Active Directory

Automate and Active Directory Guide

Introduction

This document provides detailed instructions on integrating Active Directory (AD) with Automate, a powerful workflow automation platform. It outlines the actions available within Automate for seamless interaction with various functionalities offered by Active Directory. It explains how Automate utilizes this integration to automate tasks, streamline processes, and enhance operational efficiency.

What is Active Directory?

Active Directory (AD) is Microsoft's directory service that provides a centralized location for network administration, authentication, and authorization. It serves as a repository for information about users, computers, and other resources within a network.

Key Features of Active Directory

  • User Management: Allows administrators to create, manage, and authenticate user accounts.

  • Group Policy: Enables the centralized management of security policies, software deployment, and system configurations.

  • LDAP Integration: Provides support for Lightweight Directory Access Protocol (LDAP) for accessing and managing directory services.

Automate Integration with Active Directory

Automate offers a set of pre-built actions that empower users to automate tasks within their workflows by leveraging Active Directory's capabilities. These actions enable users to perform various operations, such as user management, group management, and LDAP queries.

Automate integrates seamlessly with Active Directory, enabling users to automate various administrative tasks and user management operations. This integration enhances efficiency and reduces manual efforts in managing Active Directory resources.

Examples of Automated Tasks

  • Creating new user accounts based on predefined templates.

  • Modifying group memberships for users based on role changes.

  • Updating user attributes such as email addresses or phone numbers.

Using the Integration

This section provides instructions on utilizing the actions available in the Automate-Active Directory integration.

Credentials

Steps to establish a secure connection between Automate and Active Directory using credentials.

How to Create Credentials

  1. Log in to Automate as an administrator.

  2. Navigate to the Active Directory settings section.

  3. Go to Vault page at left side of menu.

  4. Select "Create New Credentials" option.

  5. Enter the required information:

    • Active Directory Domain

    • Username

    • Password

    • LDAP Path

  6. Save the credentials securely.

How to Use Actions

Here are the available actions for integrating Automate with Active Directory, along with explanations:

Add Group

Description: Adds a new security or distribution group to Active Directory.

Purpose: This action is used to create new groups within Active Directory, allowing for organized management of users and resources.

Usage:

  • Enter the Group Name: The name of the group to be added.

  • Provide a unique Distinguished Name (DN) for the group.

  • Add a brief Description of the group.

  • Choose the appropriate Group Scope:

    • Domain Local: For granting access within a single domain.

    • Global: For granting access to resources in multiple domains.

    • Universal: For granting access across multiple domains in a forest.

  • Specify the Group Type:

    • Security: For security-related permissions.

    • Distribution: For email distribution lists.

Inputs:

  • Group Name: The name of the group to be added.

  • Distinguished Name (DN): The unique identifier for the group.

  • Description: A brief description of the group.

  • Group Scope: The scope of the group (Domain Local, Global, Universal).

  • Group Type: The type of group (Security, Distribution).

Outputs: None

Add Object To Group

Description: Adds an object to a specific group in Active Directory.

Purpose: This action allows for the association of objects, such as users or other groups, with existing groups in Active Directory.

Usage:

  • Enter the LDAP Path of the object: The LDAP path of the object you want to add to a group.

  • Specify the Group Name: The name of the group to which the object will be added.

Inputs:

  • LDAP Path: The LDAP path of the object.

  • Group Name: The name of the group to which the object will be added.

Outputs: None

Add User To Group

Description: Adds user(s) to a specific group in Active Directory.

Purpose: This action simplifies the process of adding users to groups, ensuring proper access controls and permissions.

Usage:

  • Provide the Usernames of the user(s) you want to add.

  • Specify the Group Name: The name of the group to which the user(s) will be added.

Inputs:

  • Users: The username(s) of the user(s) to be added.

  • Group Name: The name of the group to which the user(s) will be added.

Outputs: None

Connect

Description: Establishes a connection with the Active Directory environment.

Purpose: This action initiates a secure connection to the Active Directory server, enabling subsequent actions to interact with the directory.

Usage:

  • Select the desired Connection Type.

  • Enter the Address for the LDAP connection (e.g., ldap.example.com:389).

  • Provide the Username for the LDAP connection.

  • Enter the Password for the LDAP connection.

  • Specify the Base Path of the Active Directory (e.g., dc=automate,dc=com).

Inputs:

  • Connection Type: The type of connection.

