MemberOf Approval Workflow?

Would like to initiate an approval if a large group (like domain users) is being added as a member of a group (limit certain group nesting conditions).

Parents

0 JohnnyQuest 2 months ago

Was thinking about this - you could populate a virtual attribute on groups that you consider large and look for the contents of attribute in the start conditions of your workflow that is reacting to a group being added to a group. For example, edsvaIsLargeGroup = TRUE.

If you wanted to get really elaborate, you could even have a scheduled Automation Workflow that goes out periodically and "scans" your AD groups to find the ones that meet your criteria of large - for example, those with more than 100 members and automatically "tags" them as I have suggested above. You would just need a little bit of Powershell code to supply the member counts to the Automation Workflow but the rest could be codeless - i.e. relying only on built-in workflow Activities.

Just some food for thought.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

Reply

0 JohnnyQuest 2 months ago

Was thinking about this - you could populate a virtual attribute on groups that you consider large and look for the contents of attribute in the start conditions of your workflow that is reacting to a group being added to a group. For example, edsvaIsLargeGroup = TRUE.

If you wanted to get really elaborate, you could even have a scheduled Automation Workflow that goes out periodically and "scans" your AD groups to find the ones that meet your criteria of large - for example, those with more than 100 members and automatically "tags" them as I have suggested above. You would just need a little bit of Powershell code to supply the member counts to the Automation Workflow but the rest could be codeless - i.e. relying only on built-in workflow Activities.

Just some food for thought.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel

Children

No Data