Adaxes

Unable to bind to object by DN

0 votes

I am having a problem in a custom command binding to a user object to then get attributes from for use in the script. A little background:

  1. We have multiple domains managed by AdAxes
  2. I have done this before and it always worked.

I have a parameter in the custom command that is a text box, and automatically populates the initiator DN. I am assigning that to a variable in the script, and attempting to use it to get the user object. initiator.png

My code that I have to bind to the user (and show me the values while I am debugging) is:

$initiatorDN = $Context.GetParameterValue("param-initiatorDN")
#debug
$Context.LogMessage("DN: " + $initiatorDN," Information")

$requestor = $Context.BindToObjectByDN($initiatorDN)
#debug
$Context.LogMessage("Requestor: " + $requestor, "Information")
$Context.LogMessage("sam: " + $requestor.samaccountname, "Information")

But when running that in the custom command I get (some details in pic redacted): log.png

So the DN is passing to the variable, but the bind does not work. I have also tried the following bind commands:

$initiatorDN = $Context.GetParameterValue("param-initiatorDN")
#debug
$Context.LogMessage("DN: " + $initiatorDN," Information")

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")
$requestor = $service.OpenObject("Adaxes://$initiatorDN",$null, $null, 0)

#debug
$Context.LogMessage("Requestor: " + $requestor, "Information")
$Context.LogMessage("sam: " + $requestor.samaccountname, "Information")

I still get the same result. I can't seem to bind by the DN no matter what approach I take.

ago by (80 points)

1 Answer

0 votes
ago by (302k points)

Hello,

The behavior is by design and has always been like that. The bind works correctly, it is the output that is performed incorrectly. The first one does not output anything because you are trying to output an object. In such cases you just get an empty output. As for the sAMAccountName output, it is also expected to be empty as the object you get with the bind does not have a property called samaccountname. You need to use the Get method to obtain the property value.

Related questions

0 votes
1 answer
Bind domain object

Hello, I wonder if it is possible to hide the domain objects when the user has no rights on it. attached my configuration and places in the web interface or domain objects appear. thx.

asked Nov 17, 2011 by mmichard (360 points)
0 votes
1 answer
Unable to exclude object from a Business Unit with Query

Hello, I have some AD Groups I would like to exclude from a business unit I'm using. I have standard group names across multiple OUs, some should be a part of the ... than simply having a working exclude query. Any thoughts on how I can get this working?

asked Mar 24, 2016 by drew.tittle (810 points)
0 votes
1 answer
AD object picker - allow search by description

Hello The search function in the AD object picker seems to be limited to the attribute "Name". I have some AD groups where the name is not very meaningful for our ... these cases. Is there any way to include the "Description" attribute in the search? Pudong

asked Sep 26, 2021 by pudong (680 points)
0 votes
1 answer
CustomAttribute to Manager DN

Hello, We have a workflow where we get the manager name via our HR system. I am putting this into a customattribute. As the name pulled from HR is in the form of firstname ... DN and put it into the target user manager field. Is this possible? If so; how?

asked Feb 10, 2022 by vlg (40 points)
0 votes
1 answer
cannot get DN passed to script

trying to leverage thsi script in a custom command, bu ti cannot get the parameter to pass to it. https://www.adaxes.com/script-repository/copy-group-membership-from-specified-user-s590.htm

asked Jan 24, 2022 by Derek.Axe (480 points)
3,690 questions
3,375 answers
8,531 comments
549,647 users