How can we help?
{{docApp.searchResultFilteredItems.length}} results for: {{docApp.currentResultsSearchText}} in {{docApp.searchFilterBySpecificBookTitle}}
You have an odd number of " characters in your search terms - each one needs closing with a matching " character!-
{{resultItem.title}}
{{resultItem.url}}
{{docApp.libraryHomeViewProduct.title || docApp.libraryHomeViewProduct.id}}
{{docApp.libraryHomeViewProduct.description}}
{{group.title || group.id}}
{{group.description}}
Managing Active Directory
Simplify user management with direct/automated control over user information in Active Directory - including password reset automation.
Package Details
- Vendor: Microsoft
- Target Platform: Windows Universal
- Package Type: Windows Account Management
Why use this
Automate AD User Management
See and control Active Directory user information and take actions without leaving Hornbill. AD user actions can be included within business process workflows to reduce team workloads. Example: A user can request a password reset through the digital portal, triggering an automated process to unlock their account and reset their password. Fewer calls to the service desk. Fewer tasks in your IT team queues. More time to focus on important projects. Customers get what they need, instantly.
Benefits
- Reduce service desk call times
- Reduce IT ops workloads
- Accelerate service delivery
- Elminate human error
How to get it
- You can try out ITOM for free (not for production use, limited runs) by installing the ITOM application from the Hornbill App Store.
- If you would like to explore ITOM and consider subscribing, please contact your account manager here.
Requirements
- Install the Hornbill Site Integration Server inside your firewall (if you don’t already have it)
- To manage an AD domain, Active Directory Web Services must be present: More info
- PowerShell v4.x or v5.x
- Active Directory PowerShell module installed on the machine that will be execute the scripts (the correct Remote Server Administration Tools (RSAT) package for your OS)
- If the script execution policy on the machine executing these operations is set to
Restricted
, then this will need to be updated toRemoteSigned
. See the Microsoft website for more information.
Authentication
When creating jobs for operations contained within this package, they need to be run on the target machine as a user who has the correct privileges within your environment. To create and securely store keys:
- In the Configuration area of your Hornbill instance, navigate to Platform Configuration > Security > KeySafe;
- Click on the + Create New Key button, then select Username + Password;
- Give the KeySafe Key a Title (this is the name/identifier for the Active Directory account as you will see it when creating an IT Automation Job, or adding an IT Automation node to a Workflow);
- Optionally add a Description;
- Populate the Username field with the domain username for the account being used, for
example:
DOMAINNAME\yourusername
; - Populate the Password field with the password for the above account;
- Select Create Key to save.
Once you have created your KeySafe Key, you can then use it to populate the Credentials > Admin or Run As inputs when creating IT Automation Jobs from this package.
Package Automations
Operation | Description |
---|---|
Azure AD Connect Sync | Forces AzureAD Connect to synchronize any changes from the local AD to Azure |
Create | This operation will create a new User in Active Directory. |
Delete | Deletes an Active Directory User account. |
Disable | Disables an Active Directory User account. |
Enable | Enables a disabled Active Directory User account. |
Get | Retrieves the details about an Active Directory User account. |
Get Unique SamAccountName And/or Email | Retrieves a unique user ID and/or email address for Active Directory. If the |
Move OU | Moves an Active Directory User account to a different OU. |
Remove All Groups | Remove all associated groups from a user. |
Reset Password | Resets the password of an Active Directory User account. |
Unlock | Unlocks a locked Active Directory User account. |
Update | This operation will update a User object in Active Directory. |
See also
- Version {{docApp.book.version}}
- Node {{docApp.node}} / {{docApp.build}}