Passing user object to workflow script

The tricky bit here is that from AR's perspective, the user is not the "workflow target" - the group is.

What you need to do is mine the user name (i.e. added member) from the $Request (i.e. the in-process AR transaction that is being intercepted by your workflow).

This article may prove helpful as a starting point.

You could "embed" your script in the Update activity mentioned in the article - i.e. use it to calculate the value to be applied to the user instead of hard-coding something in the activity.

Give it a whirl and come back here with further questions if need be.

Thanks JohnnyQuest 

The article I linked seems to have pointed me in the same direction, so I can get EA7 to update statically, but I'm struggling with getting the activity target into the script.

I've figured I can set the attribute to something static (e.g. the users DN), then get a second workflow to act on the user object directly once EA7 has been set to the DN.

Is there a better way to pass the activity target to the script? Is there an option to get the $request.addedmember?

Hi JohnnyQuest , thanks for the information.

Apologies if there are 2 replies, I seem to experience issues posting and replying on here, it never seems to actually show that the action has finished!

That's where I got to with this how to but I don't seem to be able to find the way to reference the user object when calling the script from the Target Properties of Change object properties in the workflow. Is there such a thing as $request.ActivityTarget?

The only other way I can think of to do this is to set EA7 to be something specific (e.g. "NeedsUpdating") and then have a second workflow which processes users with this value so that they are the $request, but it feels to me like there should be an easier way of doing this.

matthew chapman said:

Is there such a thing as $request.ActivityTarget?

There's precisely the issue you are having though is that for this workflow, the "Activity Target" (as far as the AR $Request / Transaction is concerned) is the group.

Your idea of "flagging" the object with "NeedsUpdating" using the Update Properties Activity is a good one as you can then have a Change Workflow that looks for that exact change.

Within a script fired by that workflow, you can reference $Request.DN which will be the distinguishedname of the object being modified.

This is in my view, the least complex / fastest way to solve your problem.

Morning, I'm the OP, but am having some issues with my account so am posting with this one!

Thanks again for all your assistance JohnnyQuest .

I reached out to Quest Support who have provided a new script which works to set EA7 based on a single workflow.

The workflow should be set up using the instructions here or here, then the script should be configured as

Function FindMemberTitle($Request)
{    
    $Members = $Request.Get("Member")
    
    foreach($MemberDN in $Members)
    {
    $eventlog.ReportEvent($Constants.EDS_EVENTLOG_ERROR_TYPE, $MemberDN)
    $Member = Get-QADUser -Identity $MemberDN -IncludeAllProperties   
    $eventlog.ReportEvent($Constants.EDS_EVENTLOG_ERROR_TYPE, $Member.title)

        if ($Member.Title = "IT")        
        {                    
           return "03452"
        }
    }
}

The only change I made to this was to include a lookup table rather than a load of If or a swtich statement, other than that it works perfectly.

Possible issue here:

If ($Member.Title = "IT")       

...needs to be:

If ($Member.Title -eq "IT")       

The forum post you referenced might be using slightly different methods depending on the environment. Ensure you’re using the correct API version or workflow configuration that matches your system.