Note: Applies to Directory Premium hybrid (on-premises AD) deployments only
Directory can optionally execute a PowerShell script (PostUpdateScript.ps1) after committing an attribute change to Active Directory.
Two parameters are passed to the script on execution:
$property - the Active Directory name of the user attribute that Directory has just committed a change to in Active Directory
$user - the Active Directory objectGUID for the user. The base script resolves this to an AD user ($ADUser) and User Principal Name ($upn)
This script can be further customized to perform any desired action when specified properties are updated.
Prerequisites
- The Directory Agent host server must have the Active Directory PowerShell module installed
- The Directory Service Account must be able to execute PowerShell scripts (unrestricted)
Configuration
1 Create the Script
Create PostUpdateScript.ps1 in "C:\Users\<hyperfishsvc>\AppData\Local\Hyperfish\" where <hyperfishsvc> is the Directory service account.
You can copy the contents from the example PostUpdateScript.ps1 at https://github.com/Hyperfish/scripts/blob/master/PowerShellHooks/PostUpdateScript.ps1 to get started.
2 Set the Script Path
Stop the Directory service, and modify servicesettings.json (C:\Users\<hyperfishsvc>\AppData\Local\Hyperfish\) using a text editor.
Find the "PostUpdateScript" parameter and add the path to PostUpdateScript.ps1 as shown here:
"PostUpdateScript": "\"C:\\Users\\{User}\\AppData\\Local\\Hyperfish\\PostUpdateScript.ps1\""
Make sure to replace {User} with the name of your Directory Service account.
If you're unsure about the formatting of the contents of the .json file, you can use a JSON validator to make sure it's formatted correctly.
3 Confirm Script Execution
Save servicesettings.json and start the Directory service.
PostUpdateScript.ps1 will be executed when changes are committed to AD from Directory .
SharePoint Online Update Example
This example script can be added to the PostUpdateScript.ps1 provided in the Directory Scripts repository:
https://github.com/Hyperfish/scripts/blob/master/PowerShellHooks/UpdateSPOProperties.ps1
When a specified attribute is updated in Active Directory, this script updates a corresponding single or multi-valued SharePoint Online Profile attribute, e.g., SPS-AboutMe, SPS-Skills
O365SaveCreds.ps1 is used to generate the cached Office 365 admin credentials file
Comments
0 comments
Please sign in to leave a comment.