0 votes

Hello,

I would like to create a custom command "Add domain user to local admin group".
The powershell command to execute this is quite easy.
Where I'm struggling is another point.
The initiator has to select first the user name from AD and than the computer name from AD.
This would garantee the user and the computer exist.
Is it possible to create such a task without a custom form?

Many thanks.

by (460 points)

1 Answer

0 votes
by (269k points)
selected by
Best answer

Hello Horst,

There is no possibility to achieve what you need without using a custom form in a Home Page Action.

As a solution you can use a Modify User Home Page Action with a Custom Form and a Business Rule triggering After Updating a User. In the Custom form of the action, there will be only one DN syntax attribute (e.g. Assistant) used to select the computer. The Business Rule will trigger after updating the attribute and execute a PowerShell script that will add the modified user to the local admin group. If this solution meets your requirements, we will provide you with detailed instructions.

0

Hi,

after some time I implemented your solution and it works very well.
There is only one point: in the same BR where the powershell script runs I added a command to clear the assistant field and now the process runs into a loop "after updating a user".
How can I prevent this?

Thanks.

0

Hello Horst,

You need to add the If Assistant is not empty condition to your Business Rule.

0

Hello,

to do this in the recommended way will produce a lot of problems :( :(

The BR "after updating a user" is triggered from "create a user" and from the action "add user to local admin" and from other different actions.

That means the BR "after updating a user" is triggered from a handful actions and it's not possible to create conditions for every case.

My recommendation for the next Adaxes upgrade: add the possiblity to create a condition like "if action = actionname".

Regards.

0

Hello Horst,

Thank you for the suggestion, we will consider it.

Related questions

0 votes
1 answer

Hi We have a couple of scheduled tasks set up to remove accounts which have been disabled for a perios of time. This works fine for normal user accounts, but we ... and former domain admin accounts? We're running the latest version of Adaxes Thanks Matt

asked Oct 26, 2022 by chappers77 (2.0k points)
0 votes
0 answers

We have a multiforest set up. One of the domains is a non hybrid. Whenever a user is created in that domain it gives an error saying- 'Property 'ms-exch-target- ... active Directory schema'. How can we write an exception while adding to that non-hybrid domain?

asked Oct 31, 2022 by Aishwarya Gavali (40 points)
0 votes
1 answer

Hello, Is there a PS script available to add a user to an o365 group (o365 only - not synced to AD) that can be used after user creation in a business rule? Thanks very much.

asked Oct 31, 2018 by Jasonmh (540 points)
0 votes
1 answer

So not sure how it happened but the Adaxes web interface is connected to my domain admin account. When I tried to change it everything went down. Were are all the locations this password is store on the server? Thanks

asked Jan 20, 2015 by 7efd721c8b (420 points)
0 votes
1 answer

Hi, we need to create some form (or custom command?) so managers of distribution groups can add/remove/change alias address. Primary and secondary. Distribution groups are ... contains list of current aliases with possibility to edit them... Thank you Sebela

asked Nov 18, 2019 by KIT (910 points)
3,315 questions
3,013 answers
7,701 comments
544,548 users