The script can be used to create a condition that checks whether an AD object on which it is executed is a member of a specific business unit. To add such a condition to a business rule, custom command or scheduled task, use the If PowerShell script returns true condition type.
Parameter:
- $businessUnitName - specifies the name of the business unit.
PowerShell
$businessUnitName = "My Unit" # TODO: modify me
# Search business units
$Context.ConditionIsMet = $False
$businessUnitsPath = $Context.GetWellKnownContainerPath("BusinessUnits")
$searcher = $Context.BindToObject($businessUnitsPath)
$searcher.SearchFilter = "(&(objectCategory=adm-BusinessUnit)(name=$businessUnitName))"
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
try
{
$searchResult = $searcher.ExecuteSearch()
$units = $searchResult.FetchAll()
if ($units.Count -eq 0)
{
$Context.LogMessage("A business unit with name '$businessUnitName' was not found", "Warning")
return
}
foreach ($unit in $units)
{
# Bind to the Business Unit
$unitObject = $Context.BindToObject($unit.AdsPath)
# Check whether the target object is a member
if ($unitObject.IsMember($Context.TargetObject))
{
$Context.ConditionIsMet = $True
return
}
}
}
finally
{
# Release resources used by the search
$searchResult.Dispose()
}