IA-Connect JML

IA-Connect is a Robotic Process Automation (RPA) platform which adds RPA functionality from the Cloud to on-premises virtual machines or over Citrix or Microsoft Remote Desktop (RDS) connections. This is the module for automating Joiner / Mover / Leaver processes.
This connector is available in the following products and regions:
Service | Class | Regions |
---|---|---|
Logic Apps | Standard | All Logic Apps regions except the following: - Azure Government regions - Azure China regions - US Department of Defense (DoD) |
Power Automate | Premium | All Power Automate regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD) |
Power Apps | Premium | All Power Apps regions except the following: - US Government (GCC) - US Government (GCC High) - China Cloud operated by 21Vianet - US Department of Defense (DoD) |
Contact | |
---|---|
Name | Ultima Labs |
URL | https://www.ultima.com/ultima-labs |
IAConnect@ultima.com |
Connector Metadata | |
---|---|
Publisher | Ultima Labs |
Website | https://www.ultima.com/ultima-labs |
Privacy policy | https://www.ultima.com/privacy-policy |
Categories | IT Operations;Productivity |
Prerequisites
To use any of the IA-Connect Connectors, you must install the IA-Connect software. This is free to test for 30 days, following which you will require an IA-Connect license.
The IA-Connect software consists of two main components:
The IA-Connect Orchestrator, which is an Azure WebApp which you would host in your own Azure tenant. This handles the routing and security of RPA Flows to one or more on-premises or cloud-based virtual machines.
The IA-Connect Agent and Director, which is installed onto the virtual machines where the software you wish to automate is accessible. Additionally, the IA-Connect Agent can run inside a Citrix or Microsoft Remote Desktop Services (RDS) session, where the RPA commands are passed down a virtual channel into the remote session for execution. The IA-Connect Agent can be run from a network share and does not require installation.
Available IA-Connect Connectors
The available IA-Connect Connectors are:
- IA-Connect Dynamic Code
- IA-Connect Java
- IA-Connect JML
- IA-Connect Mainframe
- IA-Connect Microsoft Office
- IA-Connect SAP GUI
- IA-Connect Session
- IA-Connect UI
- IA-Connect Web Browser
How to get credentials
In order to receive your license and begin your 30-day free trial, please submit a request on our website (https://www.ultima.com/IA-Connect/Power-Automate).
Once a trial request is received, we will contact you via the email address provided to assist with setting up the IA-Connect software and to provide you with the trial license. This is a fully featured trial and will enable you to test any of the 800 actions across all 9 IA-Connect Connectors within your own environment during the trial period.
Get started with your connector
After submitting a trial request for IA-Connect, you will be able to download a ZIP file containing the IA-Connect software and documentation covering the installation and setup. We will also contact you to offer support and guidance through the installation process as required.
Support
During the trial period, you can contact Ultima Labs (IAConnect@ultima.com) for support and assistance.
Upon purchasing IA-Connect licenses you will receive support tokens which can be redeemed for bespoke training or support from Ultima's UK-based Technical Service Centre (TSC).
Known issues, common errors and FAQs
Our Knowledge Base contains a number of articles covering any known issues, common errors that may occur when using the IA-Connect Connectors and frequently asked questions. This is accessible at https://support.ultima.com/ultimalabs and an account to access these resources is provided during the IA-Connect trial and upon purchasing an IA-Connect license.
Creating a connection
The connector supports the following authentication types:
Default | Parameters for creating connection. | All regions | Not shareable |
Default
Applicable: All regions
Parameters for creating connection.
This is not shareable connection. If the power app is shared with another user, another user will be prompted to create new connection explicitly.
Name | Type | Description | Required |
---|---|---|---|
API Key | securestring | The API Key for this api | True |
IA-Connect Orchestrator address | string | Specify the IA-Connect Orchestrator address without the HTTP(S) component | True |
Throttling Limits
Name | Calls | Renewal Period |
---|---|---|
API calls per connection | 100 | 60 seconds |
Actions
Add Active Directory group member |
Add an Active Directory user to an existing Active Directory group where the user and group are specified by identity. |
Add Active Directory user |
Creates a new Active Directory user account. |
Add Active Directory user to multiple groups by name |
Add an Active Directory user to multiple existing Active Directory groups where the groups are specified by name. IA-Connect adds the user to as many groups as possible and reports on the outcome. |
Add Azure AD user |
Creates a new Azure Active Directory user account. |
Add Azure AD user to group |
Add an Azure Active Directory user (or other object) to an existing Azure Active Directory group. |
Add Azure AD user to multiple groups |
Adds an Azure Active Directory user (or other object) to multiple existing Azure Active Directory groups where the groups are specified by object Id or display name. IA-Connect adds the user to as many groups as possible and reports on the outcome. |
Add Microsoft Exchange mailbox permission |
Assign mailbox permissions to an Active Directory object (e.g. user or group). |
Add Microsoft Exchange mailbox permission to user |
Assign mailbox permissions to a specifed mailbox user, user or security group. |
Add Microsoft Exchange member to distribution group |
Add a member (for example a user) to an Exchange distribution group. If the member is already in the group, no action is taken. |
Add Office 365 mailbox permission to user |
Assign mailbox permissions to a specifed mailbox user, user or security group. |
Add Office 365 member to distribution group |
Add a member to a Microsoft Exchange Online or Office 365 distribution group. |
Check Active Directory OU exists |
Reports if an Active Directory Organizational Unit (OU) exists. |
Clear Active Directory user account expiration |
Clears the expiration date for an Active Directory account. |
Clone Active Directory user group membership |
Adds the destination Active Directory user to the same Active Directory groups that the first user is a member of, minus the primary group (usually 'Domain users') since it technically isn't a membership. |
Clone Active Directory user properties |
Configures the specified properties / attributes of the source Active Directory user to the destination Active Directory user. |
Connect to Active Directory with credentials |
