0 votes

The rule runs but since the first name and last name are passed as parameters, I only get the sequential # as a userID without the initials.

by (290 points)
0

Hello,

Sorry for the confusion, but we are not sure what exactly the issue is. As it is shown in the script, the $valueFormat variable can have a template based on property values by using value references. Value references resolve before executing the script and thus are used to generate the required value sequentially.

0

So the script above runs on a business rule "before creating user" it replaces the username at creation with a username that is first initial, last inital and a sequential number.

When creating a user in the web portal it works as expected, however we also have an import rule that runs from an external script that calls on the adaxes service via New-ADMUser, the user creates and the rule executes but it omits the first initial and last initial as it is not picking up the first and last name being passed by the New-ADMUser cmdlet.

0

Hello,

Thank you for clarifying. Please, provide the import script you are using. You can post it here or send to us at support@adaxes.com.

0

The below script we will have on schedule in Adaxes to run, pickup the CSV and create the user.


 ###START SETUP###
# Import the Adaxes module for modifying AD
Import-Module Adaxes

# Import the System.Web assembly for generating passwords
Add-Type -AssemblyName System.Web

# Path to the CSV file
$csvFilePath = "C:\HCM-IMPORT\Inbound-to-Adaxes\Inbound.csv"

# Import the CSV file sent from HCM
$importedUsers = Import-Csv -Path $csvFilePath -Delimiter '|'

###END SETUP###

###DECLARE FUNCTIONS###

# Function to check if a UPN exists
function Get-UPN {
    param (
        [string]$UPN
    )
    return Get-ADUser -Filter {UserPrincipalName -eq $UPN} -Properties UserPrincipalName
}

# Function to generate a unique UPN
function Generate-UniqueUPN {
    param (
        [string]$firstName,
        [string]$lastName
    )
    $domain = "sjhmc.org"
    $baseUPN = "$($lastName)$($firstName.Substring(0,1))@$domain"
    $newUPN = $baseUPN
    $counter = 1
    while (Get-UPN -UPN $newUPN) {
        $newUPN = "$($lastName)$($firstName.Substring(0,$counter+1))@$domain"
        $counter++
    }
    return $newUPN
}

###END FUNCTIONS###

###BEGIN MAIN PROGRAM###

# Loop through each user in the CSV file
foreach ($user in $importedUsers) {
    switch ($user.'Update Type') {

    #Add users based on 'A' in the Update Type Column

        'A' {

            # Generate a unique UPN
            $upn = Generate-UniqueUPN -lastName $user.'Last Name' -firstName $user.'First Name'

            #Generate a Unique Password
            $password = [System.Web.Security.Membership]::GeneratePassword(12, 4)
            $password = ConvertTo-SecureString "$password" -AsPlainText -Force

             # Add a new user

                    New-AdmUser -Name "$($user.'First Name') $($user.'Middle Name') $($user.'Last Name')" `
                                -SamAccountName $upn.Split('@')[0] `
                                -UserPrincipalName $upn `
                                -EmployeeID $user.'Employee ID' `
                                -Title $user.Title `
                                -Manager $user.Manager `
                                -Department $user.Department `
                                -Office $user.Location `
                                -Path "OU=SJH Users Test,DC=sjhmc,DC=sjhealthsys,DC=org" `
                                -Enabled $false `
                                -Description "Created by HCM Import"`
                                -AccountPassword $password -ChangePasswordAtLogon $true `
                                -AdaxesService "localhost"

                    Write-Output "Added user: $($user.'First Name') with UPN $upn"}

     #Update users based on 'U' in the Update Type Column    

        'U' {
            # Update an existing user
            Set-AdmUser -Identity $user.UPN `
                        -GivenName $user.'First Name' `
                        -Surname $user.'Last Name' `
                        -Title $user.Title `
                        -Manager $user.Manager `
                        -Department $user.Department `
                        -Office $user.Location `
                        -AdaxesService "localhost"
            Write-Output "Updated user: $($user.UPN)"
        }

      #Disable users based on 'T' in the Update Type Column

        'T' {
            # Terminate a user
            Disable-AdmAccount -Identity $user.UPN.Split('@')[0] -AdaxesService "localhost"
            Write-Output "Terminated user: $($user.UPN)"
        }
        default {
            Write-Output "Unknown update type for user: $($user.'Employee ID')"
        }
    }
}
0

Hello,

For troubleshooting purposes, please, provide us with a screenshot of the business rule running the script and a screenshot of the execution log for one use creation performed by the import script. You can post the screenshots here or send to us at support@adaxes.com. For details on how to view an operation execution log, see https://www.adaxes.com/help/ViewOperationsPerformedViaAdaxes.

0

Hello

Here is the business rule: image.png

Here is the log: image.png

The user was created as 10025, but should have been jd10025. Creating via the web portal the business rule works, executing the script, it omits the initials and only provides the #.

0

Hello,

Unfortunately, that is the screenshot of the wrong log. It should be for the user creation, not for the script execution.

0

image.png

0

Hello,

Thank you for the provided screenshot. For further troubleshooting, please, send us (support@adaxes.com) a copy of the CSV file that was imported to create the user.

1 Answer

0 votes
by (294k points)

Hello,

Thank you for the provided CSV file. The thing is that your import script creates users without the First Name and Last Name properties. It works fine as the properties are not mandatory in AD. As a result, the related values references resolve into empty values which is expected. To achieve the desired, you need to add the corresponding parameters to the New-AdmUser cmdlet.

New-AdmUser -Name "$($user.'First Name') $($user.'Middle Name') $($user.'Last Name')" `
            -SamAccountName $upn.Split('@')[0] `
            -GivenName $user.'First Name' `
            -Surname $user.'Last Name' `
            -UserPrincipalName $upn `
            -EmployeeID $user.'Employee ID' `
            -Title $user.Title `
            -Manager $user.Manager `
            -Department $user.Department `
            -Office $user.Location `
            -Path "OU=DraculaTest,OU=Adaxes Test OU,DC=adaxeslab,DC=local" `
            -Enabled $false `
            -Description "Created by HCM Import"`
            -AccountPassword $password -ChangePasswordAtLogon $true `
            -AdaxesService localhost `

Related questions

0 votes
1 answer

Using this built in function: There is no option to change the domain on the user account, however this is not the domain we use for UPN. However after creating a user, you can change it but trying to avoid going back into the object.

asked Apr 14, 2023 by mightycabal (1.0k points)
0 votes
1 answer

I'm currently writing an "After User Creation" rule and I have a PowerShell script that adds the newly created, on-premises synced user to a handful of cloud ... powershell cmdlet that fails. I need to use PowerShell for the additional condtional flexibility.

asked Dec 13 by smcfarland (60 points)
0 votes
1 answer

Or is there another solution to solve this?

asked Sep 15, 2022 by boris (550 points)
0 votes
1 answer

Currently, when I disable a user account in Adaxes, the group memberships of the user remain intact. I'd like to automate the removal of group memberships such as distribution ... a list of groups/DL that the user was previously in and removed from. Thanks!

asked Nov 3, 2021 by jayden.ang (20 points)
3,588 questions
3,277 answers
8,303 comments
548,079 users