Adaxes

build approver list via powershell from group and remove initiator

0 votes

This may sound a little convoluted, but I will try and explain.

I'd like to have an operation require approval by a group. And if the initiator is a member of that group, I don't want the request to be automatically approved. We want a peer to approve - someone in the same team. And right now, the request is automatically approved because the initator is in the group of approvers.

I've seen questions and answers about building a list of requestors via powershell, but I am missing something.

I need to retrieve the members of the approver group (which will be DNs) and then I need to search the members of the approver group looking for the DN of the initator and remove it.

Then the request for approval can be submitted.

So, I've got the workflow ... but I am getting stuck on retrieving the Initator's DN.

My apologies if this is a simple request. I ran a big deployment of adaxes several years ago and I am just now (like right now) getting back into it at a new company. I've got to dust off some of the brain cells.

Thanks.

by (40 points)

1 Answer

0 votes
by (282k points)

Hello,

You can use value reference %adm-InitiatorDN%. It will resolve into the distinguished name of the account who initiated the core operation. Make sure to wrap it into double quotes in your script.

Related questions

0 votes
1 answer
Powershell: Removing a user from one group and adding to another via Scheduled Task

I have a scheduled task that runs a Powershell script against an AD group, "Group 1". I need to get all of the members of Group 1, and add them to Group 2. The ... identity in the error message start with 'user;'? What is the correct way to accomplish this?

asked Aug 27, 2019 by ngb (280 points)
0 votes
1 answer
Remove all user from group and add new ones from TXT

Hi Guys, I'm trying to clean all users from Local Group test_group, and next new bunch of users form TXT fiel, by executing the following script as a scheduled task Import-Module ... .txt I have only 600 users. Do you have any idea how to improve this script?

asked Feb 27, 2015 by axmaster (510 points)
0 votes
1 answer
creating cpu - is it possible to check and change the CN via Powershell script if the entered CN is already used in AD?

For creating a computer object, we want to check if the entered CN is already used in our AD. And for that we want to use a powershell script. An other dot ... powershell script should be start before creating the computer object, right? Thanks for your help.

asked Jun 4 by KEME (80 points)
0 votes
1 answer
Save powershell value to Adaxes attribute and send via email notification

Hello, is there a way to save powershell variable to axases attribute and send it via "send email notification" in Scheduled task? for example, check if Office 2016 ... .name) installed"} ` then add $customattrib value to Send email notification. Thank you

asked Feb 13, 2020 by vheper (20 points)
0 votes
1 answer
Remove/Modify Adaxes Attributes from Powershell

I am using external powershell scripts where adaxes custom attributes are used as inputs. I want to clear/modify those attributes after my external ps1 script gets executed ... the same inside my external scripts thru try{}catch{} error handling method?

asked Mar 19, 2016 by Brajesh (460 points)
3,472 questions
3,165 answers
8,057 comments
547,017 users