The script adds objects stored in a DN syntax property (e.g. See Also) of the target object to the specified group. To execute the script, create a custom command, business rule or scheduled task configured for the Group object type.
Parameters:
- $groupDnTemplate - Specifies the distinguished name (DN) of the group to add members to. For information on how to get the DN, see Get the DN of a directory object.
- $attributeName - Specifies the LDAP name of the DN syntax property to get members from.
PowerShell
$groupDnTemplate = "CN=My Group,OU=Groups,DC=domain,DC=com" # TODO: modify me
$attributeName = "seeAlso" # TODO: modify me
# Get attribute value
try
{
$memberDNs = $Context.TargetObject.GetEx($attributeName)
}
catch
{
$Context.LogMessage("Property '$attributeName' is not specified for user %fullname%.", "Information")
return
}
# Add members to the group
$group = $Context.BindToObjectByDN($groupDnTemplate)
foreach ($memberDN in $memberDNs)
{
$group.Add("Adaxes://$memberDN")
}
# Clear the attribute
$Context.TargetObject.Put($attributeName, $NULL)
$Context.TargetObject.SetInfo()