0 votes

Hello

I am trying to set up a script to copy the 'Members Of' from specific accounts to a new user account after creating the user.

Something very similar to this: https://www.adaxes.com/tutorials_AutomatingDailyTasks_AutomaticallyChangeGroupMembershipUsingScripts.htm

But listing each group one by one (there are around 20 per department), would not work for us.

I'm looking to do this per department, which I already have business rules for. And then, a script to simply copy all of the members of groups, from 'Template_Account" to "New user".

I tried to use something like this, but with no luck:

`Import-Module Adaxes $CopyFromThisUser = "HTB-Template" $CopymembersToThisUser = "%sAMAccountName%" Get-ADUser -Identity $CopyFromThisUser -Properties memberof | Select-Object -ExpandProperty memberof | Add-ADGroupMember -Members $CopymembersToThisUser

`

The ones I have found on here, do not meet our requirements and we would rather do this using accounts used as templates rather than having one large powershell to say which groups to add to. So that the service desk can easily make changes to the accounts as required due to the ever changing nature of the business.

Is someone able to help me with this?

by (40 points)

1 Answer

0 votes
by (210k points)

Hello,

Have a look at the following script from our repository: https://www.adaxes.com/script-repository/copy-group-memberships-from-template-based-on-property-value-s490.htm. It allows you to specify property values (in your case the property is Department) and corresponding user accounts to copy membership from. If you have issues updating the script to meet your needs, please, provide all the possible details on the changes to be made and we will help you.

0

Hey

I did take a look at this earlier but it wasn't quite what I was after. However I've played around with it and it will do what we need it seems in a slightly different way.

How would I go about binding a 'sub department' to adm-CustomAttributeTextMultiValue1?

At the moment I had it to write the sub department to the postal code field which we use for other things outside of Adaxes, however if it can be done by binding this in a CSV import that would be ideal.

0

Hello,

How would I go about binding a 'sub department' to adm-CustomAttributeTextMultiValue1?

You just need to specify sub departments in the multi-valued attribute for users and then run the script for them. It will get all the values from the attribute and add the user to groups according to the specified templates. If group membership should be adjusted upon user creation, you can use the script in a Business Rule triggering After creating a user. image.png In this case, the multi-valued attribute for sub departments should be present on the creation form in Adaxes Web Interface. For information on how to manage Web Interface forms, have a look at the following tutorial: https://www.adaxes.com/tutorials_WebInterfaceCustomization_CustomizeFormsForUserCreationAndEditing.htm.

however if it can be done by binding this in a CSV import that would be ideal.

Do we understand correctly that you are currently provisioning user accounts by importing a CSV file? If that is correct, you need to add the multi-valued attribute to the file and adjust your import script accordingly if necessary. The script for group membership update should still be executed in a Business Rule triggering After creating a user as it is mentioned above. Should you have issues adjusting the workflow to meet your needs, please, send us (support[at]adaxes.com) the import script in TXT format and a sample of the CSV file and we will help you.

0

You are correct in saying that we are looking at provisioning users using a CSV file, which our HR system will export.

For this reason I was looking at a way for the HR system to provide the required information, hence why with the current test I had it to add the sub department to the 'postal code' field in AD.

Would perhaps just changing $propertyName = "adm- CustomAttributeTextMultiValue1" to look at the postal code field in AD work?

I sent an email to support also in case they had further input on the export that we currently do.

0

Hello,

Yes, changing the $propertyName variable value to postalCode and updating the mapping for sub departments and corresponding user templates to copy membership from in the $propertyToTemplateMap variable should work just fine. The Business Rule will remain the same, you will just need to change the property in the condition: image.png

Related questions

0 votes
1 answer

We have several contractors that come and go, it would be helpful to have a custom command that will copy only the member of groups from one user to another. We have done this previously with ... ; write-warning "I'm sorry, Jay. I'm afraid I can't do that." }

asked Jan 9, 2017 by willy-wally (3.2k points)
0 votes
0 answers

Is it possible to trigger an action 'after removing a member from a group' unless that member is a member of another group? For example I have two security groups: 'DS Senders' and ... 'DS Senders' but not if they are a member of 'DS Viewers', and vice versa.

asked Oct 26 by bavery (230 points)
0 votes
1 answer

Hi, Group memberships are kept when using "User Copy" function. Is it possible to do the same thing between two existing users ? (custom commands or else) Thanks for your response, Yoann

asked Oct 4, 2012 by yoann.hamon (180 points)
0 votes
1 answer

Hi there, i know the multiple ways of copying the user groups - or all of them within the user creation wizard. I want to copy only a couple of groups ... is it possible to create an approval operation out of an powershellscript? Kind regards, Constantin

asked May 27 by Constey (170 points)
0 votes
1 answer

Our Help Desk currently 'mirrors' the group membership of a new user based on another existing user in our AD. I'd like to be able to automate this so that the initiator ... and 'paste' it on the new user being created. Any help on this would be appreciated!

asked Apr 21, 2020 by RayBilyk (180 points)
2,599 questions
2,338 answers
6,212 comments
848,466 users