Scribd
Upload
9 views24 pages

Active Directory User Template Guide

Uploaded by

Maxedus Dota
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views24 pages

Active Directory User Template Guide

Uploaded by

Maxedus Dota
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Contents

1. User Templates ................................................................................................... 3


1.1 OU Selection ................................................................................................. 3
1.2 Group Selection ............................................................................................ 4
1.3 AD Property Selection ................................................................................... 5
1.3.1 Lookup Tables ........................................................................................ 6
1.4 AD Property Rules Configuration .................................................................. 7
1.4.1 Creation Rule .......................................................................................... 7
[Link] Overview................................................................................................. 7
[Link] Builder GUI ............................................................................................. 8
1.4.2 Validation Rule ....................................................................................... 9
1.5 Activation, Password & Script Options ........................................................ 10
1.6 Exchange Options ....................................................................................... 11
1.7 Export .......................................................................................................... 12
1.8 Create based on existing User .................................................................... 13
2. Group Templates ............................................................................................... 15
2.1 OU Selection ............................................................................................... 15
2.2 Member Selection ....................................................................................... 16
2.3 AD Property Selection ................................................................................. 16
2.4 AD property Rules Configuration................................................................. 16
2.5 Other Options .............................................................................................. 17
3. Open Templates ................................................................................................ 18
3.1 What even is this? ....................................................................................... 18
3.2 Input Selection ............................................................................................ 18
3.2.1 Containers ............................................................................................ 19
3.3 Input Rules Configuration ............................................................................ 19
3.4 Export .......................................................................................................... 20
4. Available Input Types and options ..................................................................... 21
4.1 Options shared between all controls ........................................................... 21
4.1.1 Controls available in all templates ........................................................ 21
[Link] DropDownList ....................................................................................... 21
[Link] Textfield / TextArea / MultiValueText .................................................... 22
[Link] Fixed Value........................................................................................... 22
[Link] Checkbox.............................................................................................. 22
4.1.2 Controls exclusive to OpenTemplates .................................................. 23
[Link] Options shared between all OpenTemplate Controls ........................... 23
[Link] Radiobutton .......................................................................................... 23
[Link] AccountSearchTextField / GroupAccountSearchTextField ................... 24
[Link] DatePicker ............................................................................................ 24
[Link] PasswordField ...................................................................................... 24
User Templates
1.1 OU Selection

1. This is the navigation pane, once you have completed the first page of a task
it allows you to switch between the different pages regardless of order.
2. Enter the FQDN of the target domain, for example “[Link]”. Confirm
your selection afterwards. If the account you are running the program under

is not a member of the target domain it will prompt you for


credentials:
3. Allows you to filter your OUs by Name, pressing the asterisk button will reset
the filter
4. Select or unselect OUs by dragging & dropping or by double-clicking
5. Edit the Display Name with which the OU will be shown in the Template, use
this to assign friendly names or link OUs up to a department or location. You
can also define entries as default value here, if no default value is picked the
first entry in the OU list will be used as default value.
6. Allows you to select a user to prepopulate certain fields (See 1.8)
7. Help brings you to the 8MAN online documentation, Cancel always takes you
back to the landing page, Back and Next allow you to navigate between
pages.
1.2 Group Selection

1. Select groups that will be included in the groups section of the template by
dragging & dropping or double-clicking
2. If unchecked the groups section will be hidden from the users
1.3 AD Property Selection

1. Add / Edit or Remove properties in the table below. See 4.1 for description of
available type configurations
2. Configure Lookup Tables (See 1.3.1)
1.3.1 Lookup Tables
Lookup Tables allow to set dependencies between AD attributes, for example
between the street address and the zip code. You can create lookup tables
once you have created a property with the input type of DropDown.

Select the dropdown menu you want to set dependencies on the left side,
then click on “Create” to create a lookup table based on the selected
dropdown. After clicking on create / edit you will be able to assign the values
the lookup table should resolve to.

You can use lookup tables in creation rules with the <lookup>() function. You
can find more details on that in the template documentation.
1.4 AD Property Rules Configuration
1.4.1 Creation Rule
[Link] Overview

1. Allows you to switch between the Creation Rule and Validation Rule view
2. Lists all AD properties that have a creation and validation rule
3. Allows you to switch between the Methods and Variables panel
4. When “Methods” is selected this panel shows all methods you can use in
creation rules
When hovering over a method it will show some method related
documentation.
When “Variables” is selected this panel shows all AD properties that have
been
Configured as well as all LookupTables. You can set sample values for
variables by right
Clicking a Variable in the selection.
5. The builder panel, see [Link]
[Link] Builder GUI
The Builder GUI allows you to create and edit creation rules by dragging and
dropping Methods and variable tokens into the builder UI.

