Script repository

Update values allowed by property pattern with all existing values

Updated on: Jan 18, 2026, Views: 4258

Miscellaneous

The script replaces allowed property values in a property pattern with all values of a property specified for existing user accounts. To execute the script, create a scheduled task configured for the Domain object type and add a managed domain to the Activity Scope of the task. The domain will only be used to trigger execution of the scheduled task.

Parameters

  • $patternDN - the distinguished name (DN) of the property pattern to update. For information on how to get the DNs, see Get the DN of a directory object.
  • $propertyToSearch - the name of the property whose values will be used to update the allowed values of the property specified in $propertyToUpdate.
  • $propertyToUpdate - the name of the property to update allowed values in a property pattern for.
  • $isPropertyRequired - if set to $true, the property will be set as required in the property pattern.
$patternDN = "CN=User,CN=Builtin,CN=Property Patterns,CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes" # TODO: modify me
$propertyToSearch = "mail" # TODO: modify me
$propertyToUpdate = "adm-CustomAttributeText1" # TODO: modify me
$isPropertyRequired = $True # TODO: modify me

# Build search criteria.
$criteria = New-AdmCriteria "user"
$simpleItem = $criteria.CreateSimple()
$simpleItem.SetProperty($propertyToSearch).SetComparisonOperator("empty").AddValue($False)
$criteria["user"].Add($simpleItem)

# Search parameters
$searcher = $Context.TargetObject
$searcher.Criteria = $criteria
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SetPropertiesToLoad(@($propertyToSearch))
$searcher.VirtualRoot = $True

try
{
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    $values = New-Object System.Collections.ArrayList
    if ($searchResults.Length -eq 0)
    {
        return
    }
    
    foreach ($searchResult in $searchResults)
    {
        $values.Add($searchResult.Properties[$propertyToSearch].Value)
    }
}
finally
{
    # Release resources
    if ($searchResultIterator){ $searchResultIterator.Dispose() }
}

# Bind to the property pattern.
$pattern = $Context.BindToObjectByDN($patternDN)

foreach ($item in $pattern.Items)
{
    if ($item.PropertyName -ieq $propertyToUpdate)
    {
        $pattern.Items.Remove($item)
        break
    }
}


# Create a new item.
$item = $pattern.Items.Create()
$item.PropertyName = $propertyToUpdate
$item.IsPropertyRequired = $isPropertyRequired

$constraints = $item.GetConstraints()
$constraint = $constraints.Create("ADM_PROPERTYCONSTRAINTTYPE_VALUERANGE")
$constraint.AreValuesDenied = $False
$constraint.Values = $values.ToArray()
$constraints.Add($constraint)
$item.SetConstraints($constraints)

# Save the changes.
$item.SetInfo()
$pattern.Items.Add($item)

Comments 0

You must be signed in to comment.

    Got questions?

    Support Questions & Answers

    We use cookies to improve your experience.
    By your continued use of this site you accept such use.
    For more details please see our privacy policy and cookies policy.