Hello,
Here's a script that does what you need:
# Email message setings
$to = "recipient@domain.com" # TODO: modify me
$subject = "My Subject" # TODO: modify me
$htmlReportHeader = "<h1><b>Objects Managed by %name%</b></h1><br/>" # TODO: modify me
$htmlReportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me
# Get the default Web Interface address
$webInterfaceAddress = "%adm-WebInterfaceUrl%"
if ([System.String]::IsNullOrEmpty($webInterfaceAddress))
{
$Context.LogMessage("Default web interface address not set for Adaxes service. For details, see http://www.adaxes.com/help/?HowDoI.ManageService.RegisterWebInterface.html", "Warning")
}
# Get all direct reports
try
{
$directReports = $Context.TargetObject.GetEx("directReports")
}
catch
{
$directReports = $NULL
$subordinates = "The user doesn't have any direct reports.<br />"
}
# Get names of all the direct reports and add them to the report
if ($directReports -ne $NULL)
{
$subordinates = "<b>Direct Reports:</b><br /><ol>"
foreach ($directReport in $directReports)
{
# Bind to user
$user = $Context.BindToObjectByDN($directReport)
# Get username and guid
$username = [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName($user, 'IncludeParentPath')
$userGuid = [Guid] $user.Get("ObjectGuid")
# Add to report
$subordinates += "<li><a href='$webInterfaceAddress`ViewObject.aspx?guid=$userGuid'>$username</a></li>"
}
$subordinates += "</ol>"
}
# Get all managed objects
try
{
$managedObjectDNs = $Context.TargetObject.Get("managedObjects")
}
catch
{
$managedObjectDNs = $NULL
$managedObjects = "The user doesn't have any managed objects."
}
# Get names of all managed object and add them to the report
if ($managedObjectDNs -ne $NULL)
{
$managedObjects = "<b>Managed objects:</b><br /><ol>"
foreach ($managedObjectDN in $managedObjectDNs)
{
# Bind to object
$object = $Context.BindToObjectByDN($managedObjectDN)
# Get object name and guid
$objectName = [Softerra.Adaxes.Utils.ObjectNameHelper]::GetObjectName($object, 'IncludeParentPath')
$objectGuid = [Guid] $object.Get("ObjectGuid")
# Add to report
$managedObjects += "<li><a href='$webInterfaceAddress`ViewObject.aspx?guid=$objectGuid'>$objectName</a></li>"
}
$managedObjects += "</ol>"
}
# Build the report
$htmlBody = $htmlReportHeader + $subordinates + $managedObjects + $htmlReportFooter
# Send mail
$Context.SendMail($to, $subject, $NULL, $htmlBody)
In the script, modify the following to meet your requirements:
- $to - specifies the notification recipient,
- $subject- specifies the e-mail message subject,
- $htmlReportHeader - specifies the report header (text before the list of managed objects),
- $htmlReportFooter - specifies the report header (text after the list of managed objects).
To create lists of managed objects automatically when deprovisioning users, you need to modify the Custom Command that you use for deprovisioning as follows:
- Launch Adaxes Administration Console.
- In the Console Tree, expand the service node that represents your Adaxes service.
- Navigate to and select the the Custom Command that you use for deprovisioning. The actions and conditions of the Custom Command will be displayed in thew Result Pane (located to the right).
- Right-click an action that is always executed and select Add New Action.
If all of the actions are executed only when certain conditions are met, right-click below all the actions and conditions, and then click Add Action to New Set.
- Select the Run a program or PowerShell script action.
- Paste the above script in the Script field.
- Enter a short description for the script and click OK.
- Save the Custom Command.