Adaxes

Check for existing user account after user disable

0 votes

Hello,

When a user is disabled (firstname.lastname@company.com) we would like to to perform a check if a user account "admin-firstname.lastname@company.com" exists in 365/AzureAD/EntraID and send an email with this information. Could this be done with powershell?

Best Regards,

Maarten

by (70 points)

1 Answer

0 votes
by (272k points)
selected by
Best answer

Hello Maarten,

Yes, it is possible. The following SDK article will be helpful: https://www.adaxes.com/sdk/ServerSideScripting.

0

Thanks for the tip. The script below uses Graph API to check for a cloud user matching the user that was just disabled.

# concatenate admin account
$adminuser="admin-%firstname%.%lastname%@yourdomain.com"

#connect to Graph API
$token = $Context.CloudServices.GetAzureAuthAccessToken("https://graph.microsoft.com")
$token = $token | ConvertTo-SecureString -AsPlainText -Force
Connect-MgGraph -AccessToken $token

# E-mail settings
$to = "support@yourdomain.com" 
$subject = "Admin User Found"

if ( Get-MgUser -UserID $adminuser) {
    $body = "User %username% has been disabled and a matching administrator account was found: admin-%firstname%.%lastname%. Check if this adminstrator account also needs to be disabled!"
    $Context.SendMail($to, $subject, $NULL, $body)
}
by (70 points)

Related questions

0 votes
1 answer
After disable user, not user found or show when try enable

After disable user, not user found or show when try to enable...i follow and try many way yet still not showing.. please help i;m using the ... -not-show-disabled-account https://www.adaxes.com/help/PreventUsersFromViewingTheStructure/#change-top-level-node

asked Oct 23, 2023 by kimtienh (20 points)
0 votes
1 answer
Disable Unmanaged Admin account when a user is terminated

We have a custom command that executes to separate/terminate a user. Part of the CC determines if the user has an associated Admin account, which is stored as an Unmanaged ... the user account but we need a way to also disable the associated Admin account.

asked Jul 18, 2023 by sandramnc (870 points)
0 votes
1 answer
Copy group membership from already existing user except for a couple of groups

Is it possible using PowerShell to copy group memberships from an already existing user without copying 2 specific groups named for example test and test 1 ? We are currently ... groups are not included. I can share the PowerShell script if needed. KR, Cas

asked Oct 30, 2023 by Cas (150 points)
0 votes
1 answer
Is there a way to update the account expiry after a user logs into a computer?

Hello, I'm trying to create a business rule that will update a user account expiry date when that user logs in for the first time. I'm new to Adaxes, so I don't have a ... updated by a user's action, such as "Last Logon". Is it possible to make this work?

asked Mar 6 by sjjb2024 (60 points)
0 votes
1 answer
Is it possible when copying a user to reference the source account in an after user creation business rule?

I am trying to trigger processing outside of Active Directory when an account is created based on the source user account that was used. Does Adaxes store the source account anywhere?

asked Oct 9, 2023 by jnordell (20 points)
3,351 questions
3,052 answers
7,791 comments
545,083 users