Skip to content

ExecuteScriptContext

The ExecuteScriptContext class provides methods and properties that can be used in PowerShell scripts executed in actions and conditions. To access an instance of this class, use the predefined PowerShell variable called $Context in your script.

Inheritance: The ExecuteScriptContext class inherits from the Object class.

Methods

Properties

  • Property

  • Description

  • Action

  • Gets an object that represents the operation that caused execution of the script.

  • TargetObject

  • Gets the AD object on which the operation that caused execution of the script was performed.

  • Initiator

  • Gets an instance of the ExecuteScriptInitiatorInfo class that allows you to get information about the user who initiated the operation that caused execution of the script.

  • RunAs

  • Gets an instance of the NetworkCredential class that represents the credentials of the user account under which the script is executed.

  • ConditionIsMet

  • Gets or sets a value indicating whether the condition is satisfied.

  • Arguments

  • Gets arguments for Custom Command execution.

Details

Cancel()

Cancels the operation that caused execution of the script.

void Cancel(String reason)

Parameters

The reason parameter specifies a reason why the operation is cancelled.

Remarks

This method is not available in PowerShell scripts executed in conditions.


LogMessage()

Adds a message to the Execution Log of the operation that caused execution of the script.

copyvoid LogMessage(String message, ExecuteScriptLogMessageType messageType)

Parameters

  • message - Specifies the text of the message that will be recorded in the Execution Log.
  • messageType - Specifies the type of the Execution Log message.

LogException()

Adds the given exception to the Execution Log of the operation that caused execution of the script.

void LogException(Exception exception)

Remarks

The method is supported starting with Adaxes version 2019.1 Update 3.

Examples

try
{
    ...
}
catch
{
    $Context.LogException($_.Exception)
}

BindToObject()

Binds to a directory object by the given ADS path.

IAdmTop BindToObject(String adsPath)

Parameters

The adsPath parameter specifies the ADS path of the directory object to bind to.


BindToObjectEx()

Binds to a directory object by the given ADS path. This method extends the BindToObject method with the ability to specify whether to execute operations on the object directly in Active Directory or pass it through Adaxes pipeline to apply Business Rules, Security Roles, etc.

IAdmTop BindToObjectEx(String adsPath, Boolean pipelined)

Parameters

  • adsPath - Specifies the ADS path of the directory object to bind to.
  • pipelined - Set to FALSE to execute all operations on the object directly in Active Directory. Set to TRUE to pass it through Adaxes pipeline.

Examples

The following code sample updates the Department property of a user.

$pipelined = $False # Adaxes functionality will not be applied on group update

$obj = $Context.BindToObjectEx("Adaxes://example.com/CN=John Doe,DC=example,DC=com", $pipelined)
$obj.Put("department", "Sales")
$obj.SetInfo()

BindToObjectByDN()

Binds to a directory object by the given distinguished name (DN).

IAdmTop BindToObjectByDN(String dn)

Parameters

The dn parameter specifies the distinguished name (DN) of the directory object to bind to.


BindToObjectByDNEx()

Binds to a directory object by the given distinguished name (DN). This method extends the BindToObjectByDN method with the ability to specify whether to execute operations on the object directly in Active Directory or pass it through Adaxes pipeline to apply Business Rules, Security Roles, etc.

IAdmTop BindToObjectByDNEx(String dn, Boolean pipelined)

Parameters

  • dn - Specifies the distinguished name (DN) of the directory object to bind to.
  • pipelined - Set to FALSE to execute all operations on the object directly in Active Directory. Set to TRUE to pass it through Adaxes pipeline.

Remarks

The method is supported starting with Adaxes version 2018.1.

Examples

The following code sample updates the Department property of a user.

$pipelined = $False # Adaxes functionality will not be applied on group update

$obj = $Context.BindToObjectByDNEx("CN=John Doe,DC=example,DC=com", $pipelined)
$obj.Put("department", "Sales")
$obj.SetInfo()

BindToObjectBySearchResult()

Binds to a directory object by the specified search result.

