Access Denied on Business Rule

Question

Fresh install of Adaxes, version 2023.2

Testing out creating a user in Active Directory and I found a simple script to check if the username and email is unique. This rule is set to run before creating the user.

Code is below

# Build criteria
if (-not([System.String]::IsNullOrEmpty("%mail%")))
{
    $expression = {sAMAccountName -eq "%username%" -or mail -eq "%mail%"}
}
else
{
    $expression = {sAMAccountName -eq "%username%"}
}
$criteria = New-AdmCriteria -Type "user" -Expression $expression

# Search for users with the username or email address specified
$searcher = $Context.TargetObject
$searcher.Criteria = $criteria
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.VirtualRoot = $True
$searcher.SizeLimit = 1

try
{
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()

    if ($searchResults.Length -ne 0)
    {
        $Context.Cancel("A user with the same username or email address already exists")
        return
    }
}
finally
{
    # Release resources
    $searchResultIterator.Dispose()
}

I create the business rule and can run the script successfully when creating the rule however when attempting to create a user I get the error:

The service account configured in Adaxces has been delegated permission for a staging OU however this script isnt writing to the domain so delegation shouldn't be required

Comments

Hello,

For troubleshooting purposes, please, sign in with the credentials of the Adaxes service account (specified during Adaxes installation) and try creating a user in the same OU. Does it work fine?