Script Repository

$groupDNs = @(
    "CN=Sales Agents,CN=Users,DC=domain,DC=com",
    "CN=New York Employees,CN=Users,DC=domain,DC=com"
) # TODO: modify me

$Context.ConditionIsMet = $False

# Get the group GUIDa
# Build search filter to find the specified groups
$filter = New-Object "System.Text.StringBuilder"
[void]$filter.Append("(&(objectCategory=group)(|")

foreach ($dn in $groupDNs)
{
    [void]$filter.Append([Softerra.Adaxes.Ldap.FilterBuilder]::Create("distinguishedName", $dn))
}
[void]$filter.Append("))")

# Find the groups and fetch group GUIDs
$searcher = $Context.BindToObject("Adaxes://rootDSE")
$searcher.SearchFilter = $filter.ToString()
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SetPropertiesToLoad(@("objectGuid"))
$searcher.VirtualRoot = $True

try
{
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    # Build a hash table with group GUIDs
    $groupGuidsToCheck = New-Object "System.Collections.Generic.HashSet[Guid]"

    foreach ($searchResult in $searchResults)
    {
        [void]$groupGuidsToCheck.Add([Guid]$searchResult.Properties["objectGuid"].Value)
    }
}
finally
{
    # Release resources
    $searchResultIterator.Dispose()
}

# Get GUIDs of the groups the user is a member of
$targetGroupGuids = New-Object "System.Collections.Generic.HashSet[Guid]"
try
{
    $Context.TargetObject.GetEx("adm-MemberOfGuid") | %%{[void]$targetGroupGuids.Add([Guid]$_)}
}
catch
{
    return # The user is not a member of any groups. Return False
}

foreach ($guid in $groupGuidsToCheck)
{
    # Check whether the target object is a member of the groups in list
    if ($targetGroupGuids.Contains($guid))
    {
        continue
    }
    
    return # The user is not a member of all the groups that are in the list. Return False
}

# User is a member of all the groups that are in the list. Return True
$Context.ConditionIsMet = $True

$groupDNs = @(
    "CN=Sales Agents,CN=Users,DC=domain,DC=com",
    "CN=New York Employees,CN=Users,DC=domain,DC=com"
) # TODO: modify me

$Context.ConditionIsMet = $False

# Get the group GUIDa
# Build search filter to find the specified groups
$filter = New-Object "System.Text.StringBuilder"
[void]$filter.Append("(&(objectCategory=group)(|")

foreach ($dn in $groupDNs)
{
    [void]$filter.Append([Softerra.Adaxes.Ldap.FilterBuilder]::Create("distinguishedName", $dn))
}
[void]$filter.Append("))")

# Find the groups and fetch group GUIDs
$searcher = $Context.BindToObject("Adaxes://rootDSE")
$searcher.SearchFilter = $filter.ToString()
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SetPropertiesToLoad(@("objectGuid"))
$searcher.VirtualRoot = $True

try
{
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    # Build a hash table with group GUIDs
    $groupGuidsToCheck = New-Object "System.Collections.Generic.HashSet[Guid]"

    foreach ($searchResult in $searchResults)
    {
        [void]$groupGuidsToCheck.Add([Guid]$searchResult.Properties["objectGuid"].Value)
    }
}
finally
{
    # Release resources
    $searchResultIterator.Dispose()
}

# Get GUIDs of the groups the user is a member of
$targetGroupGuids = New-Object "System.Collections.Generic.HashSet[Guid]"
try
{
    $Context.TargetObject.GetEx("adm-MemberOfGuid") | %%{[void]$targetGroupGuids.Add([Guid]$_)}
}
catch
{
    return # The user is not a member of any groups. Return False
}

foreach ($guid in $groupGuidsToCheck)
{
    # Check whether the target object is a member of the groups in list
    if ($targetGroupGuids.Contains($guid))
    {
        # User is a member of at least  one of the groups. Return True
        $Context.ConditionIsMet = $True
        return
    }
}