Script Repository


Users whose Adaxes custom attribute is set to a specific value

March 07, 2017
1287

The script creates a report containing users whose Adaxes custom attribute (for example, CustomAttributeText1 or CustomAttributeBoolean1) is assigned a specific value. The report will include users located in the container, Organizational Unit or domain on which the script is executed.

Note: The script uses the $Context variable available on the server side only. This means that the script can be executed only by Business Rules, Custom Commands, and Scheduled Tasks. For example, to schedule the report, you can create a Scheduled Task configured for the Organizational-Unit, Container or Domain-DNS object type, and include the necessary OU, container or domain in the task Activity Scope. To add the script to a Scheduled Task, use the Run a program or PowerShell script action.

HTML Report

This version of the script creates and emails an HTML-formatted report.

PARAMETERS:

  • $attributeName - specifies the name of the custom attribute whose value needs to be checked;
  • $valueToSearch - specifies the value of the custom attribute to search for;
  • $to - specifies email addresses of the recipient(s) of the report;
  • $subject - specifies the email message subject;
  • $reportHeader - specifies the email message header;
  • $reportFooter - specifies the email message footer.
Edit Remove
PowerShell
$attributeName = "adm-CustomAttributeBoolean1" # TODO: modify me
$valueToSearch = $True # TODO: modify me

# Email message setings
$to = "recipient@example.com" # TODO: modify me
$subject = "Users whose CustomAttributeBoolean1 attribute is set to True" # TODO: modify me
$reportHeader = "<h1><b>Users whose CustomAttributeBoolean1 attribute is set to True</b></h1><br/>" # TODO: modify me
$reportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

# Get the default Web Interface address
$webInterfaceAddress = "%adm-WebInterfaceUrl%"
if ([System.String]::IsNullOrEmpty($webInterfaceAddress))
{
    $Context.LogMessage("Default web interface address not set for Adaxes service. For details, see http://www.adaxes.com/help/?HowDoI.ManageService.RegisterWebInterface.html", "Warning")
}

# Search all users in the target object
$searcher = $Context.TargetObject
$searcher.PageSize = 500
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.SearchFilter = "(sAMAccountType=805306368)"
$searcher.SetPropertiesToLoad(@("ObjectGuid"))

try
{
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    $htmlListItems = New-Object "System.Text.StringBuilder"
    foreach ($searchResult in $searchResults)
    {
        # Bind to user
        $user = $Context.BindToObject($searchResult.AdsPath)
        
        # Check the attribute value
        try
        {
            $value = $user.Get($attributeName)
        }
        catch
        {
            continue
        }
        
        if ($value -ne $valueToSearch)
        {
            continue
        }
        
        # Build record for the user
        $guid = [Guid]$searchResult.Properties["ObjectGuid"].Value
        $username = [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName($searchResult.AdsPath, "IncludeParentPath")
        $link = "<a href='$webInterfaceAddress`ViewObject.aspx?guid=$guid'>$username</a>"
        [void]$htmlListItems.Append("<li>$link</li>")
    }
    
    # Build report
    if ($htmlListItems.Length -eq 0)
    {
        $html = $reportHeader + "<b>No users found</b>" + $reportFooter
    }
    else
    {
        $html = $reportHeader + "<ul>" + $htmlListItems.ToString() + "</ul>" + $reportFooter
    }
    
    # Send mail
    $Context.SendMail($to, $subject, $NULL, $html)
}
finally
{
    # Release resources
    $searchResultIterator.Dispose()
}

CSV Report

This version of the script creates a CSV file report.

PARAMETERS:

  • $csvFilePath - specifies a path to the CSV file that will be created by the script;
  • $attributeName - specifies the name of the custom attribute whose value needs to be checked;
  • $valueToSearch - specifies the value of the custom attribute to search for;
  • $propertyMap - specifies a map fo LDAP names of the properties you want to include in the report and the corresponding column headers in the CSV file.
Edit Remove
PowerShell
$csvFilePath = "\\Server\share\users.csv" # TODO: modify me
$attributeName = "adm-CustomAttributeBoolean1" # TODO: modify me
$valueToSearch = $True # TODO: modify me
$propertyMap = @{
    "givenName" = "First Name";
    "sn" = "Last Name";
    "mail" = "Email Address";
} # TODO: modify me. Example $propertyMap = @{"<LdapPropertyName>" = "<Column name>"}

function BuildReport($filter, $properties, $containerDN, $attributeName, $attributeValue)
{
    # Find objects in the container
    $searcher = $Context.BindToObjectByDN($containerDN)
    $searcher.SearchFilter = $filter
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.PageSize = 500
    $searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    $proeprtiesToLoad = $properties.Keys -as [System.Array]
    $proeprtiesToLoad += $attributeName
    $searcher.SetPropertiesToLoad($proeprtiesToLoad)
   
    try
    {
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()
       
        foreach ($searchResult in $searchResults)
        {
            if (-not ($searchResult.Properties[$attributeName].Value -eq $attributeValue))
            {
                continue
            }
            
            # Add object to the CSV file
            $record = New-Object PSObject

            foreach ($propertyName in $properties.Keys)
            {
                $columnName = $properties[$propertyName]
                $value = $searchResult.Properties[$propertyName].Value
                $record | Add-Member -MemberType NoteProperty -Name $columnName -Value $value
            }
            $record
        }
    }
    finally
    {
        $searchResultIterator.Dispose()
    }
}

# Create CSV file for users
$userReport = BuildReport "(sAMAccountType=805306368)" $propertyMap "%distinguishedName%" $attributeName $valueToSearch

if ($userReport -eq $NULL)
{
    return # No users found
}

$userReport | Export-Csv -NoTypeInformation -Path $csvFilePath


Comments ( 0 )
No results found.
Leave a comment