Adaxes

Determine if user has answered security questions

0 votes

I'm looking for a way to display on a page visible to administrators/help desk users whether or not someone has answered their security questions. Would a custom command be the way to do this?

Thanks!

by (50 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello,

Yes, a Custom Command would probably be the best way to do this. You can create a Custom Command that outputs the necessary information to the Execution Log. If a user executes the Custom Command, they will see the Execution Log when the command completes.

To create such a Custom Command, you'll need a PowerShell script. Here's a script that you can use to inform whether the user on which a Custom Command is executed is enrolled for Password Self-Service. The script uses the IAdmPasswordSelfServiceOps ADSI interface exposed by each user object. It provides access to Password Self-Service information of a user.

if ($Context.TargetObject.IsEnrolled)
{
    $policy = $Context.BindToObjectByDN($Context.TargetObject.EnrollmentPolicyDN)
    $policyName = $policy.Get("name")
    $Context.LogMessage("The user is enrolled for Password Self-Service. Policy name: " + $policyName, "Information")
}
else
{
    $Context.LogMessage("The user is not enrolled for Password Self-Service.", "Information")
}

For information on how to create a Custom Command, see the following tutorial: http://www.adaxes.com/tutorials_ActiveD ... ommand.htm. To run a script within your Custom Command, on step 4 of the tutorial, you'll need to add the Run a program or PowerShell script action.

Related questions

0 votes
1 answer
How to determine if User is an AD User or Azure AD User?

If we want to obtain the Object ID for the corresponding 365 object of a user, we would use the logic: [Guid]$Context.TargetObject.Get("adm-O365ObjectId") -if ... definitively belongs to an on-premises Active Directory domain or a cloud Azure AD domain?

asked Dec 12, 2022 by Viajaz (210 points)
0 votes
1 answer
Is it possible to have an email sent if a user has been removed from a certain OU?

A little bit of context: There are 3 departments that share 1 Active Directory. Now each department has its own OU. I would like to have an email sent when a user is ... if this is possible without Powershell? If not, is there a pre-existing script for this?

asked Oct 3, 2023 by Cas (150 points)
0 votes
1 answer
Security Questions for Password Self-Service Policies

Is there anyway we can get an Adaxes administrator to be able to access the security the questions and answers from the “Password Self-Service Policies” portal for our users?

asked Feb 17, 2022 by JoeG (40 points)
0 votes
1 answer
Change security questions for password recovery

Hi, Is there a way to change the security questions for the self-service password recovery? We need them in german and I just can't find a way to change them... On a side ... for a while now and always found a way to adjust it to our needs :D Regards, Yannik

asked Oct 15, 2018 by Yannik (100 points)
0 votes
1 answer
Password Reset Security Questions

We currently use a paper form for security questions which helps us to reset passwords of remote users. However the paper list has become large so we are looking ... actually find the secret questions that users have submitted. Is this possible with Adaxes?

asked Jun 20, 2017 by will17 (350 points)
3,361 questions
3,060 answers
7,812 comments
545,221 users