Active Directory is a directory service that Microsoft developed for Windows domain networks.

Connect Active Directory with LogicHub

Navigate to Automations > Integrations.
Search for Active Directory.
Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- Host: The host of the Active Directory. Append port (example: x.x.x.x:636) for custom port configuration. By default, LDAP uses port 389. LDAP SSL uses port 636.
- Base DN: Base DN (for example 'dc=logichub,dc=com').
- NTLM (Optional): Authenticate using NTLM (New Technology LAN Manager).
- Allow Unsecure Connection (Optional): Allow unsecure connection to AD host over SSL.
- Username: The username used to connect to the host.
- Password: The password used to connect to the host.'
- CA Certificate: Upload a .crt CA Certificate file.
After you've entered all the details, click Connect.

Actions for Active Directory

Find Organizational Unit

Find the Organizational Unit of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Email	Email of the user whose organizational unit is to be found.	Required

Output

A JSON object containing details of the organizational unit of the user with the specified email.

{
   "has_error": true,
   "error": "User with email  not found"
}

List Members of an Organizational Unit

List all the members of an organizational unit.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
OU String	Organizational Unit string to list its members.	Required

Output

A JSON object containing all members of this OU.

{
   "reason": {
      "dn": "",
      "referrals": null,
      "description": "noSuchObject",
      "result": 32,
      "message": "0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n\u0000",
      "type": "searchResDone"
   },
   "has_error": true,
   "error": "Some error occurred. Exception(\"Query '(&(objectClass=User)(objectCategory=person))' for '' base_dn failed!\",)"
}

LDAP Search

Searches members in Active Directory of an organization.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Search Filter	Enter jinja-templated RFC 2254-compliant search string.	Required
Search Base	Enter jinja-templated Base DN as the starting point instead of the default one provided in Connection.	Optional
Search Scope	Select BASE / LEVEL / SUBTREE option to specify how broad the search context is (default is SUBTREE).	Optional
Dereference Aliases	Select option DEREF_NEVER / DEREF_SEARCH / DEREF_BASE / DEREF_ALWAYS to specify how the server must treat references to other entries (default is DEREF_ALWAYS).	Optional
Attributes	Enter comma-separated attributes to be returned by the search. Enter `` to return all user attributes or enter `+` to return all operational attributes (default is `` that is, all user attributes).	Optional
Size Limit	Enter a maximum number of entries returned by the search (default is 0 that is, the whole set of found entries is returned).	Optional
Time Limit	Enter the number of seconds allowed for the search (default is 0 that is, the search can take an unlimited amount of time unless the server has a more restrictive rule.)	Optional
Types Only	Select option True/False to return only attribute names and not return attribute values (default is False).	Optional

📘
Microsoft Active Directory set a hard limit of 1000 entries returned by any search. Therefore, a paginated search is performed by the integration automatically to return Size Limit results (all results if specified 0 or unspecified).
The Time Limit is respected per search of this paginated search.

Output

A JSON object containing multiple rows of results:

has_error: true/false
error: msg/null
other fields of the queried response object

Disable User Account

Disables account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Identity Column	Identity of user. Supported identities (DistinguishedName, sAMAccountName).	Required
Identity Type	Type of identity supplied above (DistinguishedName, sAMAccountName).	Required

Output

A JSON object containing multiple rows of result:

Enable User Account

Enables the account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Identity Column	Identity of user. Supported identities (DistinguishedName, sAMAccountName).	Required
Identity Type	Type of identity supplied above (DistinguishedName, sAMAccountName).	Required

Output

A JSON object containing multiple rows of result:

Reset Password

Reset the user's password.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Identity Column	Identity of the user. Supported identities (DistinguishedName, sAMAccountName).	Required
Identity Type	Type of identity supplied above (DistinguishedName, sAMAccountName).	Required
New Password	The new password to replace the old one. A random password will be used if this input-field is not filled.	Optional

Output

A JSON object containing multiple rows of result:

Delete User Account

Delete the account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Identity Column	Identity of user. Supported identities (DistinguishedName, sAMAccountName).	Required
Identity Type	Type of identity supplied above (DistinguishedName, sAMAccountName).	Required

Output

A JSON object containing multiple rows of result:

Modify user account

Modify the attributes of a user account.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name	Description	Required
Identity Column	Jinja-templated text containing Identity (DistinguishedName, sAMAccountName).	Required
Identity Type	Select Identity Type incoming in Identity Column	Required
Modifications	Jinja-templated JSON containing fields to be modified. Example : {"title": "Senior Developer", "department": "Engineering", "telephoneNumber": "+1 555-123-4567"}	Required
Time between consecutive API requests (in millis)	Time to wait between consecutive API requests in milliseconds (Default is 0 millisecond)	Optional

Output

JSON containing the following items:

{
	"has_error": false,
  "error": None,
  "result": "Successfully modified the user account"
}

Release Notes

v2.0.12 - Added new action Modify user account
v2.0.0 - Updated architecture to support IO via filesystem
v1.1.0 - Added optional field to upload CA Certificate at connection level.