0 votes

Hi

We create different Groups when a new OU is generated. The name of the groups consist of the OU name with additional text. We would like to remove spaces for the groups that will be created. How can we define the output of the script for all actions that come after this script?

The operation is run after the OU was created:

$property = "ou" # TODO: modify me
#$regex = "^[a-zA-Z0-9_.%%\-\+]+@([a-zA-Z0-9_\-]+\.)+[a-zA-Z0-9_\-]+$" # TODO: modify me

# Get property value
$value = $Context.GetModifiedPropertyValue($property)

if ([System.String]::IsNullOrEmpty($value))
{
    return # The property wasn't changed
}

# Remove spaces
$value = $value.Replace(" ", "_")



# Validate property
#if ($value -notmatch $regex)
#{
#    $Context.Cancel("The property must match the following regular expression: $regex") # TODO: modify me
#}

# Update property value
$Context.SetModifiedPropertyValue($property, $value)

$Context.LogMessage($value, "Information")

RemoteDesktopManager64_U5IxIk8AGn.png

Thanks, Mario

by (850 points)

1 Answer

0 votes
by (182k points)

Hello Mario,

Unfortunately, there is no such possibility. To achieve the desired, you can use one of the following approaches:

  1. Keep only the Create group actions in the Business Rule and use a Business Rule triggering Before creating a group that will replace spaces in group names. For details, have a look at the following tutorial: https://www.adaxes.com/tutorials_SimplifyingDataEntry_ValidateModifyUserInputWithScript.htm.
  2. Replace the whole set of actions in the Business Rule with a single script that will get the ou property value, replace spaces in it and then use the new value to create all the required groups.
  3. Remove the current script from the Business Rule and use a script in a Business Rule triggering Before creating a Organizational Unit. The script will replace spaces in the ou property and save the new value to another property (e.g. description) that will be used for group creation instead of the ou property. As the last action in your Business Rule, the property storing the value with replaced spaces will be cleared.

If you have issues configuring either of the workflows, please, specify which one meets your needs and we will provide you with detailed instructions.

0

Hi

We made a single script for it

Import-Module ActiveDirectory
$property = "ou" 
# Get property value
$value = $Context.GetModifiedPropertyValue($property)

if ([System.String]::IsNullOrEmpty($value))
{
    return # The property wasn't changed
}

# Remove spaces
$value = $value.Replace(" ", "_")

$Context.LogMessage($value, "Information")

$names=@("AllUsers","Voice","Workspace","Exchange")
$location = "OU=Groups,%distinguishedName%"
$Context.LogMessage($location, "Information")
foreach($name in $names) 
{
    $name = $value+"_"+$name
    $Context.LogMessage($name, "Information")
    New-ADGroup -Name "$name" -SamAccountName "$name"-GroupCategory Security -groupScope Global -Path "$location" -Server:server.domain.local 

}

If we run it in PowerShell directly (adaxes server, with properties set manually) it works fine. If we run it trough adaxes we get the error shown below. As we can see from the log part, the OU etc are being resolved correctly

chrome_4FRjtPOmIh.png

Any idea why this happens?

0

Hello Mario,

The script you provided should work just fine. However, according to the second screenshot, the error occurs at line 37, while the script only has 25 lines. Could you, please, post here or send us (support[at]adaxes.com) the full script you are using?

Also, if you create groups using the New-ADGroup cmdlet, the groups will be created directly in AD and there will be no corresponding log records in Adaxes. If you need the records to be present, you need to use the New-AdmGroup cmdlet with the AdaxesService parameter specified.

0

Hi

This is the full script that we are using.

I've change it to New-AdmGroup to have it within Adaxes and removed the "-Server" parameter, its now working fine. It seems there was an error running it on the specified server form within Adaxes.

Thank you.

Related questions

0 votes
1 answer

Wondering if this is possible given the SDK options for manipulating the addaxes business rules. We have a desire to regularly extract all the powershell scripts from various ... we get 100% coverage with the ability to see the scripts historically. Thanks, G

asked Mar 4, 2019 by ggallaway (1.2k points)
0 votes
1 answer

Hello again, I am setting up the Web Console so our support people can add users to groups. Currently when they go in they can select a user from all the users they can ... into the web portal. Is there a way to pull value references from the selected object?

asked Mar 25, 2016 by drew.tittle (4.5k points)
0 votes
1 answer

Hi, is it possible to save to an Adaxes attribute the value of the last Sign In from Azure AD? When we query users for Last Logon, we, of course, can only see the Last Logon value from AD It would be very useful to know the latest login in Azure AD as well

asked Jun 22 by manuel.galli (510 points)
0 votes
1 answer

Looking for something that lists the icons and what they mean. The particular one I am looking for is

asked Nov 25, 2019 by mark.it.admin (3.9k points)
0 votes
1 answer

Hi, is there any function to get all direct an indirect memberships, with the multiple one? If we check the indirect membership checkbox there are only shown every "group" once. ... groups he is getting the same permissions and so on. Is there a way? Regards

asked Jan 29, 2018 by plesen (510 points)
2,246 questions
2,007 answers
5,494 comments
19,951 users