Defining actions and conditions
This article describes how to define conditions and actions for business rules, custom commands, and scheduled tasks.
To access conditions and actions, you need to use the ConditionedActions property of the IAdmBusinessRule interface. Both IAdmCustomCommand and IAdmScheduledTask interfaces are inherited from the IAdmBusinessRule interface, which means that the ConditionedActions property is also available for custom commands and scheduled tasks.
Actions and conditions are grouped in sets. The ConditionedActions property exposes the IAdmCollection interface, which maintains a collection of such sets. Each item in the collection supports the IAdmBusinessRuleConditionedActions interface that represents a specific set of actions and conditions.
Conditions in a set are combined with a logical operator. If conditions are combined with the AND operator, the actions specified in the set are executed only if all conditions are met. If conditions are combined with the OR operator, the actions are executed if at least one condition is met.
To specify a logical operator for conditions specified in a set, use the IAdmBusinessRuleConditionedActions::ConditionsLogicalOperation property. You need to specify the logical operator even if the set does not contain any conditions. The ADM_LOGICALOPERATION_ENUM enumeration specifies the values you can use when setting this property.
The following code sample creates a new set of actions and conditions.
- PowerShell
-
# The $obj variable refers to a business rule, custom command, or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() # Combine conditions with AND $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" # Save the set $actionsAndConditions.SetInfo() # [TODO] add actions and conditions to the set # Add the set to the business rule, custom command, or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command, or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); // Combine conditions with AND actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; // Save the set actionsAndConditions.SetInfo(); // [TODO] add actions and conditions to the set // Add the set to the business rule, custom command, or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Adding conditions
To add a condition to a set of actions and conditions, you need to use the Conditions property of the IAdmBusinessRuleConditionedActions interface. The property supports the IAdmCollection interface, which can be used to maintain the collection of conditions.
To add a condition:
-
Call IAdmCollection::CreateEx to create a condition object. Pass the object class of the condition you want to create as the parameter of the method. See the table below to view, which object classes correspond to which conditions.
The object returned by the IAdmCollection::CreateEx method will support the IAdmBusinessRuleCondition interface.
-
Call IAdmBusinessRuleCondition::GetCondition to get the condition object. The interfaces supported by the object will depend on the condition type. See the table below to view, which interfaces are supported by different condition types.
-
Specify the parameters of the condition using the appropriate interface.
-
Call IAdmBusinessRuleCondition::SetCondition to update the condition parameters and call IADs::SetInfo to save the condition.
-
To add the new condition to the set of actions and conditions, call the IAdmCollection::Add method of the IAdmBusinessRuleConditionedActions::Conditions property.
The table below shows which interfaces are supported by different condition types, and which object classes correspond to which conditions types.
| Condition | Object class | Interface |
|---|---|---|
| If <property> changed | adm-AttributeChangedCondition | IAdmAttributeChangedCondition |
| If <property> <relation> <value> | adm-AttributeOperatorValueCondition | IAdmAttrOperatorValueCondition |
| If is a member of <group> | adm-GroupMembershipCondition | IAdmGroupMembershipCondition, IAdmGroupMembershipCondition |
| If operation <result> | adm-OperationResultCondition | IAdmOperationResultCondition |
| If located under <location> | adm-LocationCondition | IAdmLocationCondition, IAdmLocationCondition2 |
| If account is enabled / disabled / locked | adm-AccountStatusCondition | IAdmAccountStatusCondition |
| If certain Account Options are enabled / disabled | adm-AccountOptionsCondition | IAdmAccountOptionsCondition |
| If account/password <expiration status> | adm-AccountPasswordExpirationCondition | IAdmAccountPasswordExpirationCondition |
| If is inactive <period> | adm-InactiveAccountCondition | IAdmInactiveAccountCondition |
| If has an Exchange mailbox | adm-MailboxEnabledCondition | IAdmMailboxEnabledCondition |
| If has an email address established in Exchange | adm-MailEnabledCondition | IAdmMailEnabledCondition |
| If is licensed for Microsoft 365 | adm-O365LicenseCondition | IAdmM365LicenseCondition |
| If the initiator belongs to <business unit> | adm-TrusteeBusinessUnitCondition | IAdmTrusteeBusinessUnitCondition |
| If the initiator is a member of <group> | adm-TrusteeMembershipCondition | IAdmTrusteeMembershipCondition, IAdmTrusteeMembershipCondition2 |
| If the initiator is assigned to <security role> | adm-TrusteeRoleCondition | IAdmTrusteeRoleCondition |
| If the initiator is <user> | adm-TrusteeUserCondition | IAdmTrusteeUserCondition, IAdmTrusteeUserCondition2 |
| If PowerShell script returns true | adm-ScriptCondition | IAdmScriptCondition |
| If <parameter> <value> | adm-ParameterOperatorValueCondition | IAdmParameterOperatorValueCondition |
| If <object> exists | adm-ObjectExistsCondition | IAdmObjectExistsCondition |
| If the object belongs to <business unit> | adm-BusinessUnitMembershipCondition | IAdmBusinessUnitMembershipCondition |
| If the object is <specific object> | adm-SpecificObjectCondition | IAdmSpecificObjectCondition |
| If <property of the member> <relation> <value> | adm-MemberAttributeOperatorValueCondition | IAdmCondition |
| If the member belongs to <Business Unit> | adm-MemberBusinessUnitMembershipCondition | IAdmCondition |
| If the member is a member of <group> | adm-MemberGroupMembershipCondition | IAdmCondition |
| If the member is <specific object> | adm-MemberSpecificObjectCondition | IAdmCondition |
| If initiator is an owner of the object | adm-TrusteeOwnerCondition | IAdmTrusteeOwnerCondition |
| If the destination location is <location> | adm-DestinationLocationCondition | IAdmDestinationLocationCondition |
| If the directory is on-premises / Azure AD | adm-DirectoryTypeCondition | IAdmDirectoryTypeCondition |
All interfaces that represent conditions are inherited from the IAdmCondition interface.
The following code sample creates a new set of actions and conditions and adds the following condition to the set: If the Department property equals Sales.
- PowerShell
-
# The $obj variable refers to a business rule, custom command, or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() # Combine conditions with AND $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" # Save the set $actionsAndConditions.SetInfo() # Add the 'If Department equals Sales' condition $condition = $actionsAndConditions.Conditions.CreateEx("adm-AttributeOperatorValueCondition") $conditionObj = $condition.GetCondition() $conditionObj.AttributeName = "department" $conditionObj.ComparisonOperator = "ADM_COMPARISONOPERATOR_EQUAL" $value = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $value.PutObjectProperty("ADSTYPE_UNKNOWN", "Sales") $conditionObj.Value = $value $conditionObj.CaseSensitive = $false $condition.SetCondition($conditionObj) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) # [TODO] add actions to the set # Add the set to the business rule, custom command, or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command, or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); // Combine conditions with AND actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; // Save the set actionsAndConditions.SetInfo(); // Add the 'If Department equals Sales' condition IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AttributeOperatorValueCondition"); IAdmAttrOperatorValueCondition conditionObj = (IAdmAttrOperatorValueCondition)condition.GetCondition(); conditionObj.AttributeName = "department"; conditionObj.ComparisonOperator = ADM_COMPARISONOPERATOR_ENUM.ADM_COMPARISONOPERATOR_EQUAL; AdsPropertyValue value = new AdsPropertyValue(); value.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "Sales"); conditionObj.Value = value; conditionObj.CaseSensitive = false; condition.SetCondition(conditionObj); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); // [TODO] add actions to the set // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
There are more examples at the end of this article.
Adding actions
To add an action to a set of actions and conditions, you need to use the Actions property of the IAdmBusinessRuleConditionedActions interface. The Actions property supports the IAdmCollection interface, which can be used to maintain the collection of actions.
To add an action:
-
Call IAdmCollection::CreateEx to create an action object. Pass the object class of the action you want to create as the parameter of the method. See the table below to view, which object classes correspond to which action types.
The object returned by the IAdmCollection::CreateEx method will support the IAdmBusinessRuleAction interface.
