0 votes

Dear Adaxes Support,

I'm trying to check the uniqueness of the Initials-proberty. My script works well so far.

Import-Module Adaxes

$value = $Context.GetModifiedPropertyValue("initials");

    if ((Get-AdmUser -Filter 'initials -eq $value' -SearchBase "OU=%adm-CustomAttributeText17%,dc=buho,dc=name" -SearchScope "subtree" ) -ne $NULL )
    {
        $Context.Cancel("Ein Benutzer mit diesen Initialen existiert bereits!");
        return;
    }

I'd like check the Uniqueness just of a spezific Path. Something like this:

Import-Module Adaxes

$value = $Context.GetModifiedPropertyValue("initials");
$Domain = $Context.GetObjectDomain("%distinguishedName%")
$searchebase = "OU=%adm-CustomAttributeText17%,$Domain"

    if ((Get-AdmUser -Filter 'initials -eq $value' -SearchBase $searchebase -SearchScope "subtree" ) -ne $NULL )
    {
        $Context.Cancel("Ein Benutzer mit diesen Initialen existiert bereits!");
        return;
    }

but it doesn't work. Have you a idea how I can do this in the right way?

Thanks :-)

by (4.9k points)
0

Hello,

What specifically do you store in the CustomAttributeText17 property?

0

Dear Support,

Maybe is it possible to check the Uniqueness of the property 'initials' just of the Base what Company the user belongs. That would be the best for me. Then we don't have to check where's the User in the AD and we can Forget the Searchbase with the CustomAttribute. Can you help me there?

Is it also possible, outputting the users with the existing initials in the message $context.cancel

Thanks a lot,

0

Hello,

Please confirm that we understand your requirements correctly: you would like to cancel creation of a new user, if there is another user with the same Initials and that has the same company specified in the Company property. Is that correct?

Also, what the script should do if:

  • No Initials specified for the user?
  • No Company specified for the user?
0

Thats absolutly correct :-)

•No Initials specified for the user? nothing. This Property is not for all user required
•No Company specified for the user?a message that a Company is required

Thanks

1 Answer

0 votes
by (215k points)

Here's the script that meets your requirements:

Import-Module Adaxes

# Get initials
$initials = $Context.GetModifiedPropertyValue("initials")
if ($initials -eq $NULL)
{
    return
}

# Get Company
$company = $Context.GetModifiedPropertyValue("company")
if ($company -eq $NULL)
{
    $Context.Cancel("Please specify a company for the user." )
    return
}

$users = Get-AdmUser -Filter {(initials -eq $initials) -and  (company -eq $company)}

if ($users -ne $NULL)
{
    # Get usernames of all users who have the same initials and the company
    $Context.LogMessage("The following users also have the same initials:", "Warning")
    foreach ($user in $users)
    {
        $Context.LogMessage($user.Name, "Warning")
    }

    $Context.Cancel("Ein Benutzer mit diesen Initialen existiert bereits!")
}
0

Dear Support,

thanks for the script, but it doesn't work.When I try modify a exist User and the Company is empty or filled out I get this message:

0

This strongly depends on when you want to check for uniqueness. Are you going to use the script only when a user is created, only when a user is modified, or both?

0

Hi,

I'd like to use it for both. Before a User is created and before a User is modified

0

The following version of the script can be used in Business Rules triggered both before a user is created and before a user is modified:

Import-Module Adaxes

# Get Company
if ($Context.IsPropertyModified("company"))
{
    $company = $Context.GetModifiedPropertyValue("company")
}
else
{
    try
    {
        $company = $Context.TargetObject.Get("company")
    }
    catch
    {
        $company = $NULL
    }
}
if ($company -eq $NULL)
{
    $Context.Cancel("No company specified.")
    return
}

# Check if Initials were modified
if ($Context.IsPropertyModified("initials"))
{
    $initials = $Context.GetModifiedPropertyValue("initials")
}
else
{
    try
    {
        $initials = $Context.TargetObject.Get("initials")
    }
    catch
    {
        $initials = $NULL
    }
}
if ($initials -eq $NULL)
{
    return
}

$users = Get-AdmUser -Filter {(initials -eq $initials) -and  (company -eq $company)}
if ($users -ne $NULL)
{
    # Get usernames of all users who have the same initials and company
    $Context.LogMessage("The following users also have the same initials:", "Warning")
    foreach ($user in $users)
    {
        $Context.LogMessage($user.Name, "Warning")
    }

    $Context.Cancel("Ein Benutzer mit diesen Initialen existiert bereits!")
}

Please pay attention that when you make changes via the Administration Console, and change both the properties simultaneously, Adaxes will save the changes as two separate operations, setting the properties one-by-one. That is, the Business Rule will be triggered twice: first when the Initials property is updated, and then when the Company property is updated, or vice versa.

This behavior is observed only in the Administration Console. In the Web interface, if you change both the properties simultaneously, they will be set within one operation.

Related questions

0 votes
1 answer

Hello, I try to change the script from Report 'Inactive users' to get only users which are located under an specific "Admin" OU. I can't use "Look ... "(|" + $filterNoLastLogon + $filterLoggedOnBefore + ")" + $filterPasswordChangedBefore + ")" regards Helmut

asked Feb 13, 2019 by a423385 (740 points)
0 votes
2 answers

Hi, Can you tell me how to look up a list of last logged-in users for computers from specific OU? Have OU called Laptops and need to know who as last person logged into ... username-of-last-user-who-lgged-on-to-computer-s269.htm but it' s not design for OU

asked Dec 2, 2019 by roberttryba (450 points)
0 votes
1 answer

Hi, I recently started learning Adaxes to automate the annoying tasks. Yesterday I created a custom command that creates an external user in the Active Directory and sends it ... via PowerShell as well? Could you push me in the right direction? Cheers, Romano

asked 2 days ago by Romano Hoenderkamp (290 points)
0 votes
1 answer

We're trying to setup a new action in our Web interface that runs on User's that are currently in an OU called 'New Starters' that is in all of our domains (An ... no results, There are no other fields we can use that are unique to accounts in those OUs

asked Feb 7 by richarddewis (1.5k points)
0 votes
0 answers

Hello, We are in the early stages of rolling out Adaxes, and we sent a bunch of users over to the SelfService website, where, per password reset policy, they ... property that is populated with our employees mobile number) and then auto-enroll those users?

asked Jul 1, 2016 by ajrechk (1.3k points)
2,251 questions
2,011 answers
5,504 comments
24,698 users