Power shell Automation - Add/Update users to AD account

saran raj · ‎09-07-2023

Hi all,

I have 2 requirements in PowerShell automation for a catalog item related to AD account, where users are Added/Updated through workflow using run script.

1st requirement:

If User Exists → Task is Closed Complete → Go to Task 2
If User does not Exist → Task is Rejected → Parent request is Closed → Cancelled.
IM Serve needs to send notification to both Manager and the submitter with message: “User does not exist in X4A. Please submit ‘New X4A User’ Request instead with requested Roles and Country assignment” .

I need help in an emil to trigger to manger and requestor for when the task is closed complete/Rejected.

How can I trigger email in workflow through script. Please guide me on this this

2nd requirement for adding users in AD account:

In case user already exists:
Mention user already existed.
Task is Closed Complete.
Go to Task 2.

I had already worked on adding using to AD account using PS automation but did not work on querying the AD account and check whether the user is available or not and update users accordingly. But did not query the AD account table and validate users already existing or not.

Here is the script which I used for adding users to AD account:

main(current);

function main(ticket) {

// Get child task associated to RITM - 1

var ritmTic = getAssociatedRITM(ticket.sys_id);

// Create PowerShell object

// gs.info('pstest----1--' + ticket.variables.user_type.getDisplayValue());

// gs.info('pstest----2--' + ritmTic);

var ps = new PowerShellWorkflowUtils('IAM AUTOMATION', ritmTic);

// Fill important parameters

var params = {

'AccessType': ticket.variables.access_level4,

'UserName': ticket.variables.adm_network_id.getDisplayValue(),

'UserDomain': ticket.variables.chk_corp_ingram_com.getLabel(),

//'UserDomain': ticket.variables.chk_corp_ingram_com,

'ListofServers': ticket.variables.serverList4.getDisplayValue()

};

//gs.info('pstest----1--' + ticket.variables.access_level1.getDisplayValue());

// gs.info('pstest----2--' + ticket.variables.chk_corp_ingram_com.getDisplayValue());

var scriptProd = '\\\\corporate.ingrammicro.com\\mts-global\\ServiceNow\\Scripts\\RBAC\\RBAC-Add-Test.ps1';

var scriptDev = '\\\\corporate.ingrammicro.com\\mts-global\\ServiceNow\\Scripts\\RBAC\\RBAC-Add-Test.ps1';

var asgmtGrp = '296dbee1dbe43f0840067b668c9619ae'; // IAMAutomation.GLBL.IM.SUP

// Create and execute the script

ps.createScript(scriptProd, scriptDev, params);

if (!ps.executeScript()) {

ps.createIncident(asgmtGrp, null, 'Processing Error: ', 3, 3);

// Update task comments only for errors

ps.updateTaskComments(true, null, '', '');

// Auto close ticket if PS script execution is successful

if (ps.isSuccessful) {

ritmTic.state = 3;

} // Closed complete

ritmTic.update();

} else {

current.work_notes = "Request has been fulfilled.\n\nScript output:\n" + ps.response.output;

current.request_state = 'closed_complete';

current.active = false;

}

workflow.scratchpad.success = ps.response.output || '';

workflow.scratchpad.error = ps.response.error || '';

}

function getAssociatedRITM(reqSysId) {

var ritmTic = new GlideRecord('sc_task');

var rquery = 'request=' + reqSysId + '^short_descriptionLIKEWindows Server - Access Request';

ritmTic.addEncodedQuery('request=' + reqSysId + '^short_descriptionLIKEWindows Server - Access Request');

ritmTic.query();

if (ritmTic.next()) {

return ritmTic;

}

Could someone please help me how to query AD account and validate users in their table and based on that email notification should trigger to manager and users.

Any help would be appreciated please!

Thanks,

Saran.

Saurabh Gupta · ‎09-07-2023

Hi,
Are you using integration hub or orchestration?

Thanks and Regards,

Saurabh Gupta

saran raj · ‎09-07-2023

@Hi @Saurabh Gupta

I am using workflow editor to run this automation. Could you please help me to achieve this requirement?

Thanks,

saran.

Saurabh Gupta · ‎09-07-2023

Hi,
Use the Remove User from AD group activity and achieve it.

Thanks and Regards,

Saurabh Gupta