-
Use the IAdmBusinessRuleAction::ExecutionOptions property to specify whether the action must be executed synchronously or asynchronously. If an action is executed asynchronously, the operation that triggered execution of this action doesn't wait for the action to be completed. The ADM_ACTIONEXECUTIONOPTIONS_ENUM enumeration specifies the values you can use when setting this property.
-
If you want the execution of the action to be approved by a responsible person, specify the approvers for the action using the IAdmBusinessRuleAction::SetApproversInfo method.
-
Call IAdmBusinessRuleAction::GetAction to get the action object. The interfaces supported by the object will depend on the action type. See the table below to view, which interfaces are supported by different action types.
-
Specify the parameters of the action using the appropriate interface.
-
Call IAdmBusinessRuleAction::SetAction to update the action parameters and call IADs::SetInfo to save the action.
-
To add the new action to the set of actions and conditions, call the IAdmCollection::Add method of the IAdmBusinessRuleConditionedActions::Actions property.
The table below shows, which interfaces are supported by different action types, and which object classes correspond to which action types.
| Action | Object class | Interface |
|---|---|---|
| Send this operation for approval | adm-ApprovalRequestInfoAction | IAdmApprovalRequestInfoAction |
| Create a directory object | adm-CreateObjectAction | IAdmCreateObjectAction |
| Update object | adm-SetPropertiesAction | IAdmSetPropertiesAction |
| Add/remove object from a group | adm-ChangeGroupMembershipAction | IAdmChangeGroupMembershipAction, IAdmChangeGroupMembershipAction2 |
| Move object | adm-CopyMoveAction | IAdmCopyMoveAction, IAdmCopyMoveAction2 |
| Delete object | adm-DeleteObjectAction | IAdmDeleteObjectAction |
| Enable/disable account | adm-SetPropertiesAction | IAdmSetPropertiesAction |
| Modify Account Options | adm-SetAccountOptionsAction | IAdmSetAccountOptionsAction |
| Reset user password | adm-ResetPasswordAction | IAdmResetPasswordAction, IAdmResetPasswordAction2, IAdmResetPasswordAction3 |
| Create/delete an Exchange mailbox | adm-ExchangeTaskAction | IAdmExchangeTaskAction, IAdmExchangeMailboxAction |
| Modify Exchange properties | adm-SetExchangeMailParametersAction | IAdmSetExchangeMailParametersAction |
| Move the Exchange mailbox | adm-MoveExchangeMailboxAction | IAdmMoveExchangeMailboxAction |
| Export the Exchange mailbox | adm-ExportExchangeMailboxAction | IAdmExportExchangeMailboxAction |
| Establish/delete email address in Exchange | adm-ExchangeTaskAction | IAdmExchangeTaskAction, IAdmExchangeRecipientAction |
| Activate or modify Microsoft 365 account | adm-ModifyO365AccountAction | IAdmModifyM365AccountAction |
| Create a home directory | adm-CreateHomeDirectoryAction | IAdmCreateHomeDirectoryAction |
| Share the home directory | adm-ShareHomeDirectoryAction | IAdmShareHomeDirectoryAction |
| Move the home directory | adm-MoveHomeDirectoryAction | IAdmMoveHomeDirectoryAction |
| Delete the home directory | adm-DeleteHomeDirectoryAction | IAdmDeleteHomeDirectoryAction |
| Delete home directory share | adm-DeleteHomeDirectoryShareAction | - |
| Archive the home directory | adm-ArchiveHomeDirectoryAction | IAdmArchiveHomeDirectoryAction |
| Run a program or PowerShell script | adm-RunScriptAction | IAdmRunScriptAction |
| Send email notification | adm-SendMailNotificationAction | IAdmSendMailNotificationAction, IAdmSendMailNotificationAction2 |
| Send SMS | adm-SendSmsAction | IAdmSendSmsAction |
| Execute a custom command | adm-CustomCommandAction | IAdmCustomCommandAction |
| Enable or disable for Skype for Business | adm-LyncEnableDisableAction | IAdmLyncEnableDisableAction, IAdmLyncEnableDisableAction2, IAdmLyncEnableDisableAction3 |
| Cancel this operation | adm-CancelOperationAction | IAdmCancelOperationAction |
| Cancel meetings organized by the user | adm-CancelMeetingsAction | IAdmCancelMeetingsAction |
| Convert mailbox | adm-ConvertMailboxAction | IAdmConvertMailboxAction |
| Unlock the user account | adm-UnlockAccountAction | - |
All interfaces that represent actions are inherited from the IAdmAction and IAdmAction2 interfaces.
The following code sample creates a new set of actions and conditions and adds the following action to the set: Modify the user: set Description to My description.
- PowerShell
-
# The $obj variable refers to a business rule, custom command, or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() # Add the 'Update User' action $action = $actionsAndConditions.Actions.CreateEx("adm-SetPropertiesAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $actionObj = $action.GetAction() # Set the Description property to 'My description' $value = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $value.PutObjectProperty("ADSTYPE_UNKNOWN", "My description") $propertyEntry = New-Object "Softerra.Adaxes.Adsi.AdsPropertyEntry" $propertyEntry.Name = "description" $propertyEntry.ADsType = "ADSTYPE_CASE_IGNORE_STRING" $propertyEntry.ControlCode = "ADS_PROPERTY_UPDATE" $propertyEntry.Values = @([Softerra.Adaxes.Interop.Adsi.Cache.IADsPropertyValue]$value) $actionObj.PropertyList.PutPropertyItem($propertyEntry) $action.SetAction($actionObj) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command, or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command, or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); // Add the 'Update User' action IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-SetPropertiesAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmSetPropertiesAction actionObj = (IAdmSetPropertiesAction)action.GetAction(); // Set the Description property to 'My description' AdsPropertyValue value = new AdsPropertyValue(); value.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "My description"); AdsPropertyEntry propertyEntry = new AdsPropertyEntry(); propertyEntry.Name = "description"; propertyEntry.ADsType = ADSTYPEENUM.ADSTYPE_CASE_IGNORE_STRING; propertyEntry.ControlCode = ADS_PROPERTY_OPERATION_ENUM.ADS_PROPERTY_UPDATE; propertyEntry.Values = new object[] { value }; actionObj.PropertyList.PutPropertyItem(propertyEntry); action.SetAction(actionObj); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Examples
The code samples below demonstrate how to define actions and conditions displayed on the image accompanying each example.
