Active Directory - Modify Group

 

Declaration

<AMMODIFYADGROUP LDAP="text" ACTION="text [options]" GROUP="text" User LDAP="text" NEWUSERNAME "text" NEWUSERPASSWORD "text" USERNAME="text" PASSWORD="text"/>

See Also

AD - Create Object | AD - Create User | AD - Delete Object | AD - Get Group Members | AD - Get Object Dataset | AD - Get Object Path | AD - Get Object Property | AD - List Object Path |

Description

Allows an administrator to rename or delete an existing Active Directory group, as well as add users to, or delete users from a specific Active Directory group.

IMPORTANT: In order to properly use AutoMate's Active Directory actions, you should have a basic understanding of Active Directory and related components (e.g. domain controllers, trust relationships, forests, OUs, LDAPs, etc.) Also, to ensure that these actions function appropriately, the target system must be part of a domain.

Practical Usage

Can be used as a batch Active Directory administration tool to add multiple users to, or remove multiple users from an existing AD group. Also ideal for renaming or deleting an AD group.

Parameters

General Properties

Property

Type

Req'd

Default

Markup

Description

Path

Text

Yes

(Empty)

LDAPPATH=

"LDAP://DC=netauto,DC=com"

The Lightweight Directory Access Protocol (LDAP) path of the Active Directory group to modify.

Clicking Select Group launches a standard Windows Active Directory dialog box that allows for the selection of a group.

Action

Text (Options)

Yes

AddUser

ACTION="rename"

The action to perform on the Active Directory group. The available options are:

  • Add User(s) (default): Adds one or more users to the specified Active Directory group.

  • Remove User(s): Removes one or more users from the specified Active Directory group.

  • Rename: Rename the Active Directory group.

  • Delete: Delete an existing Active Directory group.

New Name

Text

No

(Empty)

NEWGROUPNAME="printer"

The new name of the Active Directory group. This parameter is only available if the Rename option is selected in the Action drop-down.

Users Properties

These parameters are only available if the Add user(s) or Remove user(s) option is selected in the Action drop-down.

Property

Type

Req'd

Default

Markup

Description

User's LDAP Path

Text

Yes

(Empty)

LDAPPATH=

"LDAP://DC=netauto,DC=com"

Specifies the LDAP path of the Active Directory user(s) to add/remove.

Add a user by clicking the Add User(s) button. You can also add a user manually by entering the user's CN (Common Name) in the provided field and clicking the Add button.               

New user name

Text (Options)

Yes

User

NEWUSERNAME="Ronald"

Specifies the name of the new Active Directory user to be created. This parameter is only available if the Rename option is selected from the Action drop-down.

New Password

Text

No

(Empty)

NEWPASSWORD="password"

Specifies the password of the new Active Directory user to be created. This parameter is only available if the Rename option is selected from the Action drop-down.

 

Credentials Properties

Property

Type

Required

Default

Markup

Description

Username

Text

No

(Empty)

USERNAME="username"

Specifies the username of the Active Directory user.

NOTE: Leave the Username and Password fields blank in order to use the logon user's credentials. If only accessing Active Directory information, then any Domain user is valid. However, a Domain Administrator is required in order to modify an Active Directory user or group. We recommend using the credentials of a Domain Administrator for all AutoMate Active Directory actions.

Password

 

Text

 

No

 

(Empty)

 

PASSWORD="password"

 

Specifies the password of the Active Directory user.

NOTE: Leave the Username and Password fields blank in order to use the logon user's credentials. If only accessing Active Directory information, then any Domain user is valid. However, a Domain Administrator is required in order to modify an Active Directory user or group. We recommend using the credentials of a Domain Administrator for all AutoMate Active Directory actions

Root LDAP to search user Common Name (CN)

Text

No

(Empty)

LDAP=

"LDAP://DC=netauto,DC=com"

The root LDAP path to search for the Active Directory user(s) CN (Common Name).

 

Description Properties

The Description tab allows you to customize the text description of any step as it appears in the Task Builder's Steps Pane.

More on setting custom step description

Error Causes Properties

The Error Causes tab properties allows you to instruct a task step to react only to specific errors or ignore certain errors that should cause it to fail.

More on Error Causes properties

On Error Properties

The On Error tab properties lets you determine what the task should do if a particular step encounters an error as defined in the Error Causes properties.

More about On Error properties

Additional Notes

Expressions, Variables and Functions

All text fields allow the use of expressions such as variables, functions or AutoMate extended functions, which can be entered by surrounding the expression in percentage signs (example: %FileDateTime(myVar)% or %myVar%, %Left('Text',2)%). To help construct these expressions, you can open Expression Builder from these fields by clicking the Insert Expression (%) button or by pressing F2.

More on expressions

More on variables

More on function

More on extended functions
More on expression builder

Example

NOTE: The code below can be copied and pasted directly into the Steps pane of the Task Builder.

 

Sample 1 - Rename Active Directory group at "LDAP://mycompany.com/CN=Guests,CN=Builtin,DC=mycompany,DC=com" to "GuestOne'.

<AMMODIFYADGROUP GROUP="LDAP://mycompany.com/CN=Guests,CN=Builtin,DC=mycompany,DC=com" ACTION="RENAME" NEWGROUPNAME="GuestOne" />

 

Sample 2 - Delete Active Directory group at path "LDAP://mycompany.com/CN=Managers,CN=Users,DC=mycompany,DC=com".

<AMMODIFYADGROUP GROUP="LDAP://mycompany.com/CN=Managers,CN=Users,DC=mycompany,DC=com" ACTION="DELETE" />

↑ [Top of Page]