• State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 10 replies
  • Subscribers 64 subscribers
  • Views 6771 views
  • Users 0 members are here
Options
Related

Script to create dynamic group

Gégé
over 2 years ago

Hello ;)

Do you know if it's possible to use a script to create Dynamic group?

Or by using a activity in a Workflow?

Thanks ;)

Gégé

Top Replies

  • over 2 years ago +1 verified

     Hi  

    Yes it is totally possible to create Dynamic Groups via a script, which would also mean with the correctly written script your can do this via a workflow.

    The process for converting a dyanmic gorup…

  • over 2 years ago in reply to Gégé +1 verified

    Hi  

    This is by design, however it is configurable. 

    In the  "Built-in Policy - Dynamic Groups" Administration Policy, the policy settings has by default a check in "Include only mail-enabled users in…

Parents
  • +1 over 2 years ago

     Hi  

    Yes it is totally possible to create Dynamic Groups via a script, which would also mean with the correctly written script your can do this via a workflow.

    The process for converting a dyanmic gorup is very similar to that of programmatically creating a Managed Unit, just binding to a group object, instead of a managed unit object.

    ### Variables
# DN of target Group to covert
$GroupDN = "CN=Group1,OU=MyGroups,DC=Test,DC=Domain,DC=com"

# Membership Rule variables
$RuleSearchRoot = "OU=MyUsers,DC=Test,DC=Domain,DC=com" #BASE
$LDAPFilter = "(|(objectClass=user)(Department=ARS Team))" # FILTER



### Code
$EDMSstring = "EDMS://$($GroupDN)"
 
$GroupObject = [ADSI] $EDMSstring
$RuleCollection = $GroupObject.MembershipRuleCollection

# Create a new Include by Query rule
$rule1 = New-Object -ComObject "EDSIManagedUnitCondition"
$rule1.Base = "EDMS://$($RuleSearchRoot)"
$rule1.Filter = "$($LDAPFilter)"
$rule1.Type = 1 
# Add the newly created membership rule to the rule collection
$RuleCollection.Add($rule1)
$GroupObject.SetInfo()
"Rule added"

    For other rule types, have a look within the Active Roles SDK under IEDMMembershipRule, which will give you more information (in VBScript) on what values are expected, IE:

    Hope this help.

    Kind regards

    Stu

  • 0 over 2 years ago in reply to Stu.Pollock

    Thanks Stu.

    I tried the script, on a security group it works fine, but on a distribution group auto-populating does not happen.

    I keep looking;)

    See you soon Stu

  • +1 over 2 years ago in reply to Gégé

    Hi  

    This is by design, however it is configurable. 

    In the  "Built-in Policy - Dynamic Groups" Administration Policy, the policy settings has by default a check in "Include only mail-enabled users in dynamic distribution groups", uncheck this option, and try your script again.

    However what is the purpose of your DLs? The they being used to stage users prior to go live of some service, where the group will then be changed for Distribution to Security?

    Kind regards

    Stu

Reply
  • +1 over 2 years ago in reply to Gégé

    Hi  

    This is by design, however it is configurable. 

    In the  "Built-in Policy - Dynamic Groups" Administration Policy, the policy settings has by default a check in "Include only mail-enabled users in dynamic distribution groups", uncheck this option, and try your script again.

    However what is the purpose of your DLs? The they being used to stage users prior to go live of some service, where the group will then be changed for Distribution to Security?

    Kind regards

    Stu

Children