0 votes

Dear Support,

I'm using this Script for adding User to Groups.

Import-Module Adaxes
$User = "%distinguishedName%"
$group = get-AdmGroup "KendoxUser_%adm-CustomAttributeText17%" -Properties Members

if ($group.Members -notcontains $User)
{ 
   $group | Add-AdmGroupMember -Members $User
   $Context.LogMessage("Benutzer zur Gruppe $group hinzugefügt", "Information")
   return
}

It works fine, but when the Grouplocation is in a Subdomain it doesn't work.
Do you have any idea why?

by (700 points)

1 Answer

0 votes
by (216k points)

Hello,

It doesn't work for a sub-domain because by default, Adaxes cmdlets, such as Get-AdmGroup or Add-AdmGroupMember, perform operations only in the current domain. To be able to perform operations with the help of the cmdlets in another domain, you need to specify the Active Directory Domain Services instance to connect to via the -Server parameter and the Adaxes service that will be used for the operation via the -AdaxesService parameter, for example:

$group = get-AdmGroup "KendoxUser_%adm-CustomAttributeText17%" -Properties Members -AdaxesService localhost -Server subdomain.example.com

We can modify the script to match your requirements, but for this purpose we need to know how to get the FQDN of the subdomain. Can it be hard-coded in the script or maybe derived from some properties of the user?

0

Hello,

Here's a modified version of the script that meets your requirements:

Import-Module Adaxes
$User = "%distinguishedName%"

$domainName = $Context.GetObjectDomain("%distinguishedName%")

$group = get-AdmGroup "KendoxUser_%adm-CustomAttributeText17%" -Properties Members -AdaxesService localhost -Server $domainName

if ($group.Members -notcontains $User)
{
   $group | Add-AdmGroupMember -Members $User -AdaxesService localhost -Server $domainName
   $Context.LogMessage("Benutzer zur Gruppe $group hinzugefügt", "Information")
}

Related questions

0 votes
1 answer

How can I create a script that does these things For internal audit. objective Even removing all groups of a disconnected user, we will still know which groups the ... in the created group (audit)-sAMAccountName-access add the (user)-sAMAccountName in members

asked Jul 2, 2022 by alancardoso (40 points)
0 votes
1 answer

When trying to add multiple groups to a user after searching in the group list we are seeing that selecting one group adds that one then the complete list of groups ... from the search results without the list refreshing not just the first group selected?

asked Nov 12, 2021 by techg (320 points)
0 votes
1 answer

They can navigate to both the user or the group within the ADAXES web interface without issue. They can then either Add to Group or Add Member but the resulting ... something to the web interface which prevents changing the lookup domain. Any ideas? Thanks!

asked Apr 9, 2020 by VTPatsFan (610 points)
0 votes
1 answer

I have tried it using the Custom Commands Action "Add the user to a group", which only allows me to add the user to one group at a time, and can't use the multiple DNs that the ... I can't get it to work. Could you assist me in finding the best way to do this?

asked Jan 16 by dominik.stawny (160 points)
0 votes
1 answer

Pretty simple question. Upon user provisioning, based on business unit, is there a way to have the new O365 mailbox and user be added to an existing distribution group in ... could do this with local AD distribution groups, but that is currently not the case.

asked Sep 10, 2015 by eponerine (50 points)
3,326 questions
3,026 answers
7,727 comments
544,678 users