Documentation

{{docApp.title}}

{{docApp.description}}

How can we help?

{{docApp.searchError}}

{{docApp.searchResultFilteredItems.length}} results for: {{docApp.currentResultsSearchText}} in {{docApp.searchFilterBySpecificBookTitle}}

You have an odd number of " characters in your search terms - each one needs closing with a matching " character!

{{docApp.libraryHomeViewProduct.title || docApp.libraryHomeViewProduct.id}}

{{docApp.libraryHomeViewProduct.description}}

  1. {{book.title}}

{{group.title || group.id}}

{{group.description}}

  1. {{book.title}}

{{group.title}}

Active Directory User Management

Managing Active Directory

Simplify user management with direct/automated control over user information in Active Directory - including password reset automation.

Package Details

  • Vendor: Microsoft
  • Target Platform: Windows Universal
  • Package Type: Windows Account Management

Why use this

Automate AD User Management

See and control Active Directory user information and take actions without leaving Hornbill. AD user actions can be included within business process workflows to reduce team workloads. Example: A user can request a password reset through the digital portal, triggering an automated process to unlock their account and reset their password. Fewer calls to the service desk. Fewer tasks in your IT team queues. More time to focus on important projects. Customers get what they need, instantly.

Benefits

  • Reduce service desk call times
  • Reduce IT ops workloads
  • Accelerate service delivery
  • Elminate human error

How to get it

  • You can try out ITOM for free (not for production use, limited runs) by installing the ITOM application from the Hornbill App Store.
  • If you would like to explore ITOM and consider subscribing, please contact your account manager here.

Requirements

  • Install the Hornbill Site Integration Server inside your firewall (if you don’t already have it)
  • To manage an AD domain, Active Directory Web Services must be present: More info
  • PowerShell v4.x or v5.x
  • Active Directory PowerShell module installed on the machine that will be execute the scripts (the correct Remote Server Administration Tools (RSAT) package for your OS)
  • If the script execution policy on the machine executing these operations is set to Restricted, then this will need to be updated to RemoteSigned. See the Microsoft website for more information.

Authentication

When creating jobs for operations contained within this package, they need to be run on the target machine as a user who has the correct privileges within your environment. To create and securely store keys:

  • In the Configuration area of your Hornbill instance, navigate to Platform Configuration > Security > KeySafe;
  • Click on the + Create New Key button, then select Username + Password;
  • Give the KeySafe Key a Title (this is the name/identifier for the Active Directory account as you will see it when creating an IT Automation Job, or adding an IT Automation node to a Workflow);
  • Optionally add a Description;
  • Populate the Username field with the domain username for the account being used, for example: DOMAINNAME\yourusername;
  • Populate the Password field with the password for the above account;
  • Select Create Key to save.

Once you have created your KeySafe Key, you can then use it to populate the Credentials > Admin or Run As inputs when creating IT Automation Jobs from this package.

Package Automations

OperationDescription
Azure AD Connect Sync Forces AzureAD Connect to synchronize any changes from the local AD to Azure
Create This operation will create a new User in Active Directory.
Delete Deletes an Active Directory User account.
Disable Disables an Active Directory User account.
Enable Enables a disabled Active Directory User account.
Get Retrieves the details about an Active Directory User account.
Get Unique SamAccountName And/or Email Retrieves a unique user ID and/or email address for Active Directory. If the
Move OU Moves an Active Directory User account to a different OU.
Remove All Groups Remove all associated groups from a user.
Reset Password Resets the password of an Active Directory User account.
Unlock Unlocks a locked Active Directory User account.
Update This operation will update a User object in Active Directory.

See also

In This Document