Active Directory Module Steps
  • 18 Sep 2024
  • 7 Minutes to read
  • Dark
    Light

Active Directory Module Steps

  • Dark
    Light

Article summary

Breaking change on upgrading to v9
If upgrading from v8.14 to v9, it is essential that users using the "List Users In OU" step will not work. This is due to an update that alters the input requirement, requiring users to provide the OU name instead of the entire URL. Update the step input to avoid workflow disruptions.
Upgrading to v9:
Microsoft has renamed Azure Active Directory (Azure AD) to Microsoft Entra ID. This change has been incorporated into the platform starting from v8.17 and above.
Module Details
Core or Github ModuleCore module
Restart Required?No
Step Location Integration > Active Directory
Settings Location System > Settings > Entra ID Settings

The Active Directory module introduces Flow steps that allow users to build Flows centered around managing the Active Directory, such as creating users, groups, and associations. Installing the module will also provide steps that handle Microsoft Entra ID (formerly known as Azure Active Directory) accounts.

Prerequisites


Active Directory Steps

LocationStep NameDescriptionInputs/Outputs
UsersFind User By SAMAccount NameThe Find User By SAMAccount Name step connects to the Active Directory by configuring the Connection String Input and searches for the provided account via the SAMAccount Name Input. It then outputs the found account's information.Inputs: Connection Settings (ADStepSettings), SAMAccount Name (String)
Outputs: Output (ADUser)
Find User By SAMAccount Name JSONThe Find User By SAMAccount Name JSON step connects to the Active Directory by configuring the Connection String Input and searches for the provided account via the SAMAccount Name Input. It then outputs the found account's information in a JSON string.Inputs: Connection Strings (ADStepSettings), SAMAccount Name (String)
Outputs: Output (String)
Get All UsersThe Get All Users step connects to the Active Directory by configuring the Connection Strings Input and then outputs a list of all found Active Directory users.Inputs: Connection Strings (ADStepSettings)
Outputs: Output (ADUser[])
Set New PasswordThe Set New Password step finds the specified user name and then changes its password to the value of the New Password Input. If an error occurs on this step, it then outputs an error message.Inputs: New Password (String), User Name (String)
Outputs: Error Message (String)
RootDisable UserThe Disable User step connects to the LDAP server by configuring its System User Name. System Password and LDAP Server Address Inputs. It then disables the user matching the login of the Login Name Input, thus preventing them from logging into the server until re-enabled.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String)
Outputs: None
Enable UserThe Enable User step connects to the LDAP server by configuring its System User Name. System Password and LDAP Server Address Inputs. It then enables the user to match the login of the Login Name Input, thus allowing them to log back into the server again.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String)
Outputs: None
Get Groups ListThe Get Group List step connects to the LDAP server by configuring its System User Name. System Password and LDAP Server Address Inputs. The Ou Path Input prompts which Organization Unit the step will search for groups, if at all. It then outputs the list of found groups.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String)
Output: Output (String[])
List Users In OUThe List Users In OU connects to the Active Directory by configuring the Connection String Input.Inputs: Connection Strings (ADStepSettings), Limit (Int32), OU (String)
Outputs: Output (ADUser[])
Find Computer By NameThe Find Computer By Name step connects to the Active Directory by configuring the Connection String Input and then searches for a computer matching the Computer Name Input. It then outputs the found computer's information.Inputs: Computer Name (String), Connection Settings (ADStepSettings)
Outputs: Output (ADComputer)
Find Computers By NameThe Find Computer By Name step connects to the Active Directory by configuring the Connection String Input and then searches computers matching the Computer Name Input. It then outputs the found computer's information.Inputs: Computer Name (String), Connection Settings (ADStepSettings)
Outputs: Output (ADComputer[])
Find Group By NameThe Find Group By Name step connects to the Active Directory by configuring the Connection String Input and then searches for the group matching the Group Name Input. It then outputs the found group's information.Inputs: Connection Settings (ADStepSettings), Group Name (String)
Outputs: Output (ADGroup)
Find Groups By NameThe Find Groups By Name step connects to the Active Directory by configuring the Connection String Input and then searches for the groups matching the Group Name Input. It then outputs the information for the found groups.Inputs: Connection Settings (ADStepSettings), Group Name (String)
Outputs: Output (ADGroup[])
List Computers In Active DirectoryThe List Computers In Active Directory step connects to the Active Directory by configuring the Connection String Input. It then outputs a list of all computers within the Active Directory along with their information.Inputs: Connection Strings (ADStepSettings)