Example 1
View sample code
- PowerShell
-
# The $rule variable refers to a business rule # Create a new set of actions and conditions $actionsAndConditions = $rule.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #--------------------------------------------------------------------------------------------- # If the operation succeeded $condition = $actionsAndConditions.Conditions.CreateEx("adm-OperationResultCondition") $operationResultCondition = $condition.GetCondition() $operationResultCondition.OperationResult = "ADM_OPERATIONRESULT_SUCCEEDED" $condition.SetCondition($operationResultCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #--------------------------------------------------------------------------------------------- # If City equals 'Washington' $condition = $actionsAndConditions.Conditions.CreateEx("adm-AttributeOperatorValueCondition") $cityCondition = $condition.GetCondition() $cityCondition.AttributeName = "l" # City $cityCondition.ComparisonOperator = "ADM_COMPARISONOPERATOR_EQUAL" $cityValue = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $cityValue.PutObjectProperty("ADSTYPE_UNKNOWN", "Washington") $cityCondition.Value = $cityValue $cityCondition.CaseSensitive = $false $condition.SetCondition($cityCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #--------------------------------------------------------------------------------------------- # Create Exchange mailbox $action = $actionsAndConditions.Actions.CreateEx("adm-ExchangeTaskAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $createMailboxAction = $action.GetAction() $createMailboxAction.TaskType = "ADM_EXCHANGETASKTYPE_CREATEMAILBOX" # Set the alias $createMailboxAction.MailAlias = "%username%" # Set the mailbox database $mailboxStorageDN = "CN=Washington,CN=Databases,CN=Exchange Administrative Group," + "CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange," + "CN=Services,CN=Configuration,DC=domain,DC=com" $mailboxStore = $service.OpenObject("Adaxes://$mailboxStorageDN", $null, $null, 0) $createMailboxAction.MailboxStorageDatabase = $mailboxStore # Set the mailbox selection type $createMailboxAction.MailboxStorageSelectionType = "ADM_MAILBOXSTORAGESELECTIONTYPE_NONE" $action.SetAction($createMailboxAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) #--------------------------------------------------------------------------------------------- # Create home folder $action = $actionsAndConditions.Actions.CreateEx("adm-CreateHomeDirectoryAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $createHomeDirAction = $action.GetAction() $createHomeDirAction.HomeDirectory = "\\SERVER\SHARE\%username%" $createHomeDirAction.HomeDrive = "Z:" $createHomeDirAction.SetUserAsOwner = $false $createHomeDirAction.UserAccessPermissions = "ADM_USERACCESSPERMISSION_FULL" $createHomeDirAction.InheritParentPermissions = $true $action.SetAction($createHomeDirAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) #--------------------------------------------------------------------------------------------- # Add the user to the 'Washington' group $action = $actionsAndConditions.Actions.CreateEx("adm-ChangeGroupMembershipAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $addToGroupAction = $action.GetAction() $addToGroupAction.ActionType = "ADM_CHANGEGROUPMEMBERSHIPACTION_ADD" $groupDN = "CN=Washington,OU=Groups,DC=domain,DC=com" $group = $service.OpenObject("Adaxes://$groupDN", $null, $null, 0) $addToGroupAction.Group = $group $action.SetAction($addToGroupAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) #--------------------------------------------------------------------------------------------- # Move the user to the 'Washington' OU $action = $actionsAndConditions.Actions.CreateEx("adm-CopyMoveAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $moveAction = $action.GetAction() $moveAction.Move = $true $ouDN = "OU=Washington,OU=Offices,DC=domain,DC=com" $targetOU = $service.OpenObject("Adaxes://$ouDN", $null, $null, 0) $moveAction.TargetContainer = $targetOU $action.SetAction($moveAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule $rule.ConditionedActions.Add($actionsAndConditions) - C#
-
// The rule variable refers to a business rule // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)rule.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If the operation succeeded IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-OperationResultCondition"); IAdmOperationResultCondition operationResultCondition = (IAdmOperationResultCondition)condition.GetCondition(); operationResultCondition.OperationResult = ADM_OPERATIONRESULT_ENUM.ADM_OPERATIONRESULT_SUCCEEDED; condition.SetCondition(operationResultCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If City equals 'Washington' condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AttributeOperatorValueCondition"); IAdmAttrOperatorValueCondition cityCondition = (IAdmAttrOperatorValueCondition)condition.GetCondition(); cityCondition.AttributeName = "l"; // City cityCondition.ComparisonOperator = ADM_COMPARISONOPERATOR_ENUM.ADM_COMPARISONOPERATOR_EQUAL; AdsPropertyValue cityValue = new AdsPropertyValue(); cityValue.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "Washington"); cityCondition.Value = cityValue; cityCondition.CaseSensitive = false; condition.SetCondition(cityCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Create Exchange mailbox IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-ExchangeTaskAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmExchangeMailboxAction createMailboxAction = (IAdmExchangeMailboxAction)action.GetAction(); createMailboxAction.TaskType = ADM_EXCHANGETASKTYPE_ENUM.ADM_EXCHANGETASKTYPE_CREATEMAILBOX; // Set the alias createMailboxAction.MailAlias = "%username%"; // Set the mailbox database const string mailboxStorageDN = "CN=Washington,CN=Databases,CN=Exchange Administrative Group," + "CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange," + "CN=Services,CN=Configuration,DC=domain,DC=com"; IADs mailboxStore = (IADs)service.OpenObject("Adaxes://" + mailboxStorageDN, null, null, 0); createMailboxAction.MailboxStorageDatabase = mailboxStore; // Set the mailbox selection type createMailboxAction.MailboxStorageSelectionType = ADM_MAILBOXSTORAGESELECTIONTYPE_ENUM.ADM_MAILBOXSTORAGESELECTIONTYPE_NONE; action.SetAction(createMailboxAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); /////////////////////////////////////////////////////////////////////////////////////////////// // Create home folder action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-CreateHomeDirectoryAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmCreateHomeDirectoryAction createHomeDirAction = (IAdmCreateHomeDirectoryAction)action.GetAction(); createHomeDirAction.HomeDirectory = "\\\\SERVER\\SHARE\\%username%"; createHomeDirAction.HomeDrive = "Z:"; createHomeDirAction.SetUserAsOwner = false; createHomeDirAction.UserAccessPermissions = ADM_USERACCESSPERMISSION_ENUM.ADM_USERACCESSPERMISSION_FULL; createHomeDirAction.InheritParentPermissions = true; action.SetAction(createHomeDirAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); /////////////////////////////////////////////////////////////////////////////////////////////// // Add the user to the 'Washington' group action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-ChangeGroupMembershipAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmChangeGroupMembershipAction addToGroupAction = (IAdmChangeGroupMembershipAction)action.GetAction(); addToGroupAction.ActionType = ADM_CHANGEGROUPMEMBERSHIPACTION_ENUM.ADM_CHANGEGROUPMEMBERSHIPACTION_ADD; const string groupDN = "CN=Washington,OU=Groups,DC=domain,DC=com"; IADsGroup group = (IADsGroup)service.OpenObject("Adaxes://" + groupDN, null, null, 0); addToGroupAction.Group = group; action.SetAction(addToGroupAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); /////////////////////////////////////////////////////////////////////////////////////////////// // Move the user to the 'Washington' OU action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-CopyMoveAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmCopyMoveAction moveAction = (IAdmCopyMoveAction)action.GetAction(); moveAction.Move = true; const string ouDN = "OU=Washington,OU=Offices,DC=domain,DC=com"; IADsContainer targetOU = (IADsContainer)service.OpenObject("Adaxes://" + ouDN, null, null, 0); moveAction.TargetContainer = targetOU; action.SetAction(moveAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule rule.ConditionedActions.Add(actionsAndConditions);
For details on how to get the DN of a mailbox database, see Get the DN of a mailbox database.
