0 votes

I currently have a Custom Command that is configured for User objects, but I would like to perform actions against a Computer object in the same command.

E.g. I have a custom command that starts a deprovision workflow. There is an AD Object Picker parameter which prompts to select the deprovisioned user's computer to disable at the same time.

Because the command is based on Users, there's no Action Set to disable Computers.

Is there a workaround here?

Thanks!

related to an answer for: Custom Commands in Custom Commands
ago by (880 points)

1 Answer

0 votes
ago by (182k points)
selected ago by
Best answer

Hello,

The computer update can only be performed using a PowerShell script. Unfortunately, there is no possibility to use built-in actions. To disable the computer specified in an AD object picker parameter, use the below script. In the script, the $computerDN variable specifies a value reference for the parameter used to select the computer with the param- prefix.

$computerDN = "%param-computer%" # TODO: modify me

# Bind to the computer
$computer = $Context.BindToObjectByDN($computerDN)

# Disable the computer
$computer.AccountDisabled = $True
$computer.SetInfo()

For details about using Custom Command parameters, have a look at the following tutorial: https://www.adaxes.com/tutorials_ActiveDirectoryManagement_CreateCustomCommand.htm#how_to_use_parameters.

0

Hi,

Thanks for the script! Will this script work if there are multiple computers selected with the Ad object picker?

Thanks

0

Hello,

No, this script will only work for a single selection. If you need it to disable multiple computers selected in the parameter, we will provide you with the updated script.

0

Hello,

I've tested the script above but received the following errors in the log:

Cannot find an overload for "BindToObjectByDNEx" and the argument count: "1". Stack trace: at <ScriptBlock>, <No file>: line 4

The property 'AccountDisabled' cannot be found on this object. Verify that the property exists and can be set. Stack trace: at <ScriptBlock>, <No file>: line 7

You cannot call a method on a null-valued expression. Stack trace: at <ScriptBlock>, <No file>: line 8

0

Hello,

It looks like there was an issue with the script, the fourth line should have the BindToObjectByDN method, not BindToObjectByDNEx. Please, re-copy the script from our previous reply and execute the Custom Command again.

0

Thanks, that worked.

At the moment the disabled computer isn't being recognised by a business rule 'After disabling a computer account'

Do I need to use -AdaxesService localhost in the script?

+1

Hello,

The -AdaxesService parameter is available only for cmdlets which are not used in the script. To make sure that disabling computers by the script triggers corresponding Business Rules, replace this line in the script

$computer = $Context.BindToObjectByDN($computerDN)

with the following one:

$computer = $Context.BindToObjectByDNEx($computerDN, $True)

0

Many thanks, that has worked and triggered the business rules.

Related questions

0 votes
1 answer

Hi, I had to create Custom Command for distribution group creation. Default group creation wizard cannot be used, because we need some of parameters to be mandatory etc. Anyway I ... which shouldn't be targeted to any particular AD object. How do I do it?

asked Jan 20 by KIT (2.9k points)
0 votes
1 answer

Is it possible to have custom command that doesn't execute on a specific (or any) AD object? I realize Adaxes is for AD management, but I was wondering if it would be ... to execute against and AD object, I just need it to talk to the SQL server. Thanks

asked Nov 9, 2012 by bemho (3.8k points)
0 votes
1 answer

Whilst the Web UI's Custom Forms and Views for each Object Type is useful, it's also very limiting presentation-wise if we want different users, computers, ... user groups and ensure a tidier experience whilst enforcing ACLs on various attributes and objects.

asked Nov 14, 2017 by Staj (1.4k points)
0 votes
1 answer

I would like to add the following logic into a Powershell script that will be triggered on 'After Create User'. Read the value of the 'title' property of the user just created ... 'True' or 'False'. Could you assist with how to script this please? Many thanks.

asked May 1 by Bernie (1.8k points)
0 votes
1 answer

Hey I found this code for my Custom Command to autofill Description. Does anyone know how to modify it to handle grandparent i.e. go two levels up? $parent = ... .Put("Description", $parent.Get("name")) $Context.TargetObject.SetInfo() Best Regards Debarase

asked Nov 9, 2018 by debarase (510 points)
2,241 questions
2,002 answers
5,483 comments
17,072 users