AD task state in Circuit | Qntrl | Circuit | Online Help

AD task

The AD task is used to connect to the Active Directory of the company's network and perform AD operations securely there.

The following AD States are available in AD Task:

  • Add AD User

  • Add AD Group

  • Add User to Group

  • Add AD Computer

  • Enable AD User

  • Disable AD User

  • Reset AD Password

  • Unlock AD User

 

Prerequisite

  • An active Bridge agent. Refer here to install and configure Bridge.

  • Create the necessary Credentials for the applications to be connected by Active Directory.

For more details about the Active Directory module in Bridge, the keys, and its description, click here.

 

Example Use Case: As part of the employee onboarding process, it is necessary to provision recruited employees within the organization. This provisioning includes tasks such as adding the employee to the organization's Active Directory and placing them into relevant teams. To streamline these tasks, the AD task can be utilized to handle employee provisioning within Active Directory.

For all the AD states, follow the below common procedure to configure them in Builder View.

Builder View

  1. In Builder View, drag and drop the required AD state from the left pane into your Circuit or click the required state in your Circuit.

  2. Under Configuration, update the common state field attributes. 

  3. The Bridge ID field should capture the details of the bridge to be used for this task. Select the bridge to be configured from the drop-down list.  

  4. Under the Add Configuration section, fill in the following fields:

    • Credential ID - Select the credential from the dropdown list. The Credential ID of all the credentials created for the AD module type will be displayed in the list.

    • AD Host - Enter the hostname of the machine in which the Active Directory is located. Enter the hostname as localhost, if the Active Directory is located on the same Bridge-installed machine.

    • AD DN - Distinguished name of the AD.

  5. Under the Properties section, click Add, and enter user attributes that have to be added to the AD. To remove a user attribute added to the Properties, hover over the line below the properties fields and click Remove.

  6. In the Input/Output section, enter the required paths. Learn more about I/O paths.

Add AD User

This state is used to add a new user to the Active Directory of the client's network.

In Builder View, under the Add Configuration section, in Organization Unit, enter the name of the Organization Unit in which the user needs to be added. In Object Name, enter the name of the user to be added to the AD.


 

The equivalent JSON in Code View to add users to the Active Directory is given below:

"Add User in AD": {
	"type": "add_ad_user",
	"next": "Update Onboarding Ticket Status",
	"bridge_id": "bridge-employee onboarding",
	"payload": {
		"credential_id": "ad_credentials_3",
		"ad_host": "localhost",
		"ad_dn": "DC=com,DC=qntrl",
		"organization_unit": "Finance",
		"object_name": "john.mathew",
		"properties": {
			"givenName": "John Mathew",
		}
	}
}

Add AD Group   

By configuring this state in Circuit, you can add a group to the Active Directory of the client's network.  

In Builder View, under the Add Configuration section, in Organization Unit, enter the name of the Organization Unit in which the group has to be added. In Object Name, enter the name of the group to be added to the organization. 

The JSON to add a group to an Active Directory in Code View is given below:

Add a Group in AD": {
	"type": "add_ad_group",
	"next": "End",
	"start": true,
	"bridge_id": "<bridge_name>",
	"payload": {
		"credential_id": "<credential_name>",
		"ad_host": "host_name>",
		"ad_dn": "<DN of the AD machine>",
		"organization_unit": "<name of organization unit>",
		"object_name": "<name of organization>",
		"properties": {
			"ObjectClass": "computer",
			"givenName": "Windows11"
		}
	}
}

Add User to Group  

With this state, a user can be added to an existing group of the Active Directory in the client's network or machine.

In Builder View, under the Add Configuration section, enter the User Name, the name of the user to be added to the group, and Group Name, the group name to which the user has to be added.  

The JSON to add a user to a group in an Active Directory in Code View is given below:

"Add an User to AD Group": {
	"type": "add_ad_user_to_ad_group",
	"next": "End",
	"start": true,
	"bridge_id": "<bridge_name>",
	"payload": {
		"credential_id": "<credential_name>",
		"ad_host": "<host_name>",
		"ad_dn": "<DN of AD machine>",
		"user_name": "<user_name>",
		"group_name": "<AD group_name>"
	}
}

Add AD Computer  

This state is used to add a computer device to the Active Directory of a private network.  

In Builder View, under the Properties section, click Add, and enter the computer attributes that have to be added to the AD. To remove a computer attribute added to the properties, hover over the line below the properties fields and click Remove. 