Example 2
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command, or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #------------------------------------------------------------------------------------------------ # If Office equals 'My Office 1' $condition = $actionsAndConditions.Conditions.CreateEx("adm-AttributeOperatorValueCondition") $officeCondition = $condition.GetCondition() $officeCondition.AttributeName = "physicalDeliveryOfficeName" # Office $officeCondition.ComparisonOperator = "ADM_COMPARISONOPERATOR_EQUAL" $officeValue = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $officeValue.PutObjectProperty("ADSTYPE_UNKNOWN", "My Office 1") $officeCondition.Value = $officeValue $officeCondition.CaseSensitive = $false $condition.SetCondition($officeCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------------------------ # Update City and ZIP/Postal code $action = $actionsAndConditions.Actions.CreateEx("adm-SetPropertiesAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $updateAction = $action.GetAction() # City $cityValue = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $cityValue.PutObjectProperty("ADSTYPE_UNKNOWN", "My City") $propertyEntry = New-Object "Softerra.Adaxes.Adsi.AdsPropertyEntry" $propertyEntry.Name = "l" # City $propertyEntry.ADsType = "ADSTYPE_CASE_IGNORE_STRING" $propertyEntry.ControlCode = "ADS_PROPERTY_UPDATE" $propertyEntry.Values = @([Softerra.Adaxes.Interop.Adsi.Cache.IADsPropertyValue]$cityValue) $updateAction.PropertyList.PutPropertyItem($propertyEntry) # ZIP/Postal code $postalCodeValue = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $postalCodeValue.PutObjectProperty("ADSTYPE_UNKNOWN", "12345") $propertyEntry = New-Object "Softerra.Adaxes.Adsi.AdsPropertyEntry" $propertyEntry.Name = "postalCode" $propertyEntry.ADsType = "ADSTYPE_CASE_IGNORE_STRING" $propertyEntry.ControlCode = "ADS_PROPERTY_UPDATE" $propertyEntry.Values = @([Softerra.Adaxes.Interop.Adsi.Cache.IADsPropertyValue]$postalCodeValue) $updateAction.PropertyList.PutPropertyItem($propertyEntry) $action.SetAction($updateAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command, or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command, or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If Office equals 'My Office 1' IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AttributeOperatorValueCondition"); IAdmAttrOperatorValueCondition officeCondition = (IAdmAttrOperatorValueCondition)condition.GetCondition(); officeCondition.AttributeName = "physicalDeliveryOfficeName"; // Office officeCondition.ComparisonOperator = ADM_COMPARISONOPERATOR_ENUM.ADM_COMPARISONOPERATOR_EQUAL; AdsPropertyValue officeValue = new AdsPropertyValue(); officeValue.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "My Office 1"); officeCondition.Value = officeValue; officeCondition.CaseSensitive = false; condition.SetCondition(officeCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Update City and ZIP/Postal code IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-SetPropertiesAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmSetPropertiesAction updateAction = (IAdmSetPropertiesAction)action.GetAction(); // City AdsPropertyValue cityValue = new AdsPropertyValue(); cityValue.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "My City"); AdsPropertyEntry propertyEntry = new AdsPropertyEntry(); propertyEntry.Name = "l"; // City propertyEntry.ADsType = ADSTYPEENUM.ADSTYPE_CASE_IGNORE_STRING; propertyEntry.ControlCode = ADS_PROPERTY_OPERATION_ENUM.ADS_PROPERTY_UPDATE; propertyEntry.Values = new object[] { cityValue }; updateAction.PropertyList.PutPropertyItem(propertyEntry); // ZIP/Postal code AdsPropertyValue postalCodeValue = new AdsPropertyValue(); postalCodeValue.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "12345"); propertyEntry = new AdsPropertyEntry(); propertyEntry.Name = "postalCode"; propertyEntry.ADsType = ADSTYPEENUM.ADSTYPE_CASE_IGNORE_STRING; propertyEntry.ControlCode = ADS_PROPERTY_OPERATION_ENUM.ADS_PROPERTY_UPDATE; propertyEntry.Values = new object[] { postalCodeValue }; updateAction.PropertyList.PutPropertyItem(propertyEntry); action.SetAction(updateAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 3
View sample code
- PowerShell
-
# The $rule variable refers to a business rule executed after updating groups # Create a new set of actions and conditions $actionsAndConditions = $rule.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #--------------------------------------------------------------------------------------- # If the operation succeeded $condition = $actionsAndConditions.Conditions.CreateEx("adm-OperationResultCondition") $operationResultCondition = $condition.GetCondition() $operationResultCondition.OperationResult = "ADM_OPERATIONRESULT_SUCCEEDED" $condition.SetCondition($operationResultCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #--------------------------------------------------------------------------------------- # If the 'Member' property has changed $condition = $actionsAndConditions.Conditions.CreateEx("adm-AttributeChangedCondition") $propChangedCondition = $condition.GetCondition() $propChangedCondition.IsOperator = "ADM_ISOPERATOR_IS" $propChangedCondition.AttributeName = "member" $condition.SetCondition($propChangedCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #--------------------------------------------------------------------------------------- # If initiator is NOT a member of the BUILTIN\Administrators group $condition = $actionsAndConditions.Conditions.CreateEx("adm-TrusteeMembershipCondition") $initiatorCondition = $condition.GetCondition() $initiatorCondition.IsOperator = "ADM_ISOPERATOR_ISNOT" $groupDN = "CN=Administrators,CN=Builtin,DC=domain,DC=com" $group = $service.OpenObject("Adaxes://$groupDN", $null, $null, 0) $initiatorCondition.Group = $group $condition.SetCondition($initiatorCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #--------------------------------------------------------------------------------------- # Send SMS $action = $actionsAndConditions.Actions.CreateEx("adm-SendSmsAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $smsAction = $action.GetAction() $smsAction.MobileNumbers = "1-234-567-8900" $smsAction.SmsText = "New member %member% was added to group %name%" $action.SetAction($smsAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command or scheduled task $rule.ConditionedActions.Add($actionsAndConditions) - C#
-
// The rule variable refers to a business rule executed after updating groups // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)rule.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If the operation succeeded IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-OperationResultCondition"); IAdmOperationResultCondition operationResultCondition = (IAdmOperationResultCondition)condition.GetCondition(); operationResultCondition.OperationResult = ADM_OPERATIONRESULT_ENUM.ADM_OPERATIONRESULT_SUCCEEDED; condition.SetCondition(operationResultCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If the 'Member' property has changed condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AttributeChangedCondition"); IAdmAttributeChangedCondition propChangedCondition = (IAdmAttributeChangedCondition)condition.GetCondition(); propChangedCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_IS; propChangedCondition.AttributeName = "member"; condition.SetCondition(propChangedCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If initiator is NOT a member of the BUILTIN\Administrators group condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-TrusteeMembershipCondition"); IAdmTrusteeMembershipCondition initiatorCondition = (IAdmTrusteeMembershipCondition)condition.GetCondition(); initiatorCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_ISNOT; const string groupDN = "CN=Administrators,CN=Builtin,DC=domain,DC=com"; IADsGroup group = (IADsGroup)service.OpenObject("Adaxes://" + groupDN, null, null, 0); initiatorCondition.Group = group; condition.SetCondition(initiatorCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Send SMS IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-SendSmsAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmSendSmsAction smsAction = (IAdmSendSmsAction)action.GetAction(); smsAction.MobileNumbers = "1-234-567-8900"; smsAction.SmsText = "New member %member% was added to group %name%"; action.SetAction(smsAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command, or scheduled task rule.ConditionedActions.Add(actionsAndConditions);
Example 4
