0 votes

Ideally looking to make this a rule based group, but report or business unit should work also. In our domain, service accounts become direct reports of the user who requested/created them. We want to query users who have atleast 1 actual human user direct report. As far as I can tell, the direct report criteria only have the functionality to filter empty/non-empty directreports attributes or if a specific object is a/not a direct report. Is this possible? Thank you

by (40 points)

1 Answer

0 votes
by (14.5k points)
edited by

Hello Alex,

Unfortunately, there is no possibility to achieve the desired using just a criteria, a PowerShell script is required. As such, a custom report based on a PowerShell script is the best option. For information on how to create custom reports, have a look at the following tutorial: https://www.adaxes.com/help/CreateReport. The report will have a search scope (Objects located in a specific location) and two parameters. The first parameter will be used to select the subordinate property whose value will be checked. The parameter should be of the Property name picker type. The second parameter will be used to specify the value that must be present in the subordinate property. If the specified value matches the subordinate property value, the manager of the subordinate will be added to the report. To generate the report, the below script will be used. In the script:

  • $propertyName – Specifies the name of the report parameter used to select the property. The parameter name must start with the param- prefix.
  • $value – Specifies the name of the report parameter used to specify the property value. The parameter name must start with the param- prefix.
$propertyParamName = "param-Property" # TODO: modify me
$valueParamName = "param-Value" # TODO: modify me

# Get parameter values
$propertyName = $Context.GetParameterValue($propertyParamName)
$value = $Context.GetParameterValue($valueParamName)

# Build criteria
$criteria = New-AdmCriteria "user" -Expression {directReports -empty $False}

$Context.DirectorySearcher.AddCriteria($criteria)

# Build the report
try
{
    # Execute search
    $searchIterator = $Context.DirectorySearcher.ExecuteSearch()

    while ($Context.MoveNext($searchIterator))
    {
        $searchResult = $searchIterator.Current

        $manager = $Context.BindToObjectBySearchResult($searchResult)

        # Get subordinates
        $subordinatesGuids = $manager.GetEx("adm-DirectSubordinatesGuid")

        # Check if subordinate has the required property value
        foreach ($subordinateGuid in $subordinatesGuids)
        {
            $guid = [Guid]$subordinateGuid
            $subordinate = $Context.BindToObject("Adaxes://<GUID=$guid>")
            try
            {
                $propertyValue = $subordinate.Get($propertyName)
            }
            catch
            {
                continue
            }

            if ($propertyValue -ne $value)
            {
                continue
            }

            # Add manager to the report
            $Context.Items.Add($searchResult)
            break
        }
    }
}
finally
{
    # Release resources
    if ($searchIterator) { $searchIterator.Dispose() }
}

Related questions

0 votes
1 answer

Hi, Is there a way I can create a rule based group or scheduled task in which the Direct reports of the direct reports are added to a group? So for example: CEO VP's ... in the list that no longer reports to a manager who reports to the CEO. Thanks in advance

asked Dec 22, 2022 by gareth.aylward (180 points)
0 votes
1 answer

We have the following script we need fixed to run within Adaxes to add true/false value to a customattribute for use in building dynamic distribution lists. $users = ... } else { Set-Mailbox -Identity $user.Name -CustomAttribute8 "Individual contributor" } }

asked Jul 13, 2022 by willy-wally (3.2k points)
0 votes
0 answers

Or would the DLs have to be manually created and rules set up? I'm starting to look into features of the product before demoing, and was hoping there was an easy answer on this one. Thanks

asked Oct 7, 2020 by SIRI-Steele (40 points)
0 votes
1 answer

I have to do a weekly Inactiviy Report for Accounts that have not logged in for 30 days or more. 1 of the reports is for Internal users BUT there is an Account ... Adaxes and working on the product, and i need to get all my reporting done through Adaxes

asked Nov 14, 2022 by dtorannini (80 points)
0 votes
1 answer

We would like to use the "Rule Based Groups" functionality that Adaxes has to create distribution groups where we have one group per manager and the members are the user ... so that the link doesn't break when changes happend to the managers AD object?

asked Oct 27, 2021 by odsven (1.8k points)
3,588 questions
3,277 answers
8,303 comments
548,081 users