We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.

Script repository

Update property values in property pattern with all existing values

September 04, 2023 Views: 1504

The script replaces allowed property values in a property pattern with all values of a property specified for existing user accounts. To run the script, create a scheduled task configured for the Domain-DNS object type and add a managed domain to the Activity Scope of the task. The domain will not specify the scope of users that will be searched through and will only be used to trigger execution of the scheduled task. The search criteria are specified in the script.

Parameters

  • $patternDN - the distinguished name (DN) of the property pattern to update. For information on how to get the DNs, see Get the DN of a directory object.
  • $propertyToSearch - Specifies the LDAP name of the property whose values will be used to update the allowed values of the property specified in $propertyToUpdate.
  • $propertyToUpdate - Specifies the LDAP name of the property for which the list of allowed values will be updated in a Property Pattern.
  • $isPropertyRequired - Specifies whether the property should be set as required in the property pattern.
Edit Remove
PowerShell
$patternDN = "CN=User,CN=Builtin,CN=Property Patterns,CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes" # TODO: modify me
$propertyToSearch = "mail" # TODO: modify me
$propertyToUpdate = "adm-CustomAttributeText1" # TODO: modify me
$isPropertyRequired = $True # TODO: modify me

# Build search criteria.
$criteria = New-AdmCriteria "user"
$simpleItem = $criteria.CreateSimple()
$simpleItem.SetProperty($propertyToSearch).SetComparisonOperator("empty").AddValue($False)
$criteria["user"].Add($simpleItem)

# Search parameters
$searcher = $Context.TargetObject
$searcher.Criteria = $criteria
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SetPropertiesToLoad(@($propertyToSearch))
$searcher.VirtualRoot = $True

try
{
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    $values = New-Object System.Collections.ArrayList
    if ($searchResults.Length -eq 0)
    {
        return
    }
    
    foreach ($searchResult in $searchResults)
    {
        $values.Add($searchResult.Properties[$propertyToSearch].Value)
    }
}
finally
{
    # Release resources
    if ($searchResultIterator){ $searchResultIterator.Dispose() }
}

# Bind to the property pattern.
$pattern = $Context.BindToObjectByDN($patternDN)

foreach ($item in $pattern.Items)
{
    if ($item.PropertyName -ieq $propertyToUpdate)
    {
        $pattern.Items.Remove($item)
        break
    }
}


# Create a new item
$item = $pattern.Items.Create()
$item.PropertyName = $propertyToUpdate
$item.IsPropertyRequired = $isPropertyRequired

$constraints = $item.GetConstraints()
$constraint = $constraints.Create("ADM_PROPERTYCONSTRAINTTYPE_VALUERANGE")
$constraint.AreValuesDenied = $False
$constraint.Values = $values.ToArray()
$constraints.Add($constraint)
$item.SetConstraints($constraints)

# Save the changes
$item.SetInfo()
$pattern.Items.Add($item)
Comments 0
Leave a comment
Loading...

Got questions?

Support Questions & Answers