Active Directory Computer Remove Groups logo

Active Directory Computer Remove Groups Version 1

This handler will use the server information and computer credentials configured in the task info values to authenticate and connect to the specified Active Directory server (using LDAP) and search for the computer based on the search parameters provided. If a matching computer is found, it will be removed as a member from each group specified in the groups parameter will be added to the computer.

  • If 'Distinguished Name' is selected, the 'distinguishedName' attribute will be used directly to retrieve the User entry.

  • If 'Full Name' is selected, the 'cn' attribute will be used to retrieve the User entry.

  • If 'User Name' is selected, the 'computerprincipalname' value will be used if the "Search Value" parameter includes an '@' sign (IE john.doe@domain.com) and the 'samaccountname' will be used if it does not (IE john.doe).

  • If 'Email Address' is selected, the 'mail' attribute will be used to retrieve the User entry.

This handler will raise an Exception if the specified User or any of the specified Groups are not found in the Active Directory system.

Parameters

Name Description
Search By 'Distinguished Name', 'Full Name', 'User Name', 'Computer Name', or 'Email Address'
Search Value The value of the Distinguished Name (Computer Name).
Groups The common name(s) of the group(s) to remove. More than one group can be specified by separating each group with a comma.

Sample Configuration

Name Description
Search By User Name
Search Value <%=@answers['ReqFor Login ID']%>
Groups <%=@answers['Groups']%>

Results

This handler does not return any results.

Changelog

Active Directory Computer Remove Groups V1 (2017-Aug-29)

  • Initial version. See README for details.


Related Handlers

Active Directory User Permanent Password
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Name and sets the 'password never expires' flag.
Active Directory User Create
Creates an Active Directory user entry and uses the provided parameter values to specify common user attributes.
Active Directory User Retrieve
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Name and returns a predefined set of attributes to include the Distinguished Name(dn).
Active Directory User Add Groups
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Logon and adds the user as a member to one or more groups.
Active Directory Group Create
Creates an Active Directory group entry and uses the provided parameter values to specify common attributes. This handler will fail if the group already exists.
Active Directory User Expire Password
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Name and sets the password to expired, requiring the user to change it.
Active Directory User Enable
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Name and enables the user's account.
Active Directory User Disable
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Name and disables the user's account.
Active Directory User Remove Groups
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Logon and remove that user as a member from one or more groups.
Active Directory Distribution List Member Retrieve
Finds a Distribution List in active directory by Distinguished Name, or Email Address and returns a comma delimited list of immediate members (e-mail addresses)
Active Directory User Temporal Password
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Name and sets the 'password never expires' flag.
Active Directory User Change Attribute
Finds a user in active directory by Distinguished Name, Full Name, Email Address, or User Name and changes the specified LDAP attribute.