0 votes

Hey Everyone,

Just putting a "feeler" out there to see if anyone has had any luck with leveraging Adaxes in any way to perform entitlement reviews on active directory groups.

One option would be to email one of the group membership web reports, but it doesn't sound like I can set those up as a scheduled task. I also took a good look through the script repository and didn't see this topic hit.

Anyone have some good experience in this...or have a nifty powershell script to share on how to accomplish this?

I would just need to have powershell (or whatever) get the group membership of a group, and email that to a group of users. Sounds simple enough, but I am struggling with it.

Thanks,

by (490 points)
0

Just giving this post a bump...

Is anyone out there using adaxes to help conduct entitlement/access campaigns? An example would be gather a list of members on your Domain Administrator group, and email off for approval. How are you doing this today?

Thanks!

0

Did you ever find a way to send a list of members of a group to the owner for entilement review?

0

Hello,

As of now, you can schedule report delivery: https://www.adaxes.com/help/ScheduleReports. You can use a built-in report, Members of my managed groups. By default, the report is located in container Reports\All Reports\Groups\Membership. However, it will just be a list of members. There is no way to manage members via the report. The only option that might be a solution is re-adding all members to the groups within an approval workflow. However, there will be a separate approval per user, not a single one.

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello Ben,

The following script from our Script Repository seems to be something that can help you out in this situation: http://www.adaxes.com/script-repository ... n-s182.htm. Also, you can use the following script that will allow you to determine which users were added or removed from AD groups within a certain time period: http://www.adaxes.com/script-repository ... s-s289.htm. Both the scripts can be scheduled with the help of Adaxes Scheduled Tasks, if necessary.

Is it something that meets your needs?

Related questions

0 votes
1 answer

Hello there, We have recently moved (almost) every computer from on-prem to cloud only and have setup some scheduled tasks to disable users based off of Last Logon and Last Logon ... in a different way? And if not, are there any plans to leverage that data?

asked May 21 by jacobchugg (20 points)
0 votes
1 answer

User is trying to amend the account expiry date on another user account. User has done this many times in the past - only difference is this is a new OU. Adaxes service account has the necessary permissions to the OU so I can't see why this is happening

asked Jan 3 by NeilM (20 points)
0 votes
1 answer

I am currently trying to put together an entitlement review for all of our vendors or non-full time employees. I was able to spin up a scheduled task that does exactly ... review that the 3 direct reports are still indeed employed and on the account. Thanks!

asked Feb 9, 2017 by felt1977 (120 points)
0 votes
1 answer

When we get a user from AD we want to perform some checks and display errors to the service desk staff. eg. if userprincipalname is not equal to a custom attribute show ... GroupA and custom attribute2 is not a specific value show an error. is this possible?

asked Apr 13, 2023 by i*windows (300 points)
0 votes
1 answer

HI, I have scenario to perform a custom action based on the notification approval result. Before creating a user, i need to send out for an approval, if the request ... there a way we can achieve this. Any help/pointers or references would really appreciated.

asked Mar 4, 2016 by ramd123 (50 points)
3,589 questions
3,278 answers
8,303 comments
548,155 users