This action manages user and groups in Active Directory. You can use this action to manage Azure AD, SAM, AD DS and AD LDS/ADAM.

On premises, by default, the action is executed under the permissions of the currently logged in user and assumes Kerberos authentication and trust delegation between the front-end server and the directory server (domain controller in case of AD DS or any server running SAM/AD LDS/ADAM) will be required. You can also enable impersonation on the action to authenticate using the application pool account.

NOTE: all field values can use column value or expression to generate dynamic values at run-time.

Manage active directory

  1. Action type– type of action to perform
    1. Create user – creates a new user
    2. Update user - updates existing user
    3. Enable user – enables specified user
    4. Disable user – disables specified user
    5. Unlock user – unlocks locked specified user
    6. Reset password – changes specified user’s password
    7. Add to group – adds specified user to specified AD security group or distribution list
    8. Remove from group – removes specified user from specified AD security group or distribution list
    9. Create group – create AD security group or distribution list
    10. Delete group – deletes specified AD security group or distribution list
  2.  Directory type– type of directory (does not apply to Office 365 app):
    1. SAM – local machine users
    2. Domain (AD DS) – Active Directory Domain Services
    3. Application Directory (AD LDS) – Active Directory Lightweight Directory Services
  3. Directory name – distinguished name of domain or machine. If not provided, the domain of the currently user identity is used.
  4. Organizational Unit – path to the target OU. If not provided, the default Users container is used. Does not apply to Office 365 app.
  5. User name – user name for new or existing user to manage
  6. Password – password for user creation or password reset
  7. First name – given name for user creation
  8. Last name – surname for user creation
  9. Values to set – set values to additional properties when creating a user
  10. Group name – group name for group creation or management
  11. Group description – group description for group creation, optional
  12. Group scope – scope of group, possible values include Local, Global or Universal. Global by default.
  13. Is security group? – create security group or distribution list. Possible values include True and False (or any expression/column value returning Boolean data type). True by default. Does not apply to Office 365 app.

NOTE: In Office 365 app you can only manage the current Azure AD domain. You must be a Global Administrator and give consent to the app to manage Active Directory on your behalf. You provide consent in the pop-up message that will appear when you attempt to save the action.

 

Last modified: 3/29/2021 1:43 PM
Loading...

Add your comment

Comments are not meant for support. If you experiencing an issue, please open a support request.
Microsoft partner logo
© 2005-2024 Infowise Solutions Ltd. All rights reserved.
Privacy | Cookie Policy | Accessibility | Cloud SLA