Script repository

Update property pattern item with names of groups located in a container

August 14, 2023 Views: 1490
Miscellaneous

Te script updates values allowed for a property by a property pattern with the names of groups located in a container. To run the script, create a custom command, business rule or scheduled task configured for the Organizational Unit or Container object type.

Parameters

  • $patternName - Specifies the name of the property pattern to update.
  • $propertyToUpdate - Specifies the LDAP anme of the property for which the property pattern item will be updated.
Edit Remove
PowerShell
$patternName = "User" # TODO: modify me
$propertyToUpdate = "department" # TODO: modify me

function SearchObjects($criteria, $containerPath)
{
    $searcher = $Context.BindToObject($containerPath)
    $searcher.Criteria = $criteria
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.PageSize = 500
    $searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"     
    
    try
    {
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()
        
        return ,$searchResults
    }
    finally
    {
        # Release resources
        if ($searchResultIterator){ $searchResultIterator.Dispose() }
    }
}

# Get all groups in the target OU.
$criteria = New-AdmCriteria "group"
$groupSearchResults = SearchObjects $criteria $Context.TargetObject.AdsPath

# Exit if no groups found.
if ($groupSearchResults.Length -eq 0)
{
    return
}

# Get group names.
$groupNames = New-Object System.Collections.ArrayList
foreach ($searchResult in $groupSearchResults)
{
    $groupNames.Add($searchResult.Properties["name"].Value)
}

# Find property pattern.
$propertyPatternsPath = $Context.GetWellKnownContainerPath("PropertyPatterns")
$criteria = New-AdmCriteria "adm-PropertyPattern" -Expression {name -eq $patternName}
$patternSearchResults = SearchObjects $criteria $propertyPatternsPath

if ($patternSearchResults.Length -gt 1)
{
    $Context.LogMessage("Found more than one Property Pattern with name '$patternName'.", "Warning")
    return
}
if ($patternSearchResults.Length -eq 0)
{
    $Context.LogMessage("Property Pattern '$patternName' does not exist.", "Error")
    return
}

# Bind to the property pattern.
$pattern = $Context.BindToObject($patternSearchResults[0].AdsPath)

# Delete the pattern item for the property.
foreach ($item in $pattern.Items)
{
    if ($item.PropertyName -ieq $propertyToUpdate)
    {
        $pattern.Items.Remove($item)
        break
    }
}

# Create list of values for the property.
$item = $pattern.Items.Create()
$item.PropertyName = $propertyToUpdate

$constraints = $item.GetConstraints()
$constraint = $constraints.Create(
    "ADM_PROPERTYCONSTRAINTTYPE_VALUERANGE")
$constraint.AreValuesDenied = $False
$constraint.Values = $groupNames.ToArray()
$constraints.Add($constraint)
$item.SetConstraints($constraints)

# Update property pattern.
$item.SetInfo()
$pattern.Items.Add($item)

Comments 0
Leave a comment
Related Scripts

Got questions?

Support Questions & Answers