Active Directory

Active Directory is a directory service that Microsoft developed for Windows domain networks.

Integration with LogicHub

Connecting with Active Directory

To connect to Active Directory following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • Host: The host of the Active Directory. Append port (example: x.x.x.x:636) for custom port configuration. By default, LDAP uses port 389. LDAP SSL uses port 636
  • Base DN: Base DN (for example 'dc=logichub,dc=com')
  • NTLM (Optional): Authenticate using NTLM (New Technology LAN Manager)
  • Allow Unsecure Connection (Optional): Allow unsecure connection to AD host over SSL.
  • Username: The username used to connect to the host
  • Password: The password used to connect to the host

Actions with Active Directory

Find Organizational Unit

Find the Organizational Unit of a user.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Email: Email of the user whose organizational unit is to be found.

Output of Action
JSON object containing details of the organizational unit of the user with the specified email.

{
   "has_error": true,
   "error": "User with email  not found"
}

List Members of an Organizational Unit

List all the members of an organizational unit.

Inputs to this Action

  • OU String: Organizational Unit string to list its members.

Output of Action
JSON object containing all members of this OU.

{
   "reason": {
      "dn": "",
      "referrals": null,
      "description": "noSuchObject",
      "result": 32,
      "message": "0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n\u0000",
      "type": "searchResDone"
   },
   "has_error": true,
   "error": "Some error occurred. Exception(\"Query '(&(objectClass=User)(objectCategory=person))' for '' base_dn failed!\",)"
}

LDAP Search

Searches members in Active Directory of an organization.

Inputs to this Action

  • Search Filter: Enter jinja-templated RFC 2254-compliant search string.
  • Search Base (Optional): Enter jinja-templated Base DN as the starting point instead of the default one provided in Connection.
  • Search Scope (Optional): Select BASE / LEVEL / SUBTREE option to specify how broad the search context is (default is SUBTREE).
  • Dereference Aliases (Optional): Select option DEREF_NEVER / DEREF_SEARCH / DEREF_BASE / DEREF_ALWAYS to specify how the server must treat references to other entries (default is DEREF_ALWAYS).
  • Attributes (Optional): Enter comma-separated attributes to be returned by the search. Enter * to return all user attributes or enter + to return all operational attributes (default is * that is, all user attributes).
  • Size Limit (Optional): Enter a maximum number of entries returned by the search (default is 0 that is, the whole set of found entries is returned)
  • Time Limit (Optional): Enter the number of seconds allowed for the search (default is 0 that is, the search can take an unlimited amount of time unless the server has a more restrictive rule.)
  • Types Only (Optional): Select option True/False to return only attribute names and not return attribute values (default is False).

📘

Note

Microsoft Active Directory set a hard limit of 1000 entries returned by any search. Therefore, a paginated search is performed by the integration automatically to return Size Limit results (all results if specified 0 or unspecified).
The Time Limit is respected per search of this paginated search.

Output of Action
Multiple rows of JSON results containing the following:

  • has_error: true/false
  • error: msg/null
  • other fields of the queried response object

Disable User Account

Disables account of a user.

Inputs to this Action

  • Identity: Identity of user. Supported identities (DistinguishedName, sAMAccountName).
  • Identity Type: Type of identity supplied above (DistinguishedName, sAMAccountName).

Output of Action
JSON object containing results of the action.

Enable User Account

Enables the account of a user.

Inputs to this Action

  • Identity: Identity of user. Supported identities (DistinguishedName, sAMAccountName).
  • Identity Type: Type of identity supplied above (DistinguishedName, sAMAccountName).

Output of Action
JSON object containing results of the action.

Reset Password

Reset the user's password.

Inputs to this Action

  • Identity: Identity of the user. Supported identities (DistinguishedName, sAMAccountName).
  • Identity Type: Type of identity supplied above (DistinguishedName, sAMAccountName).
  • New Password (Optional): The new password to replace the old one. A random password will be used if this input-field is not filled.

Output of Action
JSON object containing results of the action.

Delete User Account

Delete the account of a user.

Inputs to this Action

  • Identity: Identity of user. Supported identities (DistinguishedName, sAMAccountName).
  • Identity Type: Type of identity supplied above (DistinguishedName, sAMAccountName).

Output of Action
JSON object containing results of the action.


Did this page help you?