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command, or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #------------------------------------------------------------------------------------- # If the user is a member of the Help Desk group $condition = $actionsAndConditions.Conditions.CreateEx("adm-GroupMembershipCondition") $membershipCondition = $condition.GetCondition() $membershipCondition.IsOperator = "ADM_ISOPERATOR_IS" $groupDN = "CN=Help Desk,OU=Groups,DC=domain,DC=com" $group = $service.OpenObject("Adaxes://$groupDN", $null, $null, 0) $membershipCondition.Group = $group $condition.SetCondition($membershipCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------------- # If Smart card is required for logon $condition = $actionsAndConditions.Conditions.CreateEx("adm-AccountOptionsCondition") $accountOptionsCondition = $condition.GetCondition() $ADS_UF_SMARTCARD_REQUIRED = 0x40000 $accountOptionsCondition.AccountOptionsValue = $ADS_UF_SMARTCARD_REQUIRED $accountOptionsCondition.AccountOptionsMask = $ADS_UF_SMARTCARD_REQUIRED $condition.SetCondition($accountOptionsCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------------- # Reset the 'Smart Card Required for Logon' flag $action = $actionsAndConditions.Actions.CreateEx("adm-SetAccountOptionsAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $updateAction = $action.GetAction() $accountOptionsValue = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $accountOptionsValue.PutObjectProperty("ADSTYPE_INTEGER", 0) $propertyEntry = New-Object "Softerra.Adaxes.Adsi.AdsPropertyEntry" $propertyEntry.Name = "userAccountControl" $propertyEntry.ADsType = "ADSTYPE_INTEGER" $propertyEntry.ControlCode = "ADS_PROPERTY_UPDATE" $propertyEntry.Values = @([Softerra.Adaxes.Interop.Adsi.Cache.IADsPropertyValue]$accountOptionsValue) $updateAction.PropertyList.PutPropertyItem($propertyEntry) $updateAction.PropertyList.PutPropertyItemMask("userAccountControl", [int]$ADS_UF_SMARTCARD_REQUIRED) $action.SetAction($updateAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command, or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command, or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If the user is a member of the Help Desk group IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-GroupMembershipCondition"); IAdmGroupMembershipCondition membershipCondition = (IAdmGroupMembershipCondition)condition.GetCondition(); membershipCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_IS; const string groupDN = "CN=Help Desk,OU=Groups,DC=domain,DC=com"; IADsGroup group = (IADsGroup)service.OpenObject("Adaxes://" + groupDN, null, null, 0); membershipCondition.Group = group; condition.SetCondition(membershipCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If Smart card is required for logon IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AccountOptionsCondition"); IAdmAccountOptionsCondition accountOptionsCondition = (IAdmAccountOptionsCondition)condition.GetCondition(); accountOptionsCondition.AccountOptionsValue = (int)ADS_USER_FLAG_ENUM.ADS_UF_SMARTCARD_REQUIRED; accountOptionsCondition.AccountOptionsMask = (int)ADS_USER_FLAG_ENUM.ADS_UF_SMARTCARD_REQUIRED; condition.SetCondition(accountOptionsCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Reset the 'Smart Card Required for Logon' flag IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-SetAccountOptionsAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmSetPropertiesAction updateAction = (IAdmSetPropertiesAction)action.GetAction(); AdsPropertyValue accountOptionsValue = new AdsPropertyValue(); accountOptionsValue.PutObjectProperty(ADSTYPEENUM.ADSTYPE_INTEGER, 0); AdsPropertyEntry propertyEntry = new AdsPropertyEntry(); propertyEntry.Name = "userAccountControl"; propertyEntry.ADsType = ADSTYPEENUM.ADSTYPE_INTEGER; propertyEntry.ControlCode = ADS_PROPERTY_OPERATION_ENUM.ADS_PROPERTY_UPDATE; propertyEntry.Values = new object[] { accountOptionsValue }; updateAction.PropertyList.PutPropertyItem(propertyEntry); updateAction.PropertyList.PutPropertyItemMask("userAccountControl", (int)ADS_USER_FLAG_ENUM.ADS_UF_SMARTCARD_REQUIRED); action.SetAction(updateAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 5
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #------------------------------------------------------------------------------------ # If script 'My Script' returns true $condition = $actionsAndConditions.Conditions.CreateEx("adm-ScriptCondition") $scriptCondition = $condition.GetCondition() $scriptCondition.ScriptDescription = "My Script" $scriptCondition.Script = @' $Context.ConditionIsMet = $Context.TargetObject.IsAccountLocked '@ $condition.SetCondition($scriptCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------------ # Send operation for approval $action = $actionsAndConditions.Actions.CreateEx("adm-ApprovalRequestInfoAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $approvalAction = $action.GetAction() $approverGroupDN = "CN=Administrators,CN=Builtin,DC=domain,DC=com" $approverGroup = $service.OpenObject("Adaxes://$approverGroupDN", $null, $null, 0) $approvalAction.ApproversInfo.ApproverGroups.Add($approverGroup) $approverUserDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $approverUser = $service.OpenObject("Adaxes://$approverUserDN", $null, $null, 0) $approvalAction.ApproversInfo.ApproverTrustees.Add($approverUser) $approvalAction.ApproversInfo.ManagerOfTrusteeIsApprover = $true $approvalAction.ApproversInfo.OwnerOfRequestorOUIsApprover = $false $approvalAction.ApproversInfo.ManagerOfTargetObjectIsApprover = $true $approvalAction.ApproversInfo.OwnerOfTargetObjectOUIsApprover = $true $action.SetAction($approvalAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If script 'My Script' returns true IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx("adm-ScriptCondition"); IAdmScriptCondition scriptCondition = (IAdmScriptCondition)condition.GetCondition(); scriptCondition.ScriptDescription = "My Script"; scriptCondition.Script = "$Context.ConditionIsMet = $Context.TargetObject.IsAccountLocked"; condition.SetCondition(scriptCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Send operation for approval IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-ApprovalRequestInfoAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmApprovalRequestInfoAction approvalAction = (IAdmApprovalRequestInfoAction)action.GetAction(); const string approverGroupDN = "CN=Administrators,CN=Builtin,DC=domain,DC=com"; IAdmGroup approverGroup = (IAdmGroup)service.OpenObject( "Adaxes://" + approverGroupDN, null, null, 0); approvalAction.ApproversInfo.ApproverGroups.Add(approverGroup); const string approverUserDN = "CN=John Smith,CN=Users,DC=domain,DC=com"; IAdmTop approverUser = (IAdmTop)service.OpenObject( "Adaxes://" + approverUserDN, $null, $null, 0); approvalAction.ApproversInfo.ApproverTrustees.Add(approverUser); approvalAction.ApproversInfo.ManagerOfTrusteeIsApprover = true; IAdmRequestApproversInfo2 approversInfo2 = (IAdmRequestApproversInfo2)approvalAction.ApproversInfo; approversInfo2.OwnerOfRequestorOUIsApprover = false; approversInfo2.ManagerOfTargetObjectIsApprover = true; approversInfo2.OwnerOfTargetObjectOUIsApprover = true; action.SetAction(approvalAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 6
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #----------------------------------------------------------------------------------------------- # If password has expired $condition = $actionsAndConditions.Conditions.CreateEx("adm-AccountPasswordExpirationCondition") $passwordCondition = $condition.GetCondition() $passwordCondition.ExpirationType = "ADM_EXPIRATIONTYPE_PASSWORD" $passwordCondition.ExpirationOperator = "ADM_EXPIRATIONOPERATOR_HASEXPIRED" $condition.SetCondition($passwordCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #----------------------------------------------------------------------------------------------- # Reset Password $action = $actionsAndConditions.Actions.CreateEx("adm-ResetPasswordAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $resetPasswordAction = $action.GetAction() $resetPasswordAction.Password = "%adm-ManagerUserName%" $action.SetAction($resetPasswordAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) #----------------------------------------------------------------------------------------------- # Send email notification $action = $actionsAndConditions.Actions.CreateEx("adm-SendMailNotificationAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $sendMailAction = $action.GetAction() $sendMailAction.RecipientAddresses = "%adm-ManagerEmail%" $sendMailAction.Subject = "Password Expired: %username%" $sendMailAction.Text = @' The password of user %name% has expired. The new password was generated. New password: %adm-ManagerUserName% '@ $sendMailAction.FormatAsHtml = $false $action.SetAction($sendMailAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If password has expired IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AccountPasswordExpirationCondition"); IAdmAccountPasswordExpirationCondition passwordCondition = (IAdmAccountPasswordExpirationCondition)condition.GetCondition(); passwordCondition.ExpirationType = ADM_EXPIRATIONTYPE_ENUM.ADM_EXPIRATIONTYPE_PASSWORD; passwordCondition.ExpirationOperator = ADM_EXPIRATIONOPERATOR_ENUM.ADM_EXPIRATIONOPERATOR_HASEXPIRED; condition.SetCondition(passwordCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Reset Password IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-ResetPasswordAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmResetPasswordAction resetPasswordAction = (IAdmResetPasswordAction)action.GetAction(); resetPasswordAction.Password = "%adm-ManagerUserName%"; action.SetAction(resetPasswordAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); /////////////////////////////////////////////////////////////////////////////////////////////// // Send email notification action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-SendMailNotificationAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmSendMailNotificationAction sendMailAction = (IAdmSendMailNotificationAction)action.GetAction(); sendMailAction.RecipientAddresses = "%adm-ManagerEmail%"; sendMailAction.Subject = "Password Expired: %username%"; sendMailAction.Text = "The password of user %name% has expired. The new password was generated.\n" + "New password: %adm-ManagerUserName%"; IAdmSendMailNotificationAction2 sendMailAction2 = (IAdmSendMailNotificationAction2)sendMailAction; sendMailAction2.FormatAsHtml = false; action.SetAction(sendMailAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 7
