• Export a list of dynamic group and it's membership rules.

    Is there a way to export a list of all dynamic groups and their membership rules?  I've tried several suggestions from the forum but no luck.

  • Update Dynamic group edsaDGOriginatingService with powershell

    I am successfully creating dynamic groups with powershell using this method:

    https://www.oneidentity.com/community/active-roles/w/wiki/1040/create-dynamic-group-in-powershell 

    We have a dedicated server for dynamic groups and I would like to set edsaDGOriginatingService…

  • Employee Transfer based on location Questions?

    ### **Scenario**

    An employee transfers from **Location ABC** to **Location XYZ**.

    ---

    ### **Workflow 1: Transfer Request Staging**

    **Trigger:** Receipt of transfer notification email

    **Steps:**

    1. **Initiate the automated transfer process** using information…

  • Bulk update of a group using a workflow that accepts a csv input file

    Due to a reorg I have to train less technical people to manage users. Up until now I would give a new admin the cmdlets and then give them a tutorial on how perform operations in ARS.

    Some of these new admins have never opened a powershell window. I'd…

  • Set account expiration date for a user account using powershell

    Hi, 

    I'm using the following command to set account expiration date but it is not working. 

    Set-QADUser -Identity username -AccountExpires date

    The AccountExpires value changes, but not AccountExpirationStatus value doesn't changes. Also, on the…

  • Set account expiration date for a user account using powershell

    Hi, 

    I'm using the following command to set account expiration date but it is not working. 

    Set-QADUser -Identity username -AccountExpires date

    The AccountExpires value changes, but not AccountExpirationStatus value doesn't changes. Also, on the…

  • Windows 11 and QAD PowerShell

    Getting an issue with QAD Powershell Cmdlets in Windows 11, running ARS 8.1.5:

    The below works fine when ran from the ARS (Windows 2022) Server - all Deprov tasks complete as per the deprovisioning policy based on the Managed Unit:

    Connect-QADService -Service…

  • Copy additional attributes on user copy with Powershell script OnPostCreate?

    Hi,

    I have been trying to get additional attributes (description f.e.) when copy a user from Web Interface, but with $Request method on a Powershell script it's has been impossible to get the source object.

    I finally used the VB scipt that is at the…

  • export result of managed unit (user objects)

    I created a Managed Unit with multiple Include queries.  The result shows me the display name, distinguished name and SAM account name of user objects.

    Is it possible to export (powershell) this list to a CSV file?

  • Passing user object to workflow script

    Hi

    I'm trying to get a workflow to run which will update extensionAttribute7 of a user object when it's been added to a group, based on the users job title.
    e.g. Joe Bloggs gets added to the group, his title is IT, EA7 needs to be set to "03452…

  • Passing user object to script in workflow

    Hi

    I'm trying to get a workflow to run which will update extensionAttribute7 of a user object when it's been added to a group, based on the users job title.
    e.g. Joe Bloggs gets added to the group, his title is IT, EA7 needs to be set to "03452…

  • Passing user object to script in workflow

    Hi

    I'm trying to get a workflow to run which will update extensionAttribute7 of a user object when it's been added to a group, based on the users job title.
    e.g. Joe Bloggs gets added to the group, his title is IT, EA7 needs to be set to "03452…

  • Passing user object to script in workflow

    Hi

    I'm trying to get a workflow to run which will update extensionAttribute7 of a user object when it's been added to a group, based on the users job title.
    e.g. Joe Bloggs gets added to the group, his title is IT, EA7 needs to be set to "03452…

  • Updating user attribute when added to group

    Hi

    I'm trying to get a workflow to run which will update extensionAttribute7 of a user object when it's been added to a group based on the users job title.
    e.g. Joe Bloggs gets added to the group, his title is IT, EA7 needs to be set to "03452…

  • Help Needed: Exporting List of All Managed Units

    Hi everyone,

    I'm looking for some assistance with exporting a list of all managed units in One Identity Active Roles. Specifically, I'm hoping to export a detailed list that includes the Path, Name, Filters, and Descriptions for each managed unit…

  • Using Powershell, get reason why an operation failed

    I need to check the operation status of workflow runs using Powershell. I can use Get-QARSWorkflowInstance to determine the overall run operation status for instance:

    $Ops = Get-QARSWorkflowInstance -CretatedOn Today -Workflow $wfDn

    $Ops.Operation

    The above…

  • Active Roles - powershell script module: "The Expression after '&' in a pipeline element produced an object that was not valid. It must result in a command name, a script block, or a CommandInfo object"

    I have a simple script that basically queries an OU in AD, obtains the samaccountnames of those users. And then deletes the contents of the users folder based on their samaccountname, excluding a few folders etc...

    SCRIPT

    $OUPath = '<domain name>/Student…

  • Working with Attributes from $Request

    I'm trying to get information from $Request variable in Active Roles.

    When a user edits/changes attributes on their user account via the ARWebSelfService web portal, it triggers a workflow which performs a number of checks on the data and includes…

  • get-qaduser stop on error

    When using 'get-qaduser samaccountname' if the samaccount name is not valid,  no error is thrown it just does not return anything

    Is there a way to make it return an error if the samaccountname is not valid?

  • How do I query for AD groups which were created or updated yesterday?

    Hi,

    I'm trying to work out how I can query/filter AD groups which were created or updated yesterday? The below works as intended for created groups but I can't find anything that allows me to query for updated date? The below is part of a larger script…

  • Unable to modify attribute in onPostCreate

    Hello,

    I am trying to modify the attribute ""edsvaSendAsTrustees" in $DirObj in the function onPostCreate. My PowerShell function that is called in the onPostCreate looks like this:

    #===================================================…

  • onPostModify Is there a way to retrieve a list of all attributes that were modified?

    I attempted to use $Request.RequestedAttributes in the script but onPostModify this is blank. I've looked through the SDK and Sample Scripts on the oneidentity website and haven't found anything that does this. Does anyone have any ideas?

    I just…

  • Can't Access Saved Object Properties from Script / Counter Returns Empty

    Hi,

    We're trying to create a workflow that counts every time a user enables or disables another user every day (workflow trigger is the modifivation of edsaAccountIsDisabled). (the counter resets every day.) If the counter reaches 20, the action requires…

  • Workflows with if-then, PowerShell scripts, and $work.SavedObjectProperies

    Hi,

    I am working on a workflow to do some automation on our computer objects, and I am running into a weird issue that I am struggling to wrap my head around.

    The error I am receive:

    Executing the 'Run script: DEV New Computer Object Tag Location on…

  • retrieve PowerShell command in web interface

    I have script in workflow to check LAPS password from ms-Mcs-AdmPwd and send it to initiator mail,
    The workflow in WI task. it's possible to retrieve the password to Web Interface and not to mail?