Not logged in - Login
< back

Active Directory Account Management Using PowerShell

The Active Directory Account Managment component can make use of PowerShell to carry out task on initial user/group provisioning and on subsequent changes to Users or Groups

Active Directory Account Management PowerShell Location

By default the service is installed in the following locaiton:of “C:\Program Files (x86)\Capita\ADAM\Provisioning\ActiveDirectory.Provisioning” Post installation the location used for running Group and User associated PowerShells can amended by editing the file called “ActiveDirectory.Core.config” You need to alter the following values

<add key="UserScriptsFolder" value=".\Scripts\Users" /> 

equates to C:\Program Files (x86)\Capita\ADAM\Provisioning\ActiveDirectory.Provisioning\Scripts\Users and

<add key="GroupScriptsFolder" value=".\Scripts\Groups" /> 

equates to C:\Program Files (x86)\Capita\ADAM\Provisioning\ActiveDirectory.Provisioning\Scripts\Groups

Any PowerShell scripts (*.ps1) inside the target folder(s) will be will be executed in ASCII order when a user is modified (Content of file “00 Read Me.txt” installed into each folder)

Running scripts in a specified order

When a changed user is processed any PowerShell scripts (*.ps1) located in the folder specified by UserScriptsFolder are run in alphabetical order. You are able to run additional scripts by referencing them from within a script. An example script is included below.

Working with User Specific Scripts.

Example PowerShell Script 1.

# Declare parameter(s)
param([string]$User)

Write-Output "PowerShell Script #1 for User $($User)"

$vars = Get-ChildItem env:ADAM-*
foreach($var in $vars)
{
    Write-Output "   $($var.Name) = $($var.Value)"
}

Using Active Directory Account Mangement variables within your scripts.

Like any PowerShell, you can call AD variable in the normal way. In additon to this you are able to call ADAM variable to be used in your scripts Example PoweShell Script 1 shows an example of this.

The $User parameter for the script is set to the user’s sAMAccountName. The following environment variables are available for use within each script.

The following environment variables are available for use within each script.

Environment Variable Meaning
ADAM-action U = User
ADAM-change A = Add U = Update D = Delete
ADAM-homeDrive Letter for user’s Home Drive
ADAM-homeDirectory Path of user’s Home Drive
ADAM-profilePath Path of user’s Profile
ADAM-userPrincipalName User’s UPN
ADAM-* Each mapped attribute (set in SIMS ID) is prefixed with ADAM- so that they are available to any scripts