Description
This HelloID Service Automation Delegated Form provides AD group membership management functionality. The following options are available:
- Search and select the target AD group
- Modify AD group memberships
- After confirmation the updates are processed (add or remove AD account memberships)
Versioning
| Version | Description | Date |
|---|---|---|
| 1.1.1 | Updated with audit logging | 2022/06/08 |
| 1.1.0 | Updated with code for SA agent | 2022/03/14 |
| 1.0.1 | Added version number and updated all-in-one script | 2021/11/03 |
| 1.0.0 | Initial release | 2020/09/07 |
Table of Contents
- Description
- All-in-one PowerShell setup script
- Post-setup configuration
- Manual resources
- Getting help
All-in-one PowerShell setup script
The PowerShell script "createform.ps1" contains a complete PowerShell script using the HelloID API to create the complete Form including user defined variables, tasks and data sources.
Please note that this script asumes none of the required resources do exists within HelloID. The script does not contain versioning or source control
Getting started
Please follow the documentation steps on HelloID Docs in order to setup and run the All-in one Powershell Script in your own environment.
Post-setup configuration
After the all-in-one PowerShell script has run and created all the required resources. The following items need to be configured according to your own environment
- Update the following user defined variables
| Variable name | Example value | Description |
| ADgroupsSearchOU | [{ "OU": "OU=Groups,OU=HelloID Training,DC=veeken,DC=local"}] | Array of Active Directory OUs for scoping AD groups in the search result of this form |
| ADusersSearchOU | [{ "OU": "OU=Disabled Users,OU=HelloID Training,DC=veeken,DC=local"},{ "OU": "OU=Users,OU=HelloID Training,DC=veeken,DC=local"},{"OU": "OU=External,OU=HelloID Training,DC=veeken,DC=local"}] | Array of Active Directory OUs for scoping AD user accounts to modify memberships |
Manual resources
This Delegated Form uses the following resources in order to run
Powershell data source 'AD-group-generate-table-wildcard-manage-memberships'
This Powershell data source runs an Active Directory query to search for matching AD groups. It uses an array of Active Directory OU's specified as HelloID user defined variable named "ADgroupsSearchOU" to specify the search scope.
Powershell data source 'AD-group-generate-table-members-manage-memberships'
This Powershell data source runs an Active Directory query to receive the current group members.
Powershell data source 'AD-user-generate-table-samaccountname-manage-memberships'
This Powershell data source runs an Active Directory query to receive selectable AD user accounts. It uses an array of Active Directory OU's specified as HelloID user defined variable named "ADgroupsSearchOU" to specify the search scope.
Delegated form task 'AD-group-update-members'
This delegated form task will update the AD group members.
Getting help
If you need help, feel free to ask questions on our forum
HelloID Docs
The official HelloID documentation can be found at: https://docs.helloid.com/