The script denies all pending requests initiated by a specific user or scheduled task. The script should be executed in Windows PowerShell on the computer where Adaxes service is installed. When prompted, specify the credentials of the Adaxes service account.
In the script, the $requestorDN variable specifies the distinguished name (DN) of a user or scheduled task that initiated the requests to be denied. For information on how to get the DN, see Get the DN of a directory object.
PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")
$requestorDN = "CN=MyTask,CN=Scheduled Tasks,CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes" # TODO: modify me
# Prompt for credentials.
$credential = Get-Credential
# Connect to the Adaxes service
$admNS = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$admService = $admNS.GetServiceDirectly("localhost")
# Bind to the 'Approval Requests' container
$containerPath = $admService.Backend.GetConfigurationContainerPath(
"ApprovalRequests")
$container = $admService.OpenObject($containerPath.ToString(),
$credential.UserName, $credential.GetNetworkCredential().Password, 0)
# Get all pending approval requests
$requests = $container.GetApprovalRequests("ADM_APPROVALSTATE_PENDING")
# Get requestor GUID
$requestor = $admService.OpenObject("Adaxes://$requestorDN",
$credential.UserName, $credential.GetNetworkCredential().Password, 0)
$requestorToCheckGuid = [Guid]$requestor.Get("objectGUID")
# Deny the requests
foreach ($requestID in $requests)
{
# Bind to the approval request
$guid = New-Object "System.Guid" (,$requestID)
$guid = $guid.ToString("B")
$requestPath = "Adaxes://<GUID=$guid>"
$request = $admService.OpenObject($requestPath, $credential.UserName, $credential.GetNetworkCredential().Password, 0)
$requestorGuid = [Guid]$request.Get("adm-ApprovalRequestorGuid")
if ($requestorGuid -eq $requestorToCheckGuid)
{
# Deny the request
$request.Deny("The request is denied")
}
}