Allows you to specify an alternative account to use when running Active Directory PowerShell commands. This affects all Active Directory commands issued after this action. If you don't use this action then all Active Directory PowerShell commands will run as the user account the IA-Connect Agent is running as. |
Connect to Azure AD with certificate |
Connects IA-Connect to Azure AD using the Azure AD v2 PowerShell modules. This action (or 'Connect to Azure AD with credentials') must be issued before running any other Azure AD v2 actions. This action requires an Azure Service Principal and Azure AD app registration with certificate to be setup in Azure AD before it will work, but has the advantage of not requiring MFA (2FA). |
Connect to Azure AD with credentials |
Connects IA-Connect to Azure AD using the Azure AD v2 PowerShell modules. This action (or 'Connect to Azure AD with certificate') must be issued before running any other Azure AD v2 actions. This action either requires an account which doesn't use MFA (2FA) or you'll need to use the UI automation module to automate the 2FA component (i.e. the one-time password authentication popup). Alternatively, use the action 'Connect to Azure AD with certificate'. |
Connect to default Active Directory domain |
Connects the IA-Connect Agent to the Domain the computer running the IA-Connect Agent is a member of, using the account the IA-Connect Agent is running as (i.e. the default behaviour). |
Connect to JML environment |
Connect to a JML environment where the details of that environment are held in the IA-Connect Orchestrator. These details can include credentials, addresses and other connectivity settings. For example you can use this action to connect to Active Directory, Microsoft Exchange, Azure AD or Office 365 Exchange Online. |
Connect to Microsoft Exchange |
Connects IA-Connect to a Microsoft Exchange server. This action must be issued before running any other Exchange actions. If you specify a username and password, all subsequent Exchange actions will run as that account. If you don't specify a username and password, all subsequent Exchange actions will run as the user account the IA-Connect Agent is running as. |
Connect to Office 365 with certificate |
Connects IA-Connect to Office 365 using the Office 365 PowerShell modules. This action (or 'Connect to Office 365 with credentials') must be issued before running any other Office 365 actions. This action requires an Azure AD app registration with certificate and the correct roles to be setup in Azure AD before it will work, but has the advantage of not requiring MFA (2FA). |
Connect to Office 365 with credentials |
Connects IA-Connect to Office 365 using the Office 365 PowerShell modules. This action (or 'Connect to Office 365 with certificate') must be issued before running any other Office 365 actions. This action either requires an account which doesn't require MFA (2FA) or you'll need to use the UI automation module to automate the 2FA component (i.e. the one-time password authentication popup). Alternatively, use the action 'Connect to Office 365 with certificate'. |
Create a Microsoft Exchange mailbox for a user |
Creates a Microsoft Exchange mailbox for an existing user who doesn't already have a mailbox. |
Create a new Azure AD Microsoft 365 group |
Creates a new Azure Active Directory Microsoft 365 group. |
Create a new Azure AD security group |
Creates a new Azure Active Directory security group. |
Create a new Microsoft Exchange distribution group |
Creates a new Microsoft Exchange distribution group or mail-enabled security group. |
Create a new Office 365 distribution group |
Creates a new Microsoft Exchange Online or Office 365 distribution group or mail-enabled security group. |
Create Microsoft Exchange Online mailbox and user account |
Create a mail-enabled user in on-premises Active Directory and create an associated remote mailbox in Microsoft Exchange Online or Office 365. Only use this action if the user doesn't exist in on-premises Active Directory. If the user already exists, use the action 'Create Microsoft Exchange Online mailbox for a user'. The request is sent via your on-premises Microsoft Exchange server. |
Create Microsoft Exchange Online mailbox for a user |
Creates a Microsoft Exchange Online or Office 365 (remote) mailbox or archive mailbox for an existing user in on-premises Active Directory who doesn't already have a mailbox. The request is sent via your on-premises Microsoft Exchange server. You can also use this action to archive an existing remote mailbox. |
Disable Active Directory user account |
Disables an Active Directory user account. If a user account is disabled, the user cannot logon. |
Disable Azure AD user |
Disables an Azure Active Directory user. |
Disable the Microsoft Exchange mailbox for a user |
Disable an existing Microsoft Exchange mailbox. |
Disable the Microsoft Exchange Online mailbox for a user |
Disable an existing Microsoft Exchange Online or Office 365 (remote) mailbox. The request is sent via your on-premises Microsoft Exchange server. |
Disconnect from Active Directory |
If you have used the action 'Open Active Directory PowerShell runspace with credentials' to run Active Directory PowerShell commands as an alternative user account or to an alternative domain, this action returns the IA-Connect Agent to the default behaviour of running Active Directory actions as the user account the IA-Connect Agent is running as. |
Disconnect from Azure AD |
Disconnects IA-Connect from Azure using the Azure AD v2 PowerShell modules (connected using one of the 'Connect to Azure AD' actions). You will not be able to issue Azure AD v2 actions again until you reconnect. |
Disconnect from Microsoft Exchange |
Disconnects IA-Connect from a Microsoft Exchange server (connected using the action 'Connect to Microsoft Exchange'). You will not be able to issue Microsoft Exchange PowerShell actions again until you reconnect. |
Disconnect from Office 365 |
Disconnects IA-Connect from Office 365 using the Office 365 PowerShell modules (connected using the action 'Connect to Office 365'). You will not be able to issue Office 365 PowerShell actions again until you reconnect. |
Does Microsoft Exchange mailbox exist |
Returns whether the specified Exchange mailbox exists. |
Does Microsoft Exchange Online mailbox exist |
Returns whether the specified Microsoft Exchange Online or Office 365 (remote) mailbox exists. The request is sent via your on-premises Microsoft Exchange server. |
Enable Active Directory user account |
Enables an Active Directory user account. If the account is not disabled, this command does nothing. |
Enable Azure AD user |
Enables an Azure Active Directory user. |
Get Active Directory domain FQDN from DN |
A utility function. Given an Active Directory user's Distinguished Name (DN), returns the Active Directory domain containing the user. |
Get Active Directory domain info |
Retrieves information about an Active Directory domain. |