1. Overall preview, shows the combined preview text for all containers in the
builder UI
2. Green Boxes stand for Methods, Methods can have one or multiple
Parameters (in this
example we only have one – InputText). Parameters can contain variables
as well as
nested Methods. Each method container shows its own container specific
preview so you
can see what the impact of the method is.
3. Red Boxes stand for Variables that refer to AD properties. An exception is
the “Hardcoded
Text” Variable that lets you enter hardcoded text values.
4. You can remove containers by clicking the X on the right hand side
1.4.2 Validation Rule
On the Validation Rule page you can edit and directly see the result of your
validation rules, it also delivers a set of premade rules as well as some help
for writing your own.

1. The Validation Rule field contains the regular expression the selected
property should be
evaluated against
Sample Text allows you to set a text that your validation rule will be
matched against – for
Live testing
Validation Info will be shown to the user in case he enters a value that
does not match
the validation rule
The Info field tells you if your current rule matches the sample text and if it
is valid
2. Switch between the selection of premade rules and a REGEX cheat sheet
that contains
Info about the most commonly used expressions and some example
3. Premade selection rules can be selected by double-clicking and can then
be customized
1.5 Activation, Password & Script Options

Enabling the activation options will allow the user to define if the account should
be activated
immediately, On a specific date or not at all. It also allows to set a end date on
which the
account will be disabled.

Password Options - from top to bottom:

• Default password, no random password will be generated if this is set


• Validation rule and info – click on edit to be redirected to the rule builder
• check this if you want randomly generated passwords
• check this to add more complexity to the passwords
• check if “Password must be changed at next logon” should be enabled by
default
• check if “Password can not be changed” should be enabled by default
• check if “Password never expires” should be enabled by default

Script Options - from top to bottom:


• check if the script section should be hidden in the fat client
• check if the script section should be hidden in the web client
• check to enable script by default
• Displayname for the script execution
• Script path, for example “C:\\scripts\\script.ps1” or
“\\\\server\\share\\script.ps1”
• Parameters that will be passed to script, to pass attributes use the usual
variable syntax (for example “{givenname} {sn}”) (will make autocomplete
predictions for configured AD properties)
1.6 Exchange Options

Exchange Options - from top to bottom, left to right:

• Check this to enable the exchange section, if not checked the exchange
module will not be loaded and no mailbox can be created with that template
• Allow users to select if a mailbox is created or not, by default one is created
• Mailbox Database, can be single or multi value (click + to create dropdown)
• Creation Rule and Validation Rule can be edited in the Builder by clicking Edit
• Allow users to manually change the address, the validationrule still applies
• Enable Archiving – if not selected archiving related fields will be included in
template but archiving will be disabled by default
• Allow users to change if archiving is enabled, by default it is
• Archive Database, can be single or multi value (click + to create dropdown)
• Enable ActiveSync – if not selected ActiveSync related fields will be included
in template, ActiveSync will be disabled by default
• Allow users to change if ActiveSync is enabled, by default it is
• Active Sync Policy, can be single or multi value (click + to create dropdown)
• Enable OWA – if not selected OWA related fields will be included in template,
OWA will be disabled by default
• Allow users to change if OWA is enabled, by default it is
• OWA Policy, can be single or multi value (click + to create dropdown)
• Enable IMAP – if not selected the IMAP option will be included in template but
will be disabled by default
• Enable POP – if not selected the POP option will be included in template but
will be disabled by default
• Enable MAPI – if not selected the MAPI option will be included in template but
will be disabled by default
1.7 Export

1. Set Displayname and description for the template


2. Choose an export path
3. This Panel provides a text preview of the template
4. Save the template file after selecting an export path
1.8 Create based on existing User

When creating a template from an existing user you will be guided through a 3
step wizard:

1. Select user:

2. Select Groups you want to include in the template:


3. Select properties you want to include in the template:

This selection will show all text-based attributes (excluding a few system
attributes), the selected properties sample values will be set to the current users
attributes. Creation rules will not be automatically created based on values.
2. Group Templates
2.1 OU Selection

1. This is the navigation pane, once you have completed the first page of a task
it allows you to switch between the different pages regardless of order.
2. Enter the FQDN of the target domain, for example “[Link]”. Confirm
your selection afterwards. If the account you are running the program under is

not a member of the target domain it will prompt you for credentials:
3. Allows you to filter your OUs by Name, pressing the asterisk button will reset
the filter
4. Select or unselect OUs by dragging & dropping or by double-clicking
5. Edit the Display Name with which the OU will be shown in the Template, use
this to
assign friendly names or link OUs up to a department or location. You can
also define
entries as default value here, if no default value is picked the first entry in the
OU list will
be used as default value.
6. Help brings you to the 8MAN online documentation, Cancel always takes you
back to the landing page, Back and Next allow you to navigate between pages.
2.2 Member Selection

1. Select users that will be included in the members section of the template by
dragging & dropping or double-clicking
2. If unchecked the members section will be hidden from the users

