Auto-Add/Remove to a Security Group Based on an AD Attribute

Is it possible to script having users added (or removed) from a Security Group based on another AD Attribute?

I have found ways to do this in Powershell (something like):
# Get the ad cmdlets imported
import-module ActiveDirectory
# Clear all current members of NoInternet Group
get-adgroupmember No_Internet_GG | %{remove-adgroupmember No_Internet_GG $_.SamAccountName -Confirm:$false}
# Add all No Internet users to a Group
get-aduser -filter{city -like "No Internetville"} | %{Add-ADGroupMember No_Internet_GG $_.SamAccountName}

but I wanted to see if this is possible with an Adaxes script.

For instance, if a user has a location AD attribute of CA, I want them added to the LOCATION_CA AD security group. If they relocate to CO, I want them to be removed from the LOCATION_CA group and added to the LOCATION_CO group. The script would then run in a timed fashion, weekly. Alternatively, the script could just delete all members of the LOCATION_CA group on a weekly basis and then re-populate it based on the location AD attribute.

Or should I just utilize the PS script and just run it through Adaxes on a timed fashion?

Thanks!

by (360 points)

1 Answer

by (216k points)
Best answer
0 votes

Hello,

Have a look at the following tutorial: http://www.adaxes.com/tutorials_Automat ... cripts.htm.

by (360 points)
0

Excellent, thank you!

Related questions

Add value to custom attribute to both an on prem AD object as well as their entra object

Can you let me know how to simultaneously add a value to a custom attribute to both the AD and Entra user objects? The graphical interface update only does it to the AD user object. Thanks.

asked Mar 25, 2025 by msheppard (880 points)
0 votes
1 answer
Create a business Unit to auto populate based on group owners in a specific OU

Is it possible to create a business unit and have it auto populate with group owners in a specific OU. I've tried a few scripts to get propertie adm-managedbylist but none have worked so far.

asked Nov 18, 2024 by C27 (20 points)
0 votes
1 answer
Need a script to add users who are enrolled in MFA to an AD group.

I'm trying to automate adding users who are enrolled in MFA to an AD group. The scripts I found elsewhere here that do not work so I believe they may have been written against a prior Adaxes version or referencing a report that does not meet our needs.

asked May 31, 2024 by neal (50 points)
0 votes
1 answer
How can I restrict users automatically based on an AD attribute?

This is for license purposes and we do not want them visible in the Adaxes portal.

asked Oct 22, 2021 by jfrederickwl (20 points)
0 votes
1 answer
Add user to a group based on a custom field

Is it possible to add a user to a group based on hardware ? There are users with a Windows device and a MacOS device. I want to be able to choose this when ... the user via Adaxes and automatically link them to a specific group based on the chosen hardware.

asked Apr 16, 2024 by Cas (200 points)
0 votes
1 answer