Get Active Directory group |
Returns the properties of a specified Active Directory group. |
Get Active Directory OU from user DN |
A utility function. Given an Active Directory user's Distinguished Name (DN), returns the Organizational Unit (OU) the user is located within. |
Get Active Directory user |
Returns the properties of a specified Active Directory user. |
Get Active Directory user group membership |
Returns a list of Active Directory groups the specified user is a member of, minus the primary group (usually 'Domain users') since it technically isn't a membership. |
Get Azure AD groups |
Returns the details of groups in Azure Active Directory (also known as Azure AD or AAD), using the Azure AD v2 PowerShell modules. You can search by object Id or using a filter. An object Id search should return 0 or 1 results. A filter search could return 0 or more results. |
Get Azure AD license SKUs |
Returns a list of Azure Active Directory license Stock Keeping Units (SKUs) which the connected Azure AD is subscribed to, using the Azure AD v2 PowerShell modules. |
Get Azure AD user group membership |
Returns a list of Azure Active Directory groups the specified user is a member of, using the Azure AD v2 PowerShell modules. |
Get Azure AD user license service plans |
Retrieves a list of licenses plans assigned to a specified Azure AD user license (SKU), using the Azure AD v2 PowerShell modules. For example: If the user has the FLOW_FREE license assigned, this will allow you to view which service plans they have provisioned to that license. |
Get Azure AD user licenses |
Retrieves a list of licenses (SKU) assigned to a Azure AD user, using the Azure AD v2 PowerShell modules. |
Get Azure AD users |
Returns the details of users in Azure Active Directory (also known as Azure AD or AAD), using the Azure AD v2 PowerShell modules. You can search by object Id or using a filter. An object Id search should return 0 or 1 results. A filter search could return 0 or more results. |
Get Microsoft Exchange distribution group members |
Retrieve a list of the members of a Microsoft Exchange Distribution group. |
Get next available account name |
Given details regarding the naming format for Active Directory and Exchange account names, provides the details of the next available spare account name. Used to determine which Active Directory and Exchange account to create for a given user. This action does not create any accounts, it provides information regarding name availability. |
Get Office 365 distribution group |
Returns the properties of the specified Microsoft Exchange Online or Office 365 distribution group or mail-enabled security group. |
Get Office 365 mailbox |
Returns the properties of the specified Microsoft Exchange Online or Office 365 mailbox. |
Is Azure AD v2 Power |
Reports if the PowerShell modules required for Azure AD v2 are installed on the computer where the IA-Connect Agent is running. |
Is connected to Active Directory |
Reports if IA-Connect is connected to Active Directory. By default, IA-Connect is automatically connected to the Domain the computer running the IA-Connect Agent is a member of, using the account the IA-Connect Agent is running as. Use the action 'Connect to Active Directory with credentials' to connect using alternative credentials or to an alternative domain. |
Is connected to Azure AD |
Reports if IA-Connect is connected to Azure using the Azure AD v2 PowerShell modules. Use one of the 'Connect to Azure AD' actions to connect. |
Is connected to Microsoft Exchange |
Reports if IA-Connect is connected to a Microsoft Exchange server. Use the action 'Connect to Microsoft Exchange' to connect. |
Is connected to Office 365 |
Reports if IA-Connect is connected to Office 365 using the Office 365 PowerShell modules. Use the action 'Connect to Office 365' to connect. |
Is user in Azure AD user group |
Returns whether a user is a member of an Azure Active Directory group, using the Azure AD v2 PowerShell modules. |
Modify a Microsoft Exchange mailbox email addresses |
Modify the email addresses on a Microsoft Exchange mailbox. You can add, remove and replace primary and alias email addresses. |
Modify a Microsoft Exchange Online mailbox email addresses |
Modify the email addresses on an an existing Microsoft Exchange Online or Office 365 (remote) mailbox. You can add, remove and replace primary and alias email addresses. The request is sent via your on-premises Microsoft Exchange server. |
Modify Active Directory common user properties |
Modify common properties of an Active Directory user. You can only assign values to properties, not set them to blank. To set properties to blank, use the action 'Modify Active Directory user string properties'. |
Modify Active Directory user boolean property |
Modify an individual boolean (true / false) property of an Active Directory user. This allows you to modify a very specific user setting, including custom properties. |
Modify Active Directory user home folder |
Sets the home folder / directory / drive for an Active Directory user. |
Modify Active Directory user string properties |
Modify individual string property(s) of an Active Directory user. This allows you to modify very specific user settings, including custom properties. You can also set individual user properties to blank. |
Modify Azure AD user properties |
Modify common properties of an Azure Active Directory user. You can only assign values to properties, not set them to blank, because a blank value is interpreted as a intent to leave the value unchanged. |
Move Active Directory user to OU |
Moves an Active Directory user to an existing Active Directory Organizational Unit (OU). |
Perform Active Directory Dir |
Performs a synchronisation between Active Directory (on-premises) and Azure Active Directory (cloud). This command must be issued to the server with the 'DirSync' role (i.e. the computer performing the synchronisation). |
Remove Active Directory group member |
Removes an Active Directory user from an Active Directory group where the group is specified by identity. |
Remove Active Directory user |
Removes a user from Active Directory. |
Remove Active Directory user from all groups |
Removes an Active Directory user from all of the Active Directory groups they are a member of. IA-Connect removes the user from as many groups as possible and reports on the outcome. |
Remove Active Directory user from multiple groups by name |
Removes an Active Directory user from multiple existing Active Directory groups where the groups are specified by name. IA-Connect removes the user from as many groups as possible and reports on the outcome. |
Remove all Azure AD user licenses |
Removes all Azure AD user license (SKU) assigned to a user, using the Azure AD v2 PowerShell modules. |
Remove Azure AD security or Microsoft 365 group |
Remove an Azure Active Directory security group or Microsoft 365 group. This action cannot remove mail enabled security groups or distribution lists: Use the action 'Remove Office 365 distribution group' instead. |
