Adaxes

Reassign Direct Reports to users's manager when user is disabled?

0 votes

Is it possible, using a business rule, to reassign a user's direct reports to their manager when they get disabled?

For example, User B reports up to User A. User B gets disabled and all of their direct reports automatically get assigned to User A.

Thanks

by (250 points)

1 Answer

0 votes
by (3.6k points)

Hello,

Yes, it is possible. You need to use the below script in a Run a Program or PowerShell script action in a Business Rule that triggers After disabling a user account. In the script, the $pipelined variable specifies whether the operation that changes the manager of direct reports should be passed through Adaxes pipeline, generating a log record for each manager update, triggering Business Rules, etc.

$pipelined = $False # TODO: modify me

# Get disabled user's manager and direct reports
$managerDN = $Context.TargetObject.Get("manager")
$subordinateDNs = $Context.TargetObject.GetEx("directReports")

# Replace manager of each subordinate

foreach ($subordinateDN in $subordinateDNs)
{
    $subordinate = $Context.BindToObjectByDNEx($subordinateDN, $pipelined)
    $subordinate.Put("manager", $managerDN)
    $subordinate.SetInfo()
}

The Business Rule should also have two If <property> <relation> <value> conditions that check whether the disabled user has a manager and any direct reports. Finally, the rule should looks something like this: image.png

Related questions

0 votes
1 answer
Reassigning direct reports when deprovisioning/moving manager

I'm wondering if there are any recommended ways to do this in Adexes as part of the deprovisioning or mover process? For example.... When de-provisioning any user, check ... with the initiator is possible Any ideas on how to do this please? Thanks, Bernie

asked Sep 21, 2019 by Bernie (310 points)
0 votes
1 answer
Allow Manager to Only Edit Direct Reports

Is is possible through Security Roles, or some other mechanism, to allow managers to be able to edit Active Directory data (through the Web Interface) for only their direct reports and no other users?

asked Mar 23, 2015 by yobhod (150 points)
0 votes
1 answer
User being disabled immediately when expiry date is set to same day

When setting user accounts to disable we use a business rule which executes whenever a user account is modified. So for example a member from our Service Desk team will go onto ... behind for some reason, and doesn't reflect the server date/time it lives on.

asked Nov 16, 2022 by Homelander90 (330 points)
0 votes
0 answers
Not able to disable computer when user is disabled

Hello, I'm using this script as part of a deprovisioning process https://www.adaxes.com/script-repository/disable-all-computers-managed-by-a-user-s29.htm I'm using ... The script executes with no errors, but the computer managed by the user remains enabled.

asked Jun 5, 2020 by bavery (250 points)
0 votes
1 answer
Is it possible to generate a report of all of the business rules carried out on a user when they are disabled?

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19, 2020 by bavery (250 points)
3,347 questions
3,048 answers
7,787 comments
545,035 users