0 votes

We are looking to use a custom form to create a NEW OU for every new office we open, the new OU needs to also have two other OU/containers and two generic accounts based off the information gathered during the initial form request. We have the following setup already and need further assisatnce, most likely powershell or script we assume.


We use the CustomAttribute for the Office number and the OU Name is being created specifically using the property pattern of customattribute - City.

Next steps we need to figure out is two create two sub OU under the one the is created above and name them 'Computers' and "XRay', then under the initial OU created create two generic user accounts named xray%customattribute% and 5star%customattribute% ( with specific property patterns we can add separately with a new pattern).

Thank you for assistance.

by (3.2k points)
0

Hello,

under the initial OU created create two generic user accounts named xray%customattribute% and 5star%customattribute%

What exactly do you mean by named? Should the First name be xray and 5star accordingly and the Last name taken from the custom attribute of the initial OU?

with specific property patterns we can add separately with a new pattern

What exactly do you mean?

0

Maybe a visual would be helpful to see what we want to automate. See Below:

1 Answer

0 votes
by (270k points)
selected by
Best answer

Hello,

Thank you for clarifying. You will need to create a Business Rule triggering After Creating a Organizational Unit that will execute a PowerShell script. To create the rule:

  1. Launch Adaxes Administration Console.

  2. Right-click your Adaxes service, navigate to New and click Business Rule.

  3. On step 2 of the Create Business Rule wizard, select Organizational-Unit Object type.

  4. Select After Creating a Organizational Unit and click Next.

  5. Click Add Action.

  6. Select Run a program or Powershell script.

  7. Enter a short description and paste the below script into the Script field.

     # Create Computers OU
     $ComputersOU = $Context.TargetObject.Create("organizationalUnit", "OU=Computers")
     $ComputersOU.SetInfo()
    
     # Create XRay OU
     $XRayOU = $Context.TargetObject.Create("organizationalUnit", "OU=XRay")
     $XRayOU.SetInfo()
    
     # Create 5star user
     $5Staruser = $Context.TargetObject.Create("user", "CN=5star%adm-CustomAttributeText1%")
    
     # Update properties of 5star user
     $5Staruser.Put("givenName", "5star") # First Name
     $5Staruser.Put("sn", "%adm-CustomAttributeText1%") # Last Name
     $5Staruser.Put("sAMAccountName", "5star%adm-CustomAttributeText1%") # User Logon Name (pre-Windows 2000)
     $5Staruser.AccountDisabled = $False # Enable account
     $5Staruser.Put("unicodePwd", "secret") # Password
     $5Staruser.Put("pwdLastSet", 0); # Must Change Password at First Logon
     $5Staruser.SetInfo()
    
     # Create XRay user
     $XRayUser = $Context.TargetObject.Create("user", "CN=xray%adm-CustomAttributeText1%")
    
     # Update properties of XRay user 
     $XRayUser.Put("givenName", "XRay") # First Name
     $XRayUser.Put("sn", "%adm-CustomAttributeText1%") # Last Name
     $XRayUser.Put("sAMAccountName", "xray%adm-CustomAttributeText1%") # User Logon Name (pre-Windows 2000)
     $XRayUser.AccountDisabled = $False # Enable account
     $XRayUser.Put("unicodePwd", "secret") # Password
     $XRayUser.Put("pwdLastSet", 0); # Must Change Password at First Logon
     $XRayUser.SetInfo()

  8. Click OK.

  9. Click Next and finish creating the Business Rule.

0

We are getting the error below.

0

Hello,

Did you specify a value for the CustomAttributeText1 property in the form for the new OU creation?

0

Sorry, we had the value as CustomAttributeText13. Resolved now, we just need the following settings added to the script.

1. Password Never Expires
2. User cannot change password

Can we add these attributes with a property pattern? We tried and it did trigger, assuming because it was created with a PS script.