Remove Azure AD user from all groups |
Removes an Azure Active Directory user (or other object) from all of the Azure Active Directory groups they are a member of. |
Remove Azure AD user from group |
Removes an Azure Active Directory user (or other object) from an Azure Active Directory group. |
Remove Azure AD user from multiple groups |
Removes an Azure Active Directory user (or other object) from multiple existing Azure Active Directory groups where the groups are specified by object Id or display name. IA-Connect removes the user from as many groups as possible and reports on the outcome. |
Remove Microsoft Exchange distribution group |
Remove a Microsoft Exchange distribution group. |
Remove Microsoft Exchange mailbox permission from user |
Remove mailbox permissions from a specifed mailbox user, user or security group. |
Remove Microsoft Exchange member from distribution group |
Remove a member (for example a user) from an Exchange distribution group. If the member is not in the group, no action is taken. |
Remove Office 365 distribution group |
Remove a Microsoft Exchange Online or Office 365 distribution group or mail-enabled security group. |
Reset Active Directory user password |
Resets an Active Directory user's password with a new password. |
Reset Azure AD user password |
Resets an Azure Active Directory user's password with a new password. |
Reset Azure AD user properties |
Reset common properties of an Azure Active Directory user to a blank value. |
Reset the properties on a Microsoft Exchange mailbox |
Set the specified properties of an existing Microsoft Exchange mailbox to blank. |
Reset the properties on a Microsoft Exchange Online mailbox |
Set the specified properties of an existing Microsoft Exchange Online or Office 365 (remote) mailbox to blank. The request is sent via your on-premises Microsoft Exchange server. |
Retrieve a Microsoft Exchange mailbox email addresses |
Retrieves a list of all email addresses assigned to a Microsoft Exchange mailbox. This includes the primary SMTP address, proxy email addresses, X.400 addresses and EUM (Exchange Unified Messaging) addresses. |
Retrieve a Microsoft Exchange Online mailbox email addresses |
Retrieves a list of all email addresses assigned to an existing Microsoft Exchange Online or Office 365 (remote) mailbox. This includes the primary SMTP address, proxy email addresses, X.400 addresses and EUM (Exchange Unified Messaging) addresses. The request is sent via your on-premises Microsoft Exchange server. |
Retrieve Microsoft Exchange distribution group details |
Retrieve the details of a Microsoft Exchange Distribution group. You can search by Identity or using a filter. An Identity search should return 0 or 1 results. A filter search could return 0 or more results. |
Retrieve Microsoft Exchange mailbox details |
Returns the properties of the specified Exchange mailbox. You can search by Identity or using a filter. An Identity search should return 0 or 1 results. A filter search could return 0 or more results. |
Retrieve Microsoft Exchange mailbox distribution group membership |
Retrieve which distribution groups a mailbox is a member of. |
Retrieve Microsoft Exchange Online mailbox details |
Returns the properties of the specified Microsoft Exchange Online or Office 365 (remote) mailbox. The request is sent via your on-premises Microsoft Exchange server. You can search by Identity or using a filter. An Identity search should return 0 or 1 results. A filter search could return 0 or more results. |
Run Active Directory Power |
Runs a PowerShell script in the Active Directory runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. This is the recommended action for running your own custom Active Directory PowerShell code. |
Run Azure AD Power |
Runs a PowerShell script in the Azure AD v2 runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. This is the recommended action for running your own custom Azure AD v2 PowerShell code. |
Run Exchange Power |
Runs a PowerShell script in the Exchange runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. This is the recommended action for running your own custom Exchange PowerShell code. |
Run Office 365 Power |
Runs a PowerShell script in the Office 365 runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. Due to Office 365 PowerShell security restrictions, this action is likely to be blocked. |
Set Active Directory server |
Sets a specific Active Directory server to use for all further Active Directory actions. |
Set Active Directory user protected from accidental deletion |
Sets an Active Directory account to be protected (or not protected) from accidental deletion. If you protect an account from accidental deletion, you cannot delete that account until you remove the protection. |
Set automatic replies (Out of Office) for a Microsoft Exchange mailbox |
Set automatic replies (Out of Office) for a Microsoft Exchange mailbox. This action won't work for remote mailbox in Microsoft Exchange Online or Office 365: Use the action 'Set automatic replies (Out of Office) for an Office 365 mailbox' instead. |
Set automatic replies (Out of Office) for an Office 365 mailbox |
Set automatic replies (Out of Office) for a Microsoft Exchange Online or Office 365 mailbox. |
Set Azure AD user's manager |
Set an Azure Active Directory user's mananger. |
Set Azure AD user license |
Adds or removes an Azure AD user license (SKU), using the Azure AD v2 PowerShell modules. |
Set Exchange mailbox send on behalf of |
Specify who can send on behalf of this existing mailbox. |
Set Exchange to view entire Active Directory forest |
Specify whether the entire Active Directory forest (including sub-domains) is searched / viewed when performing Exchange actions. You may need to use this action if you have multiple linked domains. |
Set the properties on a Microsoft Exchange mailbox |
Set the properties of an existing Microsoft Exchange mailbox. |
Set the properties on a Microsoft Exchange Online mailbox |
Set the properties of an existing Microsoft Exchange Online or Office 365 (remote) mailbox. The request is sent via your on-premises Microsoft Exchange server. |
Set the properties on a Office 365 mailbox |
Set the properties on a Microsoft Exchange Online or Office 365 mailbox. |
Unlock Active Directory account |
Unlock an Active Directory account. If the account is not locked, this command does nothing. |
Wait for a Office 365 mailbox |
Wait for a specified Microsoft Exchange Online or Office 365 mailbox to exist. This is common if you are waiting for an AD sync or license setting to take effect. If the mailbox already existed, the action will immediately return successful. |
Add Active Directory group member
Add an Active Directory user to an existing Active Directory group where the user and group are specified by identity.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Group identity
