Update list of property values in property pattern based on search results

The script updates the list of values allowed for a property in a property pattern based on search results.

To execute the script, create a scheduled task configured for Domain-DNS Object type.

Parameters:

$propertyForList - Specifies the property value of which will be added to the list of allowed values in the property pattern.
$propertyForSearch - Specifies the property values of which will be used for search.
$valuesForSearch - Specifies the values of the property specified in the $propertyForSearch variable.
$patternName - Specifies the name of the property pattern that will be used to specify a list of possible values for the property. By default, a built-in property pattern named User Pattern is applied to all users.
$propertyToUpdate - Specifies the property for which the list of allowed values will be updated in a property pattern.
$isPropertyRequired - Specifies whether the property should be set as required in the property pattern.

Edit Remove

PowerShell

# Search settings
$propertyForList = "distinguishedName" # TODO: modify me
$propertyForSearch = "description" # TODO: modify me
$valuesForSearch = @("Value1", "Value2") # TODO: modify me

# Property Pattern settings
$patternName = "User Pattern" # TODO: modify me
$propertyToUpdate = "manager" # TODO: modify me
$isPropertyRequired = $True # TODO: modify me

function SearchObjects($criteria, $properties, $baseObjectPath, $virtualRoot)
{
    $searcher = $Context.BindToObject($baseObjectPath)
    $searcher.Criteria = $criteria
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.PageSize = 500
    $searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    $searcher.SetPropertiesToLoad($properties)
    $searcher.VirtualRoot = $virtualRoot
    
    try
    {
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()
        
        return ,$searchResults
    }
    finally
    {
        # Release resources
        if ($searchResultIterator){ $searchResultIterator.Dispose() }
    }
}

# Search Property Pattern
$propertyPatternsPath = $Context.GetWellKnownContainerPath("PropertyPatterns")

$criteriaPattern = New-AdmCriteria "adm-PropertyPattern" {Name -eq $patternName}
$searchResults = SearchObjects $criteriaPattern @() $propertyPatternsPath $False
if ($searchResults.Length -eq 0)
{
    $Context.LogMessage("Property Pattern '$patternName' not found.", "Warning")
    return
}
elseif ($searchResults.Length -gt 1)
{
    $Context.LogMessage("Found more than one Property Pattern with the following name: '$patternName'.", "Warning")
    return
}
$propertyPatternPath = $searchResults[0].AdsPath

# Build criteria for users
$criteria = New-AdmCriteria "user"
$simpleItem = $criteria.CreateSimple()
$simpleItem.SetProperty($propertyForList).
    SetComparisonOperator("empty").
    AddValue($False)
$criteria["user"].Add($simpleItem)
$propertyValueCriteria = $criteria.CreateCompound()
$propertyValueCriteria.SetLogicalOperator("OR")
foreach ($value in $valuesForSearch)
{
    $simpleItem = $criteria.CreateSimple()
    $simpleItem.SetProperty($propertyForSearch).
        SetComparisonOperator("eq").
        AddValue($value)
    $propertyValueCriteria.Add($simpleItem)

}
$criteria["user"].Add($propertyValueCriteria)

# Search users
$searchResults = SearchObjects $criteria @($propertyForList) "Adaxes://RootDSE" $True

$values = New-Object "System.Collections.ArrayList"
foreach ($searchResult in $searchResults)
{
    [void]$values.Add($searchResult.Properties[$propertyForList].Value)
}

# Update Property Pattern
$pattern = $Context.BindToObject($propertyPatternPath)

foreach ($item in $pattern.Items)
{
    if ($item.PropertyName -ieq $propertyToUpdate)
    {
        $pattern.Items.Remove($item)
        break
    }
}

if ($values.Count -eq 0)
{
    return
}

# Create a new item
$item = $pattern.Items.Create()
$item.PropertyName = $propertyToUpdate
$item.IsPropertyRequired = $isPropertyRequired

$constraints = $item.GetConstraints()
$constraint = $constraints.Create("ADM_PROPERTYCONSTRAINTTYPE_VALUERANGE")
$constraint.AreValuesDenied = $False
$constraint.Values = $values.ToArray()
$constraints.Add($constraint)
$item.SetConstraints($constraints)

# Save the changes
$item.SetInfo()
$pattern.Items.Add($item)

Comments 7

Ryan Jul 22, 2019

Is it possible to adapt this for use with a Custom Command drop-down list parameter?

Support Jul 23, 2019

Hello Ryan,

Yes, it is possible. Could you, please, clarify what will be specified in the drop-down parameter and how it should be used in the Custom Command?

Riley Jun 26, 2020

Would be cool to provide a copy of this script that reads a CSV file for the listing of possible values. We are going to use this for phone numbers and would be cool to point it at the extract from our phone system for the info instead of copying and pasting the values into Powershell.

Support Jun 26, 2020

Hello,

Do we understand correctly that you need the script to just import values to a Property Pattern from a CSV file instead of specifying the values to search manually in the script? If that is not what you need, please, describe the desired behavior in all the possible details with live examples.

Brian F Jan 12, 2023

I am getting the following error on this script when using Adaxes 2023:

Method invocation failed because [Softerra.Adaxes.Ldap.FilterBuilder] does not contain a method named 'CreateOrred'. Stack trace: at <ScriptBlock>, <No file>: line 54

Support Jan 13, 2023

Thank you for pointing out the issue. We updated the script in the article and it can now be used in Adaxes 2023.

Brian F Jan 14, 2023

Worked perfectly, thanks!

Script Repository

Parameters:

Got questions?