  • Address: The address for the LDAP connection.

  • User: The username for the LDAP connection.

  • Password: The password for the LDAP connection.

  • Base Path: The base path of the Active Directory.

Outputs: None

Create Contact

Description: Creates a new contact in Active Directory.

Purpose: This action facilitates the addition of contact information for individuals or entities in the Active Directory directory.

Usage:

  • Enter the First Name of the contact.

  • Provide the Last Name of the contact.

  • Specify the Display Name for the contact.

  • Enter a Distinguished Name (DN) for the contact.

  • Provide the Email address of the contact.

  • Add a brief Description of the contact.

  • Specify the Department of the contact.

  • Enter the Title of the contact.

Inputs:

  • First Name: The first name of the contact.

  • Last Name: The last name of the contact.

  • Display Name: The display name of the contact.

  • Distinguished Name (DN): The unique identifier for the contact.

  • Email: The email address of the contact.

  • Description: A brief description of the contact.

  • Department: The department of the contact.

  • Title: The title of the contact.

Outputs: None

Create Object

Description: Creates a new object in Active Directory.

Purpose: This action enables the creation of new objects, such as users or groups, within the Active Directory structure.

Usage:

  • Choose the Object Type to create.

  • Specify the LDAP Path for the new object.

  • Add any desired Custom Attributes for the new object.

Inputs:

  • Object Type: The type of object to create.

  • LDAP Path: The LDAP path for the new object.

  • Custom Attributes: Any custom attributes for the new object.

Outputs: None

Create User

Description: Creates a new user in Active Directory.

Purpose: This action simplifies the process of adding new users to the Active Directory environment.

Usage:

  • Enter the desired Username for the new user.

  • Provide the Logon Name for the new user.

  • Enter the First Name of the new user.

  • Specify the Last Name of the new user.

  • Provide a Distinguished Name (DN) for the new user.

  • Enter the Email address of the new user.

  • Set the initial Password for the new user.

  • Add a brief Description of the new user.

  • Specify the Department of the new user.

  • Enter the Title of the new user.

  • Check the Is Disabled checkbox if the user should be initially disabled.

Inputs:

  • Username: The username for the new user.

  • Logon Name: The logon name for the new user.

  • First Name: The first name of the new user.

  • Last Name: The last name of the new user.

  • Distinguished Name (DN): The unique identifier for the new user.

  • Email: The email address of the new user.

  • Password: The initial password for the new user.

  • Description: A brief description of the new user.

  • Department: The department of the new user.

  • Title: The title of the new user.

  • Is Disabled: Whether the user account should be initially disabled.

Outputs: None

Delete Computer

Description: Deletes a computer from Active Directory.

Purpose: This action removes the specified computer object from the Active Directory environment.

Usage:

  • Enter the Computer CN of the computer to delete.

Inputs:

  • Computer CN: The Common Name (CN) of the computer to delete.

Outputs: None

Delete Object

Description: Deletes an object from Active Directory.

Purpose: This action removes the specified object from the Active Directory structure.

Usage:

  • Enter the Distinguished Name (DN) of the object to delete.

Inputs:

  • Distinguished Name (DN): The unique identifier of the object to delete.

Outputs: None

Delete User

  • Description: Deletes a user from Active Directory.

  • Purpose: This action removes the specified user account from the Active Directory environment.

  • Usage:

    • Enter the Username or Logon Name of the user to delete.

  • Inputs:

    • Username or Logon Name: The username or logon name of the user to delete.

  • Outputs: None

Disable User

Description: Disables a user account in Active Directory.

Purpose: This action deactivates the specified user account, preventing user access.

Usage:

  • Enter the Username or Logon Name of the user to disable.

Inputs:

  • Username or Logon Name: The username or logon name of the user to disable.

Outputs: None

Disconnect

Description: Closes the connection with the Active Directory environment.

Purpose: This action terminates the current session and closes the connection to the Active Directory server.

Usage: No additional input required. This action closes the current Active Directory session.

Inputs: None

Outputs: None

Enable User

Description: Enables a previously disabled user account in Active Directory.

Purpose: This action reactivates the specified user account, restoring user access.

Usage:

  • Enter the Username or Logon Name of the user to enable.

Inputs:

  • Username or Logon Name: The username or logon name of the user to enable.

Outputs: None

LDAP Query

Description: Executes a custom LDAP query in Active Directory.

