Active Directory Module Steps
- 18 Sep 2024
- 7 Minutes to read
- Print
- DarkLight
Active Directory Module Steps
- Updated on 18 Sep 2024
- 7 Minutes to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Breaking change on upgrading to v9
If upgrading from v8.14 to v9, it is essential that users using the "List Users In OU" step will not work. This is due to an update that alters the input requirement, requiring users to provide the OU name instead of the entire URL. Update the step input to avoid workflow disruptions.
Upgrading to v9:
Microsoft has renamed Azure Active Directory (Azure AD) to Microsoft Entra ID. This change has been incorporated into the platform starting from v8.17 and above.
Module Details | |
Core or Github Module | Core module |
Restart Required? | No |
Step Location | Integration > Active Directory |
Settings Location | System > Settings > Entra ID Settings |
The Active Directory module introduces Flow steps that allow users to build Flows centered around managing the Active Directory, such as creating users, groups, and associations. Installing the module will also provide steps that handle Microsoft Entra ID (formerly known as Azure Active Directory) accounts.
Prerequisites
- Setup an Active Directory Server Authentication
- Active Directory module installed
- Project dependency created
Active Directory Steps
Location | Step Name | Description | Inputs/Outputs |
---|---|---|---|
Users | Find User By SAMAccount Name | The Find User By SAMAccount Name step connects to the Active Directory by configuring the Connection String Input and searches for the provided account via the SAMAccount Name Input. It then outputs the found account's information. | Inputs: Connection Settings (ADStepSettings), SAMAccount Name (String) |
Outputs: Output (ADUser) | |||
Find User By SAMAccount Name JSON | The Find User By SAMAccount Name JSON step connects to the Active Directory by configuring the Connection String Input and searches for the provided account via the SAMAccount Name Input. It then outputs the found account's information in a JSON string. | Inputs: Connection Strings (ADStepSettings), SAMAccount Name (String) | |
Outputs: Output (String) | |||
Get All Users | The Get All Users step connects to the Active Directory by configuring the Connection Strings Input and then outputs a list of all found Active Directory users. | Inputs: Connection Strings (ADStepSettings) | |
Outputs: Output (ADUser[]) | |||
Set New Password | The Set New Password step finds the specified user name and then changes its password to the value of the New Password Input. If an error occurs on this step, it then outputs an error message. | Inputs: New Password (String), User Name (String) | |
Outputs: Error Message (String) | |||
Root | Disable User | The Disable User step connects to the LDAP server by configuring its System User Name. System Password and LDAP Server Address Inputs. It then disables the user matching the login of the Login Name Input, thus preventing them from logging into the server until re-enabled. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String) |
Outputs: None | |||
Enable User | The Enable User step connects to the LDAP server by configuring its System User Name. System Password and LDAP Server Address Inputs. It then enables the user to match the login of the Login Name Input, thus allowing them to log back into the server again. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String) | |
Outputs: None | |||
Get Groups List | The Get Group List step connects to the LDAP server by configuring its System User Name. System Password and LDAP Server Address Inputs. The Ou Path Input prompts which Organization Unit the step will search for groups, if at all. It then outputs the list of found groups. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String) | |
Output: Output (String[]) | |||
List Users In OU | The List Users In OU connects to the Active Directory by configuring the Connection String Input. | Inputs: Connection Strings (ADStepSettings), Limit (Int32), OU (String) | |
Outputs: Output (ADUser[]) | |||
Find Computer By Name | The Find Computer By Name step connects to the Active Directory by configuring the Connection String Input and then searches for a computer matching the Computer Name Input. It then outputs the found computer's information. | Inputs: Computer Name (String), Connection Settings (ADStepSettings) | |
Outputs: Output (ADComputer) | |||
Find Computers By Name | The Find Computer By Name step connects to the Active Directory by configuring the Connection String Input and then searches computers matching the Computer Name Input. It then outputs the found computer's information. | Inputs: Computer Name (String), Connection Settings (ADStepSettings) | |
Outputs: Output (ADComputer[]) | |||
Find Group By Name | The Find Group By Name step connects to the Active Directory by configuring the Connection String Input and then searches for the group matching the Group Name Input. It then outputs the found group's information. | Inputs: Connection Settings (ADStepSettings), Group Name (String) | |
Outputs: Output (ADGroup) | |||
Find Groups By Name | The Find Groups By Name step connects to the Active Directory by configuring the Connection String Input and then searches for the groups matching the Group Name Input. It then outputs the information for the found groups. | Inputs: Connection Settings (ADStepSettings), Group Name (String) | |
Outputs: Output (ADGroup[]) | |||
List Computers In Active Directory | The List Computers In Active Directory step connects to the Active Directory by configuring the Connection String Input. It then outputs a list of all computers within the Active Directory along with their information. | Inputs: Connection Strings (ADStepSettings) | |
