How can I add a user to multiple groups provided via a Webinterface Directory object picker parameter?

Question

I have tried it using the Custom Commands Action "Add the user to a group", which only allows me to add the user to one group at a time, and can't use the multiple DNs that the object picker parameter provides.

Next I tried a powershell script:

$groupsParam = %param-gruppen% # TODO: modify me
$groupsParamSeparator = ";" # TODO: modify me

$groups = $Context.GetParameterValue($groupsParam)
foreach ($dn in $groups.Split($groupsParamSeparator))
{
    $groups.Add($Context.TargetObject.AdsPath)
}

But I can't get it to work. Could you assist me in finding the best way to do this?

Answer 1

Hello Dominik,

You can use the below script in a custom command configured for the User object type. In the script:

• $groupsParam – Specifies the name of the parameter that will be used to select groups. The name must include the param- prefix
• $groupsParamSeparator – Specifies the separator enter for multiple values in the parameter settings. Make sure not to use English characters or comma as they are always present in object DNs and will not work as separator.
• $pipelined – If set to false, adding to groups will be performed directly in AD and Adaxes workflows will not trigger. Also, there will be no log records for group updates in Adaxes.

$groupsParam = "param-gruppen" # TODO: modify me
$groupsParamSeparator = ";" # TODO: modify me
$pipelined = $True # TODO: modify me

# Get parameter value
$groupDNs = $Context.GetParameterValue($groupsParam)

foreach ($groupDN in $groupDNs.Split($groupsParamSeparator))
{
    # Bind to the group
    $group = $Context.BindToObjectByDNEx($groupDN, $pipelined)

    # Add target user to group
    $group.Add($Context.TargetObject.AdsPath)
}

Comments

This has worked perfectly, thanks so much for responding so fast!