2
Vote

IP Active Directory - GetGroup filter member issue if User DN contains coma

description

Hi,

I try to check with MS Orchestrato IP Active Directory if a AD User is member of AD Group.

For that I create a Runbook. In this Runbook, there 3 actions.
  • "Get User" in AD with filter Sam Account Name
  • "Get Group" in AD with filters Sam Account Name equals "GROUPNAME" and "Inderect Member" or "Member" equals {Distinguished Name from "Get User"
  • Send mail with {Count from "Get Group"}
If the Common Name contains coma as "LASTName, FirstName", the DN contains "LASTName\, FirstName". In this case the {Count from "Get Group"} return 0 whereas user is in the target group.
Example CN: GATES, Bill
Example DN: CN=GATES\, Bill,OU=Test,DC=MS,DC=NET

If you remove coma from CN, the {Count from "Get Group"} return 1 who is right.

NB: In my office, we can't change pattern of the CN.

Bye.

comments