Active Directory Group Management
Managing Active Directory
Get visibility of Active Directory information within Hornbill. Save time by centralizing and automating changes to Active Directory groups, users, and computers.
Package Details
- Vendor: Microsoft
- Target Platform: Windows Universal
- Package Type: Windows Account Management
Why use this
Automate Active Directory updates
If manual AD updates are holding up your processes, use this integration plug-in to automate updates for improved efficiency. AD updates can be triggered by your Business Process workflows, saving you time and reducing IT team workloads.
Example: Automatically add a new user to AD as part of your Newstart Onboarding process. It also empowers your Service Desk agents to make changes without leaving Hornbill—reducing call times. No need to log in to AD or send a task to another team. Agents can add/remove groups, users, and computers in just a few clicks.
Benefits
- Reduce service desk call times
- Reduce IT ops workloads
- Accelerate service delivery
- Eliminate human error
How to get it
- You can try out ITOM for free (not for production use, limited runs) by installing the ITOM application from the Hornbill App Store.
- If you would like to explore ITOM and consider subscribing, please contact your Hornbill account manager.
Requirements
- Install the Hornbill Site Integration Server inside your firewall (if you don’t already have it)
- To manage an AD domain, Active Directory Web Services must be present.
- PowerShell v4.x or v5.x
- Active Directory PowerShell module installed on the machine that will be execute the scripts (the correct Remote Server Administration Tools (RSAT) package for your OS)
- If the script execution policy on the machine executing these operations is set to
Restricted, then this will need to be updated toRemoteSigned. See the Microsoft website for more information.
Authentication
When creating jobs for operations contained within this package, they need to be run on the target machine as a user who has the correct privileges within your environment. To create and securely store keys:
- In the Configuration area of your Hornbill instance, navigate to Platform Configuration > Security > KeySafe;
- Click on the + Create New Key button, then select Username + Password;
- Give the KeySafe Key a Title (this is the name/identifier for the Active Directory account as you will see it when creating an IT Automation Job, or adding an IT Automation node to a Workflow);
- Optionally add a Description;
- Populate the Username field with the domain username for the account being used, for example:
DOMAINNAME\yourusername; - Populate the Password field with the password for the above account;
- Select Create Key to save.
Once you have created your KeySafe Key, you can then use it to populate the Credentials > Admin or Run As inputs when creating IT Automation Jobs from this package.
Package Automations
| Operation | Description |
|---|---|
| Add Computer | This operation can be used to add a Computer object to an Active Directory Group. |
| Add Group | This operation can be used to add a Group object to an Active Directory Group. |
| Add User | This operation can be used to add a User object to an Active Directory Group. |
| Create | This operation can be used to create a new Active Directory Group. |
| Delete | This operation can be used to delete an Active Directory Group. |
| Get | This operation can be used to retrieve details about an Active Directory Group. |
| Remove Computer | This operation can be used to remove a Computer object from an Active Directory |
| Remove Group | This operation can be used to remove a Group object from an Active Directory |
| Remove User | This operation can be used to remove a User object from an Active Directory |