0 votes

Hi,

How would you most elegantly do the following?

Every time a request is made to move a computer account into OU XYZ, workflow approval should be sent before the move takes place.

If the computer account is being moved from OU XYZ, it does not need workflow approval.

Thanks!

by (950 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

Actually, you can do this very easily. You need to create a Business Rule triggered before moving a computer that will send the operation for approval only if the target OU is your OU XYZ. To create such a Business Rule:

  1. Create a new Business Rule.

  2. On the 2nd step of the Create Business Rule wizard, select Computer and Before Moving a Computer.

  3. On the 3rd step, add the Send this operation for approval action and specify the approvers.

  4. Click OK.

  5. Now, to configure the Business Rule to send the operation for approval only when a computer is moved to a certain OU, you need to add a condition. Double-click Always.

  6. To check which folder a computer is being moved to, you need to use a script. Select the If PowerShell script returns true condition.

  7. Paste the following script in the Script field.

     $ouDN = "OU=My OU,DC=domain,DC=com" # TODO: modify me
    
     # Get the target container
     $targetContinerDN = $Context.Action.TargetContainer.Get("distinguishedName")
    
     $ouDN = New-Object "Softerra.Adaxes.Ldap.DN" $ouDN
     $targetContinerDN = New-Object "Softerra.Adaxes.Ldap.DN" $targetContinerDN
     $Context.ConditionIsMet = $ouDN -eq $targetContinerDN
    
  8. In the script, $ouDN specifies the distinguished name (DN) of the OU a computer should be moved to in order to trigger execution of the Business Rule. Modify it to match your requirements.

  9. Enter a short description for the script and click OK.

  10. Finish creation of the Business Rule.

0

Thank you. Works like a champ!

Related questions

0 votes
1 answer

I have a specific computer property pattern for three different types of computers, which live in three different OUs and are in three different business units. I will have ... How do I enforce a property pattern for a specific business unit at creation time?

asked Jul 17, 2023 by bennett.blodinger (60 points)
+1 vote
1 answer

Hello Everybody, I want approvers to be able to add information to an Object. Because my preferred Joiner Process looks like this: 1 - HR Department creates a ... for editing approval request, just Approve or Deny. Appreciate your support, regards Patrick

asked Dec 27, 2020 by patrick.faust (30 points)
0 votes
1 answer

I would like to know if it is possible to create a field in the web UI under user management to "assign" a machine to a user. I would like to be able to put the ... be moved to "workstation OU. Is there s custome field that can be used to accomplish this?

asked Oct 22, 2020 by copatterson (70 points)
0 votes
1 answer

Hi! Can ADAxess be used to populate a AD group with computer objects who's name partly matches a AD username from another group? I'e let say we have a group named ' ... channel until problem is solved by just adjusting which group they belong to .... /Kaj

asked Jun 12, 2018 by KajLehtinen (650 points)
0 votes
1 answer

Hello all, I'm sure this is possible, but I'm confused on a few points. I'm trying to set up the security role and matching homepage action that will allow a user ... I'd like to use the least amount of permissions possible, just for security's sake. Thanks!

asked Jan 18, 2017 by ctdhelpdesk (190 points)
3,326 questions
3,025 answers
7,723 comments
544,673 users