0 votes

In our organisation every department has a named manager.

So if I add a new user and their department is "Sales" (selected from a property pattern) I have a business rule that adds them to the "Sales" group from a template variable 'CN=%department%,OU=Departments,OU=Groups,DC=corp,DC=com'.

What I'm not sure of is the best way to automatically set the manager.

For example I guess I could put in a whole string of rules along the lines of "If department = sales then set manager to Joe" but that gets complex with lots of departments and business rules.

I'm assuming there is a way to assign a manger to each department once in Adaxes and then use some kind of "Department Manager" variable?

Ideal world I just want to choose the department from a pulldown (which shows the property pattern) and whatever department is chosen the user is removed from the old group and added to the new and their manager is set to the manager of their new department.

Any suggestions on the simplest way to achieve this would be great thanks :)

by (240 points)

1 Answer

0 votes
by (216k points)

Hello,

From what you've posted, we assume that there's one group per department. If that's correct, then the best way would be to store the department manager in a certain property of a Group. For this purpose, you can use an AD property of the DN string syntax and that you don't use for other purposes. For example, you can set the manager in the Managed By property. Using a property of the DN string format gives you the advantage of having the Browse button in the field that represents the property, so you don't have to input the department manager manually. You'll be able to select a department manager from AD.

As for setting the manager for a user automatically, in your Business Rule or Custom Command that adds/removes users to/from groups based on departments, you'll be able to use a PowerShell script and the Run a program or PowerShell script action that will copy the department manager's DN from the Managed By property of the group to the Manager property of the user, thus setting a new manager for the user. Here's a script that performs such a task:

# Bind to the group that represents the user's department
try
{
    $group = $Context.BindToObjectByDN("CN=%department%,OU=Departments,OU=Groups,DC=corp,DC=com")
}
catch
{
    $Context.LogMessage("Cannot set a manager for the user because there is no group for the user's department (%department%).", "Warning")
    return
}

# Get the department manager
try
{
    $manager = $group.Get("managedBy")
}
catch
{
    $Context.LogMessage("Cannot set a manager for the user because the user's department doesn't have a manager (%department%).", "Warning")
    return
}

# Set the manager
$Context.TargetObject.Put("manager", $manager)
$Context.TargetObject.SetInfoEx(@("manager"))

Related questions

0 votes
1 answer

Hi, I would like to be able to provision my user accounts "Department" fields based on the Organizational Unit name in which the user is in. Basically I'd like to copy the ... Adaxes? ex: OU = IT Corp Name = Paul Fakename Department = IT Corp Thanks in advance

asked Nov 26, 2012 by cedricb (50 points)
0 votes
1 answer

During the creation of a new user I want to be able to select the job title from a drop-down list which populates different values based on which Department is selected. Is there a way to achieve this? Thanks. Dario.

asked Oct 2, 2020 by winstonsmith (40 points)
0 votes
1 answer

This is for license purposes and we do not want them visible in the Adaxes portal.

asked Oct 22, 2021 by jfrederickwl (20 points)
0 votes
1 answer

Hello, I've set it up using this tutorial https://www.adaxes.com/tutorials_Simpli ... Office.htm It almost works perfectly on user creation, however the street portion never ... it shows that it does. Postal code, state/province, and city set as expected.

asked Jun 4, 2018 by yuvrajgill10 (100 points)
0 votes
1 answer

This script description says it can find the manager via FullName Distinguished name or Display name. Wondering if we can change it to use employeeID or SamAccountName.

asked Oct 24, 2022 by mightycabal (1.0k points)
3,326 questions
3,026 answers
7,727 comments
544,678 users