Would like to initiate an approval if a large group (like domain users) is being added as a member of a group (limit certain group nesting conditions).
- Products
- Solutions
- Resources
- Trials
- Support
- Partners
- Communities
Would like to initiate an approval if a large group (like domain users) is being added as a member of a group (limit certain group nesting conditions).
Was thinking about this - you could populate a virtual attribute on groups that you consider large and look for the contents of attribute in the start conditions of your workflow that is reacting to a group being added to a group. For example, edsvaIsLargeGroup = TRUE.
If you wanted to get really elaborate, you could even have a scheduled Automation Workflow that goes out periodically and "scans" your AD groups to find the ones that meet your criteria of large - for example, those with more than 100 members and automatically "tags" them as I have suggested above. You would just need a little bit of Powershell code to supply the member counts to the Automation Workflow but the rest could be codeless - i.e. relying only on built-in workflow Activities.
Just some food for thought.
Was thinking about this - you could populate a virtual attribute on groups that you consider large and look for the contents of attribute in the start conditions of your workflow that is reacting to a group being added to a group. For example, edsvaIsLargeGroup = TRUE.
If you wanted to get really elaborate, you could even have a scheduled Automation Workflow that goes out periodically and "scans" your AD groups to find the ones that meet your criteria of large - for example, those with more than 100 members and automatically "tags" them as I have suggested above. You would just need a little bit of Powershell code to supply the member counts to the Automation Workflow but the rest could be codeless - i.e. relying only on built-in workflow Activities.
Just some food for thought.