0 votes

Hi,

How would you most elegantly do the following?

Every time a request is made to move a computer account into OU XYZ, workflow approval should be sent before the move takes place.

If the computer account is being moved from OU XYZ, it does not need workflow approval.

Thanks!

by (950 points)

1 Answer

0 votes
by (215k points)
selected by
Best answer

Hello,

Actually, you can do this very easily. You need to create a Business Rule triggered before moving a computer that will send the operation for approval only if the target OU is your OU XYZ. To create such a Business Rule:

  1. Create a new Business Rule.

  2. On the 2nd step of the Create Business Rule wizard, select Computer and Before Moving a Computer.

  3. On the 3rd step, add the Send this operation for approval action and specify the approvers.

  4. Click OK.

  5. Now, to configure the Business Rule to send the operation for approval only when a computer is moved to a certain OU, you need to add a condition. Double-click Always.

  6. To check which folder a computer is being moved to, you need to use a script. Select the If PowerShell script returns true condition.

  7. Paste the following script in the Script field.

     $ouDN = "OU=My OU,DC=domain,DC=com" # TODO: modify me
    
     # Get the target container
     $targetContinerDN = $Context.Action.TargetContainer.Get("distinguishedName")
    
     $ouDN = New-Object "Softerra.Adaxes.Ldap.DN" $ouDN
     $targetContinerDN = New-Object "Softerra.Adaxes.Ldap.DN" $targetContinerDN
     $Context.ConditionIsMet = $ouDN -eq $targetContinerDN
    
  8. In the script, $ouDN specifies the distinguished name (DN) of the OU a computer should be moved to in order to trigger execution of the Business Rule. Modify it to match your requirements.

  9. Enter a short description for the script and click OK.

  10. Finish creation of the Business Rule.

0

Thank you. Works like a champ!

Related questions

+1 vote
1 answer

Hello Everybody, I want approvers to be able to add information to an Object. Because my preferred Joiner Process looks like this: 1 - HR Department creates a ... for editing approval request, just Approve or Deny. Appreciate your support, regards Patrick

asked Dec 27, 2020 by patrick.faust (30 points)
0 votes
1 answer

I would like to know if it is possible to create a field in the web UI under user management to "assign" a machine to a user. I would like to be able to put the ... be moved to "workstation OU. Is there s custome field that can be used to accomplish this?

asked Oct 22, 2020 by copatterson (70 points)
0 votes
1 answer

Hi! Can ADAxess be used to populate a AD group with computer objects who's name partly matches a AD username from another group? I'e let say we have a group named ' ... channel until problem is solved by just adjusting which group they belong to .... /Kaj

asked Jun 12, 2018 by KajLehtinen (650 points)
0 votes
1 answer

Hello all, I'm sure this is possible, but I'm confused on a few points. I'm trying to set up the security role and matching homepage action that will allow a user ... I'd like to use the least amount of permissions possible, just for security's sake. Thanks!

asked Jan 18, 2017 by ctdhelpdesk (190 points)
0 votes
0 answers

I am unable to move computer objects from any computer OU to another. I receive an access denied error when I try. I am able to delete computers that have ... listed in the topic Permissions Required to move Computers. Any assistance would be helpful. Mark

asked Oct 26, 2016 by mreny (40 points)
2,807 questions
2,541 answers
6,615 comments
65,407 users