|
GroupIdentity | string |
The identity of the Active Directory group. You can specify a group by Distinguished Name (e.g. CN=Group1,OU=My Groups,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'Group1') or Name (e.g. 'Group1'). |
|
Group name
|
GroupName | string |
As an alternative to searching by identity, the name of the Active Directory group. |
|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryAddADGroupMemberByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Add Active Directory user
Creates a new Active Directory user account.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Name
|
Name | True | string |
The name of the Active Directory user. This appears in the 'Name' column in AD users and computers and in the top of the User 'General' tab. This is not the user logon name. |
User Principal Name
|
UserPrincipalName | string |
The user logon name in Active Directory. This generally should be in the format 'name@domainFQDN' (e.g. 'TestUser1@domain.local'). The user can logon using this format: name@domainFQDN. |
|
SAM account name
|
SamAccountName | string |
The user logon name (pre-Windows 2000) in Active Directory. This is in the format 'name' (e.g. 'TestUser1'). The user can logon using this format: DOMAIN\name. |
|
First name
|
GivenName | string |
The optional user first name. |
|
Last name
|
SurName | string |
The optional user last name. |
|
Path
|
Path | string |
The Organizational Unit (OU) in which to store the user in Distinguished Name format (e.g. OU=Target OU,OU=London,DC=mydomain,DC=local), GUID format or as a path (e.g. MyUsers\London). If this is left blank, the user will be created in the 'Users' OU. |
|
Description
|
Description | string |
The optional user description. |
|
Display name
|
DisplayName | string |
The optional user display name. |
|
Account password
|
AccountPassword | password |
The user password. This must be specified and must meet the Active Directory password complexity rules. If this is a 'Stored' password, enter in the format {IAConnectPassword:StoredPasswordIdentifier} and set the 'stored password' input to true. If this is an Orchestrator generic credential, enter in the format {OrchestratorCredential:FriendlyName} and set the 'stored password' input to true. |
|
Account password is stored password
|
AccountPasswordIsStoredPassword | boolean |
Set to true if the password is an IA-Connect stored password identifier (for example: generated by the 'Generate password' action) or an IA-Connect Orchestrator generic credential (for example: If using IA-Connect with Power Automate). |
|
Enabled
|
Enabled | boolean |
Set to true if you want the account enabled immediately after creation. Set to false for the account to start disabled. This option defaults to true. |
|
User must change password at next logon
|
ChangePasswordAtLogon | boolean |
Set to true if you want to force the user to change their password when they login (i.e. the new password being set here is a one-time password to get the user logged-in). Set to false if this is the password the user will use until they manually change it. You cannot set this option to true at the same time as setting either 'User cannot change password' or 'Password never expires' to true. |
|
User cannot change password
|
CannotChangePassword | boolean |
Set to true to stop the user from being able to change their password. Set to false if the user can change the password. You cannot set this option to true at the same time as setting 'User must change password at next login' to true. |
|
Password never expires
|
PasswordNeverExpires | boolean |
Set to true if the password never expires (i.e. the user will never be prompted to change the password). Set to false if the password can expire as set in Active Directory Domain policy. You cannot set this option to true at the same time as setting 'User must change password at next login' to true. |
|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
PowerShell output JSON
|
PowerShellJSONOutput | string |
The output of the PowerShell script, formatted as JSON. |
Created user Distinguished Name
|
CreatedUserDistinguishedName | string |
The Active Directory Distinguished Name (DN) of the created user account. |
Created user SAM Account Name
|
CreatedUserSAMAccountName | string |
The Active Directory SAM Account Name of the created user account. |
Created user Principal Name
|
CreatedUserPrincipalName | string |
The Active Directory User Principal Name (UPN) of the created user account. |
Add Active Directory user to multiple groups by name
Add an Active Directory user to multiple existing Active Directory groups where the groups are specified by name. IA-Connect adds the user to as many groups as possible and reports on the outcome.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD groups to add by name
|
GroupNamesJSON | True | string |
A list of the names of AD groups to add the user to, in JSON or CSV format. For example: [{"GroupName": "Group 1"}, {"GroupName": "Group 2"}] (JSON format) or Group 1,Group 2 (CSV format). |
Max groups per call
|
MaxGroupsPerCall | integer |
If a large number of AD groups is specified for addition, this might cause a timeout. By setting the 'Max groups per call' value to 1 or higher, the IA-Connect Orchestrator will split this action into multiple calls to the IA-Connect Director and Agent with the specified maximum number of groups per call. For example: If you set a value of 5 and 14 groups are requested for addition, the Orchestrator will split this into requests of 5, 5, 4. |
|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
AD groups added successfully
|
ADGroupsAddedSuccessfully | integer |
The number of AD groups the user was successfully added to. |
AD groups failed to add
|
ADGroupsFailedToAdd | integer |
The number of AD groups that the user failed to add to. |
Add AD groups error message
|
AddADGroupsMasterErrorMessage | string |
If the user failed to add to some of the AD groups, this error message provides details of the problem. |
Add Azure AD user
Creates a new Azure Active Directory user account.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User Principal Name
|
UserPrincipalName | True | string |
The user logon name in Azure Active Directory. This generally should be in the format 'name@domainFQDN' (e.g. 'TestUser1@mydomain.onmicrosoft.com'). |
Account enabled
|
AccountEnabled | True | boolean |
Set to true if you want the account enabled immediately after creation. Set to false for the account to start disabled. This option defaults to true. |
Account password
|
AccountPassword | True | password |
The user password. This must be specified and must meet the Azure Active Directory password complexity rules. If this is a 'Stored' password, enter in the format {IAConnectPassword:StoredPasswordIdentifier} and set the 'stored password' input to true. If this is an Orchestrator generic credential, enter in the format {OrchestratorCredential:FriendlyName} and set the 'stored password' input to true. |
