0 votes

Hi!

Is there support in the product, either through rules, or through Powershell script to set Account Expired date on all disabled accounts that lacks a defined Expiry date? And preferably that Account Expiry date is set to last login + 1 month for those accounts.

/Kaj

by (650 points)

1 Answer

0 votes
by (226k points)
selected by
Best answer

Hello Kaj,

This can be achieved using a Scheduled Task. It will check the expiration date for all disabled users and update it if necessary. To create the task:

  1. Launch Adaxes Administration Console.

  2. Right-click your Adaxes service node, navigate to New and click Scheduled Task.

  3. On step 3 of Create Scheduled Task wizard select User Object type and click Next.

  4. Click Add Action.

  5. Select Update the User and click Add.

  6. In the Property to modify drop-down list, select Account Expires.

  7. Click Edit in the New value field.

  8. In the Set the date to drop-down list, select Last Logon.

  9. Select plus 1 month and click OK three times.

  10. Double-click Always.

  11. Select If PowerShell script returns true.

  12. Paste the script below into the Script field.

     $accountExpires = $Context.TargetObject.Get("accountExpires")
     $Context.ConditionIsMet = ($accountExpires -eq 0) -or ($accountExpires -eq 9223372036854775807)
  13. Enter a short description and click OK.

  14. Right-click the condition you have created and click Add New Condition.

  15. Select If account is enabled/disabled/locked.

  16. Select If the User account is disabled and click OK.

  17. Click Next and finish creating the Scheduled Task. You should have something like the following:

0

Thanks,

Not sure it works though - when creating the script and running it everything seems normal, but when I look in the logfile afterwards I see that

Modify xxxxxxx (yyyyyyy): clear Account Expires Set expiry date 2018-03-22 21:20:08

Checking the user the account expires field is still empty .... so from where does the clear account expires come?

But changing the modify user field to LastLogonTimestamp +1 month did the trick.

Related questions

0 votes
1 answer

We have some accounts that we would like to prevent from changing their password on login when it is expired. This is because we have saml setup on individual interface pages ... of a loophole for us as we require dual factor and use saml to accomplish this.

asked Oct 26, 2021 by mark.it.admin (2.0k points)
0 votes
1 answer

Is it possible to have a business unit that contains the expired accounts?

asked Sep 14, 2017 by adaxes_user (420 points)
0 votes
1 answer

It appears that we can allow conflicting meetings on a room mailbox but can't set the number of allowed conflicts. Is this a bug or intended? Can we request this feature? Do ... to create a custom command for this? We are on version 3.14.19723.0 Thanks, Mark

asked Jul 13 by mark.it.admin (2.0k points)
0 votes
1 answer

Hello, I've set it up using this tutorial https://www.adaxes.com/tutorials_Simpli ... Office.htm It almost works perfectly on user creation, however the street portion never ... it shows that it does. Postal code, state/province, and city set as expected.

asked Jun 4, 2018 by yuvrajgill10 (100 points)
0 votes
0 answers

Hello As I have mentioned before - when creating a new user, I need to fetch the formal name of the user from an external system. In the external system, the user's formal name ... as an logmessage, but ..... this will appear as a bad solution :oops: - Thanks

asked Jun 8, 2016 by Boxx.dk (2.6k points)
2,779 questions
2,512 answers
6,576 comments
26,891 users