0

Hello,

If you want to use a Property Pattern, you will need to use the following script:

# Bind to container
$ou = $Context.BindToObjectEx($Context.TargetObject.AdsPath, $True)

# Create Computers OU
$ComputersOU = $Context.TargetObject.Create("organizationalUnit", "OU=Computers")
$ComputersOU.SetInfo()

# Create XRay OU
$XRayOU = $Context.TargetObject.Create("organizationalUnit", "OU=XRay")
$XRayOU.SetInfo()

# Create 5star user
$5Staruser = $ou.Create("user", "CN=5star%adm-CustomAttributeText1%")

# Update properties of 5star user
$5Staruser.Put("givenName", "5star") # First Name
$5Staruser.Put("sn", "%adm-CustomAttributeText1%") # Last Name
$5Staruser.Put("sAMAccountName", "5star%adm-CustomAttributeText1%") # User Logon Name (pre-Windows 2000)
$5Staruser.Put("unicodePwd", "secret") # Password

$5Staruser.SetInfo()

# Create XRay user
$XRayUser = $ou.Create("user", "CN=xray%adm-CustomAttributeText1%")

# Update properties of XRay user 
$XRayUser.Put("givenName", "XRay") # First Name
$XRayUser.Put("sn", "%adm-CustomAttributeText1%") # Last Name
$XRayUser.Put("sAMAccountName", "xray%adm-CustomAttributeText1%") # User Logon Name (pre-Windows 2000)

$XRayUser.Put("unicodePwd", "secret") # Password

$XRayUser.SetInfo()

In this case, all Account Options should be set in the Property Pattern. For example:

If you want to set the account options in the script, we will help you.

0

Thank you, this works great for some of it.

The script is only creating the generic account and not the xray account. see below.

# Bind to container
$ou = $Context.BindToObjectEx($Context.TargetObject.AdsPath, $True)

# Create Computers OU
$ComputersOU = $Context.TargetObject.Create("organizationalUnit", "OU=Computers")
$ComputersOU.SetInfo()

# Create XRay OU
$XRayOU = $Context.TargetObject.Create("organizationalUnit", "OU=XRay")
$XRayOU.SetInfo()

# Create 5star user
$5Staruser = $ou.Create("user", "CN=5star%adm-CustomAttributeText13%")

# Update properties of 5star user
$5Staruser.Put("givenName", "5star") # First Name
$5Staruser.Put("sn", "%adm-CustomAttributeText13%") # Last Name
$5Staruser.Put("sAMAccountName", "5star%adm-CustomAttributeText13%") # User Logon Name (pre-Windows 2000)
$5Staruser.Put("unicodePwd", "Staff%adm-CustomAttributeText13%") # Password
$5Staruser.Put("l", "%l%") # City
$5Staruser.Put("st", "%st%") # State
$5Staruser.Put("description", "Generic Account") # Description
$5Staruser.Put("departmentNumber", "%adm-CustomAttributeText13%")

$5Staruser.SetInfo()

# Create XRay user
$XRayUser = $ou.Create("user", "CN=xray%adm-CustomAttributeText13%")

# Update properties of XRay user 
$5Staruser.Put("description", "X-Ray Account") # Description
$XRayUser.Put("givenName", "XRay") # First Name
$XRayUser.Put("sn", "%adm-CustomAttributeText13%") # Last Name
$XRayUser.Put("sAMAccountName", "xray%adm-CustomAttributeText13%") # User Logon Name (pre-Windows 2000)
$XRayUser.Put("unicodePwd", "Staff%adm-CustomAttributeText13%") # Password
$5Staruser.Put("l", "%l%") # City
$5Staruser.Put("st", "%st%") # State
$5Staruser.Put("departmentNumber", "%adm-CustomAttributeText13%")

$XRayUser.SetInfo()

I sent the screenshot of the account to support(@)adaxes.com

Thank you in advance.

0

Hello,

The script is only creating the generic account and not the xray account.