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #------------------------------------------------------------------------------------ # If the user doesn't have an Exchange mailbox $condition = $actionsAndConditions.Conditions.CreateEx("adm-MailboxEnabledCondition") $mailboxCondition = $condition.GetCondition() $mailboxCondition.IsOperator = "ADM_ISOPERATOR_ISNOT" $condition.SetCondition($mailboxCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------------ # Cancel the operation $action = $actionsAndConditions.Actions.CreateEx("adm-CancelOperationAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $cancelAction = $action.GetAction() $cancelAction.ReasonMessage = "My Reason" $action.SetAction($cancelAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If the user doesn't have an Exchange mailbox IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-MailboxEnabledCondition"); IAdmMailboxEnabledCondition mailboxCondition = (IAdmMailboxEnabledCondition)condition.GetCondition(); mailboxCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_ISNOT; condition.SetCondition(mailboxCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Cancel the operation IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-CancelOperationAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmCancelOperationAction cancelAction = (IAdmCancelOperationAction)action.GetAction(); cancelAction.ReasonMessage = "My Reason"; action.SetAction(cancelAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 8
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #------------------------------------------------------------------------------- # If located under the 'Washington' OU $condition = $actionsAndConditions.Conditions.CreateEx("adm-LocationCondition") $locationCondition = $condition.GetCondition() $locationCondition.IsOperator = "ADM_ISOPERATOR_IS" $locationCondition.Scope = "ADS_SCOPE_SUBTREE" $ouDN = "OU=Washington,DC=company,DC=com" $ou = $service.OpenObject("Adaxes://$ouDN", $null, $null, 0) $locationCondition.Container = $ou $condition.SetCondition($locationCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------- # Execute custom command 'Deprovision' $action = $actionsAndConditions.Actions.CreateEx("adm-CustomCommandAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $customCommandAction = $action.GetAction() $customCommandAction.CustomCommandId = "{9DB88EC3-1241-4AB1-9612-C7C982BAA49F}" $action.SetAction($customCommandAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) #------------------------------------------------------------------------------- # Run PowerShell script $scriptToExecute = { $Context.LogMessage("The script has been executed for %name%", "Information") } $action = $actionsAndConditions.Actions.CreateEx("adm-RunScriptAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $scriptAction = $action.GetAction() $scriptAction.ScriptType = "ADM_SCRIPTTYPE_POWERSHELL" $scriptAction.ScriptDescription = "My Script" $scriptAction.Script = $scriptToExecute.ToString() $action.SetAction($scriptAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If located under the 'Washington' OU IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx("adm-LocationCondition"); IAdmLocationCondition locationCondition = (IAdmLocationCondition)condition.GetCondition(); locationCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_IS; locationCondition.Scope = ADS_SCOPEENUM.ADS_SCOPE_SUBTREE; const string ouDN = "OU=Washington,DC=company,DC=com"; IADsContainer ou = (IADsContainer)service.OpenObject("Adaxes://" + ouDN, null, null, 0); locationCondition.Container = ou; condition.SetCondition(locationCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Execute custom command 'Deprovision' IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-CustomCommandAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmCustomCommandAction customCommandAction = (IAdmCustomCommandAction)action.GetAction(); customCommandAction.CustomCommandId = "{9DB88EC3-1241-4AB1-9612-C7C982BAA49F}"; action.SetAction(customCommandAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); /////////////////////////////////////////////////////////////////////////////////////////////// // Run PowerShell script action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-RunScriptAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmRunScriptAction scriptAction = (IAdmRunScriptAction)action.GetAction(); scriptAction.ScriptType = ADM_SCRIPTTYPE_ENUM.ADM_SCRIPTTYPE_POWERSHELL; scriptAction.ScriptDescription = "My Script"; scriptAction.Script = "$Context.LogMessage(\"The script has been executed for %name%\",\n" + " \"Information\")"; action.SetAction(scriptAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
For information on how to get the identifier of a custom command, see Get custom command identifier.
Example 9
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #----------------------------------------------------------------------------------------------- # If account expired more that 30 days ago $condition = $actionsAndConditions.Conditions.CreateEx("adm-AccountPasswordExpirationCondition") $expirationCondition = $condition.GetCondition() $expirationCondition.ExpirationType = "ADM_EXPIRATIONTYPE_ACCOUNT" $expirationCondition.ExpirationOperator = "ADM_EXPIRATIONOPERATOR_EXPIRED" $expirationCondition.PeriodOperator = "ADM_EXPIRATIONCOMPARISONOPERATOR_MORETHAN" $expirationCondition.PeriodValue = 30 $condition.SetCondition($expirationCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #----------------------------------------------------------------------------------------------- # Delete the object $action = $actionsAndConditions.Actions.CreateEx("adm-DeleteObjectAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $deleteAction = $action.GetAction() $deleteAction.DeleteSubtree = $true $action.SetAction($deleteAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If account expired more that 30 days ago IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AccountPasswordExpirationCondition"); IAdmAccountPasswordExpirationCondition expirationCondition = (IAdmAccountPasswordExpirationCondition)condition.GetCondition(); expirationCondition.ExpirationType = ADM_EXPIRATIONTYPE_ENUM.ADM_EXPIRATIONTYPE_ACCOUNT; expirationCondition.ExpirationOperator = ADM_EXPIRATIONOPERATOR_ENUM.ADM_EXPIRATIONOPERATOR_EXPIRED; expirationCondition.PeriodOperator = ADM_PERIODCOMPARISONOPERATOR_ENUM.ADM_EXPIRATIONCOMPARISONOPERATOR_MORETHAN; expirationCondition.PeriodValue = 30; condition.SetCondition(expirationCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Delete the object IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-DeleteObjectAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmDeleteObjectAction deleteAction = (IAdmDeleteObjectAction)action.GetAction(); deleteAction.DeleteSubtree = true; action.SetAction(deleteAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 10
View sample code
- PowerShell
-
# The $rule variable refers to a business rule # Create a new set of actions and conditions $actionsAndConditions = $rule.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #------------------------------------------------------------------------------------- # If the operation succeeded $condition = $actionsAndConditions.Conditions.CreateEx("adm-OperationResultCondition") $operationResultCondition = $condition.GetCondition() $operationResultCondition.OperationResult = "ADM_OPERATIONRESULT_SUCCEEDED" $condition.SetCondition($operationResultCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------------- # If account is enabled $condition = $actionsAndConditions.Conditions.CreateEx("adm-AccountStatusCondition") $enabledCondition = $condition.GetCondition() $enabledCondition.AccountStatus = "ADM_ACCOUNTSTATUS_ENABLED" $condition.SetCondition($enabledCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #------------------------------------------------------------------------------------- # Enable the User for Skype for Business (Lync) $action = $actionsAndConditions.Actions.CreateEx("adm-LyncEnableDisableAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $lyncAction = $action.GetAction() $lyncAction.Enable = $true $lyncAction.Pool = "lyncserverA.example.com" $lyncAction.SipAddress = "sip:%mail%" $action.SetAction($lyncAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule $rule.ConditionedActions.Add($actionsAndConditions) - C#
-
// The rule variable refers to a business rule // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)rule.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If the operation succeeded IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-OperationResultCondition"); IAdmOperationResultCondition operationResultCondition = (IAdmOperationResultCondition)condition.GetCondition(); operationResultCondition.OperationResult = ADM_OPERATIONRESULT_ENUM.ADM_OPERATIONRESULT_SUCCEEDED; condition.SetCondition(operationResultCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If account is enabled condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AccountStatusCondition"); IAdmAccountStatusCondition enabledCondition = (IAdmAccountStatusCondition)condition.GetCondition(); enabledCondition.AccountStatus = ADM_ACCOUNTSTATUS_ENUM.ADM_ACCOUNTSTATUS_ENABLED; condition.SetCondition(enabledCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Enable the User for Skype for Business (Lync) IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-LyncEnableDisableAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmLyncEnableDisableAction lyncAction = (IAdmLyncEnableDisableAction)action.GetAction(); lyncAction.Enable = true; lyncAction.Pool = "lyncserverA.example.com"; lyncAction.SipAddress = "sip:%mail%"; action.SetAction(lyncAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule rule.ConditionedActions.Add(actionsAndConditions);
