Adaxes

Help with powershell script

0 votes

Hi, we just recently installed Adaxes and would like to implement a PowerShell script that I have previously written which cleans up user objects if they have been manually moved to a specific OU (uses the Get-ADUser and Set-ADUser commands). The script itself has the OU defined and works on its own (when I run it under my domain admin credentials). However, we're running into issues getting the script to execute as the Adaxes service account.

Unfortunately, the only way we can get the script to work is with Domain Admin rights. However, we would like to eventually get away from that and just delegate the minimium required rights to this service account. I just cannot determine what rights are required to run those commands.

We're basically seeing this as the error message: " Insufficient access rights to perform the operation Stack trace: at <ScriptBlock>, <No file>".

by (20 points)

1 Answer

0 votes
by (289k points)

Hello Mark,

First of all, we recommend you to check our tutorials. Most probably, whatever you are trying to achieve can be done using built-in functionality without involving any scripts.

As for the permissions, have a look at the following article: https://www.adaxes.com/help/PermissionsOfDomainServiceAccount.

If you still face issues configuring the corresponding workflow, please, provide us with the script you are using in TXT format. You can post the script here or send to us at support@adaxes.com.

0

Thank you. We are using the built-in functionality for now and any scripts that have been provided on the Adaxes website. We will revisit the permissions again later on in our deployment, but for now, will keep the service account as a domain admin.

On an unrelated note, I did have to send an email out to the support team for some other issues we were experiencing with the Help Desk portal page and some operations that were not working correctly (when it involved browsing our on-prem directory).

by (20 points)

Related questions

0 votes
1 answer
Help with PowerShell Transcripts

I am noticing a large amount of PowerShell Transcript files in the Adaxes SA accounts Documents folder. These are different than the logging feature which has a very ... Can I configure these transcripts in any way to manage their space consumption/retention?

asked Nov 5 by SysADM (50 points)
0 votes
1 answer
PowerShell script with parameters, pass them to Custom Command

We've the following script we want to use in Adaxes to create as part of user creation, to ask if the user will need a AWS workspace, then asks employeetype for different ... "Error") exit(-1) } else { $Context.LogMessage("Created workspace", "Information") }

asked May 3 by Plusa (20 points)
0 votes
1 answer
How do we properly open and close an Exchange Online session with Powershell script?

Recently, Microsoft deprecated use of the remote PS sessions using version 1. We have since converted all of our scripts to version 2, but our nightly staff ... { # Close the remote session and release resources Disconnect-ExchangeOnline -Confirm:$false }

asked Nov 2, 2022 by MShep (80 points)
0 votes
1 answer
Struggling with running a powershell script to report users

Hi, I'm currently facing a problem where I want to set up a powershell script that should report all accounts (enabled, disabled, expired) matching a specific employeeType ... something else, just the plain Info Can you help me with this? kind regards Ingemar

asked Sep 4, 2015 by ijacob (960 points)
0 votes
0 answers
Kick off Powershell Script with e-mail confirmation

I know Adaxes has a module in it that uses e-mail verification in the password self-service policies. Can the verification system be used for anything other than an AD password ... to have a custom task run, but only after e-mail or text verification? Thanks!

asked Jul 27, 2015 by rlemaster (20 points)
3,548 questions
3,238 answers
8,232 comments
547,813 users