Script repository
The script adds users who are members of the target group to the specified one. To execute the script, create a business rule, custom command or scheduled task configured for the Group object type.
Parameters
$targetGroupDN- the distinguished name (DN) of the group to add members of the target group to. For information on how to get an object DN, see Get the DN of a directory object.$pipelined- set to$trueto add members to the group through Adaxes pipeline to create log records, apply business rules, security roles, etc. Set to$falseto perform group membership update directly in AD (Adaxes functionality will not be applied).
$targetGroupDN = "CN=My Group,OU=Groups,DC=domain,DC=com" # TODO: modify me
$pipelined = $True # TODO: modify me
$targetGroup = $Context.BindToObjectEx("Adaxes://$targetGroupDN", $pipelined)
# Search parameters
$searcher = $Context.TargetObject
$searcher.Criteria = New-AdmCriteria "user"
$searcher.SearchScope = "ADS_SCOPE_BASE"
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.PageSize = 500
$searcher.AttributeScopeQuery = "member"
try
{
# Execute search
$searchIterator = $searcher.ExecuteSearch()
$searchResults = $searchIterator.FetchAll()
if ($searchResults.Length -eq 0)
{
$Context.LogMessage("There are no members to copy.", "Information")
return
}
foreach ($searchResult in $searchResults)
{
if ($targetGroup.IsMember($searchResult.AdsPath))
{
continue
}
$targetGroup.Add($searchResult.AdsPath)
}
}
finally
{
# Release resources
if ($searchIterator){ $searchIterator.Dispose() }
}
Comments 0
You must be signed in to comment.