Adaxes

Business rule to forbid changing group membership to rule-based?

0 votes

Hi, I need business rule that will forbid changing group membership type to rule-based for selected groups.

Additionally I need PowerShell script for adding more groups to be watched by this rule.

Thanks in advance!

by (960 points)

1 Answer

0 votes
by (288k points)

Hello,

I need business rule that will forbid changing group membership type to rule-based for selected groups.

Do we understand correctly that you have groups set as rule-based and want to prohibit anybody from changing the type to assigned? If that is correct, you can use a business rule like below. image.png Pay attention that the Activity Scope should include the groups themselves, not their members.

Additionally I need PowerShell script for adding more groups to be watched by this rule.

For information on how to update the Activity Scope of a business rule using scripts, have a look at the following SDK article: https://adaxes.com/sdk/DefiningScopeOfActivity.

0

To be more specific I want to forbid adding rule-based groups to specific group(s). But at the same time I need to forbid changing already added groups (even nested ones!) to rule-based group. So I assume I will have to use something like image.png But I am unsure what should goes to the right side of the equals operator?

And then scope this rule to group and its members (so even nested groups cannot be rule-based)? image.png

by (960 points)
+1

Hello,

To be more specific I want to forbid adding rule-based groups to specific group(s).

In this case, you need to use a business rule like the following: image.png In the condition, use the below script:

$Context.ConditionIsMet = $False

# Get member group type
if ("%adm-MemberObjectType%" -eq "group")
{
    $member = $Context.BindToObject("Adaxes://%member%")
    $memberGroupType = $member.MembershipType
}
else
{
    return
}

$Context.ConditionIsMet = $memberGroupType -eq 1

But at the same time I need to forbid changing already added groups (even nested ones!) to rule-based group.

There is no need to do anything about that. It is not possible to add members to rule-based groups manually. They will only be added automatically based on the rules you specify.

by (288k points)
0

Perfect!

by (960 points)
edited by

Related questions

0 votes
1 answer
Rule-based membership fails for security enabled distribution group

Rule-based membership fails for security enabled distribution group with error "The term 'Add-DistributionGroupMember' is not recognized as the name of a cmdlet, function, ... Exchange Online before running this PowerShell command. Here is rule based set up.

asked Mar 7, 2023 by KIT (960 points)
0 votes
1 answer
Can Business Rules be triggered by a Rule-Based group adding a user?

I have a Rule-Based group with users. Every time a users gets added or removed from this group I want to trigger a Business Rule for "Atter adding or removing a member ... Rules be triggered by a Rule-Based group adding or removing a user? Morten A. Steien

asked Mar 27, 2023 by Morten A. Steien (300 points)
0 votes
1 answer
Trying to run PowerShell script to update group membership based on CSV. Works fine outside of Adaxes

Receive "Index operation failed; the array index evaluated to null. Stack trace: at <ScriptBlock>, <No file>: line 104>" and "Index operation failed; the ... $GroupName, $GroupDN." } } #foreach write-output "" Write-Output "" Stop-Transcript

asked Apr 14, 2022 by jbahou (20 points)
0 votes
1 answer
Is there a way to add group managed service accounts, GMSA, to rule based groups?

When setting up a rule based group, GMSA objects are not visible. Is there a setting or view I need to add to make these availabe to rule based groups, or is it simply not an option?

asked Sep 16 by ajmilic (100 points)
0 votes
1 answer
Is it possible to have rule-based Azure group?

Hi, I need same functionality as is rule-base membership for AD groups, but for AAD groups. To be more specific, I want to have AAD group that contains all user members from all selected groups (even nested ones!)

asked Mar 6, 2023 by KIT (960 points)
3,542 questions
3,232 answers
8,226 comments
547,806 users