Activities
- Connect to Active Directory13669534395
- Disconnect from Active Directory
- Add Computer to Group
- Add Domain User to Local Group
- Add Group to Group
- Add User to Group
- Change User Password
- Change User Password (non-encrypted)
- ClearADAttributeValue
- Computer Exists
- Create Computer
- Create Group
- Create User
- Create User With Password String
- Delete Entry
- Edit Account Expires
- Edit Computer Account Status
- Edit Entry
- Edit User Account Status
- Get Account Expires
- Get Entries by Filter
- Get Entry
- Get Entry Attributes
- Get Password Expiration Date
- Get User Account Status
- Get User Groups
- Get Users in Group
- Get Entry SID
- Group Exists
- Is Member
- Join Computer to Domain
- Move Entry
- Remove Computer from Group
- Remove Group from Group
- Remove User from Group
- User Exists
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- Active Directory#Add User to Group Extended
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- Get Entry SID
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
- 13669534395
Connect to Active Directory
...
- use a Get Entry activity to extract the Group entry (the group where the user will be added):
- use another Get Entry activity to extract the User entry path (the user which will be added into the group)
- bind the obtained paths (stored in variables) to the Group and Group To Be Added fields from the Add Group To Group activity:
Add User to Group Extended
This activity adds specified user to specified group.
Activity Parameters
The Add User to Group Extended activity parameters can be provided by manual inserted values or via IN arguments or variables:
Parameters:
- Close AD Connection (text box editor type) (type: object): Close AD connection after success or failure.
- Connection (text box editor type) (type: object): the Active Directory Connection. The output parameter from Connect To Active Directory activity should be used as Input here.
- Group (text box editor type) (type: string): the entry path of the group where the user will be added, or bind this parameter with the output parameter of a Get Entry activity. If the Group Entry Path will be manually inserted, the accepted format should be written like in the following example: "LDAP://servername.dc1.com/CN=TestingGroup,OU=Groups,OU=__DEV-Testing,DC=dc1,DC=com"
- RetryCount (text box editor type) (type: object): Enter the amount of retries the activity does every {RetryDelay} in seconds, when the activity fails.
- RetryDelay (text box editor type) (type: object): The delay in seconds between each retry.
- User (text box editor type) (type: string): the entry path of the user that will be added to the group, or bind this parameter with the output parameter of a Get Entry activity. If the User Entry Path will be manually inserted, the accepted format should be written like in the following example: "LDAP://servername.dc1.com/CN=TestingUser,OU=Users,OU=__DEV-Testing,DC=dc1,DC=com"
The Read Only Output variable are the possible output values that the activity will provide:
- Error Code (type: string): The error code from the error that occured (if any).
- Error Message (type: string): The error message from the error that occured (if any).
- HRESULT Code (type: string): The HRESULT from the error that occured (if any)
- Output success status (type: boolean): Outputs whether the acrivity succeeded or not.
- Source (type: object): The source from the error that occured (if any).
Change User Password
This activity changes the password of a user account.
Activity Parameters
The Change User Password activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity changes the password of a user account with non-encrypted Password String.
Activity Parameters
The Change User Password (non-encrypted) activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
NOTE: An attribute to be cleared means to insert null value but strings with 0 length or attributes with null value are not valid attribute in AD, this means that when you set a value to "" , the property/attribute gets deleted.
Activity Parameters
The ClearADAttributeValue activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
- ClearAttribute (text box editor type) (type: string): the attribute that will be cleared/removed.
- Entry (text box editor type) (type: string): the entry path of the Active Directory entry, or bind this parameter with the output parameter of a Get Entry activity. If the Entry Path will be manually inserted, the accepted format should be written like in the following example: "LDAP://servername.dc1.com/CN=DemoUser,OU=DemoOU,DC=dc1,DC=com"
Using Get Entry activities: get Entry activities can be used in order to extract the needed entry paths from Active Directory. The steps below are describing a scenario of how to use both Get Entry and ClearADAttributeValue activity:
...
This activity checks in the Active Directory if specified computer has an entry in 'Computer' class.
Activity Parameters
The Computer Exists activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity creates a new entry of class 'Computer' in Active Directory.
