Hello
I want a User to runs PowerShell to add himself to specific AD group in ARS.
Add-ADGroupMember -Identity GroupNAME -Member USERNAME
Hello
I want a User to runs PowerShell to add himself to specific AD group in ARS.
Add-ADGroupMember -Identity GroupNAME -Member USERNAME
HOWEVER, the above is only true IF the person executing the script is delegated "regular user" access within Active Roles and is NOT an Active Roles Admin.
like...Add-QADGroupMember?
NAME
Add-QADGroupMember
SYNOPSIS
Add one or more objects to a group in Active Directory. Supported are both Active Directory Domain Services (AD DS) and Active Directory Li…
Add-QADGroupMember -proxy -identity $MyGroup -Member $MyNewMember
'-proxy' redirects the request through Active Roles
like...Add-QADGroupMember?
NAME
Add-QADGroupMember
SYNOPSIS
Add one or more objects to a group in Active Directory. Supported are both Active Directory Domain Services (AD DS) and Active Directory Lightweight
Directory Services (AD LDS).
SYNTAX
Add-QADGroupMember [-Identity] <IdentityParameter> [-Member] <IdentityParameter[]> [-Connection <ArsConnection>] [-ConnectionAccount <string>]
[-ConnectionPassword <SecureString>] [-Control <hashtable>] [-Credential <PSCredential>] [-Proxy] [-Service <string>] [-UseGlobalCatalog] [-Confirm]
[-WhatIf] [<CommonParameters>]
not to AD native group. I need to add an object to ARS group. Powershell needs to connect ARS server and write it to ARS DB
What do you mean by an "ARS Group"? ARS doesn't have its own groups.
In my environment, ARS approval workflow starts if user is added through Active Roles console, and doesn't if user is added via ADUC. I want Powershell to simulate adding user to group using ARS console process.
OK - that's exactly what my command line will do. If you run it, you will even get back a message from Active Roles saying that the action is subject to approval.
HOWEVER, the above is only true IF the person executing the script is delegated "regular user" access within Active Roles and is NOT an Active Roles Admin.
HOWEVER, the above is only true IF the person executing the script is delegated "regular user" access within Active Roles and is NOT an Active Roles Admin.