Active Directory

Version: 2.1.0

Active Directory is a directory service that Microsoft developed for Windows domain networks.

Connect Active Directory with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for Active Directory.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • Host: The host of the Active Directory. Append port (example: x.x.x.x:636) for custom port configuration. By default, LDAP uses port 389. LDAP SSL uses port 636.
    • Base DN: Base DN (for example 'dc=logichub,dc=com').
    • NTLM (Optional): Authenticate using NTLM (New Technology LAN Manager).
    • Allow Unsecure Connection (Optional): Allow unsecure connection to AD host over SSL.
    • Username: The username used to connect to the host.
    • Password: The password used to connect to the host.'
    • CA Certificate: Upload a .crt CA Certificate file.
  4. After you've entered all the details, click Connect.

Actions for Active Directory

Find Organizational Unit

Find the Organizational Unit of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
EmailEmail of the user whose organizational unit is to be found.Required

Output

A JSON object containing details of the organizational unit of the user with the specified email.

{
   "has_error": true,
   "error": "User with email  not found"
}

List Members of an Organizational Unit

List all the members of an organizational unit.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
OU StringOrganizational Unit string to list its members.Required

Output

A JSON object containing all members of this OU.

{
   "reason": {
      "dn": "",
      "referrals": null,
      "description": "noSuchObject",
      "result": 32,
      "message": "0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n\u0000",
      "type": "searchResDone"
   },
   "has_error": true,
   "error": "Some error occurred. Exception(\"Query '(&(objectClass=User)(objectCategory=person))' for '' base_dn failed!\",)"
}

LDAP Search

Searches members in Active Directory of an organization.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Search FilterEnter jinja-templated RFC 2254-compliant search string.Required
Search BaseEnter jinja-templated Base DN as the starting point instead of the default one provided in Connection.Optional
Search ScopeSelect BASE / LEVEL / SUBTREE option to specify how broad the search context is (default is SUBTREE).Optional
Dereference AliasesSelect option DEREF_NEVER / DEREF_SEARCH / DEREF_BASE / DEREF_ALWAYS to specify how the server must treat references to other entries (default is DEREF_ALWAYS).Optional
AttributesEnter comma-separated attributes to be returned by the search. Enter * to return all user attributes or enter + to return all operational attributes (default is * that is, all user attributes).Optional
Size LimitEnter a maximum number of entries returned by the search (default is 0 that is, the whole set of found entries is returned).Optional
Time LimitEnter the number of seconds allowed for the search (default is 0 that is, the search can take an unlimited amount of time unless the server has a more restrictive rule.)Optional
Types OnlySelect option True/False to return only attribute names and not return attribute values (default is False).Optional

📘

Microsoft Active Directory set a hard limit of 1000 entries returned by any search. Therefore, a paginated search is performed by the integration automatically to return Size Limit results (all results if specified 0 or unspecified).
The Time Limit is respected per search of this paginated search.

Output

A JSON object containing multiple rows of results:

  • has_error: true/false
  • error: msg/null
  • other fields of the queried response object

Disable User Account

Disables account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Identity ColumnIdentity of user. Supported identities (DistinguishedName, sAMAccountName).Required
Identity TypeType of identity supplied above (DistinguishedName, sAMAccountName).Required

Output

A JSON object containing multiple rows of result:

Enable User Account

Enables the account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Identity ColumnIdentity of user. Supported identities (DistinguishedName, sAMAccountName).Required
Identity TypeType of identity supplied above (DistinguishedName, sAMAccountName).Required

Output

A JSON object containing multiple rows of result:

Reset Password

Reset the user's password.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Identity ColumnIdentity of the user. Supported identities (DistinguishedName, sAMAccountName).Required
Identity TypeType of identity supplied above (DistinguishedName, sAMAccountName).Required
New PasswordThe new password to replace the old one. A random password will be used if this input-field is not filled.Optional

Output

A JSON object containing multiple rows of result:

Delete User Account

Delete the account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Identity ColumnIdentity of user. Supported identities (DistinguishedName, sAMAccountName).Required
Identity TypeType of identity supplied above (DistinguishedName, sAMAccountName).Required

Output

A JSON object containing multiple rows of result:

Modify User Account

Modify the attributes of a user account.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Identity ColumnJinja-templated text containing Identity (DistinguishedName, sAMAccountName).Required
Identity TypeSelect Identity Type incoming in Identity ColumnRequired
ModificationsJinja-templated JSON containing fields to be modified. Example : {"title": "Senior Developer", "department": "Engineering", "telephoneNumber": "+1 555-123-4567"}Required
Time between consecutive API requests (in millis)Time to wait between consecutive API requests in milliseconds (Default is 0 millisecond)Optional

Output

JSON containing the following items:

{
	"has_error": false,
 	"error": None,
	"result": "Successfully modified the user account"
}

Release Notes

  • v2.1.0 - Added new action Modify User Account
  • v2.0.0 - Updated architecture to support IO via filesystem
  • v1.1.0 - Added optional field to upload CA Certificate at connection level.

© Devo Technology Inc. All Rights Reserved.