Purpose: This action allows users to perform custom LDAP queries to retrieve specific information from the Active Directory.

Usage:

  • Enter the desired LDAP Query to execute.

  • Specify the Attribute to retrieve.

  • Assign an Output Variable to store the results of the query.

Inputs:

  • LDAP Query: The custom LDAP query to execute.

  • Attribute: The attribute to retrieve.

  • Output Variable: The variable to store the query results.

Outputs: The results of the LDAP query stored in the specified output variable.

Content library active-directory.action.move-computer

Move Object

Description: Moves an object to a different location within the Active Directory structure.

Purpose: This action relocates the specified object to the designated destination within the Active Directory.

Usage:

  • Enter the LDAP Path of the object to move.

  • Specify the Move to location for the object.

Inputs:

  • LDAP Path: The LDAP path of the object to move.

  • Move to: The destination location within the Active Directory structure.

Outputs: None

Password Reset

Description: Resets the password of a user in Active Directory.

Purpose: This action allows administrators to reset the password of a user account in Active Directory.

Usage:

  • Enter the Account's Username or Logon Name of the user.

  • Optionally, specify whether the user should be prompted to change the password at the next login.

Inputs:

  • Account's Username or Logon Name: The username or logon name of the user.

  • Require Password Change: Flag to indicate if the user should change the password at next login.

Outputs: None

Remove Object From Group

Description: Removes an object from Active Directory.

Purpose: This action deletes the specified object from the Active Directory structure.

Usage:

  • Enter the LDAP Path of the object to remove.

  • Specify the Group Name from which to remove the object.

Inputs:

  • LDAP Path: The LDAP path of the object to remove.

  • Group Name: The name of the group from which to remove the object.

Outputs: None

Remove User From Group

Description: Removes user(s) from a specific group in Active Directory.

Purpose: This action removes the specified user(s) from the designated group, adjusting access permissions.

Usage:

  • Enter the Username of the user(s) to remove.

  • Specify the Group Name from which to remove the user(s).

Inputs:

  • Username: The username(s) of the user(s) to remove.

  • Group Name: The name of the group from which to remove the user(s).

Outputs: None

Unlock User

Description: Unlocks a locked user account in Active Directory.

Purpose: This action unlocks the specified user account, granting access to the user.

Usage:

  • Enter the Username or Logon Name of the user to unlock.

Inputs:

  • Username or Logon Name: The username or logon name of the user to unlock.

Outputs: None

Update Contact

Description: Updates a contact in Active Directory.

Purpose: This action allows for the modification of contact information for individuals or entities within the Active Directory.

Usage:

  • Enter the Distinguished Name (DN) of the contact.

  • Provide updated information such as First Name, Last Name, Display Name, Email, Description, Department, Title, and any Custom Attributes.

Inputs:

  • Distinguished Name (DN): The unique identifier for the contact.

  • First Name: The updated first name of the contact.

  • Last Name: The updated last name of the contact.

  • Display Name: The updated display name of the contact.

  • Email: The updated email address of the contact.

  • Description: The updated description of the contact.

  • Department: The updated department of the contact.

  • Title: The updated title of the contact.

  • Custom Attributes: Any custom attributes to update for the contact.

Outputs: None

Update Object

Description: Updates an object in Active Directory.

Purpose: This action enables the modification of attributes and properties of existing objects within the Active Directory structure.

Usage:

  • Enter the LDAP Path of the object to update.

  • Specify the Attributes to update for the object.

Inputs:

  • LDAP Path: The LDAP path of the object to update.

  • Attributes: The attributes to update for the object.

Outputs: None

Update User

Description: Updates a user in Active Directory.

Purpose: This action allows for the modification of user account information, such as names, contact details, and permissions.

Usage:

  • Enter the Username or Logon Name of the user.

  • Provide updated information such as First Name, Last Name, Display Name, Email, Description, Department, Title, and any Custom Attributes.

Inputs:

  • Username or Logon Name: The username or logon name of the user.

  • First Name: The updated first name of the user.

  • Last Name: The updated last name of the user.

  • Display Name: The updated display name of the user.

  • Email: The updated email address of the user.

  • Description: The updated description of the user.

  • Department: The updated department of the user.

  • Title: The updated title of the user.

  • Custom Attributes: Any custom attributes to update for the user.

Outputs: None

Additional Tips

Use Cases

FAQ

Previous4meNextAFAS

Last updated