Outputs: Output (ADComputer[])
List Groups In Active DirectoryThe List Groups In Active Directory step connects to the Server IP Input with the specified User Name and Password, aka Pwd Inputs. It then outputs a list of all groups within the server, along with their information.Inputs: Pwd (String), Server Ip (String), User Name (String)
Outputs: Output (ADGroup[])
Add GroupThe Add Group step selects a group to be added for an AD syncInputs: System User Name (String), System Password (String). LDAP Server Address (String), Name (String), Ou Path (String)
Outputs: None
Add User To GroupThe Add User to Group step selects a specified user and adds them to the Group.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String), Group Name (String),
Outputs: None
Convert Active Directory UTC Time To Date TimeThe Convert Active Directory UTC Time to Date Time step converts an int64 value into a DateTime object.Input: Long Value (Int64)
Outputs: ConvertActiveDirectorryUTCTimeToDateTime (DateTime)
Create GroupThe Create Group step defines a new group to be added to the AD serverInputs: Description (String), Is Security Group (Boolean), New Group Name (String), Optional Container (String), Pwd, (String), Server IP Or Domain (String), User Name (String)
Outputs: None
Create OUThe Create OU step allows a new OU group to be defined and added to the AD server.Inputs: Connection Settings (ADStepSettings), NewOUDescription (String), NewOUName (String), Parent OU (String)
Outputs: Name
Create User AdvancedThe Create User Advanced step allows for new AD accounts to be created using a Flow.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Department (String), Email (String), First Name (String), Last Name (String), Login Name (String), Ou Path (String), User Password (String)
Outputs: None
Delete UserThe Delete User step removes a user from the AD server. The synced AD account will not be removed from Decisions.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String)
Outputs: None
List Org Unit in Active DirectoryThe List Org Unit in Active Directory step lists out the organization units available in an AD environment.Inputs: Pwd (String), Server Ip (String), User Name (String)
Outputs: None
Remove GroupThe Remove Group step removes a group from the AD environment.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Name (String). Ou Path (String)
Outputs: None
Remove User From GroupThe Remove User From Group step removes a group from a specific user in the AD environment.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Group Name (String). Login Name (String)
Outputs: None
Unlock UserThe Unlock User step unlocks a user account in the AD environment.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Login Name (String)
Outputs: None
Update UserThe Update User step updates a user account in the AD environment.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Department (String), Email (String), First Name (String), Last Name (String), Login Name (String)
Outputs: None
User ExistsThe User Exists step checks to see if an inputted login name exists in the AD environment.Inputs: System User Name (String), System Password (String). LDAP Server Address (String), Group Name (String). Login Name (String)
Outputs: None
Microsoft Entra ID (formerly known as Azure Active Directory)Add User To GroupThe Add User to Group step allows users to be added to an Azure Active Directory environment.Inputs: Group ID (String), User ID (String)
Outputs: None
Disable UserThe Disable User step allows users to be disabled in an AAD environment.Inputs: User ID (String)
Outputs: None
Enable UserThe Enable User step enables the inputted account in an AAD environment.Inputs: User ID (String)
Outputs: None
Remove User From GroupThe Remove User From Group step provides a method to remove a user from a specified group in an AAD environment.Inputs: Group ID (String), User ID (String)
Outputs: None
User ExistsThe User Exists step checks to see if an inputted login name exists in the AAD environment.Inputs: User ID (String)
Outputs: None



Active Directory Internal Services Methods

While not added to the Active Directory module's installation, the following commonly used pre-built methods streamline or otherwise assist with Active Directory configurations. These are part of Call Internal Decisions Service Step, found under Integration > Internal Services. Pick Service Name ActiveDirectoryServices for a full list of methods.

Method NameDescriptionInputs/Outputs
GetActiveDirectorySettingsThe GetActiveDirectorySettings method automatically gathers the current configuration of the installed Active Directory module's settings and then outputs them. This output may be mapped to Active Directory steps needing connection string Inputs to save time over manually entering them.Inputs: None
Outputs: Output (ActiveDirectorySettings)
TestLoginThe TestLogin method creates a test login user account for the Active Directory server, which is often used to test connections. It then outputs the results of the login test.Inputs: Domain and User Name (String), Password (String)
Outputs: Output (ActiveDirectoryLoginTestResult)

Feature Changes

DescriptionVersionRelease DateDeveloper Task
Wildcard (*) searches will now work properly.9.3
September 2024[DT-041927]
For further information on Modules, visit the Decisions Forum.

Was this article helpful?