Adaxes

Custom Command Question

0 votes

I have noticed, and maybe I am doing something wrong, but it appears even though i have a Security Role that deny's full control to all objects (your blind role modified), users can still run custom commands via the web interface. But, if i deny them the ' Execute all custom commands' in any other rule it works like its supposed to. i don't understand. Why doesn't the full control cover executing custom commands.

the problem is that everytime we add a new rule, we don't want to go exclude it somewhere.

by (80 points)

1 Answer

0 votes
by (18.0k points)

Hello,

If you deny the Full Control permission for a user, the user will not be able to neither perform any operation in AD (including execution of Custom Commands), nor view any object in Active Directory. In your case, I think something is wrong with the user assignment. Could you send me a screenshot with the assignments of the role?

the problem is that everytime we add a new rule, we don't want to go exclude it somewhere.

Do you mean Custom Command (not rule)? When you create a Custom Command, by default, users don't have the right to execute it. However, some built-in Security Roles (e.g. Help Desk) grant the Execute All Custom Commands permission. If you don't want users to be able to execute Custom Commands, just delete that permission from the Security Roles assigned to the users.

Related questions

0 votes
1 answer
Open the user in the tree after completion of a custom command

We have a series of transforms we use for users including moving to different OU's. Is there a way to open the user's object after the command completes much in the same way a user creation does?

asked 1 day ago by msheppard (470 points)
0 votes
1 answer
Is it possible to use a property pattern as a parameter in a custom command?

The use case we are looking for is providing a list of titles for users to choose from when initiating a re-hire. We already have a title property pattern established and would ... that we can manage the list in one place. Let me know and as always, thanks.

asked 1 day ago by msheppard (470 points)
0 votes
1 answer
Condition During a Custom Command Resulting in two different outcomes

Is it possible during a custom command to prompt input from the user initiating the command and to take a different action depending on their answer? For example, ... provide the automatic reply text If No - proceed with predetermined reply text. Thanks

asked Oct 28 by msheppard (470 points)
0 votes
1 answer
How can I execute a report from a custom command?

I have a few reports that I want to add to a custom command workflow such that the report is executed and exported to a csv in a pre-defined (variable) path. I was ... a script to run the report and export it, but could not locate information on that process.

asked Oct 28 by aweight (60 points)
0 votes
1 answer
If I schedule a custom command with execute asynchronously, will the custom command workflow execute async as well?

I have a scheduled task that runs a custom command that itself has multiple custom commands that run in a specific timed order. I would like the scheduler to run that top level ... , but Command B and C will wait for Command A to finish. Is this possible?

asked Jul 23 by DA-symplr (100 points)
3,548 questions
3,239 answers
8,232 comments
547,814 users