The JSON equivalent in Code View to add an AD computer is given below:

"Add a Computer in AD": {
	 "type": "add_ad_computer",
	 "next": "End",
	 "start": true,
	 "bridge_id": "<bridge_name>",
	 "payload": {
		  "credential_id": "<credential_name>",
		  "ad_host": "<host IP of AD machine>",
		  "ad_dn": "<DN of AD machine>",
		  "organization_unit": "<name of organization unit>",
		  "object_name": "<name of object>",
		  "properties": {
		   		"ObjectClass": "computer",
               	"givenName": "Windows11"
 		 }
	 }
}

Enable AD User   

If an already existing user in Active Directory is disabled for any reason, you can enable the user with this state.

In Builder View, enter the name of the user in the User Name field, who needs to be enabled. 

The JSON equivalent in Code View to enable a user in AD is given below:

"Enable an User in AD": {
	"type": "enable_ad_user",
	"next": "End",
	"start": true,
	"bridge_id": "<bridge_name>",
	"payload": {
		"credential_id": "<credential_name>",
		"ad_host": "<host IP of AD machine>",
		"ad_dn": "<DN of AD machine>",
		"user_name": "<user_name>"
	}
}

Disable AD User   

This state is used to disable an existing user in the AD.  

In Builder View, enter the name of the user who needs to be disabled in the User Name field. 

The JSON equivalent in Code View to disable a user in AD is given below:

"Disable an User in AD": {
	"type": "disable_ad_user",
	"next": "End",
	"start": true,
	"bridge_id": "<bridge_name>",
	"payload": {
		"credential_id": "<credential_name>",
		"ad_host": "<host IP of AD machine>",
		"ad_dn": "<DN of AD machine>",
		"user_name": "<user_name>"
	}
}

Reset AD Password     

This state helps you reset the password if needed.

In Builder View, under the Add Configuration section, fill in the following details:

  • User Name - Name of the user, whose password needs to be reset.

  • Password - Current password of the user.

  • Unlock account - If the user account is locked, whether to unlock it while resetting the password.

    • True - to unlock the account.
    • False - not to unlock the account
  • Force Password Change - After resetting the password, whether to make it mandatory for the user to reset the password during their next login.
    • True - Password has to be reset during the next login    
    • False - Not necessary to reset the password again during the next login

 


The JSON equivalent in Code View to add an AD computer is given below:

"Reset User Password": {
	"type": "reset_ad_password",
	"next": "End",
	"start": true,
	"bridge_id": "bridge-1368_1",
	"payload": {
		"credential_id": "ad_credentials_3",
		"ad_host": "localhost",
		"unlock_account": true,
		"force_password_change": false,
		"ad_dn": "DC=com,DC=qntrl",
		"password": "123***",
		"user_name": "John"
	}
}

Unlock AD User   

If a user has been locked due to multiple incorrect password entries, this state allows them to be unlocked. 

In Builder View, the state can be configured by giving the name of the user, who needs to be unlocked, in the User Name field. 

The JSON equivalent in Code View to unlock AD user is given below:

"Unlock an User in AD": {
	"type": "unlock_ad_user",
	"next": "End",
	"start": true,
	"bridge_id": "<bridge_name>",
	"payload": {
		"credential_id": "<credential_name>",
		"ad_host": "<host IP of AD machine>",
		"ad_dn": "<DN of AD machine>",
		"user_name": "<user_name>"
	}
}





NextFiles state

    • Related Articles

    • Active Directory(AD)

      Active Directory(AD) is a service developed by Microsoft that provides a centralized way to manage all your network machines, users, and resources in one place. Active Directory stores data as Objects, which include users, groups, applications, and ...

    • PowerShell Task Engine

      These states are used to perform any actions in the Windows machines of a private network using PowerShell commands. There are six states available in the PowerShell Task Engine for performing different operations. PowerShell Engine Install ...

    • Task Engine

      In Qntrl, while public APIs can be configured and executed directly through Webhooks, the client's internal APIs that are exposed only to the local network can be executed using the Task Engine module in Bridge. The Task Engine configured in Bridge ...

    • Task Engine

      Circuit's Task Engine state is used to connect with other applications and access APIs from a closed space. To retrieve data from a private network, the required API must be accessed from the local machine's network for the required conditions. ...

    • Overview of Qntrl

      Qntrl helps businesses automate their everyday workflows involving wide-ranging tasks and detailed nuances under a single platform. Whether it's a straightforward workflow involving a single team, or a complex workflow involving multiple teams, Qntrl ...

    You are currently viewing the help articles of Qntrl 3.0. If you are still using our older version and require guidance with it, Click here.