First of all, for putting some properties of the Xray account, you have messed the variable. We have corrected the script for you, find it below.

# Bind to container
$ou = $Context.BindToObjectEx($Context.TargetObject.AdsPath, $True)

# Create Computers OU
$ComputersOU = $Context.TargetObject.Create("organizationalUnit", "OU=Computers")
$ComputersOU.SetInfo()

# Create XRay OU
$XRayOU = $Context.TargetObject.Create("organizationalUnit", "OU=XRay")
$XRayOU.SetInfo()

# Create 5star user
$5Staruser = $ou.Create("user", "CN=5star%adm-CustomAttributeText13%")

# Update properties of 5star user
$5Staruser.Put("givenName", "5star") # First Name
$5Staruser.Put("sn", "%adm-CustomAttributeText13%") # Last Name
$5Staruser.Put("sAMAccountName", "5star%adm-CustomAttributeText13%") # User Logon Name (pre-Windows 2000)
$5Staruser.Put("unicodePwd", "Staff%adm-CustomAttributeText13%") # Password
$5Staruser.Put("l", "%l%") # City
$5Staruser.Put("st", "%st%") # State
$5Staruser.Put("description", "Generic Account") # Description
$5Staruser.Put("departmentNumber", "%adm-CustomAttributeText13%")

$5Staruser.SetInfo()

# Create XRay user
$XRayUser = $ou.Create("user", "CN=xray%adm-CustomAttributeText13%")

# Update properties of XRay user 
$XRayUser.Put("description", "X-Ray Account") # Description
$XRayUser.Put("givenName", "XRay") # First Name
$XRayUser.Put("sn", "%adm-CustomAttributeText13%") # Last Name
$XRayUser.Put("sAMAccountName", "xray%adm-CustomAttributeText13%") # User Logon Name (pre-Windows 2000)
$XRayUser.Put("unicodePwd", "Staff%adm-CustomAttributeText13%") # Password
$XRayUser.Put("l", "%l%") # City
$XRayUser.Put("st", "%st%") # State
$XRayUser.Put("departmentNumber", "%adm-CustomAttributeText13%")

$XRayUser.SetInfo()

Try this script and get back to us with the error messages if you get any.

I sent the screenshot of the account to support(@)adaxes.com

Unfortunately, we did not receive the screenshot. Make sure it is sent to the correct e-mail address.

Related questions

0 votes
1 answer

Hi support. I have a pool of generic AD accounts (relief1, relief2 etc) for our relief teachers. I want to schedule a PW reset for these accounts on a weekly basis ... the workflow to send the actual generated PW to the managers email. Thanks in advance Corey

asked Nov 26, 2014 by ckemp (170 points)
0 votes
1 answer

Hello, When I make a copy of account, all attributes are copied except the attribute 'ou'. Should I apply a specific configuration? Thank you for your response Yoann HAMON

asked Aug 21, 2012 by yoann.hamon (180 points)
0 votes
1 answer

I have 18 domains managed by Adaxes and have noticed that Admin (full access) t all objects acts normally, but for piecemeal scopes like Service Desk that scopes to individual ... role (including 16 denies) and expect it to grow as we add more domains.

asked Sep 20, 2022 by DA-symplr (80 points)
0 votes
1 answer

how can i create a report which gives me the details from an exchange mailbox as described in the subject? I would like to have a Report for Exchange Mailboxes with OU, Send on Behalf, Full Rights and Send As Rights thank you

asked Feb 22, 2021 by m_st (200 points)
0 votes
1 answer

Hello dear ADAXES community, what i wanted to do is, to have a custom report which does the following: get every group in a specific OU (the OU comes from an adaxes custom ... Add($Group.name) } } is this possible in such a way? thank you for your help

asked Sep 23, 2020 by m_st (200 points)
3,326 questions
3,026 answers
7,727 comments
544,683 users