• State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 93 subscribers
  • Views 7140 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do you add/delete AD group memberships using a script

Eric Dau
over 7 years ago

I am trying to write a script (or can use process step) that will remove all of a person's AD group memberships when an attribute changes.  The script I wrote identifies the correct groups but just running a delete on the ADSAccountinADSGroup record is not working.  A sql trace on the session is showing an insert into dialogprocess prior to the delete statement running when using Manager to remove the group but I can only see the bind variables, not the actual values being inserted.

Does anyone know how to accomplish this or another way it can be done?

Thanks

Eric 

Parents
  • 0 over 7 years ago
    Just as a starting question, are all the group memberships you are trying to remove, direct memberships? Or are some of them requested, or inherited due to role assignments of the person. In the later cases, deleting the memberships from the table ADSAcountInADSGroup will not help.

    And, and would be helpful if you share the version of the product you are using.
Reply
  • 0 over 7 years ago
    Just as a starting question, are all the group memberships you are trying to remove, direct memberships? Or are some of them requested, or inherited due to role assignments of the person. In the later cases, deleting the memberships from the table ADSAcountInADSGroup will not help.

    And, and would be helpful if you share the version of the product you are using.
Children
No Data