We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Request users to approve adding AD objects located in OU they manage to group

The script can be used to request approval of an owner of the OU where an object is located before adding it to a group. To run the script, create a business rule triggering Before adding a member to a group.

Edit Remove
PowerShell
# Bind to the OU where the new member is located
$member = $Context.BindToObject("Adaxes://%member%")
$parent = $Context.BindToObject($member.Parent)

try
{
    # Get the owner's DN
    $approverDN = $parent.Get("managedBy")
}
catch
{
    $Context.Cancel("Cannot add the object to the group because the Organizational Unit where he is located doesn't have an owner") # TODO: modify me
    return
}

# Submit for approval
$Context.SubmitForApproval(@($approverDN), $False, $False, $False, $False)
Comments 0
Leave a comment
Loading...

Got questions?

Support Questions & Answers