Account password is stored password
|
AccountPasswordIsStoredPassword | boolean |
Set to true if the password is an IA-Connect stored password identifier (for example: generated by the 'Generate password' action) or an IA-Connect Orchestrator generic credential (for example: If using IA-Connect with Power Automate). |
|
First name
|
FirstName | string |
The user's first name. |
|
Last name
|
LastName | string |
The user's family name / last name / surname. |
|
Display name
|
DisplayName | True | string |
The full display name for this user. |
City
|
City | string |
The name of the City the user lives in, or where their office is located. |
|
Company name
|
CompanyName | string |
The name of the company the user works for. |
|
Country or region
|
Country | string |
The Country or Region the user lives in, or where their office is located. |
|
Department
|
Department | string |
The name of the department the user works for within the Company. |
|
Fax number
|
FaxNumber | string |
The user's fax (facsimile) telephone number. |
|
Job title
|
JobTitle | string |
The user's job title. |
|
Mail nickname
|
MailNickName | True | string |
The user's mail nickname. |
Mobile phone number
|
MobilePhone | string |
The user's mobile phone number. |
|
Office
|
Office | string |
The name of the office where the user works. |
|
Telephone number
|
PhoneNumber | string |
The user's telephone number. |
|
ZIP or postal code
|
PostalCode | string |
The ZIP or postal code where the user lives, or the office they work in. |
|
Preferred language
|
PreferredLanguage | string |
The user's preferred language. This is typically entered as a two letter language code (ISO 639-1), followed by a dash, followed by a two letter upper-case country code (ISO 3166). For example: en-US, en-GB, fr-FR, ja-JP. |
|
State or province
|
State | string |
The state, province or county the user lives in, or where their office located. |
|
Street address
|
StreetAddress | string |
The street address where the user lives, or their office street address. |
|
Usage location
|
UsageLocation | string |
A two letter country code (ISO 3166). Required for users that will be assigned licenses due to a legal requirement. For example: US (United States), JP (Japan), GB (United Kingdom), FR (France), IN (India). See https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes. |
|
Age group
|
AgeGroup | string |
The age group of the user, for parental control purposes. The default is none / not specified which (from a controls perspective) is the same as Adult. |
|
Consent provided for minor
|
ConsentProvidedForMinor | string |
If the 'Age group' is 'Minor', this field allows you to specify whether consent has been provided for the minor, for parental control purposes. |
|
Employee Id
|
EmployeeId | string |
An optional employee Id. You might use this to uniquely distinguish between each user in your organisation. |
|
Force change password at next login
|
ForceChangePasswordNextLogin | boolean |
Set to true if you want to force the user to change their password when they next login (i.e. the new password being set here is a one-time password to allow the user to log in). Set to false if this is the password the user will use until they manually change it. |
|
Enforce change password policy
|
EnforceChangePasswordPolicy | boolean |
Set to true to enforce the Azure Active Directory change password policy which (depending on your environment) can define how often the user should change their password, password recovery options and additional security verification. This may cause the user to be prompted for additional information. |
|
Password never expires
|
PasswordNeverExpires | boolean |
Set to true if the password never expires (i.e. the user will never be prompted to change the password). Set to false if the password can expire as set in the Azure Active Directory password policy. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output of the PowerShell script, formatted as JSON. |
Created user Principal Name
|
CreatedUserPrincipalName | string |
The Azure Active Directory User Principal Name (UPN) of the created user account. |
Created user Object Id
|
CreatedUserObjectId | string |
The Azure Active Directory User Object Id of the created user account. |
Add Azure AD user to group
Add an Azure Active Directory user (or other object) to an existing Azure Active Directory group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
UserObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Group object Id or display name
|
GroupObjectId | True | string |
The Id or display name of an Azure Active Directory group. You can specify a group by Display Name (e.g. "Finance users") or ObjectId (e.g. UUID/GUID value). |
Check user group memberships first
|
CheckUserGroupMembershipsFirst | True | boolean |
If set to true, IA-Connect will check the user's group memberships before attempting to add them to the group. If the user is already a member of the group, IA-Connect will simply report success without having to do anything. If set to false, IA-Connect will immediately add the user to the group without checking, resulting in an error if the user is already in the group. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2AddUserToGroupResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Add Azure AD user to multiple groups
Adds an Azure Active Directory user (or other object) to multiple existing Azure Active Directory groups where the groups are specified by object Id or display name. IA-Connect adds the user to as many groups as possible and reports on the outcome.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
UserObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Azure AD groups to add
|
GroupNamesJSON | True | string |
A list of the Ids or display names of Azure AD groups to add the user to, in JSON or CSV format. For example: [{"GroupName": "Group 1"}, {"GroupName": "Group 2"}] (JSON format) or Group 1,Group 2 (CSV format). |
Exception if any groups fail to add
|
ExceptionIfAnyGroupsFailToAdd | True | boolean |
If set to true: An exception (failure) will be raised if any single group fails to add. Some groups (for example: Office 365 groups) might not add so an exception could be common. If set to false and no other exception is raised, this action will report how many groups were added successfully and how many failed to add. |
Exception if all groups fail to add
|
ExceptionIfAllGroupsFailToAdd | True | boolean |
If set to true: An exception (failure) will be raised only if all groups fail to add (i.e. no successes and some failures). If set to false and no other exception is raised, this action will report how many groups were added successfully and how many failed to add. |
Check user group memberships first
|
CheckUserGroupMembershipsFirst | True | boolean |
