Script Repository


Request users to approve adding their managed objects and subordinates to group

February 22, 2021
1375

The script can be used to request approval of a manager or owner of an AD object before adding it to a group. To run the script, create a business rule triggering Before adding a member to a group.

Edit Remove
PowerShell
# Bind to new member
$member = $Context.BindToObject("Adaxes://%member%")

try
{
    # Try getting the manager's DN
    $approverDN = $member.Get("manager")
}
catch
{
    try
    {
        # Try getting the owner's DN
        $approverDN = $member.Get("managedBy")
    }
    catch
    {
        # The new member has neither a manager, nor an owner 
        $Context.Cancel("Cannot add the object to the group because the object you are trying to add has neither a manager, nor an owner") # TODO: modify me
        return
    }
}

# Submit for approval
$Context.SubmitForApproval(@($approverDN), $False, $False, $False, $False)


Comments ( 0 )
No results found.
Leave a comment

Related Scripts