Activity Parameters
The Create Computer activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
- Entry Path (type: string): outputs the path of the new created computer.
Create Group
This activity creates a new entry of class 'Group' in Active Directory.
Activity Parameters
The Create Group activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will output the result of the group creation, displaying the newly created group's Path.
Create User
This activity creates a new entry of class 'User' in Active Directory.
Activity Parameters
The Create User activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will output the result of the group creation, displaying the newly created user's Path.
Create User With Password String
This activity creates a new entry of class 'User' in Active Directory.
Activity Parameters
The Create User With Password String activity parameters can be provided by manual inserted values or via IN arguments or variables:
Parameters:
- Attributes (text box editor type) (type: string): enter user specific Attributes for the new created user. Here can be inserted attributes that would not be created by default with the activity (optional attributes in AD). For example, it can be inserted the displayName attribute. In the Collection editor window, when adding a new member, at Name insert the attribute's name (e.g. displayName) and at Value insert the value that the attribute should take:
- CN String (text box editor type) (type: string): the CN String value of the place where the user will be created. For Example: 'CN=TEST'. This value will be associated with the CN attribute.
- CSV Attributes (text box editor type) (type: string): overrides the 'Attributes' parameter. The values must be entered with the format: "Attribute1Name,Attribute1Value;Attribute2Name,Attribute2Value". This field can be used in order to provide all the desired attributes and their values on a single field. The example presented in the screenshot can be translated as "displayName,TestingUser;mail,TstUser@flowster.de;company,Flowster Solutions".
- Parent Entry (text box editor type) (type: string): the parent entry for the new created user. The parent entry can be linked to a variable outputed by the GetEntry activity (for GetEntry binding usage, see the Add Computer To Group activity) or written by hand. The accepted format should be written as in the given example: "LDAP://servername.dc1.com/OU=Users,OU=__DEV-Testing,DC=dc1,DC=com"
- Password String (text box editor type) (type: string): the string value for the password. When editing this parameter, the value of the password will appear as plain text.
- sAMAccountName (text box editor type) (type: string): the sAMAccountName for the new user.
The Read Only Output variable are the possible output values that the activity will provide:
- Entry Path (type: string): outputs the path of the new created user.
Execution: the activity will output the result of the group creation, displaying the newly created group's Path.
...
This activity deletes specified entry from Active Directory.
Activity Parameters
The Delete Entry activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity sets the value of the "accountExpires" property for an Active Directory account.
Activity Parameters
The Edit Account Expires activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
- use another Get Entry activity to extract the User entry path:
- bind the obtained path (stored in a variable) to the User field from the Edit Account Status activity:
Edit Computer Account Status
This activity allows Enable/Disable for an Active Directory computer account.
Activity Parameters
The Edit Computer Account Status activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will search for the given computer entry and if it is a valid one, will perform the specified operation (disable or enable):
Edit Entry
This activity edits specified attribute(s) values of a specified input entry.
Activity Parameters
The Edit Entry activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
As mentioned above, the value(s) can be edited in 3 different ways:
- by using the Attribute parameter (single attribute):
- by using the Attributes collection of parameters (multiple attributes):
- by using the CSV Attributes parameter (multiple attributes and values, written as a single string):
Edit User Account Status
This activity allows Enable/Disable or Lock/Unlock for an Active Directory user account.
Activity Parameters
The Edit User Account Status activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will check the provided entry and if found, will perform the selected operation on it (enable, disable, lick, unlock):
Get Account Expires
This activity returns the value stored on the accountExpires attribute.
Activity Parameters
The Get Account Expires activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity retrieves a collection of Active Directory entries (paths) based on the input filters.
Activity Parameters
The Get Entries by Filter activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
The Get Element From Collection activity will take the Iterator1 as the Collection Input, extracting the String's value from it.
Get Entry
This activity gets specified entry from Active Directory.
Activity Parameters
The Get Entry activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity gets specified entry and retrieves a collection containing the attributes and their corresponding values.
Activity Parameters
The Get Entry Attributes activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity returns the password expiration date.
Activity Parameters
The Get Password Expiration Date activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
- Output Date (type: Nullable<DateTime>): outputs the expiration date for the specified period. If NULL is returned then the user password never expires.