IAdmTop BindToObjectBySearchResult(IAdmSearchResult searchResult)

Parameters

The searchResult parameter specifies the search result entry that contains properties for binding to the object.

Remarks

  • The method is supported starting with Adaxes version 2018.1.
  • To make binding less resource-intensive, it is recommended for the search result to contain the objectGuid and objectClass properties.

Examples

The following code sample updates the Description property of groups in a certain OU.

# Bind to the container to search in
$containerDN = "OU=Sales,DC=example,DC=com"
$searcher = $Context.BindToObjectByDN($containerDN)

# Specify search parameters
$searcher.SearchFilter = "(&(objectClass=group)(!(description=*)))"
$searcher.SetPropertiesToLoad(@("objectGuid", "objectClass"))

try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
}

finally
{
    # Release resources
    if ($searchResultIterator) { $searchResultIterator.Dispose() }
}

foreach ($searchResult in $searchResults)
{
    # Bind to group
    $group = $Context.BindToObjectBySearchResult($searchResult)

    # Update group
    $group.Put("description", "Sales")
    $group.SetInfo()
}

BindToObjectBySearchResultEx()

Binds to a directory object by the specified search result. This method extends the BindToObjectBySearchResult method with the ability to specify whether to execute operations on the object directly in Active Directory or pass it through Adaxes pipeline to apply Business Rules, Security Roles, etc.

IAdmTop BindToObjectBySearchResultEx(IAdmSearchResult searchResult, Boolean pipelined)

Parameters

  • searchResult - Specifies the search result entry that contains properties for binding to the object.
  • pipelined - Set to FALSE to execute all operations on the object directly in Active Directory. Set to TRUE to pass it through Adaxes pipeline.

Remarks

  • The method is supported starting with Adaxes version 2018.1.
  • To make binding less resource-intensive, it is recommended for the search result to contain the objectGuid and objectClass properties.

Examples

The following code sample updates the Description property of groups in a certain OU.

# Bind to the container to search in
$containerDN = "OU=Sales,DC=example,DC=com"
$searcher = $Context.BindToObjectByDN($containerDN)

# Specify search parameters
$searcher.SearchFilter = "(&(objectClass=group)(!(description=*)))"
$searcher.SetPropertiesToLoad(@("objectGuid", "objectClass"))

try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
}

finally
{
    # Release resources
    if ($searchResultIterator) { $searchResultIterator.Dispose() }
}

$pipelined = $False # Adaxes functionality will not be applied on group update

foreach ($searchResult in $searchResults)
{
    # Bind to group
    $group = $Context.BindToObjectBySearchResultEx($searchResult, $pipelined)

    # Update group
    $group.Put("description", "Sales")
    $group.SetInfo()
}

IsPropertyModified()

Gets a value indicating whether a property of a given name was modified during the operation that caused execution of the script.

Boolean IsPropertyModified(String propertyName)

Parameters

The propertyName parameter indicates the name of the property to be checked.


GetModifiedPropertyValue()

Gets the value entered by the user for a property of a given name. If the property wasn’t modified or its value was cleared, the method returns NULL.

Object GetModifiedPropertyValue(String propertyName)

Parameters

The propertyName parameter specifies the name of the property for which the value is requested.


GetModifiedPropertyValues()

Gets an array of values entered by the user for a property of a given name. If the property wasn’t modified or its value was cleared, the method returns NULL. Use this method for properties that can contain multiple values.

Object[] GetModifiedPropertyValues(String propertyName)

Parameters

The propertyName parameter indicates the name of the property for which the values are requested.


SetModifiedPropertyValue()

Changes the value entered by the user for a property of a given name.

void SetModifiedPropertyValue(String propertyName, Object propertyValue)

Parameters

  • propertyName - Specifies the name of the property for which the value is set.
  • propertyValue - Specifies the value to be set for the property.

SetModifiedPropertyValues()

Changes the values entered by the user for a multi-valued property of a given name.

void SetModifiedPropertyValues(String propertyName, Object[] propertyValues)

Parameters

  • propertyName - Specifies the name of the property for which the values are set.
  • propertyValue - Specifies an array of values to be set for the property.

