Active Directory
Version: 2.1.0
Active Directory is a directory service that Microsoft developed for Windows domain networks.
Connect Active Directory with LogicHub
- Navigate to Automations > Integrations.
- Search for Active Directory.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- Host: The host of the Active Directory. Append port (example: x.x.x.x:636) for custom port configuration. By default, LDAP uses port 389. LDAP SSL uses port 636.
- Base DN: Base DN (for example 'dc=logichub,dc=com').
- NTLM (Optional): Authenticate using NTLM (New Technology LAN Manager).
- Allow Unsecure Connection (Optional): Allow unsecure connection to AD host over SSL.
- Username: The username used to connect to the host.
- Password: The password used to connect to the host.'
- CA Certificate: Upload a .crt CA Certificate file.
- After you've entered all the details, click Connect.
Actions for Active Directory
Find Organizational Unit
Find the Organizational Unit of a user.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
Email of the user whose organizational unit is to be found. | Required |
Output
A JSON object containing details of the organizational unit of the user with the specified email.
{
"has_error": true,
"error": "User with email not found"
}
List Members of an Organizational Unit
List all the members of an organizational unit.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
OU String | Organizational Unit string to list its members. | Required |
Output
A JSON object containing all members of this OU.
{
"reason": {
"dn": "",
"referrals": null,
"description": "noSuchObject",
"result": 32,
"message": "0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n\u0000",
"type": "searchResDone"
},
"has_error": true,
"error": "Some error occurred. Exception(\"Query '(&(objectClass=User)(objectCategory=person))' for '' base_dn failed!\",)"
}
LDAP Search
Searches members in Active Directory of an organization.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
Search Filter | Enter jinja-templated RFC 2254-compliant search string. | Required |
Search Base | Enter jinja-templated Base DN as the starting point instead of the default one provided in Connection. | Optional |
Search Scope | Select BASE / LEVEL / SUBTREE option to specify how broad the search context is (default is SUBTREE). | Optional |
Dereference Aliases | Select option DEREF_NEVER / DEREF_SEARCH / DEREF_BASE / DEREF_ALWAYS to specify how the server must treat references to other entries (default is DEREF_ALWAYS). | Optional |
Attributes | Enter comma-separated attributes to be returned by the search. Enter * to return all user attributes or enter + to return all operational attributes (default is * that is, all user attributes). | Optional |
Size Limit | Enter a maximum number of entries returned by the search (default is 0 that is, the whole set of found entries is returned). | Optional |
Time Limit | Enter the number of seconds allowed for the search (default is 0 that is, the search can take an unlimited amount of time unless the server has a more restrictive rule.) | Optional |
Types Only | Select option True/False to return only attribute names and not return attribute values (default is False). | Optional |
Microsoft Active Directory set a hard limit of 1000 entries returned by any search. Therefore, a paginated search is performed by the integration automatically to return
Size Limit
results (all results if specified0
or unspecified).
TheTime Limit
is respected per search of this paginated search.
Output
A JSON object containing multiple rows of results:
- has_error: true/false
- error: msg/null
- other fields of the queried response object
Disable User Account
Disables account of a user.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
Identity Column | Identity of user. Supported identities (DistinguishedName, sAMAccountName). | Required |
Identity Type | Type of identity supplied above (DistinguishedName, sAMAccountName). | Required |
Output
A JSON object containing multiple rows of result:
Enable User Account
Enables the account of a user.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
Identity Column | Identity of user. Supported identities (DistinguishedName, sAMAccountName). | Required |
Identity Type | Type of identity supplied above (DistinguishedName, sAMAccountName). | Required |
Output
A JSON object containing multiple rows of result:
Reset Password
Reset the user's password.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
Identity Column | Identity of the user. Supported identities (DistinguishedName, sAMAccountName). | Required |
Identity Type | Type of identity supplied above (DistinguishedName, sAMAccountName). | Required |
New Password | The new password to replace the old one. A random password will be used if this input-field is not filled. | Optional |
Output
A JSON object containing multiple rows of result:
Delete User Account
Delete the account of a user.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
Identity Column | Identity of user. Supported identities (DistinguishedName, sAMAccountName). | Required |
Identity Type | Type of identity supplied above (DistinguishedName, sAMAccountName). | Required |
Output
A JSON object containing multiple rows of result:
Modify User Account
Modify the attributes of a user account.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
Identity Column | Jinja-templated text containing Identity (DistinguishedName, sAMAccountName). | Required |
Identity Type | Select Identity Type incoming in Identity Column | Required |
Modifications | Jinja-templated JSON containing fields to be modified. Example : {"title": "Senior Developer", "department": "Engineering", "telephoneNumber": "+1 555-123-4567"} | Required |
Time between consecutive API requests (in millis) | Time to wait between consecutive API requests in milliseconds (Default is 0 millisecond) | Optional |
Output
JSON containing the following items:
{
"has_error": false,
"error": None,
"result": "Successfully modified the user account"
}
Release Notes
v2.1.0
- Added new actionModify User Account
v2.0.0
- Updated architecture to support IO via filesystemv1.1.0
- Added optional field to upload CA Certificate at connection level.
Updated about 1 month ago