- Output Days (type: int32): outputs the number of days until/since the expiration date. If it is negative it means that the password is already expired.
Get Entry SID
This activity returns the SID object and a string equivalent of an AD Entry.
Activity Parameters
The Get Entry SID activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will check the provided entry path and if found, will return the SID object in object and string formats:
Get User Account Status
This activity returns information about an entry, regarding the account status,password,account expiration date, email.
Activity Parameters
The Get User Account Status activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will retrieve all statuses for the given entry:
Get User Groups
This activity retrieves a collection containing the groups the user is a member of.
Activity Parameters
The Get User Groups activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity retrieves a collection containing the users of a specified group.
Activity Parameters
The Get Users in Group activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity checks in the Active Directory if specified group has an entry in 'Groups' class.
Activity Parameters
The Group Exists activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity validates if user, group or computer-account is member of a specified Active Directory group.
Activity Parameters
The Is Member activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will search if the given user (Entry Path parameter) is a member of the given group (Group Path parameter). If yes, it will return True, otherwise False:
Join Computer to Domain
This activity joins a computer to a specified domain.
Activity Parameters
The Join Computer to Domain activity parameters can be provided by manual inserted values or via IN arguments or variables:
Parameters:
- Account Create (combo box editor type): specifies if the activity will also create a Computer account into Active Directory for the given machine. If set to Yes, then the account will be created in the given Destination OU or in the default location (if Destination OU is empty). If set to No, the activity will only join the computer to the domain, without creating an account for it.
- Destination OU (text box editor type) (type: string): the Active Directory organizational unit (OU) where the new computer account will be created. If this parameter is specified and if the Account Create flag is set to Yes, then the new computer account will be created in this AD location. If the field is left empty and the Account Create flag is set to Yes, the new computer account will be created in the AD's default Computers location.
- Domain (text box editor type) (type: string): the domain where the given machine will be joined. For example, "dc1.com".
- Domain Join if Joined (combo box editor type) : specifies if the machine will rejoin the given domain, if it is already joined. If set to No, the machine will not rejoin the domain (only if it is already joined) and the activity message will be "The machine is already joined to the domain".
- Machine Name (text box editor type) (type: string): the name of the machine which will be joined to the given domain. If Account Create is set to Yes, then this will also be the name of the AD computer account.
- Password (password box editor type) (type: string): the password for the user which will try adding the machine to the domain.
- Password Binding (text box editor type) (type: string): bind to a variable containing the encrypted password for the connection. This parameter is used only when the user wants to send an encrypted password from outside the workflow, for example Flowster Studio Portal.
- User Domain (text box editor type) (type: string): the domain of the user which will try to add the machine to the domain. For example "dc1.com", which is also the domain where the user is a member of.
- Username (text box editor type) (type: string): the user which will try adding the machine to the domain. The user must have rights to perform this kind of operation.
The Read Only Output variable are the possible output values that the activity will provide:
- Output (type: String): outputs the status of the operation.
Execution: the activity will try to add the given machine to the given domain, for example:
Move Entry
This activity moves a specified entry to a new location in Active Directory.
Activity Parameters
The Move Entry activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will move the user into the new location. In the screenshot below, there can be seen the user in the new location, in Active Directory.
Remove Computer from Group
This activity removes specified computer from specified group.
Activity Parameters
The Remove Computer from Group activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity removes group from specified group.
Activity Parameters
The Remove Group from Group activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
Execution: the activity will search if the provided entry paths are valid and if yes, it will remove the indicated group from the other group. The output will display both the groups AD paths and their DN (distinguished names)
Remove User from Group
This activity removes specified user from specified group.
Activity Parameters
The Remove User from Group activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity gives new value(s) to an AD attribute that needs to be renamed (for example, the name attribute needs a different method for assigning a new value that edit).
Activity Parameters
The Rename Entry activity parameters can be provided by manual inserted values or via IN arguments or variables:
...
This activity checks in the Active Directory if specified user has an entry in 'User' Class..
Activity Parameters
The User Exists activity parameters can be provided by manual inserted values or via IN arguments or variables:
...