Adaxes

Assign a group in Active Directory based on a users "Office" and "Description"

0 votes

Hi we are trying to add users to a group based on the values of their "Office" and "Description" attributes within Active Directory.

We have populated the below script to search a defined hashtable for the values however this doesn't seem to be populating the results we are after.

All advice welcome!

Import-Module Adaxes

$officeDescriptionToGroup = @{ "Site1-Job1" = "CN=ROLE_Test1,OU=Site1,OU=Site,OU=Domain Role Groups,DC=company,DC=com" "Site2-Job2" = "CN=ROLE_Test2,OU=Site2,OU=Site,OU=Domain Role Groups,DC=company,DC=com"

}

$userOffice = $Context.TargetObject.OfficeLocations $userDescription = $Context.TargetObject.Description $combination = "$userOffice-$userDescription"

if ($officeDescriptionToGroup.ContainsKey($combination)) {

$groupDN = $officeDescriptionToGroup[$combination] $userObject = Get-AdmUser -Filter { Name -eq $Context.TargetObject.Name }

if ($userObject -ne $null) { Add-AdmGroupMember -DN $groupDN -Members $userObject $Context.LogMessage("User $($Context.TargetObject.Name) added to group $groupDN.") } else { $Context.LogMessage("Error: User $($Context.TargetObject.Name) not found.")

} }

else { $Context.LogMessage("No matching criteria found for User $($Context.TargetObject.Name).") }

by (20 points)

1 Answer

0 votes
by (288k points)

Hello,

First of all, you can make the groups rule-based. As a result, no scripts will be required to adjust membership. For details, see section Rule-based groups of the following tutorial: https://www.adaxes.com/help/AddUsersToGroupsByDepartment/#dynamicgroups.

If you still want to use a script, have a look at the following one from our repository: https://www.adaxes.com/script-repository/update-group-membership-based-on-two-properties-s510.htm.

Related questions

0 votes
1 answer
Report showing users who are inactive in both our on-premise Active Directory and Azure Active Directory?

We manage employee user accounts in our on-premise Active Directory and synchronize them to Azure Active Directory using Azure AD Connect. We'd like to be able to generate ... if this is possible so we can easily identify user accounts that are truly inactive.

asked May 9, 2023 by RickWaukCo (320 points)
0 votes
1 answer
disable user based on a dropped file and change description.

Forgive me if this topic has been discussed elsewhere i searched and didn't find anything. What I would like to have adaxes do is on a nightly basis 1. go to a folder it ... disabled by adaxes $date" } Is this possible #4 eludes me a bit. Thank you in advance.

asked Jun 19, 2018 by dexion11 (50 points)
0 votes
1 answer
Create a business Unit to auto populate based on group owners in a specific OU

Is it possible to create a business unit and have it auto populate with group owners in a specific OU. I've tried a few scripts to get propertie adm-managedbylist but none have worked so far.

asked 4 days ago by C27 (20 points)
0 votes
1 answer
Assign user to a single security group among ones contained in a OU

Hello, We would like to implement a form / extend one where a user (eventually created before) is made member of a security group defining his/her role, and ... guarantee the membership to a single role? Apologize if the question seems convoluted. Thanks!

asked Jun 6, 2023 by IT Division (20 points)
0 votes
1 answer
Is there a way to create new users, modify existing users or terminate users based on a scheduled CSV file received?

We are working with an HR package that will send us a CSV file every 4 hours with a list of users that need to be created, modified or deleted from our environment. The CSV ... change, etc.) Is there a script that can manage all of that on a scheduled basis?

asked Sep 2, 2020 by RayBilyk (240 points)
3,542 questions
3,233 answers
8,227 comments
547,808 users