Active Directory command

Use this command to manage the Active Directory and to create, modify, and delete users in the system with centralized control.

Overview

An Active Directory is a directory service provided by Microsoft to assist the admin in managing users across a group or organization. All of the fields for the Active Directory command support the use of variables.

Automation Anywhere uses LDAP (Lightweight Directory Access Protocol) to read from and edit users in the Active Directory. The Server name and Domain name are combined to create an LDAP path, which is used to connect to the Active Directory.

Establishing a Connection with Active Directory

To manage users in the Active Directory, ensure that a connection is established between the Administrator and the Active Directory server. Users who are logged into the Active Directory should have privileges for connecting to the Active Directory server and viewing the Server name, Domain name, user name and password details.

Create User
Adds a new user.
Modify User
Modifies or renames a user.
Note: Alternately, if unsure of the User Name that has to be modified, click the browse button in Enter LDAP Path section to select a user from the Active Directory Object Browser.
Select a User Action from the drop-down menu:
  • Rename User: Renames the user logon name, user account name, or both.
  • Delete User: Deletes the user from the Active Directory. Select from the User Name or Logon Name radio buttons in the Enter Modify User Details section.
  • Enable User Account: Enables a user account.
  • Disable User Account: Disables a user account. Select from the User Name or Logon Name radio buttons in the Enter Modify User Details section.
  • Update User Details: Use this option to update the user's details.
  • Update Account Options: Sets account attributes for the user. Select from the following check boxes:
    • User must change password at next log on
    • Is Active
    • User cannot change password
    • Password never expires
  • Change Password: Use this option to change a user's password.
  • Set Property: Use this option to assign a value to a user property, view the current details, and update them.
Create Group
Adds a new group. Enter the Group Name, Description (optional), and select from the radio buttons for Group Scope and Group Type.
Modify Group
Modifies or renames a group. Select a User Action from the drop-down menu:
  • Rename Group: Use the text fields to rename the group.
  • Delete Group: Deletes the group from the Active Directory.
  • Add Users to Group: Use the Add and Edit buttons to modify the user list in the Active Directory Object Browser.

    If the Active Directory has several users with the same names, select The above names are Logon Names check box to add log on names instead of users.

  • Remove Users from Group: Use the Remove button to modify the user list.
  • Set Property: Use this option to assign a value to a group property, view the current details, and update them.
Create Object
Creates a new object for the computer or the organizational unit.
Modify Object
Modifies an object in the Active Directory. Select a User Action from the drop-down menu:
  • Rename Object: Renames an existing computer or organizational unit.
  • Delete Object: Deletes an existing computer or organizational unit.
  • Move Object: Changes the location of an existing computer or organizational unit.
  • Set Property: Assigns a value to an object property.
Search
Searches the Active Directory for users of a group, or runs a query, and assigns the results to a variable. Select a Search Action from the drop-down menu:
  • Get All Users of a group: Use this option to find all users that are members of a group, and stores them in a list variable. Depending on the return type of the list variable, it contains the user names or the LDAP paths for the members.
  • Query: Use this option to specify an Active Directory query and run it. The query results are stored in a list variable, either for object names or LDAP paths, depending on the option selected.
Get Property
Retrieves a specific property value for an object, and assigns the results to a variable. Select an Object Type from the drop-down menu:
  • User
  • Group
  • Computer
  • Organizational Unit
Tip: In the above mentioned commands, press the F2 key to insert a Credential Variable for enhanced security. Read more about Assigning credential variables from credential lockers.