0 votes

trying to leverage thsi script in a custom command, bu ti cannot get the parameter to pass to it.

https://www.adaxes.com/script-repository/copy-group-membership-from-specified-user-s590.htm

by (480 points)
0

Hello Derek,

Sorry for the confusion, but we are not sure what exactly the issue is. Could you, please, specify which of the two scripts you are using and what exactly is not working as desired? If you face any errors, please, post here or send us (support@adaxes.com) screenshots.

0

The script :

$sourceUserDNParamName = "param-User" # TODO: modify me
$replaceGroups = $True # TODO: modify me

# Bind to the source user
$sourceUserDN = $Context.GetParameterValue($sourceUserDNParamName)
$sourceUser = $Context.BindToObjectByDN($sourceUserDN)

# Get groups to add
$groupGuidsToAdd = New-Object "System.Collections.Generic.HashSet[System.Guid]"
$sourceUser.GetEx("adm-DirectMemberOfGuid") | %%{[void]$groupGuidsToAdd.Add([Guid]$_)}

# Get current groups
$currentGroupGuids = New-Object "System.Collections.Generic.HashSet[System.Guid]"
$Context.TargetObject.GetEx("adm-DirectMemberOfGuid") | %%{[void]$currentGroupGuids.Add([Guid]$_)}

# Update groups
foreach ($guidBytes in $groupGuidsToAdd)
{
    $guid = [Guid]$guidBytes
    if ($currentGroupGuids.Remove($guid))
    {
        continue
    }

    $group = $Context.BindToObjectEx("Adaxes://<GUID=$guid>", $True)
    $group.Add($Context.TargetObject.AdsPath)
}

if ($replaceGroups)
{
    # Get the primary group ID
    $primaryGroupId = $Context.TargetObject.Get("primaryGroupID")

    foreach ($guidBytes in $currentGroupGuids)
    {
        $guid = [Guid]$guidBytes
        $group = $Context.BindToObjectEx("Adaxes://<GUID=$guid>", $True)

        # Skip the group if it is the user's Primary Group
        if ($group.Get("primaryGroupToken") -eq $primaryGroupId)
        {
            continue
        }

        $group.Remove($Context.TargetObject.AdsPath)
    }
}

Variable: image.png

The Form:

image.png

The Error:

Create User Copy Groups2: 1 operation executed Run PowerShell script 'Copy Groups' for the user Exception calling "BindToObjectByDN" with "1" argument(s): "'adm-InitiatorDN' is unavailable." Stack trace: at <ScriptBlock>, <No file>: line 6 You cannot call a method on a null-valued expression. Stack trace: at <ScriptBlock>, <No file>: line 10

0

Hello Derek,

Thank you for the provided details. As we can see, the custom command has just a single parameter, while the form actually has at least two entry fields. Additionally, the error references using adm-InitiatorDN while it is not present in the script. Please, provide us with all the possible details regarding the workflow you have configured (Web interface actions, custom commands, business rules, etc.). If you made changes to the script from the repository, please, post the updated script here or send us (support@adaxes.com) in TXT format.

1 Answer

0 votes
by (270k points)

Hello Derek,

Thank you for the information you sent. It looks like you explicitly entered InitiatorDN as custom command parameter value for executing it in a business rule triggering After creating a user. If you need to copy group membership from the operation initiator, you need to enter %adm-InitiatorDN%. Alternatively, you can reference one of the created user properties containing the user to copy membership from (e.g. their manager). In this case, you need to specify a value reference for the property as template for the parameter value. image.png Finally, the action should look like the following: image.png

0

how do i see the template tab?

0

Hello Derek,

To reach the Template tab for configuring parameter values for the Execute a custom command action:

  1. Launch Adaxes Administration console.
  2. In the Console Tree, expand your service node.
  3. Navigate to and select the business rule containing the action.
  4. In the Result Pane on the right, right-click the action and then click Edit Action in the context menu. image.png
  5. Click Parameters. image.png
  6. Click the button embedded into the parameter field. image.png
  7. In the dialog that opens, activate the Template tab. image.png
0

Thanks, i got the template.

Related questions

0 votes
1 answer

Hi, during account creation we store a user/requester DN in field adm-CustomAttributeObject2 If now this requester is disabled, I want to find all users in AD ... field. I found some articles and scripts, but nothing working as expected.

asked Feb 27 by wintec01 (1.1k points)
0 votes
1 answer

This is the logic I ham useing. $criteria = New-AdmCriteria -Type "User" -Expression {customAttributeBoolean6 -eq $true} $usersC = Get-AdmUser -Filter $criteria -properties * - ... there a better way to get the list of users into this variable? error;

asked Dec 14, 2023 by mightycabal (1.0k points)
0 votes
1 answer

Let's say I have a Business Rule that is fired prior to adding members to a group. Is it possible to get the number of objects being added to that group as ... that tells me that 6 objects will be added or is each added user treated completely independently?

asked Apr 20, 2022 by ngb (220 points)
0 votes
1 answer

Hello, We have a workflow where we get the manager name via our HR system. I am putting this into a customattribute. As the name pulled from HR is in the form of firstname ... DN and put it into the target user manager field. Is this possible? If so; how?

asked Feb 10, 2022 by vlg (40 points)
0 votes
1 answer

We are using the SeeAlso attribute to store who is responsible for specific accounts. We do not wish to use the Manager field, because the Manager/Direct Report structure is ... to, for example, extende the expiration date of an account. Is that possible?

asked Jan 28, 2020 by manuel.galli (100 points)
3,326 questions
3,025 answers
7,724 comments
544,675 users