If set to true, IA-Connect will check the user's group memberships before attempting to add them to the group. If the user is already a member of the group, IA-Connect will simply report success without having to do anything. If set to false, IA-Connect will immediately add the user to the group without checking, resulting in an error if the user is already in the group. |
Max Azure AD groups per call
|
MaxAzureADGroupsPerCall | integer |
If a large number of Azure AD groups is specified for addition, this might cause a timeout. By setting the 'Max Azure AD groups per call' value to 1 or higher, the IA-Connect Orchestrator will split this action into multiple calls to the IA-Connect Director and Agent with the specified maximum number of groups per call. For example: If you set a value of 5 and 14 groups need to be removed, the Orchestrator will split this into requests of 5, 5, 4. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Azure AD groups added successfully
|
AzureADGroupsAddedSuccessfully | integer |
The number of Azure AD groups the user was successfully added to. |
Azure AD groups failed to add
|
AzureADGroupsFailedToAdd | integer |
The number of Azure AD groups that the user failed to add to. |
Add Azure AD groups master error message
|
AddAzureADGroupsMasterErrorMessage | string |
If the user failed to add to some of the Azure AD groups, this error message provides details of the problem. |
Add Microsoft Exchange mailbox permission
Assign mailbox permissions to an Active Directory object (e.g. user or group).
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Active Directory object
|
User | True | string |
The active Directory object (e.g. user or group) to assign the permissions to. You can specify a user by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Access rights
|
AccessRights | string |
The access rights to assign to the user's permissions on the mailbox. Available options are 'AccessSystemSecurity', 'CreateChild', 'DeleteChild', 'ListChildren', 'Self', 'ReadProperty', 'WriteProperty', 'DeleteTree', 'ListObject', 'ExtendedRight', 'Delete', 'ReadControl', 'GenericExecute', 'GenericWrite', 'GenericRead', 'WriteDacl', 'WriteOwner', 'GenericAll' and 'Synchronize'. |
|
Extended rights
|
ExtendedRights | string |
An optional extended right to assign to the user's permissions on the mailbox. Extended rights include 'Send As'. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeAddADPermissionResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Add Microsoft Exchange mailbox permission to user
Assign mailbox permissions to a specifed mailbox user, user or security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
User
|
User | True | string |
The user to add to the mailbox permissions. You can specify a user by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Access rights
|
AccessRights | True | string |
The access rights to assign to the user's permissions on the mailbox. Available options are 'ChangeOwner', 'ChangePermission', 'DeleteItem', 'ExternalAccount', 'FullAccess' and 'ReadPermission'. |
Auto mapping
|
AutoMapping | boolean |
If set to true, the mailbox and user account will have some additional properties set that will result in Outlook automatically opening the mailbox when logged-in as this user. This can take a few minutes to take effect. If set to false, the additional properties will not be set and Outlook will not automatically open the mailbox. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeAddMailboxPermissionResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Add Microsoft Exchange member to distribution group
Add a member (for example a user) to an Exchange distribution group. If the member is already in the group, no action is taken.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group to add to. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Member to add
|
Member | True | string |
The identity of the member to add to the distribution group. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeAddDistributionGroupMemberResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Add Office 365 mailbox permission to user
Assign mailbox permissions to a specifed mailbox user, user or security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The Id of a Microsoft Exchange Online or Office 365 mailbox. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName (even users in non Active Directory connected environments have a SAMAccountName) or User Principal Name (UPN). |
User
|
User | True | string |
The user to add to the mailbox permissions. You can specify a user by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Access rights
|
AccessRights | True | string |
The access rights to assign to the user's permissions on the mailbox. Available options are 'ChangeOwner', 'ChangePermission', 'DeleteItem', 'ExternalAccount', 'FullAccess' and 'ReadPermission'. |
Auto mapping
|
AutoMapping | boolean |
If set to true, the mailbox and user account will have some additional properties set that will result in Outlook automatically opening the mailbox when logged-in as this user. This can take a few minutes to take effect. If set to false, the additional properties will not be set and Outlook will not automatically open the mailbox. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
O365AddMailboxPermissionResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Add Office 365 member to distribution group
Add a member to a Microsoft Exchange Online or Office 365 distribution group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group to add to. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Member to add
|
Member | True | string |
The identity of the member to add to the distribution group. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName (even users in non Active Directory connected environments have a SAMAccountName) or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
O365AddDistributionGroupMemberResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Check Active Directory OU exists
Reports if an Active Directory Organizational Unit (OU) exists.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
OU identity
|
OUIdentity | True | string |
The path to the target Organization Unit (OU) in Distinguished Name format (e.g. OU=Target OU,OU=London,DC=mydomain,DC=local), GUID format or as a path (e.g. MyUsers\London). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
OU properties as JSON
|
PowerShellJSONOutput | string |
The details of the located Organizational Unit (OU). |
OU exists
|
OUExists | boolean |
Set to true if the Organizational Unit (OU) exists, false if not. |
Clear Active Directory user account expiration
Clears the expiration date for an Active Directory account.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryClearADUserAccountExpirationResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Clone Active Directory user group membership
