0 votes

I currently have a Custom Command that is configured for User objects, but I would like to perform actions against a Computer object in the same command.

E.g. I have a custom command that starts a deprovision workflow. There is an AD Object Picker parameter which prompts to select the deprovisioned user's computer to disable at the same time.

Because the command is based on Users, there's no Action Set to disable Computers.

Is there a workaround here?

Thanks!

related to an answer for: Custom Commands in Custom Commands
by (250 points)

1 Answer

0 votes
by (284k points)
selected by
Best answer

Hello,

The computer update can only be performed using a PowerShell script. Unfortunately, there is no possibility to use built-in actions. To disable the computer specified in an AD object picker parameter, use the below script. In the script, the $computerDN variable specifies a value reference for the parameter used to select the computer with the param- prefix.

$computerDN = "%param-computer%" # TODO: modify me

# Bind to the computer
$computer = $Context.BindToObjectByDN($computerDN)

# Disable the computer
$computer.AccountDisabled = $True
$computer.SetInfo()

For details about using Custom Command parameters, have a look at the following tutorial: https://www.adaxes.com/tutorials_ActiveDirectoryManagement_CreateCustomCommand.htm#how_to_use_parameters.

0

Hi,

Thanks for the script! Will this script work if there are multiple computers selected with the Ad object picker?

Thanks

0

Hello,

No, this script will only work for a single selection. If you need it to disable multiple computers selected in the parameter, we will provide you with the updated script.

0

Hello,

I've tested the script above but received the following errors in the log:

Cannot find an overload for "BindToObjectByDNEx" and the argument count: "1". Stack trace: at <ScriptBlock>, <No file>: line 4

The property 'AccountDisabled' cannot be found on this object. Verify that the property exists and can be set. Stack trace: at <ScriptBlock>, <No file>: line 7

You cannot call a method on a null-valued expression. Stack trace: at <ScriptBlock>, <No file>: line 8

0

Hello,

It looks like there was an issue with the script, the fourth line should have the BindToObjectByDN method, not BindToObjectByDNEx. Please, re-copy the script from our previous reply and execute the Custom Command again.

0

Thanks, that worked.

At the moment the disabled computer isn't being recognised by a business rule 'After disabling a computer account'

Do I need to use -AdaxesService localhost in the script?

+1

Hello,

The -AdaxesService parameter is available only for cmdlets which are not used in the script. To make sure that disabling computers by the script triggers corresponding Business Rules, replace this line in the script

$computer = $Context.BindToObjectByDN($computerDN)

with the following one:

$computer = $Context.BindToObjectByDNEx($computerDN, $True)

0

Many thanks, that has worked and triggered the business rules.

Related questions

0 votes
1 answer

Is there a way to extend the Get-AdmGroupMember for easier cloud user management and better expressing the actual "user" object your working with? https://www ... -60d8-49a9-aebb-0000000000 SID : S-1-15-000000000000-3621557498-1235837144-3060644782-00000000000

asked Apr 1 by PeterS (40 points)
0 votes
1 answer

Here is my issue, When I use this code: $DNs = %param-GroupsInRole% $Groups = $DNs -split "|" %Param-GroupsInRole% can have multiple groups. When setting up the parameter I am ... I just need to be able to do a foreach with the groups picked by the initiator.

asked Mar 23, 2023 by mightycabal (1.0k points)
0 votes
1 answer

Occationally Service Desk staff need to clear a DNS record when a desktop has been reimaged but is keeping the same name as loses the ability to manage its original DNS ... running in ADAXES. Can I just install the applet on the ADAXES server using powershell?

asked Jan 17, 2023 by stevehalvorson (110 points)
0 votes
1 answer

Hi, I had to create Custom Command for distribution group creation. Default group creation wizard cannot be used, because we need some of parameters to be mandatory etc. Anyway I ... which shouldn't be targeted to any particular AD object. How do I do it?

asked Jan 20, 2020 by KIT (960 points)
0 votes
1 answer

Is it possible to have custom command that doesn't execute on a specific (or any) AD object? I realize Adaxes is for AD management, but I was wondering if it would be ... to execute against and AD object, I just need it to talk to the SQL server. Thanks

asked Nov 9, 2012 by bemho (520 points)
3,501 questions
3,193 answers
8,145 comments
547,392 users