0 votes

When creating business rules I quite often find myself having to create overly complex workflows because we can't use ELSE or BREAK statements.

An example would be:-

Before deleting a user:-
> IF Initiatior = "Manager", THEN "Log Deletion"
> IF Initiatior DOES NOT = "Manager" AND "Within HR Hours", THEN "Send for Approval"
> IF Initiatior DOES NOT = "Manager" AND "Outside HR Hours", THEN "Send Email Audit Alert"

In this scenario, the criteria checks in the last workflow are essentially redudant as they are implied by anything that doesn't match the first or second workflow. Normally in this type of scenario I could just put in a:-

> ELSE "Send Email Alert"

but I am instead forced to 'reverse' previous element checks so that it will trigger (this may not be the best example, but it is hopefully simple!).

There are other times where it would be nice to able to list a sequence of workflows with different combinations of criteria where the first workflow that is matched triggers and then the rule 'BREAKS' rather than carrying on. I can functionally do this with using the 'Cancel' action, but it is a bit too "visible" (it logs as an error).

Are there any plans to add ELSE\BREAK functionality, or am I missing something in how to construct business rules that mimics their use?

Thanks

by (1.6k points)

1 Answer

0 votes
by (215k points)
selected by
Best answer

Update 2018

Starting with Adaxes 2018.1 you can have Else If and Else blocks in your business rules, custom commands and scheduled tasks. Also, the Do nothing action was added. For examples on how to use the features, have a look at section Else If and Else blocks of the following tutorial: https://www.adaxes.com/tutorials_AutomatingDailyTasks_AutomateUserProvisioning.htm.

Original

Hello,

Thanks for the suggestion. We already have such a feature request in our Product Backlog, and we'll consider it for future releases.

For now, you can achieve what you want with the help of PowerShell scripts. For example, the following script implements something like you've mentioned in your post:

$initiatorDn = "%adm-InitiatorDN%"
$managerDn = "%manager%"

if ($initiatorDn -ieq $managerDn)
{
    $Context.LogMessage("The user will be deleted", "Information")
}
else
{
    $nowH = [System.DateTime]::Now.Hour
    if (($nowH -gt 8) -and ($nowH -lt 19))
    {
        $Context.SubmitForApproval(@("CN=HR Group,CN=Users,DC=example,DC=com"), $False, $False, $False, $False)
    }
    else
    {
        $Context.SendMail("hrgroup@example.com", "Attempt to delete a user", "An attempt was made to delete user %name% outside HR hours.", $NULL)
        $Context.Cancel("You cannot delete users outside HR hours.")
    }
}

You can use the Run a program or PowerShell script action to insert the script in your Business Rule.

Related questions

0 votes
1 answer

Hi - I'm trying to validate that the email address entered is distinct. The logic below is not working. When we had Exchange, this was automatic. We no longer have ... Cancel("A user with the specified mail address already exists!"); return $false; } }

asked Dec 18, 2013 by BradG (950 points)
0 votes
1 answer

I would like to add the following logic into a Powershell script that will be triggered on 'After Create User'. Read the value of the 'title' property of the user just created ... 'True' or 'False'. Could you assist with how to script this please? Many thanks.

asked May 1, 2020 by Bernie (310 points)
0 votes
1 answer

My scheduled task currently: Checks for staff in a particular OU that do not have an O365 license Adds a license Resets their AD Password Moves them to an OU based off ... scheduled task moves them out of the OU that the business rule is looking at. Thanks

asked Apr 15, 2020 by russmerriman (40 points)
0 votes
1 answer

According to this article when we disable a user we should "Disable Exchange ActiveSync and Disable OWA for Devices, and Disable email connectivity." However I can only figure ... connectivity" as well? https://support.office.com/en-us/articl ... 5eddb367d1

asked Aug 4, 2015 by auser42 (340 points)
0 votes
1 answer

Hi again ! Is there a way in a BR Powershell script to get the Domain Controller Adaxes service is using for an operation. To be clearer, i use a powershell script in a ... can get the DC in the context, i could pass it to the powershell cmdlet. Thanks Stephen

asked Jun 22, 2012 by sroux (800 points)
2,779 questions
2,512 answers
6,574 comments
25,881 users