Script Repository

Request users to approve adding AD objects located in OU they manage to group

February 22, 2021

The script can be used to request approval of an owner of the OU where an object is located before adding it to a group. To run the script, create a business rule triggering Before adding a member to a group.

Edit Remove
# Bind to the OU where the new member is located
$member = $Context.BindToObject("Adaxes://%member%")
$parent = $Context.BindToObject($member.Parent)

    # Get the owner's DN
    $approverDN = $parent.Get("managedBy")
    $Context.Cancel("Cannot add the object to the group because the Organizational Unit where he is located doesn't have an owner") # TODO: modify me

# Submit for approval
$Context.SubmitForApproval(@($approverDN), $False, $False, $False, $False)

Comments ( 0 )
No results found.
Leave a comment

Related Scripts