Outputs: Output (ADComputer[]) | |||
List Groups In Active Directory | The List Groups In Active Directory step connects to the Server IP Input with the specified User Name and Password, aka Pwd Inputs. It then outputs a list of all groups within the server, along with their information. | Inputs: Pwd (String), Server Ip (String), User Name (String) | |
Outputs: Output (ADGroup[]) | |||
Add Group | The Add Group step selects a group to be added for an AD sync | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Name (String), Ou Path (String) | |
Outputs: None | |||
Add User To Group | The Add User to Group step selects a specified user and adds them to the Group. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String), Group Name (String), | |
Outputs: None | |||
Convert Active Directory UTC Time To Date Time | The Convert Active Directory UTC Time to Date Time step converts an int64 value into a DateTime object. | Input: Long Value (Int64) | |
Outputs: ConvertActiveDirectorryUTCTimeToDateTime (DateTime) | |||
Create Group | The Create Group step defines a new group to be added to the AD server | Inputs: Description (String), Is Security Group (Boolean), New Group Name (String), Optional Container (String), Pwd, (String), Server IP Or Domain (String), User Name (String) | |
Outputs: None | |||
Create OU | The Create OU step allows a new OU group to be defined and added to the AD server. | Inputs: Connection Settings (ADStepSettings), NewOUDescription (String), NewOUName (String), Parent OU (String) | |
Outputs: Name | |||
Create User Advanced | The Create User Advanced step allows for new AD accounts to be created using a Flow. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Department (String), Email (String), First Name (String), Last Name (String), Login Name (String), Ou Path (String), User Password (String) | |
Outputs: None | |||
Delete User | The Delete User step removes a user from the AD server. The synced AD account will not be removed from Decisions. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String) | |
Outputs: None | |||
List Org Unit in Active Directory | The List Org Unit in Active Directory step lists out the organization units available in an AD environment. | Inputs: Pwd (String), Server Ip (String), User Name (String) | |
Outputs: None | |||
Remove Group | The Remove Group step removes a group from the AD environment. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Name (String). Ou Path (String) | |
Outputs: None | |||
Remove User From Group | The Remove User From Group step removes a group from a specific user in the AD environment. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Group Name (String). Login Name (String) | |
Outputs: None | |||
Unlock User | The Unlock User step unlocks a user account in the AD environment. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String) | |
Outputs: None | |||
Update User | The Update User step updates a user account in the AD environment. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Department (String), Email (String), First Name (String), Last Name (String), Login Name (String) | |
Outputs: None | |||
User Exists | The User Exists step checks to see if an inputted login name exists in the AD environment. | Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Group Name (String). Login Name (String) | |
Outputs: None | |||
Microsoft Entra ID (formerly known as Azure Active Directory) | Add User To Group | The Add User to Group step allows users to be added to an Azure Active Directory environment. | Inputs: Group ID (String), User ID (String) |
Outputs: None | |||
Disable User | The Disable User step allows users to be disabled in an AAD environment. | Inputs: User ID (String) | |
Outputs: None | |||
Enable User | The Enable User step enables the inputted account in an AAD environment. | Inputs: User ID (String) | |
Outputs: None | |||
Remove User From Group | The Remove User From Group step provides a method to remove a user from a specified group in an AAD environment. | Inputs: Group ID (String), User ID (String) | |
Outputs: None | |||
User Exists | The User Exists step checks to see if an inputted login name exists in the AAD environment. | Inputs: User ID (String) | |
Outputs: None |
Active Directory Internal Services Methods
While not added to the Active Directory module's installation, the following commonly used pre-built methods streamline or otherwise assist with Active Directory configurations. These are part of Call Internal Decisions Service Step, found under Integration > Internal Services. Pick Service Name ActiveDirectoryServices for a full list of methods.
Method Name | Description | Inputs/Outputs |
---|---|---|
GetActiveDirectorySettings | The GetActiveDirectorySettings method automatically gathers the current configuration of the installed Active Directory module's settings and then outputs them. This output may be mapped to Active Directory steps needing connection string Inputs to save time over manually entering them. | Inputs: None |
Outputs: Output (ActiveDirectorySettings) | ||
TestLogin | The TestLogin method creates a test login user account for the Active Directory server, which is often used to test connections. It then outputs the results of the login test. | Inputs: Domain and User Name (String), Password (String) |
Outputs: Output (ActiveDirectoryLoginTestResult) |
Feature Changes
Description | Version | Release Date | Developer Task |
---|---|---|---|
Wildcard (*) searches will now work properly. | 9.3 | September 2024 | [DT-041927] |
For further information on Modules, visit the Decisions Forum.
Was this article helpful?