The AD task is used to connect to the Active Directory of the company's network and perform AD operations securely there.
The following AD States are available in AD Task:
Add AD User
Add AD Group
Add User to Group
Add AD Computer
Enable AD User
Disable AD User
Reset AD Password
Unlock AD User
Prerequisite
An active Bridge agent. Refer here to install and configure Bridge.
Create the necessary Credentials for the applications to be connected by Active Directory.
For more details about the Active Directory module in Bridge, the keys, and its description, click here.
For all the AD states, follow the below common procedure to configure them in Builder View.
In Builder View, drag and drop the required AD state from the left pane into your Circuit or click the required state in your Circuit.
Under Configuration, update the common state field attributes.
The Bridge ID field should capture the details of the bridge to be used for this task. Select the bridge to be configured from the drop-down list.
Under the Add Configuration section, fill in the following fields:
Credential ID - Select the credential from the dropdown list. The Credential ID of all the credentials created for the AD module type will be displayed in the list.
AD Host - Enter the hostname of the machine in which the Active Directory is located. Enter the hostname as localhost, if the Active Directory is located on the same Bridge-installed machine.
AD DN - Distinguished name of the AD.
Under the Properties section, click Add, and enter user attributes that have to be added to the AD. To remove a user attribute added to the Properties, hover over the line below the properties fields and click Remove.
In the Input/Output section, enter the required paths. Learn more about I/O paths.
This state is used to add a new user to the Active Directory of the client's network.
In Builder View, under the Add Configuration section, in Organization Unit, enter the name of the Organization Unit in which the user needs to be added. In Object Name, enter the name of the user to be added to the AD.The equivalent JSON in Code View to add users to the Active Directory is given below:
"Add User in AD": {"type": "add_ad_user","next": "Update Onboarding Ticket Status","bridge_id": "bridge-employee onboarding","payload": {"credential_id": "ad_credentials_3","ad_host": "localhost","ad_dn": "DC=com,DC=qntrl","organization_unit": "Finance","object_name": "john.mathew","properties": {"givenName": "John Mathew",}}}
By configuring this state in Circuit, you can add a group to the Active Directory of the client's network.
In Builder View, under the Add Configuration section, in Organization Unit, enter the name of the Organization Unit in which the group has to be added. In Object Name, enter the name of the group to be added to the organization.
The JSON to add a group to an Active Directory in Code View is given below:Add a Group in AD": {"type": "add_ad_group","next": "End","start": true,"bridge_id": "<bridge_name>","payload": {"credential_id": "<credential_name>","ad_host": "host_name>","ad_dn": "<DN of the AD machine>","organization_unit": "<name of organization unit>","object_name": "<name of organization>","properties": {"ObjectClass": "computer","givenName": "Windows11"}}}
With this state, a user can be added to an existing group of the Active Directory in the client's network or machine.
In Builder View, under the Add Configuration section, enter the User Name, the name of the user to be added to the group, and Group Name, the group name to which the user has to be added.
The JSON to add a user to a group in an Active Directory in Code View is given below:
"Add an User to AD Group": {"type": "add_ad_user_to_ad_group","next": "End","start": true,"bridge_id": "<bridge_name>","payload": {"credential_id": "<credential_name>","ad_host": "<host_name>","ad_dn": "<DN of AD machine>","user_name": "<user_name>","group_name": "<AD group_name>"}}
This state is used to add a computer device to the Active Directory of a private network.
In Builder View, under the Properties section, click Add, and enter the computer attributes that have to be added to the AD. To remove a computer attribute added to the properties, hover over the line below the properties fields and click Remove.
The JSON equivalent in Code View to add an AD computer is given below:
"Add a Computer in AD": {"type": "add_ad_computer","next": "End","start": true,"bridge_id": "<bridge_name>","payload": {"credential_id": "<credential_name>","ad_host": "<host IP of AD machine>","ad_dn": "<DN of AD machine>","organization_unit": "<name of organization unit>","object_name": "<name of object>","properties": {"ObjectClass": "computer","givenName": "Windows11"}}}
If an already existing user in Active Directory is disabled for any reason, you can enable the user with this state.
In Builder View, enter the name of the user in the User Name field, who needs to be enabled.
The JSON equivalent in Code View to enable a user in AD is given below:"Enable an User in AD": {"type": "enable_ad_user","next": "End","start": true,"bridge_id": "<bridge_name>","payload": {"credential_id": "<credential_name>","ad_host": "<host IP of AD machine>","ad_dn": "<DN of AD machine>","user_name": "<user_name>"}}
This state is used to disable an existing user in the AD.
In Builder View, enter the name of the user who needs to be disabled in the User Name field.
The JSON equivalent in Code View to disable a user in AD is given below:"Disable an User in AD": {"type": "disable_ad_user","next": "End","start": true,"bridge_id": "<bridge_name>","payload": {"credential_id": "<credential_name>","ad_host": "<host IP of AD machine>","ad_dn": "<DN of AD machine>","user_name": "<user_name>"}}
This state helps you reset the password if needed.
In Builder View, under the Add Configuration section, fill in the following details:
User Name - Name of the user, whose password needs to be reset.
Password - Current password of the user.
Unlock account - If the user account is locked, whether to unlock it while resetting the password.
The JSON equivalent in Code View to add an AD computer is given below:
"Reset User Password": {"type": "reset_ad_password","next": "End","start": true,"bridge_id": "bridge-1368_1","payload": {"credential_id": "ad_credentials_3","ad_host": "localhost","unlock_account": true,"force_password_change": false,"ad_dn": "DC=com,DC=qntrl","password": "123***","user_name": "John"}}
If a user has been locked due to multiple incorrect password entries, this state allows them to be unlocked.
In Builder View, the state can be configured by giving the name of the user, who needs to be unlocked, in the User Name field.
The JSON equivalent in Code View to unlock AD user is given below:"Unlock an User in AD": {"type": "unlock_ad_user","next": "End","start": true,"bridge_id": "<bridge_name>","payload": {"credential_id": "<credential_name>","ad_host": "<host IP of AD machine>","ad_dn": "<DN of AD machine>","user_name": "<user_name>"}}
You are currently viewing the help articles of Qntrl 3.0. If you are still using our older version and require guidance with it, Click here.