0 votes

Is it possible, using a business rule, to reassign a user's direct reports to their manager when they get disabled?

For example, User B reports up to User A. User B gets disabled and all of their direct reports automatically get assigned to User A.


by (250 points)

1 Answer

0 votes
by (3.2k points)


Yes, it is possible. You need to use the below script in a Run a Program or PowerShell script action in a Business Rule that triggers After disabling a user account. In the script, the $pipelined variable specifies whether the operation that changes the manager of direct reports should be passed through Adaxes pipeline, generating a log record for each manager update, triggering Business Rules, etc.

$pipelined = $False # TODO: modify me

# Get disabled user's manager and direct reports
$managerDN = $Context.TargetObject.Get("manager")
$subordinateDNs = $Context.TargetObject.GetEx("directReports")

# Replace manager of each subordinate

foreach ($subordinateDN in $subordinateDNs)
    $subordinate = $Context.BindToObjectByDNEx($subordinateDN, $pipelined)
    $subordinate.Put("manager", $managerDN)

The Business Rule should also have two If <property> <relation> <value> conditions that check whether the disabled user has a manager and any direct reports. Finally, the rule should looks something like this: image.png

Related questions

0 votes
1 answer

I'm wondering if there are any recommended ways to do this in Adexes as part of the deprovisioning or mover process? For example.... When de-provisioning any user, check ... with the initiator is possible Any ideas on how to do this please? Thanks, Bernie

asked Sep 21, 2019 by Bernie (310 points)
0 votes
1 answer

When setting user accounts to disable we use a business rule which executes whenever a user account is modified. So for example a member from our Service Desk team will go onto ... behind for some reason, and doesn't reflect the server date/time it lives on.

asked Nov 16 by Homelander90 (70 points)
0 votes
0 answers

Hello, I'm using this script as part of a deprovisioning process https://www.adaxes.com/script-repository/disable-all-computers-managed-by-a-user-s29.htm I'm using ... The script executes with no errors, but the computer managed by the user remains enabled.

asked Jun 5, 2020 by bavery (250 points)
0 votes
1 answer

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19, 2020 by bavery (250 points)
0 votes
1 answer

Is is possible through Security Roles, or some other mechanism, to allow managers to be able to edit Active Directory data (through the Web Interface) for only their direct reports and no other users?

asked Mar 23, 2015 by yobhod (150 points)
2,880 questions
2,600 answers
117,192 users