Example 11
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command, or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #-------------------------------------------------------------------------------------------------- # If City equals 'Miami' $condition = $actionsAndConditions.Conditions.CreateEx("adm-AttributeOperatorValueCondition") $cityCondition = $condition.GetCondition() $cityCondition.AttributeName = "l" # City $cityCondition.ComparisonOperator = "ADM_COMPARISONOPERATOR_EQUAL" $cityValue = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $cityValue.PutObjectProperty("ADSTYPE_UNKNOWN", "Miami") $cityCondition.Value = $cityValue $cityCondition.CaseSensitive = $false $condition.SetCondition($cityCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #-------------------------------------------------------------------------------------------------- # Mofify mailbox settings for the User: enable Archive $action = $actionsAndConditions.Actions.CreateEx("adm-SetExchangeMailParametersAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $exchangeAction = $action.GetAction() $mailboxParams = New-Object "Softerra.Adaxes.Adsi.Exchange.AdmExchangeMailboxParameters" # Enable the Archive feature $archiveFeature = $mailboxParams.MailboxFeatures.Create("ADM_EXCHANGE_MAILBOXFEATURETYPE_ARCHIVE") $archiveFeature.Enabled = $true $mailboxParams.MailboxFeatures.Add($archiveFeature) $exchangeAction.MailParameters = $mailboxParams $action.SetAction($exchangeAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) #-------------------------------------------------------------------------------------------------- # Move the Exchange mailbox of the User (Target database: 'Miami DB') $action = $actionsAndConditions.Actions.CreateEx("adm-MoveExchangeMailboxAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $moveAction = $action.GetAction() $moveAction.Mode = "ADM_MOVEMAILBOXACTION_MODE_CREATEREQUEST" $targetDatabaseDN = "CN=Miami DB,CN=Databases,CN=Exchange Administrative Group," + "CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange," + "CN=Services,CN=Configuration,DC=domain,DC=com" $targetDatabase = $service.OpenObject("Adaxes://$targetDatabaseDN", $null, $null, 0) $moveAction.PrimaryMailboxTargetDatabase = $targetDatabase $action.SetAction($moveAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command, or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command, or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If City equals 'Miami' IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-AttributeOperatorValueCondition"); IAdmAttrOperatorValueCondition cityCondition = (IAdmAttrOperatorValueCondition)condition.GetCondition(); cityCondition.AttributeName = "l"; // City cityCondition.ComparisonOperator = ADM_COMPARISONOPERATOR_ENUM.ADM_COMPARISONOPERATOR_EQUAL; AdsPropertyValue cityValue = new AdsPropertyValue(); cityValue.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "Miami"); cityCondition.Value = cityValue; cityCondition.CaseSensitive = false; condition.SetCondition(cityCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Mofify mailbox settings for the User: enable Archive IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-SetExchangeMailParametersAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmSetExchangeMailParametersAction exchangeAction = (IAdmSetExchangeMailParametersAction)action.GetAction(); AdmExchangeMailboxParameters mailboxParams = new AdmExchangeMailboxParameters(); // Enable the Archive feature IAdmExchangeMailboxFeature archiveFeature = mailboxParams.MailboxFeatures.Create( ADM_EXCHANGE_MAILBOXFEATURETYPE_ENUM.ADM_EXCHANGE_MAILBOXFEATURETYPE_ARCHIVE); archiveFeature.Enabled = true; mailboxParams.MailboxFeatures.Add(archiveFeature); exchangeAction.MailParameters = mailboxParams; action.SetAction(exchangeAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); /////////////////////////////////////////////////////////////////////////////////////////////// // Move the Exchange mailbox of the User (Target database: 'Miami DB') action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-MoveExchangeMailboxAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmMoveExchangeMailboxAction moveAction = (IAdmMoveExchangeMailboxAction)action.GetAction(); moveAction.Mode = ADM_MOVEMAILBOXACTION_MODE_ENUM.ADM_MOVEMAILBOXACTION_MODE_CREATEREQUEST; const string targetDatabaseDN = "CN=Miami DB,CN=Databases,CN=Exchange Administrative Group," + "CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange," + "CN=Services,CN=Configuration,DC=domain,DC=com"; IAdmExchangeStorageDatabase targetDatabase = (IAdmExchangeStorageDatabase)service.OpenObject( "Adaxes://" + targetDatabaseDN, null, null, 0); moveAction.PrimaryMailboxTargetDatabase = targetDatabase; action.SetAction(moveAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command, or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
For details on how to get the DN of a mailbox database, see Get the DN of a mailbox database.
For more examples, see Performing Exchange tasks.
Example 12
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #-------------------------------------------------------------------------------- # If located under the 'Distribution Lists' OU $condition = $actionsAndConditions.Conditions.CreateEx("adm-LocationCondition") $locationCondition = $condition.GetCondition() $locationCondition.IsOperator = "ADM_ISOPERATOR_IS" $locationCondition.Scope = "ADS_SCOPE_SUBTREE" $ouDN = "OU=Distribution Lists,DC=domain,DC=com" $ou = $service.OpenObject("Adaxes://$ouDN", $null, $null, 0) $locationCondition.Container = $ou $condition.SetCondition($locationCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #--------------------------------------------------------------------------------- # Establish e-mail address for the Group (Alias: '%samAccountName%') $action = $actionsAndConditions.Actions.CreateEx("adm-ExchangeTaskAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $mailEnableAction = $action.GetAction() $mailEnableAction.TaskType = "ADM_EXCHANGETASKTYPE_MAILENABLE" $mailEnableAction.MailAlias = "%samAccountName%" $action.SetAction($mailEnableAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule, custom command or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If located under the 'Distribution Lists' OU IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx("adm-LocationCondition"); IAdmLocationCondition locationCondition = (IAdmLocationCondition)condition.GetCondition(); locationCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_IS; locationCondition.Scope = ADS_SCOPEENUM.ADS_SCOPE_SUBTREE; const string ouDN = "OU=Distribution Lists,DC=domain,DC=com"; IADsContainer ou = (IADsContainer)service.OpenObject("Adaxes://" + ouDN, null, null, 0); locationCondition.Container = ou; condition.SetCondition(locationCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Establish e-mail address for the Group (Alias: '%samAccountName%') IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-ExchangeTaskAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmExchangeTaskAction mailEnableAction = (IAdmExchangeTaskAction)action.GetAction(); mailEnableAction.TaskType = ADM_EXCHANGETASKTYPE_ENUM.ADM_EXCHANGETASKTYPE_MAILENABLE; mailEnableAction.MailAlias = "%samAccountName%"; action.SetAction(mailEnableAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 13
View sample code
- PowerShell
-
# The $obj variable refers to a business rule, custom command or scheduled task # Create a new set of actions and conditions $actionsAndConditions = $obj.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_AND" $actionsAndConditions.SetInfo() #-------------------------------------------------------------------------------------------------- # If the User is licensed for Microsoft 365 $condition = $actionsAndConditions.Conditions.CreateEx("adm-O365LicenseCondition") $microsoft365LicenseCondition = $condition.GetCondition() $microsoft365LicenseCondition.ConditionType = "ADM_M365ACCOUNT_CONDITION_TYPE_ISLICENSED" $condition.SetCondition($microsoft365LicenseCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #-------------------------------------------------------------------------------------------------- # Deactivate Microsoft 365 account of the User: # set Sign-in status to Blocked, revoke all licenses $action = $actionsAndConditions.Actions.CreateEx("adm-ModifyO365AccountAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $deactivateO356AccountAction = $action.GetAction() $deactivateO356AccountAction.Operation = "ADM_O365ACCOUNT_OPERATION_DEACTIVATE" # Create an instance of the AdmO365AccountProperties class $microsoft365Properties = New-Object "Softerra.Adaxes.Adsi.CloudServices.Office365.AdmO365AccountProperties" # Revoke all licenses $microsoft365Properties.RevokeAllLicenses = $true # Set Sign-in status to Blocked $microsoft365Properties.SignInBlocked = $true $deactivateO356AccountAction.Properties = $microsoft365Properties $action.SetAction($deactivateO356AccountAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) #Add the set to the business rule, custom command or scheduled task $obj.ConditionedActions.Add($actionsAndConditions) - C#
-
