Adaxes

If user in group return true

0 votes

Hello everyone,

I have the following code with which I want to check whether the user is in one of the 7 groups and if so it should return true. For this I have the condition in a business rule, if powerschell returns true, a mail should be sent. However, I never receive a mail although the user is in one of those groups? Do I have an error in the script?

Thank you very much!

# Define the username and the list of groups
$userName = "%username%"
$groupList = @( "grp_1",
                "grp_2",
                "grp_3",
                "grp_4",
                "grp_5",
                "grp_6",
                "grp_7")

# Initialize the variable to store the result
$Context.ConditionIsMet = $False;

# Check each group to see if the user is a member
foreach ($group in $groupList) {
    # Get the members of the group
    $groupMembers = Get-ADGroupMember -Identity $group -ErrorAction SilentlyContinue | Select -ExpandProperty SamAccountName

    # Check if the username is in the group's member list
    if ($userName -in $groupMembers) {
        $Context.ConditionIsMet = $True;
        break; # Stop the loop since the user was found in a group
    }
}

# Return the result
return $Context.ConditionIsMet;
by (280 points)

1 Answer

0 votes
by (272k points)

Hello,

First of all, there is no need to use scripts. You can just use the dedicated condition. For example: image.png If you still prefer using a script, you can use the below one. In the script, the $groupDNs variable specifies distinguished names (DNs) of the groups to check. For information on how to get an object DN, see https://adaxes.com/sdk/HowDoI.GetDnOfObject.

$groupDNs = @("CN=gr_1,OU=Groups,DC=compay,DC=com", "CN=gr_2,OU=Groups,DC=compay,DC=com", "CN=gr_3,OU=Groups,DC=compay,DC=com", "CN=gr_4,OU=Groups,DC=compay,DC=com")

$Context.ConditionIsMet = $False

foreach ($groupDN in $groupDNs)
{
    $group = $Context.BindToObjectByDN($groupDN)

    if($group.IsMember($Context.TargetObject.AdsPath))
    {
        $Context.ConditionIsMet = $True
        return
    }
}
0

Hello, yes I'm going to use the script, because we check a lot of groups. So with the script it takes less clics.

But I testet the script, and the answer is send when the user is not member of these groups... How can I adapt this error?

thx

by (280 points)
0

Hello,

Most probably, there is something more complex in your case as the script works exactly as intended when the target object and the groups are in the same domain. Try using Return true if the target object is a member of any of the groups from the following article: https://www.adaxes.com/script-repository/check-whether-the-target-object-is-a-member-of-multiple-groups-s294.htm.

by (272k points)

Related questions

0 votes
1 answer
Can't authenticate with servers if the user is in the built-in group "Protected Users"

We can authenticate if we login to the machine hosting the service but if I have the client installed on my desktop, I can't authenticate with any ... .com/en-us/windows-server/security/credentials-protection-and-management/protected-users-security-group

asked Sep 12, 2022 by mark.it.admin (2.3k points)
0 votes
1 answer
Can I create a rule to count members in a group and send an email if the number approaches a set point?

We have a 3rd party vendor that we are able to add users based on AD security groups. What I need to do is set a parameter for the number of available licenses and whenever ... the group is 495 I would like an email to trigger telling me to add more licenses.

asked Oct 12, 2022 by A_Pastor (70 points)
0 votes
1 answer
Check if User Is member of a group

Hello, I have a web service that checks if a user is a member of a group. I am not concerned if they are a direct member or an indirect member of a group, but if the user is in the ... I pass it User A and Group 1. I am using ADSI, c# (.Net 4.0), and WCF.

asked Feb 23, 2014 by mbcalvin (140 points)
0 votes
1 answer
checking if office 365 user exists AND logging in scheduled scripts

and script is but nothing is happeneing. my user in adaxe browwser has the attribute to yes

asked May 10, 2023 by fjacques (20 points)
0 votes
1 answer
Report Specific Column True/False for Group Memberships

Hello, I have a report of computers in multiple groups that I used to create a chart count of "Computers" in certain security memberships relating to agent software. ... a member of the group written in the script. Any assistance is appreciated. Thanks!

asked Nov 7, 2023 by Edogstraus00 (470 points)
3,356 questions
3,055 answers
7,799 comments
545,164 users