IsPasswordChanged()

Gets a value indicating whether the user password was changed during the operation that caused execution of the script.

Boolean IsPasswordChanged()

GetNewPassword()

Gets the new password entered for the user. If the password wasn’t modified, the method returns NULL.

String GetNewPassword()

SetNewPassword()

Changes the password entered for the user and sets it to the value specified.

void SetNewPassword(String newPassword)

SendMail()

Sends an email to the specified recipient.

void SendMail(String toAddress, 
              String subject, 
              String textBody, 
              String htmlBody)

Parameters

  • toAddress - Specifies the recipient’s e-mail address.
  • subject - Specifies the subject of the email.
  • textBody - Specifies the body of the email in the plain text format. This parameter can be NULL.
  • htmlBody - Specifies the body of the email in the HTML format. This parameter can be NULL.

SendSms(String, String)

Sends an SMS message with the given text to the given phone number.

void SendSms(String mobileNumber, String smsText)

Parameters

  • mobileNumber - Specifies the phone number of the recipient.
  • smsText - Specifies the text of the SMS message to send.

SendSms(String, String, IAdmTop)

Sends an SMS message with the given text to the given phone number. This method allows you to specify the object used to resolve value references in the SMS settings.

void SendSms(String mobileNumber, 
             String smsText, 
             IAdmTop objectToResolveValueReferences)

Parameters

  • mobileNumber - Specifies the phone number of the recipient.
  • smsText - Specifies the text of the SMS message to send.
  • objectToResolveValueReferences - Specifies the object used to resolve value references in the SMS settings.

GetObjectDomain()

Extracts the domain name from the specified distinguished name (DN).

String GetObjectDomain(String objectDN)

Parameters

The objectDN parameter specifies the distinguished name from which to extract the domain name.


GetDisplayNameFromAdsPath()

Builds a display name of a directory object from its ADS path.

String GetDisplayNameFromAdsPath(String adsPath)

Parameters

The adsPath parameter specifies the ADS path of the directory object to build a display name for.


GetWellKnownContainerPath()

Returns the ADS path of a well-known container for Adaxes configuration objects. For a list of container aliases, see Aliases for containers that store Adaxes configuration objects.

String GetWellKnownContainerPath(String containerAlias)

Parameters

The containerAlias parameter specifies the alias of the well-known container.


GetDomainController()

Returns the DNS host name of the domain controller the Adaxes service is currently connected to.

String GetDomainController(String domain)

Parameters

The domain parameter specifies the domain for which to return the domain controller. You can use the fully qualified domain name (e.g. mydomain.com) or NETBIOS domain name (e.g. MYDOMAIN) in the parameter.

Remarks

The method is supported starting with Adaxes version 2019.1.


FetchAllPropertyValues()

Returns all values of the given property for the given directory object. The method overcomes the limit of maximum property values returned per request.

Object[] FetchAllPropertyValues(IAdmTop obj, String propertyName)

Parameters

  • obj - Specifies the directory object.
  • propertyName - Specifies the name of the directory object property.

Remarks

The method is supported starting with Adaxes version 2018.1.

Examples

The following code sample copies all members of a group to another group.

$sourceGroupDN = "CN=SourceGroup,CN=Users,DC=domain,DC=com"
$targetGroupDN = "CN=TargetGroup,CN=Users,DC=domain,DC=com"

# Bind to groups
$sourceGroup = $Context.BindToObjectByDN($sourceGroupDN)
$targetGroup = $Context.BindToObjectByDN($targetGroupDN)

# Get DNs of all source group members
$memberDNs = $Context.FetchAllPropertyValues($sourceGroup, "member")

# Add members to the target group
$targetGroup.PutEx("ADS_PROPERTY_APPEND", "member", $memberDNs)
$targetGroup.SetInfo()

GetOffice365Credential()

Returns credentials of the Microsoft 365 tenant associated with the target object.

