0 votes

From the Administration Console, when adding users to a group, I would like the ability to paste a list of users, like I can in ADUC.

Also, I would like the ability to paste a list of groups to a user.

by (1.1k points)

1 Answer

0 votes
by (216k points)

Hello,

There is no built-in functionality for that in Adaxes. We are planning to implement such functionality in one of the nearest releases. However, we can suggest a workaround for you right now. You can create a Home Page Action for Adaxes Web interface that will allow users to select a group and input a comma-separated list of SAMAccountNames of the users that you want to add to the group. When you click OK, a Business Rule is triggered that will add the users to the selected group using a PowerShell script.

To implement such a solution, you need to create a Home Page Action that will modify a group and will contain only one property on the form. The property will be used to input the names of the users and pass them to the PowerShell script. For this purpose you can use an Adaxes virtual property that can store string (text) data, for example CustomAttributeText1. Adaxes virtual properties are not stored in Active Directory, but you may use them as any other property of directory objects.

Then, you can create a Business Rule that will be triggered after updating a group and will check the value of the property that you chose to pass usernames. If the property is not empty, the Business Rule will use a PowerShell script to split the text passed by the property into separate user names and add the specified users to the group. Also, you can set up the display name for the CustomAttributeText1 property for it to be more informative for your users.

I. Create a Home Page Action with a customized input form

  1. On the computer, where your Web Interface is installed, start the Web Interface Customization tool.
  2. In the Interface type drop-down list, select the Web Interface you want to configure.
  3. Activate the General tab, select the Actions pane option, and click Configure Home Page Actions.
  4. In the dialog box that appears, click Add.
  5. On the 1st step of the Add Home Page Action wizard that appears, select Modify and choose Group from the associated drop-down list.
  6. On the 4th step of the wizard, select Use customized form and click Customize Form.
  7. In the Customize Form dialog that appears, you need to remove all the fields in the General section. On how to delete fields, refer to step 6 of the Customize Forms for User Creation and Editing Tutorial.
  8. Now, you need to add the virtual property that you will use on your form. To add a property to a web Interface form, click the Add button below the Section fields section.
  9. In the dialog box that appears, you need to select the virtual property that you will use. As virtual properties are not displayed by default, you need to tick Show all properties to be able to select them.
  10. Select the virtual property that you will use, for example CustomAttributeText1.
  11. Click OK.
  12. Finish the Add Home Page Action wizard.

II. Create a Business Rule that will add users to groups

  1. Create a new Business Rule.
  2. On the 2nd step of the Create Business Rule wizard, select Group and After Updating a Group.
  3. On the 3rd step, add the Run a program or PowerShell script action and paste the following script from our Script Repository: Add users to group in bulk.
  4. In the script, $propertyForUsernames specifies the LDAP display name of the property that will be used to specify new group members. Specify the same property as you added on the form of your Home Page Action.
  5. Add a short description for the script and click OK.
  6. Now you have to add a condition when the script will be triggered. The names of the users will be passed in the CustomAttributeText1 property, so we need to check in the Business Rule whether CustomAttributeText1 is not empty. To do this, click the Add Condition button.
  7. In the dialog box that appears, select the If <property> <relation> <value> condition.
  8. In the <property> drop-down list, select Show all properties.
  9. Select the property that you chose to pass usernames.
  10. Select is not empty.
  11. Click OK and finish creation of the Business Rule.

As to adding groups to a user, you can use a similar approach, but will require a slightly different script and Home Page Action. If you want, we can provide you with instructions on how to accomplish this.

0

Thanks. Finally got a chance to test this, and it worked.

This is far from optimal however. Due to Adaxes' logging ability, I would like to limit all changes be done through Adaxes.

I still find myself going to the ADUC to make changes however, which in turn the changes don't get logged.

Hopefully, this ability will come to the console soon (I did not see it in the list in the 2013.1 thread)!

0

Hello,

We have the feature on our TODO list with a very high priority.

Related questions

0 votes
1 answer

Hello, I have my OUs structured so each department we're working with has an OU for their service accounts under their department OU. e.g. OU=Service Accounts,OU=Sales,OU= ... add each new OU to the scheduled task but I was hoping for something more hands off.

asked Oct 19, 2015 by drew.tittle (810 points)
0 votes
1 answer

I get this question quite a bit.... Our staff is used to being able to paste a well-formed listing of users into "Active Directory Users and Computers" when they are ... the web interface)? If not, are you considering adding this ability in the future? Thanks!

asked May 22, 2012 by BradG (950 points)
0 votes
1 answer

I'm trying to automate adding users who are enrolled in MFA to an AD group. The scripts I found elsewhere here that do not work so I believe they may have been written against a prior Adaxes version or referencing a report that does not meet our needs.

asked May 31 by neal (50 points)
0 votes
1 answer

Is it possible to add multiple members to a group in a singe call to the REST API? The example code only shows a single member. What would the data structure look like in that case?

asked Dec 13, 2021 by swengr59 (60 points)
0 votes
1 answer

With Active Directory Users and Computers, I can add group members by copying a list of usernames and pasting them into the Add Members dialog box. This is very quick and easy. How can I do this with Adaxes? It seems that I can only add one member at a time.

asked Feb 24, 2017 by abarker5 (80 points)
3,588 questions
3,277 answers
8,303 comments
548,085 users