0 votes

I belive we may have opened a ticket for this question in the past but I can't find the answer.

We have a need to delay changing user attributes until their transfer/promotion date.

So we have a Custom Command called Promote/Transfer. It takes in several parameters (manager, title, department)

We set the transfer/promotion date in adm-customattributedate2

We have a scheduled task that runs the following powershell hourly.

# Get all pending Approval Requests
$containerPath = $Context.GetWellKnownContainerPath("ApprovalRequests")
$container = $Context.BindToObject($containerPath)

$requests = $container.GetApprovalRequests("ADM_APPROVALSTATE_PENDING")

foreach ($requestID in $requests)
{
    # Bind to the Approval Request
    $guid = [Guid]$requestID
    $request = $Context.BindToObjectEx("Adaxes://<GUID=$guid>", $True)

    $approversInfo = $request.GetApproversInfo()
    if (-not ($approversInfo.IsApproverEx($Context.Initiator.UserAdsObject, $request.Requestor, $request.TargetObject)))
    {
        continue # The Scheduled Task is not an approver
    }

    # Get date when modifications are due
    $operation = $request.DescriptionOfOperationToApprove
    $result = $operation | Select-String -Pattern "(?<=\{.{8}-.{4}-.{4}-.{4}-.{12}\}\s)\d{2}\/\d{2}\/\d{4}(?=\s\{.{8}-.{4}-.{4}-.{4}-.{12}\})"

    if ($result -eq $NULL)
    {
        $Context.LogMessage("Cannot find a date when to execute the following operation: '$operation'.", "Warning")
        continue
    }

    try
    {
        $date = [Datetime]::ParseExact($result.Matches[0].Value, "dd/MM/yyyy", $NULL)
    }
    catch
    {
        $Context.LogMessage("Cannot convert a date when to execute the following operation: '$operation'.", "Warning")
        continue
    }

    if ($date -gt [System.Datetime]::UtcNow)
    {
        continue
    }

    # Approve the request
    $request.Approve()
}

Somehow someone changed something and now its not working anymore. I can't for the life of me find the original article/ticket that this powershell came from, but it had the instructions we needed to delay modifying a user's manager, title, and department until the scheduled date.

Any help would be much much appreciated. Thanks!

by (70 points)
edited by

1 Answer

0 votes
by (220k points)

Hello,

It looks like you mean the below script.

# Get all pending Approval Requests
$containerPath = $Context.GetWellKnownContainerPath("ApprovalRequests")
$container = $Context.BindToObject($containerPath)

$requests = $container.GetApprovalRequests("ADM_APPROVALSTATE_PENDING")

foreach ($requestID in $requests)
{
    # Bind to the Approval Request
    $guid = [Guid]$requestID
    $request = $Context.BindToObjectEx("Adaxes://<GUID=$guid>", $True)

    $approversInfo = $request.GetApproversInfo()
    if (-not ($approversInfo.IsApproverEx($Context.Initiator.UserAdsObject, $request.Requestor, $request.TargetObject)))
    {
        continue # The Scheduled Task is not an approver
    }

    # Get date when modifications are due
    $operation = $request.DescriptionOfOperationToApprove
    $result = $operation | Select-String -Pattern "(?<=\{.{8}-.{4}-.{4}-.{4}-.{12}\}\s)\d{2}\/\d{2}\/\d{4}(?=\s\{.{8}-.{4}-.{4}-.{4}-.{12}\})"

    if ($result -eq $NULL)
    {
        $Context.LogMessage("Cannot find a date when to execute the following operation: '$operation'.", "Warning")
        continue
    }

    try
    {
        $date = [Datetime]::ParseExact($result.Matches[0].Value, "dd/MM/yyyy", $NULL)
    }
    catch
    {
        $Context.LogMessage("Cannot convert a date when to execute the following operation: '$operation'.", "Warning")
        continue
    }

    if ($date -gt [System.Datetime]::UtcNow)
    {
        continue
    }

    # Approve the request
    $request.Approve()
}

However, we cannot be sure. For us to suggest a full solution which might not require any scripts, please, post here or send us (support@adaxes.com) a screenshot of the custom command you are using. Any additional details regarding the workflow you have will be much appreciated.

Related questions

0 votes
0 answers

Say you have Manager A that has 30 users under them. Manager A leaves and Manager B takes the position. What is the best way to update all 30 users so their new manager is Manager B.

asked Jun 7, 2021 by Jmbrown04 (60 points)
0 votes
0 answers

Hello! We have a business rule in place that will request approval from a group's owner before adding an account to that group for certain groups. We also have a custom ... name reference is invalid. Do you have any ideas for how to get around this error?

asked Jan 24 by KelseaIT (320 points)
0 votes
1 answer

We used to run AD Audit and it would provide additional details on what was locking a user's account (workstation name, application, etc...). Is there are way with Adaxes ... on what is locking an account? Or a way to pull historical data on locked accounts?

asked Nov 16, 2020 by pulsifers (20 points)
0 votes
1 answer

Hi all, Am trying to convert a mailbox from a user box to a shared box in O365. Have been for the past few weeks even. The ... account the method points at - http://www.adaxes.com/sdk/?ExecuteScriptContextClass.html#executescriptcontext_getoffice365credential

asked Feb 24, 2020 by TheLexicon (160 points)
0 votes
0 answers

I noticed that other identity management solutions have a way for new user to claim their account. This would be helpful so we can help all of our new students (who do not ... ) claim their account and reduce the burden on our help desk. Thanks for your help.

asked Aug 29, 2020 by rmedeiros (360 points)
2,731 questions
2,468 answers
6,451 comments
1,331,362 users