0 votes

Hi,

we use the rule "Before adding a user to group" for approval workflow on the groups OU. How can we skip this rule if the added user is located under a special OU?
The added user is not the initiator.
We use Win 2008 R2 and Adaxes 2012.1 latest fix-release.

Regards

by (650 points)

1 Answer

0 votes
by (18.0k points)
selected by
Best answer

Hello,

You can use the If PowerShell script returns true condition:

  1. Right-click the Send operation for approval action and click Add Condition in the context menu.

  2. Select the If PowerShell script returns true condition in the list.

  3. Paste the following script to the Script edit box.

     $Context.ConditionIsMet = $True
    
     $OUDN = "OU=Sales,DC=company,DC=com" # TODO: modify me
    
     $newMember = $Context.BindToObjectByDN("%member%")
     $memberOUPath = New-Object "Softerra.Adaxes.Adsi.AdsPath" $newMember.Parent
    
     if ($memberOUPath.DN -ieq $OUDN)
     {
         $Context.ConditionIsMet = $False
     }
    
  4. Modify the script: set the distinguished name (DN) of your Organizational Unit to the variable called $OUDN.
    To get the DN of an Organizational Unit:

    • Right-click the OU you need in the Console Tree (Adaxes Administration Console).
    • In the context menu, open the submenu of the Copy item.
    • Click Copy DN. The DN of the selected OU will be copied to the clipboard.
0

Hello Eugene,

Thank you very much. It works!
The

$newMember = $Context.BindToObjectByDN("%member%")

was the missing twist. ;)

Related questions

0 votes
1 answer

Let's say I have a Business Rule that is fired prior to adding members to a group. Is it possible to get the number of objects being added to that group as ... that tells me that 6 objects will be added or is each added user treated completely independently?

asked Apr 20, 2022 by ngb (220 points)
0 votes
1 answer

Hi team, I have a follow up to this question https://www.adaxes.com/questions/14234/business-after-adding-members-powershell-script-executed Let me explain my setup A rule- ... area% failed due to the following exception: $($_.Exception.Message)", "Error") }

asked Feb 13 by wintec01 (1.0k points)
0 votes
1 answer

Hi, I have a business rule setup to perform actions after user creation. First action is to run a powershell script which works and it sets a required AD attribute ( ... new user sits in the original OU and does not move Am i missing something here?

asked Feb 6 by Lewis (40 points)
0 votes
1 answer

Hi, I need to retreive a secret from a Azure Keyvault in a business rule. I have a powershell script that works if i run a external command. But it fails if ... at <ScriptBlock>, <No file>: line 20 Any sugestion? Kind regards Reidar Dick-Henriksen

asked Dec 6, 2023 by reidardh (20 points)
0 votes
1 answer

I am trying to trigger processing outside of Active Directory when an account is created based on the source user account that was used. Does Adaxes store the source account anywhere?

asked Oct 9, 2023 by jnordell (20 points)
3,315 questions
3,013 answers
7,701 comments
544,537 users