0 votes

Hello,

we offer our team leads to manage their teams:
- the manager select "My Team"
- then all member of the team are listed
- the manager selects a member of the team and the defined properties are listed (for example in which group the selected user is a member)
- after click on "Add ..." the manager can select a group ("Please select groups")
But then ALL groups are listed - not only the groups where the manager is defined as owner ("managed by") :o
How can I set such a filter which restricts the groups?

Many thanks,
Horst

by (460 points)

1 Answer

0 votes
by (228k points)
selected by
Best answer

Hello Horst,

There is no possibility to limit only the groups that can be selected to add the user to. It is only possible to filter all the groups displayed in the Member Of section. For example, if you apply an LDAP filter to show only groups managed by the currently logged on user, in the Member Of section they will be able to see only the groups they own even if the user is a member of other groups too. If this solution meets your needs, follow the instructions below to apply the filter:

  1. Launch Adaxes Web Interface Customization Tool.
  2. Select the interface type and activate the AD Management tab.
  3. Click Customize Forms and Views.
  4. Select User Object type.
  5. Activate the View tab and select the Member Of section.
  6. In the Section Fields, select Filter displayed groups.
  7. Select Show only groups that match the specified LDAP filter.
  8. Enter the following into the LDAP filter field:
    (&(objectCategory=group)(managedBy=%distinguishedName%))
  9. Click OK.
  10. To filter groups in forms for user creation and editing, repeat steps 5-9 for the Create and Modify tabs.
  11. Click OK twice.
0

Hello,

ok, than I'll use the filter in the member section.

Many thanks,
Horst

0

Hello,

the solution above works perfect for Self Service. :D
But now i'm "designing" the User View "AD Management" - "Customize Forms and Views".
I created a "member of"section which shows the groups where the user is a member.
In the next step I need a section "Owner (managed by)" which shows the groups where the user is the responsible manager but I despair with the LDAP filter:
(&(objectCategory=group)(managedBy=%distinguishedName%)) shows nothing :evil:

0

Hello Horst,

Do we understand correctly that you need to add a section to the page that displays users that will contain objects managed by the user? If that is correct, there is no possibility to filter managed objects, but you can create a section that will contain all the objects managed by the user. To do so:

  1. Launch Adaxes Web interface Customization tool.
  2. Select the interface type and activate the AD Management tab.
  3. Click Customize Forms and Views.
  4. Select User Object type.
  5. Activate the View tab and click Add below.
  6. On step 2 of the wizard, select AD object properties and click Finish.
  7. Click Add below Section fields.
  8. Select Managed Objects and click OK twice.
0

Perfect, exactly what I was looking for :D :D :D

Related questions

0 votes
1 answer

How can I create a script that does these things For internal audit. objective Even removing all groups of a disconnected user, we will still know which groups the ... in the created group (audit)-sAMAccountName-access add the (user)-sAMAccountName in members

asked Jul 2 by alancardoso (20 points)
0 votes
1 answer

Hello, Is there a way to send an email notification when a user is added to a group dynamically (with LDAP filter) , it's work only when i add the user manually Thank you

asked Jun 30, 2021 by GG (70 points)
0 votes
1 answer

Our Help Desk currently 'mirrors' the group membership of a new user based on another existing user in our AD. I'd like to be able to automate this so that the initiator ... and 'paste' it on the new user being created. Any help on this would be appreciated!

asked Apr 21, 2020 by RayBilyk (220 points)
0 votes
1 answer

Hello, I need to give the help desk the ability to add users to eDirectory groups from Adaxes. I can bind to the eDir tree, read attributes of objects, but ... .psbase.commitchanges() $context.LogMessage("User now in the Group $GroupName", "Information")

asked Dec 21, 2016 by tentaal (1.1k points)
0 votes
1 answer

For security purposes, we need to audit the objects that are capable of replicating the directory. As we have a number of individuals that need this report, I would like to ... four domains and would like to see any objects with this permission in any of them

asked May 20 by jiambor (1.2k points)
2,807 questions
2,541 answers
6,615 comments
65,069 users