This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HEEELLLPP. Getting Added Member from Group Membership change workflow

This is driving me mad!!!

I have a workflow triggered from Group (Operation = Added Member To Group) and will have an equivalent workflow for removal.
I need to be able to identify the user that was added/removed as a member.  The username will be used within the workflow to do a lookup within a script so need to be able to pass through the workflow and also use in notification email.

I cannot see any way of capturing any user attributes within a script or by a search to pass into a script.

If I add an "Add Report Section" activity I can actually select (Logon Name) of Added Member, and see in the Change history workflow that the correct user is captured.  However there is no way of accessing the attribute (that I know of) so I can actually use it.  Added Member is available as a Target Object (alongside Initiator / Activity Target / Workflow Target / Requested Changes / Parameter Object) but not an option in other workflow basic activities or Object Management activities.

Is there a programmatic way to select the Added Member from the workflow within a script activity so that I can do other actions based on the user.  It's annoying that I can select it from the Add Report activity but not from other activities.

I've tried this on ARS7.3.1 in our Dev envt and ARS6.9 in our Live envt.

Parents
  • Targeting the newly added Group Members is not as easy as it should be. If you want to do this in a Workflow, this is what I usually do:

    Drag in a Search operation and configure it like this:

    The "Found Object" will be the newly added Group member.

    Enhancement Request 776463 has been created to possibly change this behaviour in a future version of Active Roles and make this easier to work with.

    Title: HOW TO: Updating Added Member attributes in a Change Workflow

    Solution: 259299

    URL: https://support.oneidentity.com/kb/259299

  • That's brilliant Terrance.  Thank you for that.  I've managed to replicate the settings and confirm that it is pulling through the DN for the added user.
    I've been able to grab the Found object result in a script using
    $userid = $workflow.foundObject("Get Group Member").get("samaccountname")


    My only issue now is trying to pass the id into a workflow parameter so that I can use it in later activities.

    I've tried following the SDK for setting/modifying parameters but not having much luck.

    Any suggestions.  I'm so close to achieving what I need it's ridiculous.

    Thank you for your help so far.

  • If you have a good value in $userid, you can pass it out of the script by putting this value on a line by itself - i.e.

    $userid

    Then, if you have a workflow activity that accepts values from a script, you just have to tell the activity what script it will be getting its value from.

    For example, an update activity.

    In it you would specify the "activity target" as "object from workflow data context" and specify the "script" option.  There you just insert the name of your script that is obtaining your $userid.

Reply
  • If you have a good value in $userid, you can pass it out of the script by putting this value on a line by itself - i.e.

    $userid

    Then, if you have a workflow activity that accepts values from a script, you just have to tell the activity what script it will be getting its value from.

    For example, an update activity.

    In it you would specify the "activity target" as "object from workflow data context" and specify the "script" option.  There you just insert the name of your script that is obtaining your $userid.

Children
No Data