Active Directory management & automation

Run PowerShell Script after Creating a User

With the help of Adaxes, it is possible to automatically execute a PowerShell script or an external program before or after an operation is performed in Active Directory. In this tutorial you will learn how to configure Adaxes to automatically execute a PowerShell script after a new AD user is created.

To execute PowerShell scripts, Windows PowerShell must be installed on the computer, where your Adaxes service is running.

To automatically run a PowerShell script for newly created users, you need to create a Business Rule that will be executed after a new user account is created in Active Directory.

1Launch Adaxes Administration Console, right-click your Adaxes service, point to New and click Business Rule. The Create Business Rule wizard will open.

Launching the Create Business Rule wizard

2Enter the name for the new Business Rule, and click Next.

3Here you need to specify when the new Business Rule must be executed. As we want to run a PowerShell script after a new user account is created, do the following:

  • Select User in the Object Type list.
  • Select After in the Operation section.
  • Select Creating a User in the Operation section and click Next.

Selecting the triggering operation for the Business Rule

4 At the next step, you need to specify what the Business Rule will do when a new user is created. To run a PowerShell script, the Business Rule must execute the Run a program or PowerShell script action.

  • Click the Add Action link.
  • In the dialog that opens, select the Run a program or PowerShell script action.
  • Select PowerShell script in the Type field.
  • In the Short description field describe what does your script do, its purpose or intention.

    Optionally, assign a custom description for the action

    You can assign a custom description for the Run a program or PowerShell script action that will replace the default description generated by Adaxes. To do this:
    • Click the Assign Custom Action Description button.
    • Type the description in the Custom action description field.

      Add custom action description.

  • Type the text of the script in the Script field.
  • Optionally, specify what account will be used to run the script. By default, the script is executed on behalf of the default administrator of the Adaxes service (the default administrator is specified during the Adaxes service installation).

Run PowerShell Script action.

To pass data about a newly created user to the script, you can use value references (e.g. %username%) in the script text. When the script is executed, these value references will be replaced with the property values of the user. For example, you can enter the following:
$htable = @{FirstName="%firstname%";LastName="%lastname%";Department="%department%";}.
After the replacement of the value references, this part of the script will look as follows:
$htable = @{FirstName="John";LastName="Doe";Department="Marketing";}.
For information on how to create scripts for Business Rules, Custom Commands, and Scheduled Tasks, see Server-Side Scripting.

For a list of all cmdlets contained in the Adaxes PowerShell module, see Adaxes PowerShell Module.

5 Optionally, you may want the new Business Rule to run the PowerShell script only if certain conditions are met. For example, to run the script only if a user is created under a specific OU, perform the following steps:

  • Select the action/condition set (click the created action to highlight the set), and click the Add Condition icon.
  • In the dialog that opens, select the If located under <location> condition type.
  • In the Condition Parameters section click Select Location and select an OU or container.
  • Click OK.

Adding Business Rule condition

If necessary, specify other actions and conditions for this Business Rule. When finished, click Next.

6 Here, at the Activity Scope page you need to specify where in Active Directory a user must be created to trigger this Business Rule. Click Add.

Specifying rule activity scope

7 In the Business Rule Activity Scope dialog that opens, you need to specify the Active Directory locations where the Business Rule will be effective. Select one of the following items:

  • All Objects - select if you want this Business Rule to be executed when a user is created in any AD domain managed by the Adaxes service.

  • Specific Domain - select if you want this Business Rule to be executed when a user is created in the AD domain you specify.

  • OU or Container - select if you want this Business Rule to be executed only when a new user is created under the selected OU or container.

Select the item you need and click Add. When finished, click OK.

8 The specified activity scope items will be displayed in the Assignments list. Click Finish.

Now, when the Business Rule is complete, every time a new user is created in AD (no matter in which way - using Administration Console, Web Interface, during data import, via PowerShell scripts, etc.), Adaxes will automatically execute the specified PowerShell script for this user.

? Waiting

Progress status: Checking...