Dynamics 365 AX Trix: Disable users who are not active in Active Directory

Occasionally when auditors come by I like to disable all user accounts in AX which have been disabled in Active Directory. Even though AD will not let them login auditors have a hard time understanding it, so I disable the users. Many times we do not get notification that someone has left the company, or sometimes it does not reach the right people in charge of AX security. So I made the job below which disables users in AX because they are disabled in Active Directory. The job takes a little while to run.

static void disableUsersMissingInAD(Args _args)
{
    UserInfo                userInfoUpdate;
    xAxaptaUserManager      xAxaptaUserManager;
    xAxaptaUserDetails      xAxaptaUserDetails;
    #Guest
    
    xAxaptaUserManager = new xAxaptaUserManager();

    Global::startLengthyOperation();
    ttsbegin;

    while select forUpdate userInfoUpdate
    order by networkAlias
    where userInfoUpdate.Id != #GuestUser
       && userInfoUpdate.enable == 1
    {
        // Get the single user's details from the kernel class
        xAxaptaUserDetails = xAxaptaUserManager.getDomainUser(userInfoUpdate.NetworkDomain, userInfoUpdate.NetworkAlias);

        // Only show users who are enabled in Active Directory
        if (xAxaptaUserDetails == null || xAxaptaUserDetails.getUserCount() == 0 || !xAxaptaUserDetails.isUserEnabled(0))
        {
            userInfoUpdate.enable = 0;
            userInfoUpdate.update();
        }
    }

    ttscommit;
    Global::endLengthyOperation();
}

Dynamics 365 AX Trix

Monday, November 1, 2010

Disable users who are not active in Active Directory

No comments:

Post a Comment