DESCRIPTION
This script policy demonstrates how to notify a temporal member of a group about his membership expiration and removal from a group. This script policy is intended to be used with temporal group membership feature introduced in ARS 6.1.
Note This code may use functions from the ARS Script Policy Best Practices. Please, follow the link to obtain instructions and code for those functions.
SCRIPT
'*********************************************************************************
' THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
' EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED
' WARRANTIES OF MERCHANTBILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
'
' IF YOU WANT THIS FUNCTIONALITY TO BE CONDITIONALLY SUPPORTED,
' PLEASE CONTACT QUEST PROFESSIONAL SERVICES.
'*********************************************************************************
'
' This code is published on the ActiveRoles Script Center:
' http://communities.quest.com/docs/DOC-9991
'
' This code may use functions from the ARS Script Policy Best Practices:
' http://communities.quest.com/docs/DOC-10016
'
' Please, follow the link to obtain instructions and code for those functions.
'*********************************************************************************
Option Explicit
' To distinguish between member removal performed manually, and automatic reval upon
' expiration the script checks for request initiator name. Thus, the script needs
' to know the ARS Service account name, in form <DOMAIN>\<Logon name>
Const c_strARSServiceAccount = "QUEST\SRV.Quest.ARS"
'===========================================================================
' Execute Request
'===========================================================================
Sub onPreModify(Request)
'Optimization: check that group object is being updated
If Not IsObjectClassRequested ("group", Request) Then Exit Sub
'Optimization: check that attribute member is being updated for a group object
If Not IsAttributeModified ("member", Request) Then Exit Sub
'Validate the originator of even
If Not( LCase(Security.Sessions.Current.UserName) = LCase(c_strARSServiceAccount)) Then Exit Sub
'Retrieve the GroupName
Dim strGroupName
strGroupName = GetAttribute ("name", DirObj)
'Configure message and send options
strCmdMailCC = "GG-ARSAdmins@quest.demo"
strCmdMailFrom = "ActiveRolesServer@quest.demo"
constSmtpPort = 25
constSmtpServer = "quest-apl1.quest.demo"
strCmdSubject = "End of temporal Group Membership in group: " & strGroupName
'Go through properties being updated Until member attribute found
For i=0 To Request.PropertyCount-1
Set item = Request.Item(i)
If item.Name = "member" Then
If item.ControlCode = ADS_PROPERTY_DELETE Then
For Each v In item.Values
strDN = v.DNString
' strDN is a DN of a member being removed from a group
' Send an email to the removed user
Set objUser = GetObject("EDMS://" & strDN)
objUser.GetInfo
strRecipient = objUser.Get("mail")
' set remaining mail data and call mail subroutine
strCmdMsgText = "According to the configuration, your account will be removed from the group " & strGroupName & "." & vbCRLF
strCmdMsgText = strCmdMsgText & "Please contact the Help Desk if this action is in error." & vbCRLF & vbCRLF
strCmdMailTo = strRecipient
ITT_SendMail strCmdMsgText, strCmdSubject, strCmdMailTo, strCmdMailCC, strCmdMailFrom, constSmtpServer, constSmtpPort
Next
End If
End If
Next
End Sub
Sub ITT_SendMail(ByVal strCmdMsgText, ByVal strCmdSubject, ByVal strCmdMailTo, ByVal strCmdMailCC, ByVal strCmdMailFrom, constSmtpServer, constSmtpPort)
' Specify that the message will be sent using the network
' (SMTP over the network).
Const CdoSendUsingPort = 2
Set iMsg = CreateObject("CDO.Message")
With iMsg
.From = strCmdMailFrom
.To = strCmdMailTo
.CC = strCmdMailCC
.Subject = strCmdSubject
End With
Set iBp = iMsg.BodyPart
iBp.ContentMediaType = "text/plain"
Set iBp2 = iBp.AddBodyPart
With iBp2
.ContentMediaType = "text/plain"
.ContentTransferEncoding = "7bit"
Set Stm = .GetDecodedContentStream
Stm.WriteText strCmdMsgText
Stm.Flush
End With
' Configure message
Set iConf = CreateObject("CDO.Configuration")
Set Flds = iConf.Fields
Flds("http://schemas.microsoft.com/cdo/configuration/sendusing") = CdoSendUsingPort
Flds("http://schemas.microsoft.com/cdo/configuration/smtpserver") = constSmtpServer
Flds("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = constSmtpPort
Flds.Update
Set iMsg.Configuration = iConf
' Send message
iMsg.Send
End Sub
'***** END OF CODE ***************************************************************
COMPATIBILITY
Script compatible with the following version(s): <Not specified>