Versions Compared

Version Old Version 92 New Version 93
Changes made by

wiki

wiki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Activities

...

The Connect to Active Directory activity parameters can be provided by manual inserted values or via IN arguments or variables:


Image RemovedImage Added


Parameters:

  • AD Path (combo box control) (type: string): the Active Directory connection string, without "LDAP:\\\\" part. Here can be inserted, for example, the name of the Domain Controller server: "dc1.com"
  • AD Site (combo box control) (type: string): Enter the AD site. The activity will connect to the Domain Controller belonging to this site only.
  • Domain entry Path (text box editor type) (type: string): Enter Domain entry path "LDAP://domain.com". Only in conjuction with AD Site Filter parameter for cross domains. If left empty it will use the current domain entry path.
  • Logon Provider (combo box control) (type: string): choose from the drop down list the logon provider. Flowster Studio provides the following options:
    • Default: Use the standard logon provider for the system. The default security provider is negotiate, unless you pass NULL for the domain name and the user name is not in UPN format. In this case the default provider is NTLM.
    • WinNT50: Use the negotiate logon provider. This value is not support for Windows NT 4 or earlier.
    • WinNT40Use the NTLM logon provider
    • WinNT35Use the Windows NT 3.5 logon provider
  • Logon Type (combo box control) (type: string): choose from the drop down list the type of logon operation to perform.
    • Interactiveused for a logon at the console of a computer. An Interactive logon is logged when it is attempted to log on at a Windows computer’s local keyboard and screen
    • Networkoccurs when there are accessed remote file shares or printers. Also, most logons to Internet Information Services (IIS) are classified as network logons, other than IIS logons that use the basic authentication protocol (those are logged as logon type Network Clear Text)
    • Batchused for scheduled workflows. When the Windows Scheduler service starts a scheduled workflow, it first creates a new logon session for the workflow, so that it can run in the security context of the account that was specified when the workflow was created
    • Serviceused for services and service accounts that log on to start a service. When a service starts, Windows first creates a logon session for the user account that is specified in the service configuration
    • Unlockused whenever a Windows machine is unlocked
    • Network Clear Textused when log on over a network and the password is sent in clear text. This happens, for example, when basic authentication is used to authenticate to an IIS server
    • New Credentialsused when running an application using the RunAs command and specify the /netonly switch. When you start a program with RunAs using /netonly, the program starts in a new logon session that has the same local identity (this is the identity of the currently logged on user), but uses different credentials (the ones specified in the runas command) for other network connections. Without /netonly, Windows runs the program on the local computer and on the network as the user specified in the runas command, and logs the logon event with type Interactive
  • Password (password editor type) (type: string): the password for the provided username.
  • Password Binding (text box editor type) (type: string): bind to a variable containing the encrypted password for the connection. (This parameter is used only when the user wants to send an encripted password from outside the workflow, for example Flowster Portal).
  • Persistance Enable this parameter in order to serialize activities for persistance.
  • Port (combo box control) (type: string): Enter the AD port on which you want to connect. Usually 636 for ssl and 389 non ssl.
  • Root (combo box control) (type: string): the root type: 
    • LDAP: when the scope of a search is the domain or an organizational unit
    • GC: when the scope of a search is the forest
  • Secure Connection (combo box control) (type: string)this can be used as input when you need a secure connection. You can either choose from the drop down list if the connection should be secured or you can bind this parameter to a Variable/Global Variable or IN argument. 
  • Username (text box editor type) (type: string): the username to query and perform Active Directory operations. The accepted format is domain\username

...

  • ClearAttribute (text box editor type) (type: string): the attribute that will be cleared/removed.
  • Entry (text box editor type) (type: string): the entry path of the Active Directory entry, or bind this parameter with the output parameter of a Get Entry activity. If the Entry Path will be manually inserted, the accepted format should be written like in the following example: "LDAP://servername.dc1.com/CN=DemoUser,OU=DemoOU,DC=dc1,DC=com"



Using Get Entry activities: get Entry activities can be used in order to extract the needed entry paths from Active Directory. The steps below are describing a scenario of how to use both Get Entry and ClearADAttributeValue activity:

...