0 votes

Hi

Is it possible to get a business rule which calls a custom command powershell script to wait for the script to complete before continuing?

Thanks

Matt

by (2.0k points)
0

Update, I've just tried adding the script to the beginning of the business rule directly, and the rule still doesn't wait for the script to complete before continuing to process the tasks.

0

Hello,

Could you describe what exactly you want to achieve in as much detail as possible?

0

Sure,

We have our business rules for new users.
As we have a lot of email domains, we have a powershell script to change the users UPN based on their agency. The UPN is then used to set the default email address.
The script works fine, but as the business rule doesn't wait for it to complete before continuing the rule tries to set the the email address to the users cname@domain which doesn't exist as an email domain.

Please let me know if you need anything more.

Thanks

0

Hello,

Could you post here or send us a screenshot of the Business Rule configuration? We need something like the following:

0

Sure


Sorry, I can't get the image to show properly.

The rule carries on in the same vane with multiple other conditions for other tasks.

0

Hello,

Could you send the screenshot to our Support Email (<support[at]adaxes.com>)?

0

Have sent it and got an automated response with ticket number 2017042810120065

Thanks

1 Answer

0 votes
by (216k points)
selected by
Best answer

As we have a lot of email domains, we have a powershell script to change the users UPN based on their agency. The UPN is then used to set the default email address.
The script works fine, but as the business rule doesn't wait for it to complete before continuing the rule tries to set the the email address to the users cname@domain which doesn't exist as an email domain.

This is not a timing issue. We cannot see on your screenshots, but, probably, you use the %userPrincipalName% value reference to insert the UPN in the email address. When operation triggers any Business Rules in Adaxes, value references are resolved prior to executing any actions. Thus, by the time when you assign the UPN within the Business Rule, the %userPrincipalName% value reference is already resolved.

To work around this, you need to create another Business Rule triggered before creating a user that executes the script. In this case, the UPN will be updated before resolving value references.

Since the Business Rule is triggered prior to creating a user account, you will not be able to use the IADs::Put and IADs::SetInfo methods to update a UPN suffix. You need to use the $Context.SetModifiedPropertyValue method instead. For example:

# $upn is the new User Principal Name generated by your script
$Context.SetModifiedPropertyValue("userPrincipalName", $upn)

To create a Business Rule that updates UPNs:

  1. Copy the action that runs your script for UPN generation. To do this, right-click it and select Copy.
  2. Right-click your Adaxes service, select New, and then click Business Rule.
  3. On step 2 of the Create Business Rule Wizard, select User and Before Creating a User.
  4. On step 3, paste the action you copied.
  5. Double-click the action to edit it.
  6. Change the script to use the $Context.SetModifiedPropertyValue method.
  7. When done, click OK.
  8. On the final step, define where a user must be created to trigger the rule. Then, click Finish.
  9. Remove the script from the Business Rule triggered after user creation. To do this, select the action/condition set where it is executed and click the Delete button.
0

Hi

Thanks for the clarification. The value's loading was my next guess :) and you are correct, we do reference the UPN to set the SMTP later in the rule.
I have made the changes you've suggested, but unfortunately they don't seem to be working as I'd hoped. In fact running the rules this way, the UPN never gets updated to be correct.

The only action in the pre-user creation rule is to run this powershell script

$propertyName = "department" # TODO: modify me
$upnSuffixMap = @{
    "domain1.com" = @("department 1", "first department", "dept uno")
    "domain2.com" = @("department 2", "second department", "dept zwei")

} # TODO: modify. Example: $upnSuffixMap = @{"<UPN Suffix>" = @("<Property Value 1>", "<Property Value 2>")}

# Get property value
try
{
    $value = $Context.TargetObject.Get($propertyName)
}
catch
{
    return # Property is empty
}

# Get UPN Suffix
$upnSuffix = $NULL
foreach ($item in $upnSuffixMap.GetEnumerator())
{
    if ($item.Value -notcontains $value)
    {
        continue
    }

    $upnSuffix = $item.Key
    break
}

if ([System.String]::IsNullOrEmpty($upnSuffix))
{
    $Context.LogMessage("UPN suffix is not specified for '$value'. Default UPN suffix will be used.", "Warning")
    return
}

# Get UPN
$userPrincipalName = "%userPrincipalName%"
if ([System.String]::IsNullOrEmpty($userPrincipalName))
{
    $Context.LogMessage("Cannot assign a UPN suffix because the user logon name is empty", "Warning")
    return
}

# Build new UPN
$userPrincipalName = $userPrincipalName.SubString(0, $userPrincipalName.IndexOf("@")) + "@$upnSuffix"

# Save changes
$Context.SetModifiedPropertyValue("userPrincipalName", $userPrincipalName)

Following that the post creation rule runs through, but with the wrong UPN and thus SMTP address.
I can see from the log that the Set UPN has run with no errors and department is a required field in the form which is used to create these users.

0

Hello,

You also need to replace the following line:

$value = $Context.TargetObject.Get($propertyName)

with the following:

$value = $Context.GetModifiedPropertyValue($propertyName)

0

Ah, that's got it :)
Thanks very much for your help.

Related questions

0 votes
1 answer

I would like to add the following logic into a Powershell script that will be triggered on 'After Create User'. Read the value of the 'title' property of the user just created ... 'True' or 'False'. Could you assist with how to script this please? Many thanks.

asked May 1, 2020 by Bernie (310 points)
0 votes
1 answer

Hi team, I have a follow up to this question https://www.adaxes.com/questions/14234/business-after-adding-members-powershell-script-executed Let me explain my setup A rule- ... area% failed due to the following exception: $($_.Exception.Message)", "Error") }

asked Feb 13 by wintec01 (1.5k points)
0 votes
1 answer

We currently have a form for HR to deal with ex-employees that are hired once more, but it's not much more than automatic emails sent to IT. If I add some actions ... this trigger the business rule we have that targets "After updating a user" ? Thanks, Louis

asked Oct 18, 2022 by lw.fa (150 points)
0 votes
1 answer

When creating custom commands you have to select the object type. What is the object type for a Business Unit? It doesn't seem to be OU or Container as I can not select ... execute my script against. I've been searching the site and can not find this detail.

asked Jul 5, 2021 by ComputerHabit (790 points)
0 votes
1 answer

We have a business rule that will update an AD attribute when a new member is added to a group. This business rule works when we use powershell commands or the admin console ... set to trigger "After adding a member to a group". Thank you for your support!

asked Mar 29, 2023 by mark.it.admin (2.3k points)
3,588 questions
3,277 answers
8,303 comments
548,084 users