We currently have several Requests that require users to be added to a Security Group to gain access to an application whether it be installing the application or providing login permissions via SSO.  Our endusers Request access through our SSP and only need to select the application or the application and role.  We have a decision table determines the appropriate security group they should be added to and a task is generated for someone to manually add the user.  We would like to automate this using our midserver and a powershell script.  We have a script created but are trying to determine the best approach for pulling the Application name and security group for a give task.  The developer that created the script indicated it would be to complicated to try and pull the security from the decision table.  They are able to pull the application from the task as there is a variable present that lists the application.  For testing purposes are putting the security group name in the additional comments at submission to test the script.  In a real world our users would not know the security group name.  One thing they proposed was for use to create a new variable at the task level that would pull the security group for the given application from the decision table into this field for their script to read.  I'm trying to see if there is a recommended approach when using a powershell script vs the AD spoke.