0 votes

Good day,

Currently I'm working on implementing the automation of the user disable/deprovisioning process. I have been able to automate all but the email forwarding.

the main issue I'm experiencing is that due to the structure of our company users request specific email addresses to have emails forwarded to when a user leaves the company or goes on leave. We are currently working with our clients to see if we can make updates to AD to make this process easier (but is easier said than done).

Regardless, what I'm looking to find out Is if there is an option for a technician to input a requested email address when deprovisioning a user account through the Adaxes web portal. I've searched the site and through tutorials and see no options within the console itself that seems like the clear-cut answer.

Regards

by (680 points)
0

Any assistance would be appreciated,

1 Answer

0 votes
by (216k points)

Hello,

That's very easy to do. For this purpose, you can create a Home Page Action that allows modifying the forwarding address and sets a certain flag indicating that the user is being deprovisioned. Also, you'll need to create a Business Rule triggered after updating a user only when the flag is set that will launch the Custom Command that you use for deprovisioning. To set a flag, you can assign the True value to one of Adaxes virtual properties that can store boolean values, for example, CustomAttributeBoolean1. Virtual properties are not stored in Active Directory, but can be used the same as any other property of AD objects.

To implement such a solution:

I. Create a Home Page Action that allows setting a forwarding address

For information on how to create a Home Page Action that allows modifying a user, see section Modify Object on the 5th step of the following tutorial: http://www.adaxes.com/tutorials_WebInte ... htm#modify.

On Step 4 of the section, you will find instructions on how to modify the form used for the Home Page Action. You need to configure a form that allows to update only the Forward To property.

Also, you need to add a flag to indicate that the user is being deprovisioned. For this purpose, add a predefined field for the property that you want to use and set it to True. Information on how to add predefined fields is also available on Step 4.

II. Create a Business Rule that performs user deprovisioning
To automatically perform deprovisioning actions once the above home Page Action is executed, you need to configure a Business Rule triggered after updating a user that performs the necessary actions only when the flag is set. To create such a Business Rule:

  1. Create a new Business Rule.
  2. On the 2nd step of the Create Business Rule wizard, select User and After Updating a User.
  3. On the 3rd step, you need to add an action that performs the deprovisioning actions. For this purpose, add the Execute a Custom Command action and click Select.
  4. Select the Custom Command that you use for deprovisioning and click OK 2 times.
  5. Now, you need to add conditions for the Custom Command to be run only when the flag is set. Right-click the action that you've just added and click Add Condition.
  6. Select the If <property> changed condition type.
  7. Expand the <property> drop-down list and select Show all properties.
  8. Select the virtual property that you want to use as a flag, e.g. CustomAttributeBoolean1.
  9. Select has changed.
  10. Click OK.
  11. Right-click the action that you've just added and click Add Condition again.
  12. Select the If <property> <relation> <value> condition type.
  13. Expand the <property> drop-down list and select Show all properties.
  14. Select the virtual property that you want to use as a flag.
  15. Select equals and True.
  16. Click OK. You should get something like this:
  17. Finish creation of the Business Rule.
0

Hello,

Sorry, our bad, you are correct.

On Step I of the Automate Email forwarding when disabling/deprovisioning user, you needed to create a Home Page Action that allows you to launch the deprovisioning process and specify a person to whom the mail addresses will be transferred. You can configure the action to set a certain flag to distinguish user deprovisioning from other operations. Then, in your Business Rule, you can delete user accounts only when the flag is set.

As for the flag itself, you can use one of Adaxes custom attributes that can store boolean values, for example, CustomAttributeBoolean1. Such attributes are not stored in AD, but can be used the same as any other attributes of AD objects. When flagging a departing user, you can set the attribute to True.

To implement such a solution:

I. Configure the Home Page Action to flag all deprovisioned users
To configure your Home Page Action to flag all deprovisioned users with a boolean attribute:

  1. On the computer, where the Web Interface is installed, start the Web Interface Customization tool.
  2. In the Interface type drop-down list, select the Web Interface that you want to configure.
  3. Activate the General tab and click Configure Home Page Actions. This will bring up the Home Page Actions dialog.
  4. Select the action that you've configured for user deprovisioning and click Edit.
  5. Activate the Form Customization tab.
  6. In the Predefined fields section, click Add.
  7. In the Property name section, select Show all properties and select the property you want to use as a flag, e.g. CustomAttributeBoolean1.
  8. Select Yes.
  9. Click OK 4 times.

II. Configure the Business Rule to delete only flagged users
To configure your Business Rule to delete only accounts of the users flagged by the Home Page Action:

  1. On the computer where Adaxes service is located, launch Adaxes Administration Console.
  2. In the Console Tree, locate and select your Business Rule that you've configured for deprovisioning users. The actions and conditions of the rule will appear in the Result Pane (located to the right).
  3. Right-click the Delete the User action.
  4. Click Add Condition.
  5. Select If <property> <relation> <value>.
  6. Specify If CustomAttributeBoolean1 equals True.

    where CustomAttributeBoolean1 is the property that you chose for flagging departing users.
  7. Click OK. You should receive something like this:
  8. Click Save changes.
0

Thank you, this works perfectly.

One question:

Currently it doesn't seem Adaxes can forward to distribution lists via this method (unable to manage the account in Adaxes) Is this something that can be added as needed?

0

Hello,

By default, you can't select distribution lists, but this is something that you can add yourself. To do this:

  1. On the computer, where the Web Interface is installed, start the Web Interface Customization tool.
  2. In the Interface type drop-down list, select the Web Interface that you want to configure.
  3. Activate the General tab and click Configure Home Page Actions. This will bring up the Home Page Actions dialog.
  4. Select the action that you've configured for user deprovisioning and click Edit.
  5. Activate the Form Customization tab.
  6. Click Customize Form.
  7. Click Configure next to the field you are using to specify the user receiving the email addresses.
  8. Select Show only the following object types.
  9. Enable Groups.
  10. Make sure that only Distribution is selected.
  11. Click OK 4 times.
0

Awesome support, awesome product. Thanks for the assist.

0

Hello,

Thank you for your good words. We really appreciate it.

Related questions

0 votes
1 answer

Good Afternoon, Currently as far as I can tell when defining a new user we are forced to select a location for a newly created user before defining information like the ... If not, is there a better way of applying this sort of functionality? Regards Josh

asked Apr 21, 2014 by jtop (680 points)
0 votes
1 answer

"Connecting to remote server &lt;&lt;FQDN Servername&gt;&gt; failed with the following error message : The server certificate on the destination computer (&lt;&lt;FQDN servername: ... ? This may help to diagnose the issue with schannel on the skype server.

asked Mar 5, 2020 by mark.it.admin (2.3k points)
0 votes
1 answer

We have a process that when a new user is created they are emailed their username and apssword. If the user is in an Admin Group they are then sent an email with some PDFs ... you can send emails, but am unable to see where it could attach files to the email?

asked Sep 3, 2020 by dknapp (100 points)
0 votes
1 answer

Hello, I'm trying to setup a business rule that will send an email to the user when they are added to a group. Under the User Object I don't have an option to Launch ... to get the new group member's email address so I can send a notification to it? Thanks!

asked Dec 1, 2015 by drew.tittle (810 points)
0 votes
1 answer

Is is possiable to send Automate an email to go out to the users of a delegated mailbox? We give Full Access and Send As access of disabled accounts to thier replacements for 30days ... then send a email to each one of them? Adaxes version: 2017.2 3.8.14823.0

asked Oct 28, 2019 by hgletifer (1.3k points)
3,326 questions
3,026 answers
7,727 comments
544,678 users