Script repository
The script creates a Google Apps group based on an AD group. To execute the script, create a business rule, custom command or scheduled task configured for the Group object type.
Before using the script, install and configure the GAM Tool on the computer where Adaxes service runs. For details, see GAM Wiki.
Parameters
$gamPath- the path to the GAM executable file.$waitTimeMilliseconds- the time to wait for GAM response. It is recommended not to set a time exceeding the 10 minutes limit applied by Adaxes to scripts executed by business rules, custom commands and scheduled tasks. If a script runs for more time than you specify, it will be completed, but the errors, warnings and other messages will not be added to the Execution Log.$groupIdAttribute- the name of the AD property that will store the group identifier in Google Apps.$groupIdentity- a value reference for the AD property that will serve to create the group identifier in Google Apps. For example, if you specify %sAMAccountName%, the identifier of the Google group will be the same as the sAMAccountName of the AD group.$groupName- a value reference for the AD property that will serve as the name of the group in Google Apps. For example, if you specify %name%, the name of the Google group will be the same as the Group Name of the AD group.$groupDescription- a value reference for the AD property that will serve as the description of a group in Google Apps. For example, if you specify %description%, the description of the Google group will be the same as the Description of the AD group.
$gamPath = "C:\Scripts\Gam\gam.exe" # TODO: modify me
$waitTimeMilliseconds = 8 * 60 * 1000 # TODO: modify me
$groupIdAttribute = "adm-CustomAttributeText1" # TODO: modify me
$groupIdentity = "%sAMAccountName%" # TODO: modify me
$groupName = "%name%" # TODO: modify me
$groupDescription = "%description%" # TODO: modify me
$argumentTemplate = 'create group {0} name "{1}" description "{2}"'
function StartProcess ($arguments)
{
# Start GAM process
$processInfo = New-Object System.Diagnostics.ProcessStartInfo
$processInfo.FileName = $gamPath
$processInfo.RedirectStandardOutput = $true
$processInfo.RedirectStandardError = $true
$processInfo.UseShellExecute = $false
$processInfo.CreateNoWindow = $true
$processInfo.Arguments = $arguments
$process = New-Object System.Diagnostics.Process
$process.StartInfo = $processInfo
[void]$process.Start()
$processCompleted = $process.WaitForExit($waitTimeMilliseconds)
if (!$processCompleted)
{
$process.Kill()
Write-Error "The process timeout."
return $null
}
$resultErrors = $process.StandardError.ReadToEnd()
$resultOutput = $process.StandardOutput.ReadToEnd()
return @{
"Output" = $resultOutput;
"Error" = $resultErrors;
}
}
# Check whether the group already has a Google Apps ID.
try
{
$groupID = $Context.TargetObject.Get($groupIdAttribute)
}
catch
{
$groupID = $NULL
}
if (-not([System.String]::IsNullOrEmpty($groupID)))
{
return
}
# Create group in Google Apps.
$arguments = [System.String]::Format($argumentTemplate, @($groupIdentity, $groupName, $groupDescription))
$result = StartProcess $arguments
if (-not([System.String]::IsNullOrEmpty($result.Error)))
{
$Context.LogMessage($result.Output, "Warning")
$Context.LogMessage("An error occurred when creating a Google group. Error: " + $result.Error, "Error")
return
}
elseif (!($result.Output.StartsWith("Creating group")))
{
$Context.LogMessage($result.Output, "Warning")
return
}
# Get group ID
$request = 'info group "' + $groupIdentity + '"'
$result = StartProcess $request
if (-not([System.String]::IsNullOrEmpty($result.Error)))
{
$Context.LogMessage($result.Output, "Warning")
$Context.LogMessage("An error occurred when getting Google group information. Error: " + $result.Error, "Error")
return
}
$matchInfo = $result.Output | Select-String -Pattern "id:\s[\d\w]+"
if ($matchInfo -eq $NULL)
{
$Context.LogMessage("Group ID not found. Output: " + $result.Output, "Warning")
}
else
{
$groupID = $matchInfo.Matches[0].Value.Replace("id: ", "")
}
# Update the AD group.
$Context.TargetObject.Put($groupIdAttribute, $groupID)
$Context.TargetObject.SetInfo()
Comments 0
You must be signed in to comment.