0 votes

hello,

I need to create a Custom commands so that help desk can add or remove entries in the "userWorkstations" (Logon Workstations) attribut of a user.

Is there a simple way to do it with Adaxes?

Thanks in advance!

by (1.1k points)
0

I am almost done but my code only set one workstation, it erase the others one listed in the text file.

#$ImportedWorkstations = Import-Csv -Delimiter ";" -Path $csvFilePath

 foreach($line in Get-Content $csvFilePath) {
    Set-admUser -Identity %cn% -LogonWorkstations $line
    $Context.LogMessage("$line", "Information")

}

I believe there is somethings to do with array @?

0

Finally I did somethings like that :

$ComputerList=Get-Content $csvFilePath  
Set-admUser -Identity %cn% -Replace @{LogonWorkstations=$ComputerList}

So the helpdesk need to create a texte file conatining workstations before running the script.
is there a way for the heldesk to use a custom form in the web interface so he can search and select worksations directly in AD?

1 Answer

0 votes
by (220k points)
selected by
Best answer

Hello,

Yes, it is possible. The solution will include a Home Page Action and a Business Rule. The action will contain a DN syntax property (e.g. See Also) that will allow selecting the computers that will be added to the list of workstations for the user. The Business Rule will trigger After Updating a User and execute a PowerShell script that will update the userWorkatations property with the computers specified in the See Also property of the user. The script will be executed only if the See Also property changes.

i. Creating the Home Page Action

  1. Launch Adaxes Web Interface Customization tool.
  2. Select the interface type and click Configure Home Page Actions on the General tab.
  3. Click Add and select Modify User action.
  4. On step 2 of the wizard, define the conditions for selecting the user to be modified and click Next.
  5. Select Use customized form and click Customize Form.
  6. Delete all the sections except for one (e.g. General).
  7. Delete all the properties from the section and click Add below Section fields.
  8. Double-click the See Also property.
  9. Select Show only the following object types.
  10. Select only the Computers checkbox.
  11. Click OK twice and finish creating the Home Page Action.

ii. Creating the Business Rule triggering After Updating a User

  1. Launch Adaxes Administration Console.

  2. Right-click your Adaxes service node, navigate to New and click Business Rule.

  3. On step 2 of the Create Business Rule wizard, select User Object type.

  4. Select After Updating a User and click Next.

  5. Click Add Action.

  6. Select Run a program or a PowerShell script.

  7. Enter a short description and paste the script below into the Script field.

     $attributeName = "SeeAlso" # TODO: modify me
    
     function UpdateWorkStations ($userWorkStationsString)
     {
         # Update user WorkStations
         $Context.TargetObject.Put("userWorkstations", $userWorkStationsString)
         $Context.TargetObject.SetInfo()
     }
    
     try
     {
         $computerDNs = $Context.TargetObject.GetEx($attributeName)
     }
     catch
     {
         UpdateWorkStations $NULL
         return
     }
    
     $userWorkStations = New-Object "System.Collections.ArrayList"
     foreach ($dn in $computerDNs)
     {
         $computer = $Context.BindToObjectByDN($dn)
         $netBIOSName = $computer.Get("sAMAccountName").TrimEnd("`$")
         [void]$userWorkStations.Add($netBIOSName)
     }
    
     $userWorkStationsString = [System.String]::Join(",", $userWorkStations.ToArray())
     UpdateWorkStations $userWorkStationsString
  8. Click OK.

  9. Right-click the action you have created and click Add Condition.

  10. Select If <property> changed.

  11. Select If See Also has changed and click OK.

  12. Click Next and finish creating the Business Rule. You should have something like the following:

For information on how to change property display names, have a look at the following help article: https://www.adaxes.com/help/?HowDoI.Man ... Names.html.

0

Woah great., I will test it.

Thank you.

Related questions

0 votes
1 answer

Hello, I need a way to populate with a schedule task "userWorkstations" with a list of computer objects located under a specific OU. The process must not relpace values already in "userWorkstations" attribute. Thanks, Mic

asked Jan 26 by zemitch (180 points)
0 votes
1 answer

Hello, I need to grant the right for a user to manage only one group. This group is "Domain local" so it is possible to add members from other trusted forests. The ... he belong to. How to tell Adaxes to look for users in all registered domains ? Thanks.

asked Feb 4 by zemitch (180 points)
0 votes
1 answer

Currently we have to create lots of new NTFS shared folders for projects and manage the addition and removal of access for users on an ongoing basis. We would like to delegate ... interested to know if it will meet our needs before I install a demo to test.

asked Dec 21, 2021 by darrenbrown (20 points)
0 votes
1 answer

Can I manage the user that is user by Adaxes to connect to Active Directory with Privilege Access Management (PAM)? Since this user can change user's password, ... would like to manage this user so that PAM can change/rotate the password periodically

asked Nov 18, 2021 by fachmi (170 points)
0 votes
1 answer

We are looking to use Adaxes to create and manage Managed Service Accounts in the "Managed Service Accounts" OU. Is this possible through Adaxes? Thank you.

asked Nov 14, 2019 by lgibbens (320 points)
2,740 questions
2,474 answers
6,475 comments
1,372,206 users