2.3 AD Property Selection


See 1.3 and sub points

2.4 AD property Rules Configuration


See 1.4 and sub points
2.5 Other Options

1. Select the default group scope and type, If the “Allow user…” checkbox is
checked the user
will be able to change the defaults
2. E-Mail Activation Options – from top to bottom:
o If checked the mail related fields will be included in the template
o if checked users will be able to toggle the distribution group creation
o Creation and Validation Options can be Edited in the Builder GUI by
clicking Edit
o If checked users can manually change the address
o If set Sender Authentication is enabled by default
o If set users will be able to toggle Sender Authentication

3. Script Options - from top to bottom:


• check if the script section should be hidden in the fat client
• check if the script section should be hidden in the web client
• check to enable script by default
• Displayname for the script execution
• Script path, for example “C:\\scripts\\script.ps1” or
“\\\\server\\share\\script.ps1”
• Parameters that will be passed to script, to pass attributes use the usual
variable syntax (for example “{givenname} {sn}”) (will make autocomplete
predictions for configured AD properties)

2.6 Export
See 1.7 and sub items
3. Open Templates

3.1 What even is this?


OpenTemplates are freely configurable forms that can be made available either
through the GrantMA request platform or through the web client cockpit as
service actions.
OpenTemplates can have an attached script execution that you can pass values
from the form to and can be marked as requiring manual interaction.
OpenTemplates feature additional input types, see 4.1.2

3.2 Input Selection

1. Add / Edit or remove Input fields from the table below – see 4.1
2. Configure the hierarchical structure of the templates – see 3.2.1
3.2.1 Containers
Containers in OpenTemplates allow you to group inputs together. Containers
can be either collapsible or not.
When you click on “Assign Containers” you can configure the structure of the
template regarding grouping of inputs:

1. Shows the current structure and sequence of the current template, items
can be
rearranged by dragging and dropping
2. When Containers are in rearrange mode they will not be added as a child of
another
container when dropped on one but will instead be inserted after the
dropped on
container
3. Add or remove containers, when you remove a container with children
those children will
Be added to the root container

3.3 Input Rules Configuration


See 1.4 and sub points
3.4 Export
See 1.7 for fields not mentioned here

1. Set the name of the script configuration that should be called when the
template is requested
/ executed. This has to match the name of a script configuration in the ARM
Script config:

2. If checked the last approver in the resource´s workflow will have to confirm
that required
manual steps have been completed.
4. Available Input Types and options
4.1 Options shared between all controls

1. Propertyname has to correspond to the name of the AD property the final


value of the field
should be written to, is required.
2. Label is the label that will be shown in the template before the control.
3. Description is shown as tooltip when the user hovers over the control.
4. If checked the field will be marked as required (user has to provide input)
5. If checked the fields value can be edited / changed by the user
6. Hides the field in the fat client
7. Hides the field in the web interface

4.1.1 Controls available in all templates


[Link] DropDownList

Dropdown items consist of a “Value” and a “DisplayValue” the first one is the
value that the ad property will be set to, the other will be shown to the user for
selection. With the Buttons on the right you can add / edit / delete dropdown
items.
If you set a DefaultValue it´s value must match the value field of one of your
entries.

[Link] Textfield / TextArea / MultiValueText

Textfields can be marked as unique, if this is checked ARM will compare the
value entered by the user against the property´s value on all other user
accounts and return an error when the value is already set for another
account.
You can also define the maximum length of the field, a default value and
characters that the user is not allowed to enter.

[Link] Fixed Value

Value is the value that will be written to the AD property, Displayvalue is


shown to the user. FixedValues can not be edited in any case

[Link] Checkbox

If isChecked is set the checkbox will be checked by default. Checkboxes


return ‘true’ when checked, ‘false’ when unchecked
4.1.2 Controls exclusive to OpenTemplates

[Link] Options shared between all OpenTemplate Controls

Allows you to define the parent Container of the control

[Link] Radiobutton

Value is what is returned when this button is checked


RadioGroupID allows you to logically group RadioButtons together (only one
in the group can be selected) (this grouping only applys on the logical level
and does not reflect in the hierarchical structure by default)
If isChecked is set the Button will be selected by default, only one
RadioButton in a group can be checked at once
[Link] AccountSearchTextField / GroupAccountSearchTextField

Account- and GroupAccountSearchTextField allow you to search for all type


of accounts or only group accounts respectively. SearchTextFields
automatically create a lookup table with a selection of configurable properties.
This lookup table can then be used in the creation rule of other fields.

LookupTableID defines the ID under which the automatically generated


LookupTable will be addressable.
PropertiesToLoad would be a list of values that are loaded into the
LookupTable when an account is selected in the control

[Link] DatePicker

The DatePicker control allows the user to select a single date in a calendar
view

You can select the format in which the date value is returned here, examples
of the resulting values are visible in the tooltip. All output formats apart from
the one shown in this example use the culture of the current system to define
the final format and timezone of the output.

[Link] PasswordField

PasswordField is a textfield that can be masked:

You might also like