Hello,
Here you are:
# Get an array of group GUIDs
try
{
$sourceGroupGuids = $Context.Initiator.UserAdsObject.Get("adm-CustomAttributeBinary1")
}
catch
{
$Context.Cancel("Failed to get group GUIDs.")
return
}
# Calculate the number of GUIDs
$totalBytes = $sourceGroupGuids.Length
# Make sure that the total number of bytes is a divisible of 16
$remainder = 0
[System.Math]::DivRem($totalBytes, 16, [ref] $remainder)
if ($remainder -ne 0)
{
$Context.Cancel("Unexpected data length!")
return
}
$groupsToAdd = New-Object "System.Collections.Generic.HashSet[System.Guid]"
for ($i = 0; $i -lt ($totalBytes / 16); $i++)
{
$bytes = [System.Guid]::Empty.ToByteArray()
[System.Array]::Copy($sourceGroupGuids, $i * 16, $bytes, 0, 16)
$guid = New-Object "System.Guid" (,$bytes)
$groupsToAdd.Add($guid)
}
# Get GUIDs of the groups the user is a member of
$memberOfGuids = $Context.TargetObject.GetEx("adm-DirectMemberOfGuid")
# Adjust the list of groups to add the user to
foreach($memberOfGuidBytes in $memberOfGuids)
{
$guid = New-Object "System.Guid" (,$memberOfGuidBytes)
if (-not($groupsToAdd.Contains($guid)))
{
continue
}
$groupsToAdd.Remove($guid) # already a member of the group
}
# Add to groups
$failedToAdd = ""
$successfullyAdded = ""
foreach($groupGuid in $groupsToAdd)
{
$groupGuid = $groupGuid.ToString("B")
$groupPath = "Adaxes://<GUID=$groupGuid>"
$groupName = $Context.GetDisplayNameFromAdsPath($groupPath)
try
{
$group = $Context.BindToObjectEx($groupPath, $True)
$group.Add($Context.TargetObject.AdsPath)
}
catch
{
$failedToAdd += "$groupName; "
continue
}
$successfullyAdded += "$groupName; "
}
if ($successfullyAdded.Length -ne 0)
{
$Context.LogMessage("The user was added to the following groups: $successfullyAdded", "Information") # TODO: modify me
}
if ($failedToAdd.Length -ne 0)
{
$Context.LogMessage("The user was not added to the following groups because you do not have sufficient permissions: $failedToAdd", "Information") # TODO: modify me
}