://%member%", $True)
$sam = $member.Get("samaccountname")
$Context.LogMessage("User $sam", "Info")

try {
    Set-ADUser $sam -Add @{extensionName="%param-default-area%"}
    $Context.LogMessage("User $sam added extensionName %param-default-area%", "Info")
}
catch {
    $Context.LogMessage("User $sam added extensionName %param-default-area% failed due to the following exception: $($_.Exception.Message)", "Error")
}

Comments

Hello,

Please, provide screenshots of all the configuration objects (business rules, custom commands, etc.) taking part in the workflow. Also, please, provide all the corresponding scripts in TXT format. You can post the details here or send to us at support@adaxes.com.

Lastly, please, specify what exactly you mean by PS Script is always executed against the same person.

---

Hi, sure

Scheduled task

Business rule-

Custom Command

Execution log of Scheduled task

Details User 1

Details User 2

As you see, every time user pavel is used as variable in the script.

The script is shared in my first post already, hope this is ok and enough.

Answer 1

Hello,

It is quite hard to understand the whole thing with such an amount of blurring. However, try using the below script instead of the current one.

$propertyName = "extensionAttribute1" # TODO: modify me

# Bind to new member
$member = $Context.BindToObjectEx("Adaxes://%member%", $True)
$Context.LogMessage("User %adm-MemberUserName%", "Info")

# Update member
$member.Put($propertyName, "%param-default-area%")

try
{
    $member.SetInfo()
    $Context.LogMessage("User $sam added extensionName %param-default-area%", "Info")
}
catch
{
    $Context.LogMessage("User $sam added extensionName %param-default-area% failed due to the following exception: $($_.Exception.Message)", "Error")
}

Comments

I know, very special use case :D But I was able to solve it now.

I send over a second parameter to the Custom Command - the %member% value

This contains the current added user DN and I am able to read and this value and work with this value in my PS Script.

At the moment it looks fine

---

Hello,

If you still prefer using the Set-ADUser cmdlet instead of the approach we suggested, you can avoid binding. You can directly pass the username of the member as identity. Finally, the corresponding line will look like below and only the try-catch block will remain in the script.

Set-ADUser "%adm-MemberUserName%" -Add @{extensionName="%param-default-area%"}

---

I will give it a try, thanks!