Sorry, search feature is not supported in Internet Explorer 11

Configuring unmanaged user accounts

Note

Unmanaged user accounts are not displayed in Adaxes environment and are ignored during license validation.

The following code sample excludes a user from the list of user accounts managed by Adaxes.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") 
Import-Module Adaxes

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" 
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the 'Configuration Set Settings' container
$configurationSetSettingsPath = $admService.Backend.GetConfigurationContainerPath("ConfigurationSetSettings")
$admConfigurationSetSettings = $admService.OpenObject($configurationSetSettingsPath, $NULL, $NULL, 0)

$userPrincipalName = "jsmith@domain.com"
$newUnmanagedAccount = Get-AdmUser -Filter {userPrincipalName -like $userPrincipalName} `
    -SearchScope Subtree  -Server domain.com
$sid = $newUnmanagedAccount.Sid.ToString()

# Check whether the user account is unmanaged.
if (!$admConfigurationSetSettings.IsUnmanagedAccount($sid))
{
    $currentUnmanagedAccounts = $admConfigurationSetSettings.GetUnmanagedAccounts(@())
    
    # Fetch user accounts that are already unmanaged
    $allUnmanagedSids = @()
    foreach($userInfo in $currentUnmanagedAccounts)
    {
        $allUnmanagedSids += $userInfo.Key
    }
    # Add a new account to Unmanaged Accounts
    $allUnmanagedSids += $sid
    
    $admConfigurationSetSettings.SetUnmanagedAccounts(@($allUnmanagedSids))
}

The following code sample excludes all users located under a specific Organizational Unit from the list of accounts managed by Adaxes.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") 
Import-Module Adaxes

$ouDN = "OU=My OU,DC=domain,DC=com"
$replaceCurnentlyUnmanagedAccounts = $False

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the 'Configuration Set Settings' container
$configurationSetSettingsPath = $admService.Backend.GetConfigurationContainerPath("ConfigurationSetSettings")
$admConfigurationSetSettings = $admService.OpenObject($configurationSetSettingsPath, $NULL, $NULL, 0)
     
$allUnmanagedSids = New-Object "System.Collections.Generic.HashSet[String]"

if (!$replaceCurnentlyUnmanagedAccounts)
{
    # Fetch user accounts that are already unmanaged
    $currentUnmanagedAccounts = $admConfigurationSetSettings.GetUnmanagedAccounts(@())
    foreach ($userInfo in $currentUnmanagedAccounts)
    {
        $allUnmanagedSids.Add($userInfo.Key) | Out-Null
    }
}

# Find all users under the given OU
$ouUsers = Get-AdmUser -Filter "*" -SearchBase $ouDN -SearchScope Subtree  -Server domain.com
if ($ouUsers -ne $NULL)
{
    foreach ($user in $ouUsers)
    {
        $allUnmanagedSids.Add($user.Sid.ToString()) | Out-Null
    }
}

$admConfigurationSetSettings.SetUnmanagedAccounts(@($allUnmanagedSids))

See also