Hi there,
I would like to allow for my support team to disenroll some user from SelfService Password Policy.
Is it possible to allow via web interface?
Thanks!
Lopes
Hello Lopes,
Yes, sure. For this purpose you can create a Custom Command that disenrolls a user. To create it:
Create a new Custom Command.
On step 2 step of the Create Custom Command wizard, select the User object type.
On step 3, add the Run a program or PowerShell script action and paste the following script in the Script field:
if ($Context.TargetObject.IsEnrolled) { $Context.TargetObject.DisenrollUser() }
Enter a short description for the script and click OK.
Finish creation of the Custom Command.
Hi Support,
It's working. Thanks!
I'd like to implement an architecture whereby all Domain Users can request membership in any domain security group. I'd also like to allow the OU Owners to have ... from their groups without granting them the ability to remove users from all security groups?
I would like to change department without a script just yet if possible on multiple accounts. If I cant do this then I will entertain custom script Thanks :)
Hi we have bunch of custom commands that HR uses, to create new user employee or offboard someone. They can see the execution log on the web interface, but we would like to recive a copy of the log in an email to IT to make sure there arent errors etc.
Hi all, How can I add a user directly to an Entra ID group? I understand it might be possible via CLI e.g. Add-AzureADGroupMember - But is there a built-in GUI method via Business Rules? Thanks, David
If we want to obtain the Object ID for the corresponding 365 object of a user, we would use the logic: [Guid]$Context.TargetObject.Get("adm-O365ObjectId") -if ... definitively belongs to an on-premises Active Directory domain or a cloud Azure AD domain?