User account operations

The Active Directory package contains various actions to automate tasks related to user account management, including create, delete, get property, remove, rename, and set property.

Actions in the Active Directory package

The Active Directory package includes the following actions for user account operations:
Note: We now support Active Directory user operations by logon name with domain and can provide the domain name to extract the user details. When you retrieve user property or perform any user operation based on the logon name (userPrincipalName), and if the user domain name differs from the domain specified in the LDAP path, the user properties are now successfully retrieved regardless of whether it contains a domain name or not.
For example, LDAP Path: LDAP://ADServer/DC=automation, DC=net
User Logon name
userPrincipalName: kim@aaengg.net User can provide logon name as kim@aaengg.net.
userPrincipalName: shaun@aasales.net User can provide logon name as shaun@aasales.net.
userPrincipalName:sarah@automation.net user can provide a logon name as either sarah or sarah@automation.net.

When you perform any user action on the logon name, and if the logon name has a duplicate user under subDomain and subDomain@rootDomain, the user property is retrieved for the user with the root domain.

For example, LDAP Path: LDAP://ADServer/DC=automation, DC=net
  • User 1: userPrincipalName (logon name) is kim@aaengg.net.
  • User 2: userPrincipalName (logon name) is kim@aaengg.net@automation.net.

If you enter the logon name as kim@aaengg.net or kim@aaengg.net@automation.net, the operations will be performed on the second user that is kim@aaengg.net@automation.net.

To understand the most commonly used Active Directory attributes list, see Active Directory attributes list

Note: If the number of users in the group exceeds the 1500 limit, the bot fails with an error when you use Remove users from group action. Perform the following steps to increase the user limit .
  1. Log in to the Windows Server as an Administrator, start a command prompt, and type the following:
    C:\> ntdsutil
ntdsutil: ldap policies
ldap policy: connections
server connections: connect to server <WINDOWS_SERVERNAME>
Connected to <WINDOWS_SERVERNAME> using credentials of locally logged on user
server connections: q
    ldap policy will display the following values:
                             
Policy                         Current(New)  
                                                 
MaxPoolThreads                  4
MaxDatagramRecv                 4096
MaxReceiveBuffer                10485760
InitRecvTimeout                 120
MaxConnections                  5000
MaxConnIdleTime                 900
MaxActiveQueries                20
MaxPageSize                     1000
MaxQueryDuration                120
MaxTempTableSize                10000
MaxResultSetSize                262144
MaxNotificationPerConn          5
MaxValRange                     1500
ThreadMemoryLimit                0
  2. Set the maxpagesize value, for example 50000.
    ldap policy: set maxpagesize to 50000
ldap policy: commit changes
ldap policy: q
ntdsutil: q
Disconnecting from <WINDOWS_SERVERNAME> ...
Action Description
Add users to group See Using the Add users to group action.
Create user See Using the Create user action.
Change user password

See Change user password action in Active Directory

Delete user

See Delete user action in Active Directory

Disable user account

See Disable user account action in Active Directory

Enable user account

See Enable user account action in Active Directory

Get all users of a group

See Get all users of a group action in Active Directory

Get user property

See Get user property action in Active Directory

Remove users from group See Using the Remove users from group action.
Rename user

See Rename user action in Active Directory

Set user property

See Set user property action in Active Directory

Update account options

See Update account options action in Active Directory

Update user details See Using the Update user details action