PSCredential GetOffice365Credential()

Return value

The method returns an instance of the PSCredential class. If there is no tenant associated with the object, the method returns NULL.

Examples

The following code sample places the Microsoft 365 mailbox associated with the target object on hold.

# Get Microsoft 365 credentials
$m365Credentials = $Context.GetOffice365Credential()

try
{
    $session = New-PSSession -ConfigurationName Microsoft.Exchange `
               -ConnectionUri https://outlook.office365.com/powershell-liveid/ `
               -Credential $m365Credentials -Authentication Basic -AllowRedirection
    Import-PSSession $session

    $mailboxSearch = Get-MailboxSearch -Identity "My Mailbox Hold"
    $sourceMailboxes = $mailboxSearch.SourceMailboxes
    $sourceMailboxes += "%userPrincipalName%"

    Set-MailboxSearch -Identity $mailboxSearchName -SourceMailboxes $sourceMailboxes
}
finally
{
    if ($session) { Remove-PSSession $session }
}

GetOffice365Credential(IAdmTop)

Returns credentials of the Microsoft 365 tenant associated with the given object.

PSCredential GetOffice365Credential(IAdmTop obj)

Return value

The method returns an instance of the PSCredential class. If there is no tenant associated with the object, the method returns NULL.

Remarks

The method is supported starting with Adaxes version 2018.1.

Examples

The following code sample places on hold the Microsoft 365 mailbox associated with a user.

# Bind to user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $Context.BindToObjectByDN($userDN)

# Get Microsoft 365 credentials
$m365Credentials = $Context.GetOffice365Credential($user)

try
{
    $session = New-PSSession -ConfigurationName Microsoft.Exchange `
               -ConnectionUri https://outlook.office365.com/powershell-liveid/ `
               -Credential $m365Credentials -Authentication Basic -AllowRedirection
    Import-PSSession $session

    $mailboxSearch = Get-MailboxSearch -Identity "My Mailbox Hold"
    $sourceMailboxes = $mailboxSearch.SourceMailboxes

    $userPrincipalName = $user.Get("userPrincipalName")
    $sourceMailboxes += $userPrincipalName

    Set-MailboxSearch -Identity "My Mailbox Hold" -SourceMailboxes $sourceMailboxes
}
finally
{
    if ($session) { Remove-PSSession $session }
}

SubmitForApproval()

Submits a request to approve the operation that caused execution of the script.

void SubmitForApproval(String[] approverDNs,
                       Boolean managerOfRequestorIsApprover,
                       Boolean ownerOfRequestorOUIsApprover,
                       Boolean managerOfTargetObjectIsApprover,
                       Boolean ownerOfTargetObjectOUIsApprover)

Parameters

  • approverDNs - An array of String, each element of which is a distinguished name (DN) of a user or group that can approve or reject the request. For details on how to get the DN of a directory object, see Get the DN of an Active Directory object.
  • managerOfRequestorIsApprover - Specifies whether the manager of the user who initiated the operation can approve or deny it.
  • ownerOfRequestorOUIsApprover - Specifies whether the owner of the Organizational Unit where the account of the operation initiator is located can approve or deny the request.
  • managerOfTargetObjectIsApprover - Specifies whether the manager or owner of the AD object on which the operation is performed can approve or deny the request.
  • ownerOfTargetObjectOUIsApprover - Specifies whether the owner of the Organizational Unit containing the AD object on which the operation is performed can approve or deny the request.

Remarks

  • The method is supported starting with Adaxes version 2014.1.
  • The method is not available in PowerShell scripts executed in conditions.
  • When executed in a Business Rule, this method will work correctly only if the Business Rule is triggered before the operation you want to submit for approval.

Examples

The following code example submits an operation for approval to user John Smith.

$Context.SubmitForApproval(@("CN=John Smith,CN=Users,DC=example,DC=com"), $False, $False, $False, $False)

The following example submits an operation for approval to a specific user, group, and the manager of the operation initiator.

