Script to Initialize and add multiple AD groups

Kaz9 · ‎10-05-2017

Hello community!

I am trying to get a script working that queries a variable on my form and adds those string values as ad groups to the username requested by the parent workflow.

Here is my script

var gr = new GlideRecord('x_prole_onboarding_onboarding');

gr.addQuery('u_string_105', current.variables.position); //job title field

gr.query();

var groupList = "";

var group = []; // this will be an array of objects

while (gr.next()) {

groupList = gr.u_sharepoint_groups;

group = groupList.split(',');

}

workflow.scratchpad.count = group.length; // the overall count available

workflow.scratchpad.groupList = groupList; // the list of AD groups

workflow.scratchpad.group = group;

workflow.scratchpad.counter = 0; // our counter

workflow.scratchpad.host = '10.100.33.100';

workflow.scratchpad.user = current.variables.username;

Here is a picture of the Activity Properties to add user to group

here is a picture of the variable it is trying to pull information from

I am getting over the right server IP and the right username but I cannot get it to use that list as AD groups to add in the activity. Any help would be great! please let me know if you need additional information. Thank you!

Kaz9 · ‎11-14-2017

the Run Script gets all of the information from my onboarding from as far as the groups go and adds them to an array which runs through the add user to group function. Here is the script for the Run Script.

var gr = new GlideRecord('x_prole_emp_onb_employee_onboarding'); //set to the name of the table where the form is located

gr.addQuery('u_job_title', current.variables.position.getDisplayValue()); //add a sort(query) value for the job title

gr.addQuery('u_list_location', current.variables.location); //add a sort (query) value for the location

gr.query(); //run query

var groupList = "";

var group = []; // this will be an array of objects

while (gr.next()) {

groupList = gr.u_distribution_lists + ',' + gr.u_printers + ',' + gr.u_sharepoint_groups + ',' + gr.u_proxy; //these are the variables on the form I want to get a list from. I ended up creating my variables all in lists.

group = groupList.split(',');

}

workflow.scratchpad.count = group.length; // the overall count available

workflow.scratchpad.groupList = groupList; // the list of AD groups

workflow.scratchpad.group = group;

workflow.scratchpad.counter = 0; // our counter

workflow.scratchpad.host = '10.100.33.100';

workflow.scratchpad.user = current.variables.username;

This is my add user to ad group activity

View solution in original post

Sangita Swamina · ‎04-24-2019

My variable names are same as yours but this is what I am doing. Should I still need another if condition?

Run Script

workflow.scratchpad.addgroups ="TMiller,KGayson";
workflow.scratchpad.addgroup = workflow.scratchpad.addgroups.split(",");
workflow.scratchpad.addcount = workflow.scratchpad.addgroup.length; // the overall count available
workflow.scratchpad.addcounter = 0; // our counter
gs.log("Add Group List: " + workflow.scratchpad.addgroups + " | User: " + workflow.scratchpad.user);
gs.log("Add Group Length: " + workflow.scratchpad.addcount + " | User: " + workflow.scratchpad.user);

Add User to Group:

Domain Name: 17*.*.*.*

Username: ${workflow.scratchpad.addgroup[workflow.scratchpad.addcounter]}

Group Name: _TestDistributionGroup1

If Condition: Just same as yours

answer = ifScript();

function ifScript() {
   var check_add = 'no';
   workflow.scratchpad.addcounter ++; // increment the counter

   // check the counter and see if we need to go again or stop
   if (workflow.scratchpad.addcounter < workflow.scratchpad.addcount) {
      check_add = 'yes';
   }

   return check_add;
}

DanielCordick · ‎07-09-2019

This works great for adding and removing users, do you happen to have an addition where if the user is already in the group it skips and moves to the next, right now the "add user to group" will go down the failure path if the users are already in the selected groups

kazidon · ‎08-23-2019

you'd probably have to do some sort of AD query and grab a list of current ad groups then run a arrayUtil.diff to get the list of groups they don't have.

Kaz9 · ‎11-14-2017

so if you just have that form set up in the service catalog and you only pick one option from the drop down and then submit, I would have a workflow that has an if statement that forks to two options and depending on whether you pick add or remove from ad as your action I would generate the add/remove from ad group on the workflow. So if they pick

create a variable on the form called requested_for, (hide it or show it) write an onLoad script that populates the logged in user and sets it.

ACTION:

add

Domain: //variable name (u_domain)?

main / primary:

AD Group: //variable name (u_group)?

test ad group

then your add/remove activity would be

username:

${current.variables.requested_for}

domain:

${current.variables.u_domain}

group:

${current.variables.u_group}