Adaxes

AND OR Selection

+1 vote

Hey Supportteam,

are you thinking about for the next major release to implement AND and OR Selection for IF Actions?
The actual version is only supporting AND or OR selction and not both.

f.E.

Select User who are not deactivated
AND in a special group OR in a special OU.

Hope could explain my question.

Regards

Massimo

by (450 points)

1 Answer

0 votes
by (289k points)
selected by
Best answer

Hello Massimo,

We have this feature in our Product Backlog. We will add a +1 on your part, if you don't mind.

0

I would also like to see this fast tracked, i am running into an issue that would be solved with this exactly right now.

by (3.2k points)
0

Hello Massimo,

We have no exact dates of the next release that will include the feature. For now you can use the If PowerShell script returns true condition to achieve what you need.

Below is an example of the script you can use in the condition:

$ouDN = "OU=Users,DC=domain,DC=com" # TODO: modify me
$groupDN = "CN=MyGroup,OU=Groups,DC=domain,DC=com" # TODO: modify me

# Check user location
$userDN = New-Object "Softerra.Adaxes.Ldap.DN" "%distinguishedName%"
$Context.ConditionIsMet = $False
if($userDN.IsDescendantOf($ouDN))
{
    $Context.ConditionIsMet = $True
    return
}

# Check group membership
$userGroupGuids = New-Object "System.Collections.Generic.HashSet[System.Guid]"
try
{
    $Context.TargetObject.GetEx("adm-MemberOfGuid") | %%{[void]$userGroupGuids.Add([Guid]$_)}
}
catch
{
    return
}

$group = $Context.BindToObjectByDN($groupDN)
$groupGuid = [Guid]$group.Get("ObjectGuid")
$Context.ConditionIsMet = $userGroupGuids.Contains($groupGuid)
by (289k points)
0

Thank you for your replay, it would be nice to have it in the console of adaxes ;)

by (450 points)

Related questions

0 votes
1 answer
Forcing "" around displaynames and email addresses with & in, or just getting a detailed error message.

Hi, I need to create a number of mail user accounts via Adaxes and a lot of these accounts have & in the displayname/email address etc (I know, I know ... failed so I can troubleshoot it better. I have tried $context.logmessage($_.Exception.Message) Thanks

asked May 9 by typod (50 points)
0 votes
1 answer
How to replace umlaute or unwanted characters, like é ô and something else

I would like to replace some characters "before user creation". With character like umlaute "ä", "ö", "ü". The script works. But characters like "é", "ô" doesn't seem to ... upn we have some issues with it in the Azure World. Do you have a solution for this?

asked Jun 20, 2023 by VinAx (50 points)
0 votes
1 answer
Whend creating and updating user via scrpt can we change this to find the manager via employeeID or SAMAccountName?

This script description says it can find the manager via FullName Distinguished name or Display name. Wondering if we can change it to use employeeID or SamAccountName.

asked Oct 24, 2022 by mightycabal (1.0k points)
0 votes
1 answer
Is it better to grant access via multiple OU and group assignments in the security role or use a business unit?

I have 18 domains managed by Adaxes and have noticed that Admin (full access) t all objects acts normally, but for piecemeal scopes like Service Desk that scopes to individual ... role (including 16 denies) and expect it to grow as we add more domains.

asked Sep 20, 2022 by DA-symplr (100 points)
0 votes
1 answer
Feature Request - Confirmation window when changing logic from "AND" to "OR" and vice versa

On scheduled tasks, business rules, and custom commands, inside an if statement, you have the option for it to be "AND" or "OR" in the condition. Can there be a ... a bunch of computer accounts to be deleted. We think this would be a good safety measure.

asked Mar 22, 2021 by mark.it.admin (2.3k points)
3,552 questions
3,242 answers
8,243 comments
547,828 users