0 votes

We have a property pattern for a user's job title that lists all the aviable titles. I need to be able to add a new constraint to this within a custom command and from Powershell on a differant computer.

Would you be able to help?

by (6.8k points)
0

Hello,

Do we understand correctly that you want to add new values to the list of allowed for the Job Title property via Windows PowerShell on a computer where Adaxes service does not run or via a Custom Command? If so, a script will be used in both cases. To perform the update via Windows PowerShell, Adaxes ADSI Provider needs to be installed on the computer. For information on how to install the provider, please, have a look at the following SDK article: http://adaxes.com/sdk/HowDoI.InstallAdsiProvider. The Custom Command will use a text parameter to specify the value to be added.

If this is not what you need, please, describe the desired behavior in all the possible details with live examples.

0

Yes that is correct. We already have Adaxes ADSI Provider installed on the other computer.

1 Answer

0 votes
by (217k points)

Hello,

Thank you for the confirmation. To add values via a Custom Command, you can use the following script from our repository: https://www.adaxes.com/script-repository/add-new-allowed-property-value-to-a-property-pattern-s585.htm.

To add values via Windows PowerShell, you can use the script below:

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$propertyName = "title" # TODO: modify me
$propertyPatternDN = "CN=My Pattern,CN=Property Patterns,CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes" # TODO: modify me

# Get value
$value = Read-Host "Specify the value to add"

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the Property Pattern
$userPattern = $admService.OpenObject("Adaxes://$propertyPatternDN", $NULL, $NULL, 0)

$values = New-Object System.Collections.ArrayList
$isPropertyRequired = $False
foreach ($item in $userPattern.Items)
{
    if ($item.PropertyName -ne $propertyName)
    {
        continue
    }

    $constraints =  $item.GetConstraints()
    $constraint = $constraints.GetConstraint("ADM_PROPERTYCONSTRAINTCATEGORY_VALUEFORMAT")

    # Check if new value exists
    if ($constraint.Values -contains $value)
    {
        return
    }

    # Get current values
    $constraint.Values | %{[void]$values.Add($_)}
    $isPropertyRequired = $item.IsPropertyRequired

    # Remove Property Pattern item
    $userPattern.Items.Remove($item)
    break
}

# Add new value
[void]$values.Add($value)

# Sort values
$values.Sort()

# Update Property Pattern
$item = $userPattern.Items.Create()
$item.PropertyName = $propertyName
$item.IsPropertyRequired = $isPropertyRequired

$constraints = $item.GetConstraints()
$constraint = $constraints.Create("ADM_PROPERTYCONSTRAINTTYPE_VALUERANGE")
$constraint.AreValuesDenied = $False
$constraint.Values = $values.ToArray()
$constraints.Add($constraint)
$item.SetConstraints($constraints)

# Save the changes
$item.SetInfo()
$userPattern.Items.Add($item)

In the script:

  • $propertyName – Specifies the LDAP name of the property for which a new value will be added.
  • $propertyPatternDN – Specifies the distinguished name (DN) of the Property Pattern to be updated. For information on how to get the DN of a directory object, see Get the DN of an Active Directory object.

When prompted, enter the value to be added to the list of allowed ones.

Related questions

0 votes
1 answer

Good afternoon, I'm looking to generate a script to allow automation of updating job titles using a spreadsheet. To do this we would use a spreadsheet generated by ... in calling the file. Please let me know if you require any additional information Regards

asked Nov 16, 2020 by jtop (3.6k points)
0 votes
0 answers

If I wanted to exclude a list of job titles from this report how would I update the script?

asked Nov 18, 2019 by hgletifer (6.8k points)
0 votes
0 answers

Hello, I'm using property pattern for few things, and i just noticed that all my property pattern are applied on user creation (i don't want it to) Is there a way to "disable" property pattern on user creation ?

asked May 6, 2016 by Alexandre (2.5k points)
0 votes
1 answer

When we create a shared mailbox, we create an associated mail-enabled security group. In the security group I want to populate the description field with the name of the shared mailbox ... How can I get just the "name" of the shared mailbox versus the full DN?

asked Feb 4 by atnorman (280 points)
0 votes
1 answer

I am trying to use a property pattern to prevent email forwarding to accounts in other domains managed by Adaxes. Here is my regex: ^([^,]+,)+(DC=domain,DC=local) ... 't working? Is Adaxes using some other value before resolving the DN? Thanks in advance! Leah

asked May 9, 2019 by loliver (710 points)
2,412 questions
2,165 answers
5,832 comments
225,278 users