@@ Line 1: / Line 1: @@
-{{bluebanner|[[Main_Page|Home]] > [[Administration]] > [[IT_Operations_Management|IT Operations Management]] > [[ITOM_Packages|ITOM Packages]] > Active Directory User Management|[[:Category:ITOM|Index]]}}
+This document can now be found at its new location in the [https://docs.hornbill.com/itom-packages/welcome Hornbill Document Library].
-[[File:activedirectory_logo.png|activedirectory_logo.png|300px]]
-{{IntroAndLinks|The Active Directory User Management package for Hornbill's IT Operations Management (ITOM) contains a number of administrative operations that can be carried out on User objects within your behind-the-firewall Active Directory domains.
-|
-<!-- Related Links go here -->
-:* [[IT_Operations_Management|IT Operations Management]]
-:* [[Business_Process_Designer|Business Process Designer]]
-:* [[Hornbill_KeySafe|KeySafe]]
-}}
-==Package Requirements==
+    [[file:hornbill-document-library.png|ITOM Package Reference|link=https://docs.hornbill.com/itom-packages/welcome]]
+[[Category:HDOC]]
-===Domain Requirements===
-The Active Directory domain that you wish to manage requires an Active Directory Web Services to be present. See the [https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd391908(v=ws.10) ADWS Documentation] for more information.
-===Script Execution Machine Requirements===
-* The Active Directory PowerShell module needs to installed on the machine that will be executing the scripts (the correct Remote Server Administration Tools (RSAT) package for your OS);
-* If the script execution policy on the machine executing these operations is set to Restricted, then this will need to be updated to something less restrictive. See the [https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-executionpolicy?view=powershell-6 PowerShell Documentation] for more information.
-==KeySafe Configuration==
-[[File:ad_keysafe.png|300px|right]]
-When creating SIS jobs for operations contained within this package, they need to be run on the target machine as a user who has the correct privileges within your environment.
-To create and securely store one or more Keys for these operations, in the admin console:
-* Navigate to: System > Security > KeySafe;
-* Click on + then select <code>Username + Password</code>;
-* Give the KeySafe Key a Title (this is the name/identifier for the AD account as you will see it when creating an IT Automation Job, or adding an IT Automation node to a Business Process or Runbook)
-* Optionally add a description
-* Populate the Username field with the domain username for the account being used (<code>DOMAINNAME\yourusername</code> for example)
-* Populate the Password field with the password for the above account
-* Select Create Key to save
-==Package Operations==
-The Active Directory User Management package contains the following operations, than can be used to create ITOM Jobs directly, or included in your [[Business_Process_Designer|Business Processes]] and/or IT Operations Management Rubooks.
-===Create===
-This operation will create a new User in Active Directory.
-====Input Parameters====
-* <code>GivenName</code> '''(MANDATORY)'''- The Given Name of the new User.
-* <code>Surname</code> '''(MANDATORY)''' - The Surname of the new User.
-* <code>Name</code> '''(MANDATORY)''' - The Name of the new User. Must be unique within your Active Directory.
-* <code>SamAccountName</code> '''(MANDATORY)''' - The sAMAccountName of the new User. Must be unique within your Active Directory.
-* <code>Path</code> '''(MANDATORY)''' - The distinguished name of the OU/Container where you wish to create the User.
-* <code>AccountPassword</code> '''(MANDATORY)''' - The Password for the new User.
-* <code>DisplayName</code> '''(MANDATORY)''' - The Display Name for the new User.
-* <code>Initials</code> - The Initials of the new User.
-* <code>AccountEnabled</code> - Should the account be enabled. Defaults to false.
-* <code>PasswordNeverExpires</code> - Should the password be set to never expire. Defaults to false.
-* <code>City</code> - The users City.
-* <code>Company</code> - The users Company.
-* <code>CountryCode</code> - The users Country Code.
-* <code>Department</code> - The users Department.
-* <code>Description</code> - The users Description.
-* <code>EmailAddress</code> - The users Email Address.
-* <code>EmployeeID</code> - The users Employee ID.
-* <code>HomeDirectory</code> - The users Home Directory.
-* <code>HomeDrive</code> - The users Home Drive.
-* <code>Manager</code> - The users Managers Identity (distinguished, objectGUID, objectSid or sAMAccountName).
-* <code>MiddleName</code> - The users Middle Name.
-* <code>OfficeName</code> - The users Office Name.