// The obj variable refers to a business rule, custom command or scheduled task // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)obj.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If the User is licensed for Microsoft 365 IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-O365LicenseCondition"); IAdmM365LicenseCondition microsoft365LicenseCondition = (IAdmM365LicenseCondition)condition.GetCondition(); microsoft365LicenseCondition.ConditionType = ADM_M365ACCOUNT_CONDITION_TYPE_ENUM.ADM_M365ACCOUNT_CONDITION_TYPE_ISLICENSED; condition.SetCondition(microsoft365LicenseCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Deactivate Microsoft 365 account of the User: // set Sign-in status to Blocked, revoke all licenses IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx( "adm-ModifyO365AccountAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmModifyM365AccountAction deactivateO356AccountAction = (IAdmModifyM365AccountAction)action.GetAction(); deactivateO356AccountAction.Operation = ADM_M365ACCOUNT_OPERATION_ENUM.ADM_M365ACCOUNT_OPERATION_DEACTIVATE; // Create an instance of the AdmO365AccountProperties class IAdmM365AccountProperties microsoft365Properties = new AdmO365AccountProperties(); // Revoke all licenses microsoft365Properties.RevokeAllLicenses = true; // Set Sign-in status to Blocked microsoft365Properties.SignInBlocked = true; deactivateO356AccountAction.Properties = microsoft365Properties; action.SetAction(deactivateO356AccountAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule, custom command or scheduled task obj.ConditionedActions.Add(actionsAndConditions);
Example 14
View sample code
- PowerShell
-
# The $rule variable refers to a business rule # Create a new set of actions and conditions $actionsAndConditions = $rule.ConditionedActions.Create() $actionsAndConditions.ConditionsLogicalOperation = "ADM_LOGICALOPERATION_OR" $actionsAndConditions.SetInfo() #-------------------------------------------------------------------------------------------------- # If Department of the member does not equal 'Sales' $condition = $actionsAndConditions.Conditions.CreateEx("adm-MemberAttributeOperatorValueCondition") $departmentCondition = $condition.GetCondition() $departmentCondition.AttributeName = "department" $departmentCondition.ComparisonOperator = "ADM_COMPARISONOPERATOR_NOTEQUAL" $departmentValue = New-Object "Softerra.Adaxes.Adsi.AdsPropertyValue" $departmentValue.PutObjectProperty("ADSTYPE_UNKNOWN", "Sales") $departmentCondition.Value = $departmentValue $departmentCondition.CaseSensitive = $false $condition.SetCondition($departmentCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #-------------------------------------------------------------------------------------------------- # If the member belongs to Business Unit 'My unit' $condition = $actionsAndConditions.Conditions.CreateEx("adm-MemberBusinessUnitMembershipCondition") $businessUnitCondition = $condition.GetCondition() $businessUnitDN = "CN=My unit,CN=business units,CN=Configuration Objects," + "CN=Adaxes Configuration,CN=Adaxes" $businessUnit = $service.OpenObject("Adaxes://$businessUnitDN", $null, $null, 0) $businessUnitCondition.BusinessUnit = $businessUnit $businessUnitCondition.IsOperator = "ADM_ISOPERATOR_IS" $condition.SetCondition($businessUnitCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #-------------------------------------------------------------------------------------------------- # If the member belongs to group 'My group' $condition = $actionsAndConditions.Conditions.CreateEx("adm-MemberGroupMembershipCondition") $membershipCondition = $condition.GetCondition() $membershipCondition.IsOperator = "ADM_ISOPERATOR_IS" $groupDN = "CN=Help Desk,OU=Groups,DC=domain,DC=com" $group = $service.OpenObject("Adaxes://$groupDN", $null, $null, 0) $membershipCondition.Group = $group $condition.SetCondition($membershipCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #-------------------------------------------------------------------------------------------------- # If the member is 'John Smith' $condition = $actionsAndConditions.Conditions.CreateEx("adm-MemberSpecificObjectCondition") $specificObjectCondition = $condition.GetCondition() $objectReference = New-Object "Softerra.Adaxes.Adsi.AdmObjectReference" $objectReference.ObjectDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $specificObjectCondition.IsOperator = "ADM_ISOPERATOR_IS" $specificObjectCondition.ObjectToCompareWith = $objectReference $condition.SetCondition($specificObjectCondition) $condition.SetInfo() $actionsAndConditions.Conditions.Add($condition) #-------------------------------------------------------------------------------------------------- # Cancel the operation $action = $actionsAndConditions.Actions.CreateEx("adm-CancelOperationAction") $action.ExecutionOptions = "ADM_ACTIONEXECUTIONOPTIONS_SYNC" $cancelAction = $action.GetAction() $cancelAction.ReasonMessage = "My Reason" $action.SetAction($cancelAction) $action.SetInfo() $actionsAndConditions.Actions.Add($action) # Add the set to the business rule $rule.ConditionedActions.Add($actionsAndConditions) - C#
-
// The rule variable refers to a business rule // Create a new set of actions and conditions IAdmBusinessRuleConditionedActions actionsAndConditions = (IAdmBusinessRuleConditionedActions)rule.ConditionedActions.Create(); actionsAndConditions.ConditionsLogicalOperation = ADM_LOGICALOPERATION_ENUM.ADM_LOGICALOPERATION_AND; actionsAndConditions.SetInfo(); /////////////////////////////////////////////////////////////////////////////////////////////// // If Department of the member does not equal 'Sales' IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-MemberAttributeOperatorValueCondition"); IAdmAttrOperatorValueCondition departmentCondition = (IAdmAttrOperatorValueCondition)condition.GetCondition(); departmentCondition.AttributeName = "department"; departmentCondition.ComparisonOperator = ADM_COMPARISONOPERATOR_ENUM.ADM_COMPARISONOPERATOR_NOTEQUAL; AdsPropertyValue departmentValue = new AdsPropertyValue(); departmentValue.PutObjectProperty(ADSTYPEENUM.ADSTYPE_UNKNOWN, "Sales"); departmentCondition.Value = departmentValue; departmentCondition.CaseSensitive = false; condition.SetCondition(departmentCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If the member belongs to Business Unit 'My unit' IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-MemberBusinessUnitMembershipCondition"); IAdmMemberBusinessUnitMembershipCondition businessUnitCondition = (IAdmMemberBusinessUnitMembershipCondition)condition.GetCondition(); const string businessUnitDN = "CN=My unit,CN=business units,CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes"; IAdmBusinessUnit businessUnit = (IAdmBusinessUnit)service.OpenObject("Adaxes://" + businessUnitDN, null, null, 0); businessUnitCondition.BusinessUnit = businessUnit; businessUnitCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_IS; condition.SetCondition(businessUnitCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If the member belongs to group 'My group' IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-MemberGroupMembershipCondition"); IAdmMemberGroupMembershipCondition membershipCondition= (IAdmMemberGroupMembershipCondition)condition.GetCondition(); const string groupDN = "CN=Help Desk,OU=Groups,DC=domain,DC=com"; IADsGroup group = (IADsGroup)service.OpenObject("Adaxes://" + groupDN, null, null, 0); membershipCondition.Group = group; membershipCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_IS; condition.SetCondition(membershipCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // If the member is 'John Smith' IAdmBusinessRuleCondition condition = (IAdmBusinessRuleCondition)actionsAndConditions.Conditions.CreateEx( "adm-MemberSpecificObjectCondition"); IAdmMemberSpecificObjectCondition specificObjectCondition = (IAdmMemberSpecificObjectCondition)condition.GetCondition(); AdmObjectReference objReference = new AdmObjectReference(); objReference.ObjectDN = "CN=John Smith,CN=Users,DC=domain,DC=com"; specificObjectCondition.ObjectToCompareWith = objReference; specificObjectCondition.IsOperator = ADM_ISOPERATOR_ENUM.ADM_ISOPERATOR_IS; condition.SetCondition(specificObjectCondition); condition.SetInfo(); actionsAndConditions.Conditions.Add(condition); /////////////////////////////////////////////////////////////////////////////////////////////// // Cancel the operation IAdmBusinessRuleAction action = (IAdmBusinessRuleAction)actionsAndConditions.Actions.CreateEx("adm-CancelOperationAction"); action.ExecutionOptions = ADM_ACTIONEXECUTIONOPTIONS_ENUM.ADM_ACTIONEXECUTIONOPTIONS_SYNC; IAdmCancelOperationAction cancelAction = (IAdmCancelOperationAction)action.GetAction(); cancelAction.ReasonMessage = "My Reason"; action.SetAction(cancelAction); action.SetInfo(); actionsAndConditions.Actions.Add(action); // Add the set to the business rule rule.ConditionedActions.Add(actionsAndConditions);
See also
- Managing business rules
- Managing custom commands
- Managing scheduled tasks
- Defining the scope of activity