$approvers = @(
    "CN=John Smith,CN=Users,DC=example,DC=com",
    "CN=Group,OU=Groups,DC=example,DC=com")

$managerOfRequestorIsApprover = $True

$Context.SubmitForApproval($approvers, $managerOfRequestorIsApprover, $False, $False, $False)

IsApprovalRequiredException()

Returns TRUE if the given exception occurred because the operation requires approval.

Boolean IsApprovalRequiredException(Exception exception)

Remarks

The method is supported starting with Adaxes version 2019.1 Update 3.

Examples

try
{
    ...
}

catch
{
    if ($Context.IsApprovalRequiredException($_.Exception))
    {
        $Context.LogException($_.Exception)
    }
    else
    {
        throw
    }    
}

CreateGuidBasedSearcher()

Creates an instance of a directory searcher configured to search for objects with the given GUIDs. Each GUID must be represented as an array of 16 bytes (Byte[]).

DirectorySearcher CreateGuidBasedSearcher(IList<Object> objectGuids)

Parameters

The objectGuids parameter specifies a list of object GUIDs.

Remarks

The method is supported starting with Adaxes version 2018.1.

Examples

The following code sample updates Description of all direct members of a group

$groupDN = "CN=SalesGroup,CN=Users,DC=domain,DC=com"

# Bind to group
$group = $Context.BindToObjectByDN($groupDN)

# Get GUIDs of direct group members
$memberGuidsBytes = $group.DirectMembers

# Create a directory searcher instance
$searcher = $Context.CreateGuidBasedSearcher($memberGuidsBytes)

try
{
   # Execute search
   $searchResultIterator = $searcher.ExecuteSearch()
   $searchResults = $searchResultIterator.FetchAll()
}

finally
{
   # Release resources
   if ($searchResultIterator) { $searchResultIterator.Dispose() }
}

# Update group members description
foreach ($searchResult in $searchResults)
{
    $member = $Context.BindToObjectBySearchResult($searchResult)
    $member.Put("description", "My description")
    $member.SetInfo()       
}

GetParameterValue(String)

Returns the value of the given Custom Command parameter.

String GetParameterValue(String paramName)

Remarks

  • The method is supported starting with Adaxes version 2018.2.
  • The method is available only in PowerShell scripts executed in Custom Commands.

GetParameterValue(String, Boolean)

Returns the value of the given Custom Command parameter. This method allows you to specify whether to convert the parameter value into a format required for LDAP filters.

String GetParameterValue(String paramName, Boolean valueForLdapFilter)

Parameters

  • paramName - Specifies the name of the parameter for which to return the value.
  • valueForLdapFilter - If set to TRUE, the method escapes necessary characters in the parameter value (e.g. for “John the method will return “John\2A”) or converts a date into the format required for LDAP filters (e.g. “20180122151647.0Z”*).

Remarks

  • The method is supported starting with Adaxes version 2018.2.
  • The method is available only in PowerShell scripts executed in Custom Commands.

Action

Gets an object that represents the operation that caused execution of the script. The interfaces supported by this object will depend on the operation type. See, which interfaces are supported by different operation types.


TargetObject

Gets the AD object on which the operation that caused execution of the script was performed.

  • Type:
  • IADs
  • Access:
  • Read-only

Initiator

Gets an instance of the ExecuteScriptInitiatorInfo class that allows you to get information about the user who initiated the operation that caused execution of the script.


RunAs

Gets an instance of the NetworkCredential class that represents the credentials of the user account under which the script is executed. If the property is NULL, the credentials of the Adaxes service account are used.

  • Type:
  • NetworkCredential
  • Access:
  • Read-only

ConditionIsMet

Gets or sets a value indicating whether the condition is satisfied.

  • Type:
  • Boolean
  • Access:
  • Read/Write

Remarks

This property is available only in PowerShell scripts executed in conditions.


Arguments

Gets arguments for Custom Command execution.

Remarks

  • The property is supported starting with Adaxes version 2018.2.
  • The property is available only in PowerShell scripts executed in Custom Commands.

Requirements

Minimum required version: 2011.2

See also