-* <code>Phone</code> - The users Phone Number.
-* <code>PostalCode</code> - The users Postal Code.
-* <code>ProfilePath</code> - The users Profile Path.
-* <code>ProxyAddresses</code> - The Proxy Addresses to set against the user. Seperated by semi-colon characters.
-* <code>ScriptPath</code> - The users logon script path.
-* <code>State</code> - The users State.
-* <code>StreetAddress</code> - The users Street Address.
-* <code>Title</code> - The users Title
-====Output Parameters====
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK, WARN or FAIL.
-* <code>distingiuishedName</code> - The Distinguished Name of the new User.
-* <code>objectGUID</code> - the Object GUID of the new User.
-* <code>sid</code> - the SID of the new User.
-===Disable===
-This operation will disable an Active Directory User account.
-====Input Parameters====
-* <code>UserIdentity</code> '''(MANDATORY)''' - Provide the Identity of the User (distinguished, objectGUID, objectSid or sAMAccountName)
-Output Parameters
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK or FAIL.
-===Enable===
-This operation will enable a disabled Active Directory User account.
-====Input Parameters====
-* <code>UserIdentity</code> '''(MANDATORY)''' - Provide the Identity of the User (distinguished, objectGUID, objectSid or sAMAccountName)
-====Output Parameters====
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK or FAIL.
-===Move OU===
-This operation will move an Active Directory User account into a different OU.
-====Input Parameters====
-* <code>UserIdentity</code> '''(MANDATORY)''' - Provide the Identity of the User (distinguished, objectGUID, objectSid or sAMAccountName)
-* <code>Path</code> '''(MANDATORY)''' - The distinguished name of the OU where the user should be moved to.
-====Output Parameters====
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK or FAIL.
-===Delete===
-This operation will delete an Active Directory User account.
-====Input Parameters====
-* <code>UserIdentity</code> '''(MANDATORY)''' - Provide the Identity of the User (distinguished, objectGUID, objectSid or sAMAccountName)
-====Output Parameters====
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK or FAIL.
-===Reset Password===
-This operation will reset the password of an Active Directory User account.
-====Input Parameters====
-* <code>UserIdentity</code> '''(MANDATORY)''' - Provide the Identity of the User (distinguished, objectGUID, objectSid or sAMAccountName)
-* <code>Password</code> '''(MANDATORY)''' - The new password.
-====Output Parameters====
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK or FAIL.
-===Unlock===
-This operation will unlock an Active Directory User account.
-====Input Parameters====
-* <code>UserIdentity</code> '''(MANDATORY)''' - Provide the Identity of the User (distinguished, objectGUID, objectSid or sAMAccountName)
-====Output Parameters====
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK or FAIL.
-===Update===
-This operation will update a user details in Active Directory.
-====Input Parameters====
-* <code>UserIdentity</code> '''(MANDATORY)''' - Provide the Identity of the User (distinguished, objectGUID, objectSid or sAMAccountName)
-* <code>GivenName</code> - The Given Name of the User.
-* <code>Initials</code> - The Initials of the User.
-* <code>Surname</code> '''(MANDATORY)''' - The Surname of the User.
-* <code>DisplayName</code> '''(MANDATORY)''' - The Display Name of the User.
-* <code>City</code> - The users City.
-* <code>Company<code> - The users Company.
-* <code>CountryCode</code> - The users Country Code.
-* <code>Department</code> - The users Department.
-* <code>Description</code> - The users Description.
-* <code>EmailAddress</code> - The users Email Address.
-* <code>EmployeeID</code> - The users Employee ID.
-* <code>Manager</code> - The users Managers Identity (distinguished, objectGUID, objectSid or sAMAccountName).
-* <code>MiddleName</code> - The users Middle Name.
-* <code>OfficeName</code> - The users Office Name.
-* <code>Phone</code> - The users Phone Number.
-* <code>PostalCode</code> - The users Postal Code.
-* <code>ProfilePath</code> - The users Profile Path.
-* <code>ScriptPath</code> - The users logon script path.
-* <code>State</code> - The users State.
-* <code>StreetAddress</code> - The users Street Address.
-* <code>Title</code> - The users Title
-====Output Parameters====
-* <code>Errors</code> - Any errors returned by the operation.
-* <code>Outcome</code> - Outcome of the operation. Can be OK or FAIL.
-[[Category:ITOM]]

Difference between revisions of "Active Directory User Management"

Latest revision as of 18:31, 11 April 2024

Navigation menu

Search