Script Repository


Request users to approve adding AD objects located in OU they manage to group

February 22, 2021
1486

The script can be used to request approval of an owner of the OU where an object is located before adding it to a group. To run the script, create a business rule triggering Before adding a member to a group.

Edit Remove
PowerShell
# Bind to the OU where the new member is located
$member = $Context.BindToObject("Adaxes://%member%")
$parent = $Context.BindToObject($member.Parent)

try
{
    # Get the owner's DN
    $approverDN = $parent.Get("managedBy")
}
catch
{
    $Context.Cancel("Cannot add the object to the group because the Organizational Unit where he is located doesn't have an owner") # TODO: modify me
    return
}

# Submit for approval
$Context.SubmitForApproval(@($approverDN), $False, $False, $False, $False)

Comments ( 0 )
No results found.
Leave a comment

Related Scripts