0 votes

I'm attempting to implement a system which will allow us "expire" groups after a certain amount of time. I'm using a custom attribute to track a group's expiration date. There will be a scheduled task that will periodically run looking at the custom attribute. Once the expiration date has arrived, the scheduled task will do a number of things.

One of the things I'd like for it to do is send an email notification to the owner/manager of the group letting them know that the group has expired, but I haven't been able to figure out how to do that. Some of our groups are owned/managed by a single user, but many are owned/managed by another group. Ideally, if the group is owned/managed by another group, I'd like to email all members of that other group.

Thanks in advance for any tips or suggestions.

by (320 points)

1 Answer

0 votes
by (320 points)

I figured out how to do this by stealing some code from the nifty Script Repository. Here's what I came up with:

# Email message settings
$subject = "Group Disabled Notification: %name%" # TODO: modify me
$bodyText = # TODO: modify me
@"
The following group has been disabled by %adm-InitiatorFirstName% %adm-InitiatorLastName% (%adm-InitiatorEmail%):

Group Name: %name%
Description: %description%
"@

# Get e-mail addresses of the group managers
$groupManagerEmailAddresses = @()

$groupManagerDN = "%managedBy%"
$groupManager = $Context.BindToObjectByDN($groupManagerDN)
switch ($groupManager.Class)
{
    "user"
    {
        try
        {
            $groupManagerEmail = $groupManager.Get("mail")
        }
        catch
        {
            continue
        }

        $groupManagerEmailAddresses += $groupManagerEmail
    }
    "msExchDynamicDistributionList"
    {
        try
        {
            $groupManagerEmail = $groupManager.Get("mail")
        }
        catch
        {
            continue
        }

        $groupManagerEmailAddresses += $groupManagerEmail
    }
    "group"
    {
        try
        {
            $memberGuidsByte = $groupManager.GetEx("adm-MembersGuid")
        }
        catch
        {
            continue
        }

        foreach ($memberGuidByte in $memberGuidsByte)
        {
            $memberGuid = New-Object "System.Guid" (, $memberGuidByte)
            $memberGuid = $memberGuid.ToString("B")
            $memberPath = "Adaxes://<GUID=$memberGuid>"
            $groupMember = $Context.BindToObject($memberPath)

            if ($groupMember.Class -ne "user")
            {
                continue
            }

            try
            {
                $groupManagerEmail = $groupMember.Get("mail")
            }
            catch
            {
                continue
            }

            $groupManagerEmailAddresses += $groupManagerEmail
        }
    }
    default
    {
        continue
    }
}

if ($groupManagerEmailAddresses.Length -eq 0)
{
    return
}

foreach ($groupManagerEMailAddress in $groupManagerEmailAddresses)
{
    $Context.SendMail($groupManagerEMailAddress, $subject, $bodyText, $NULL)
}

Related questions

0 votes
1 answer

I need to send an e-mail to the owner ("managed by") for each group. The e-mail should contain a list of group members. What is the best way to do that?

asked May 9 by akindy (20 points)
0 votes
1 answer

Hi all, I wanted to ask community if you are experiencing same behavior: Add a primary group owner to a security group in ADAXES console. Make sure Can update membership using ... list is checked? In my case it is CHECKED for some reason. Thanks all!

asked Dec 13, 2023 by mega128 (20 points)
0 votes
1 answer

I would like users to use Adaxes to add themselves or others to a group, but instead of it just working, it has to go thru an approval process and be approved by the group owner before they are added. Thanks!

asked Jun 30, 2021 by RayBilyk (240 points)
0 votes
1 answer

I would like to send an email notification when a user, who is a group owner, account is disabled.

asked Aug 18, 2015 by Infounlim (470 points)
0 votes
1 answer

I've noticed the following behavior: 1. I have a group (say "group1"). The "owner" (managedby) is set to another group (distribution group) (say "group2"). 2. I ... send a message to "group2" outside of ADAxes, it works fine. Is this expected behavior? Thanks

asked Mar 1, 2012 by BradG (950 points)
3,538 questions
3,229 answers
8,224 comments
547,747 users