0

Dynamics AX 2012 – Keeping track of users

Keeping track of AX and domain users can be a bit of a hassle. For example a colleague can disable a user in the domain that is not working at your company anymore but forgets to disable the user in Dynamics AX.

I found a script on MSDN and modified it a little bit to my needs. When you run this script it will ask at any user that is not disabled in AX but is disabled in the network domain if you want to disable it.

At my company we run it once in a while to disable all the users that are disabled in the domain.

static void CheckAXUsers(Args _args)
{
#define.UserAccountControl  ('userFlags')
#define.UF_ACCOUNTDISABLE   (0x0002)
 
Counter                     numTotal;
Counter                     numNotFound;
Counter                     numDisabled;
UserInfo                    userInfo;
int                         userAccControl;
COM                         dirObject;
str                         dirPath;
 
 
while select forupdate userInfo
   where   userInfo.networkAlias
       &&  userInfo.networkDomain
{
   numTotal++;
   dirPath = strfmt(@"WinNT://%1/%2,User", userInfo.networkDomain, userInfo.networkAlias);
   dirObject = COM::getObjectEx(dirPath);
   if (dirObject)
    {
       if (userInfo.enable)
       {
           userAccControl = dirObject.get(#UserAccountControl);
           if (bitTest(userAccControl, #UF_ACCOUNTDISABLE))
           {
               numDisabled++;
               info(strfmt("%1@%2 disabled in AD, but not in AX", userInfo.networkAlias, userInfo.networkDomain));
 
               Box::info(strfmt("%1@%2 disabled in AD, but not in AX", userInfo.networkAlias, userInfo.networkDomain));
 
               if(Box::okCancel(strFmt("Disable %1@%2", userInfo.networkAlias, userInfo.networkDomain), DialogButton::Cancel) == DialogButton::Ok)
               {
                   //OK
                  ttsBegin; 
                   userInfo.enable=0;
                   userInfo.update();
                  ttsCommit;
               }
 
           }
       }
 
        dirObject.finalize();
       dirObject = null;
 
   }
   else
   {
       numNotFound++;
       warning(strfmt(@"%1@%2 - not found", userInfo.networkAlias, userInfo.networkDomain));
   }
}
info(strfmt(@"Total: %1, not found: %2, disabled in AD, but not in AX: %3", numTotal, numNotFound, numDisabled));
}

jack

Leave a Reply