0 votes

Hi team,

I have a follow up to this question https://www.adaxes.com/questions/14234/business-after-adding-members-powershell-script-executed

Let me explain my setup

  1. A rule-based group (A) is updated daily
  2. A scheduled task is running daily to copy members from group A to B
  3. A business rule is triggered against group B if a user is added
    1. The business rule is calling a custom command with a parameter
  4. The custom command runs a Powershell script against the added user and set a attribute to the send over parameter

Issue: The PS Script is always executed against the same person

This is my PowerShell code

$member = $Context.BindToObjectEx("Adaxes://%member%", $True)
$sam = $member.Get("samaccountname")
$Context.LogMessage("User $sam", "Info")

try {
    Set-ADUser $sam -Add @{extensionName="%param-default-area%"}
    $Context.LogMessage("User $sam added extensionName %param-default-area%", "Info")
}
catch {
    $Context.LogMessage("User $sam added extensionName %param-default-area% failed due to the following exception: $($_.Exception.Message)", "Error")
}
by (1.5k points)
0

Hello,

Please, provide screenshots of all the configuration objects (business rules, custom commands, etc.) taking part in the workflow. Also, please, provide all the corresponding scripts in TXT format. You can post the details here or send to us at support@adaxes.com.

Lastly, please, specify what exactly you mean by PS Script is always executed against the same person.

0

Hi, sure

Scheduled task image.png

Business rule- image.png

Custom Command image.png

Execution log of Scheduled task image.png

Details User 1 image.png

Details User 2 image.png

As you see, every time user pavel is used as variable in the script.

The script is shared in my first post already, hope this is ok and enough.

1 Answer

0 votes
by (284k points)

Hello,

It is quite hard to understand the whole thing with such an amount of blurring. However, try using the below script instead of the current one.

$propertyName = "extensionAttribute1" # TODO: modify me

# Bind to new member
$member = $Context.BindToObjectEx("Adaxes://%member%", $True)
$Context.LogMessage("User %adm-MemberUserName%", "Info")

# Update member
$member.Put($propertyName, "%param-default-area%")

try
{
    $member.SetInfo()
    $Context.LogMessage("User $sam added extensionName %param-default-area%", "Info")
}
catch
{
    $Context.LogMessage("User $sam added extensionName %param-default-area% failed due to the following exception: $($_.Exception.Message)", "Error")
}
0

I know, very special use case :D But I was able to solve it now.

I send over a second parameter to the Custom Command - the %member% value

This contains the current added user DN and I am able to read and this value and work with this value in my PS Script.

At the moment it looks fine

+1

Hello,

If you still prefer using the Set-ADUser cmdlet instead of the approach we suggested, you can avoid binding. You can directly pass the username of the member as identity. Finally, the corresponding line will look like below and only the try-catch block will remain in the script.

Set-ADUser "%adm-MemberUserName%" -Add @{extensionName="%param-default-area%"}
0

I will give it a try, thanks!

Related questions

0 votes
1 answer

Hi team, I need to update users extensionAttribute6 after adding or removing them from a specific group. This is my setup: Group is updated based on rule set within Adaxes ... would like to update users after they were added or removed from this group. Thanks!

asked Sep 25, 2023 by wintec01 (1.5k points)
0 votes
1 answer

We have a business rule that will update an AD attribute when a new member is added to a group. This business rule works when we use powershell commands or the admin console ... set to trigger "After adding a member to a group". Thank you for your support!

asked Mar 29, 2023 by mark.it.admin (2.3k points)
0 votes
1 answer

We currently have a form for HR to deal with ex-employees that are hired once more, but it's not much more than automatic emails sent to IT. If I add some actions ... this trigger the business rule we have that targets "After updating a user" ? Thanks, Louis

asked Oct 18, 2022 by lw.fa (130 points)
0 votes
1 answer

Hello, I am attempting to configure a business rule that adjusts an adaxes custom property of a user, upon that user being added/removed from a group. I cannot seem to ... (like username, office, description, email, etc.) but not so much on custom attributes.

asked Jul 14, 2023 by NKB#2772 (70 points)
0 votes
1 answer

I need a way of triggering a business rule based on the user (and not the group) being added or removed from a group. The reason I would like this triggered on the user is so ... prefer not to do that. I am checking to see if there is another way to do this.

asked May 16, 2023 by mark.it.admin (2.3k points)
3,504 questions
3,196 answers
8,148 comments
547,431 users