Adds the destination Active Directory user to the same Active Directory groups that the first user is a member of, minus the primary group (usually 'Domain users') since it technically isn't a membership.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Source user identity
|
SourceUserIdentity | True | string |
The identity of the source Active Directory user (the user to copy groups from). You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Destination user identity
|
DestinationUserIdentity | True | string |
The identity of the destination Active Directory user (the user to add the groups to). You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
AD groups added successfully
|
ADGroupsAddedSuccessfully | integer |
The number of AD groups the destination user was successfully added to. |
AD groups failed to add
|
ADGroupsFailedToAdd | integer |
The number of AD groups that the destination user failed to add to. |
Add AD groups error message
|
AddADGroupsMasterErrorMessage | string |
If the destination user failed to add to some of the AD groups, this error message provides details of the problem. |
Clone Active Directory user properties
Configures the specified properties / attributes of the source Active Directory user to the destination Active Directory user.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Source user identity
|
SourceUserIdentity | True | string |
The identity of the source Active Directory user (the user to copy attributes from). You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Destination user identity
|
DestinationUserIdentity | True | string |
The identity of the destination Active Directory user (the user to copy attributes to). You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Properties to clone
|
PropertiesToClone | True | string |
A comma separated list of user properties to copy from the source user to the destination user. Common properties to clone include: city, company, country, department, description, division, enabled, homedirectory, homedrive, homephone, manager, office, organization, postalcode, profilepath, scriptpath, state, streetaddress. |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryCloneADUserPropertiesResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to Active Directory with credentials
Allows you to specify an alternative account to use when running Active Directory PowerShell commands. This affects all Active Directory commands issued after this action. If you don't use this action then all Active Directory PowerShell commands will run as the user account the IA-Connect Agent is running as.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Username
|
Username | True | string |
The username of the account to use when running Active Directory commands. You can specify a username in the format 'DOMAIN\username' (e.g. TESTDOMAIN\admin) or 'username@domainFQDN' (e.g. admin@testdomain.local). |
Password
|
Password | True | password |
The password of the account to use when running Active Directory commands. |
Remote computer
|
RemoteComputer | string |
The name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) or member server to authenticate against and for all Active Directory actions to be passed to. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. If a member server is entered (instead of a Domain Controller), that member server must have the Active Directory PowerShell modules / RSAT installed. |
|
Use SSL
|
UseSSL | boolean |
Set to true to connect to the remote WSMan endpoint using SSL. |
|
Alternative TCP port
|
AlternativeTCPPort | integer |
Set to an alternative TCP port if not using the default WSMan TCP/5985 (non-SSL) or TCP/5986 (SSL). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
OpenActiveDirectoryPowerShellRunspaceWithCredentialsResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to Azure AD with certificate
Connects IA-Connect to Azure AD using the Azure AD v2 PowerShell modules. This action (or 'Connect to Azure AD with credentials') must be issued before running any other Azure AD v2 actions. This action requires an Azure Service Principal and Azure AD app registration with certificate to be setup in Azure AD before it will work, but has the advantage of not requiring MFA (2FA).
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Azure AD app registration Id
|
ApplicationId | True | string |
The application Id of the Azure AD app registration which contains the certificate and has the required roles in Azure AD to perform the automation actions. This Azure AD app registration must have previously been setup by an administrator. |
Certificate thumbprint
|
CertificateThumbprint | True | string |
The thumbprint of the certificate used for authentication. This certificate must have been previously created and exist both on the computer where IA-Connect is performing the automation actions and in the Azure AD app registration. |
Azure Tenant Id
|
TenantId | True | string |
Azure Tenant Id to connect to. This must be specified when using certificates to authenticate. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
OpenAzureADv2PowerShellRunspaceWithCertificateResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to Azure AD with credentials
Connects IA-Connect to Azure AD using the Azure AD v2 PowerShell modules. This action (or 'Connect to Azure AD with certificate') must be issued before running any other Azure AD v2 actions. This action either requires an account which doesn't use MFA (2FA) or you'll need to use the UI automation module to automate the 2FA component (i.e. the one-time password authentication popup). Alternatively, use the action 'Connect to Azure AD with certificate'.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Username
|
Username | True | string |
The username of the account to use when running Azure AD v2 PowerShell commands. |
Password
|
Password | True | password |
The password of the account to use when running Azure AD v2 PowerShell commands. |
Azure Tenant Id
|
TenantId | string |
The optional Azure Tenant Id to connect to. If this is left blank, the default Tenant associated with the supplied user account is used. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
OpenAzureADv2PowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to default Active Directory domain
Connects the IA-Connect Agent to the Domain the computer running the IA-Connect Agent is a member of, using the account the IA-Connect Agent is running as (i.e. the default behaviour).
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
OpenLocalPassthroughActiveDirectoryPowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to JML environment
Connect to a JML environment where the details of that environment are held in the IA-Connect Orchestrator. These details can include credentials, addresses and other connectivity settings. For example you can use this action to connect to Active Directory, Microsoft Exchange, Azure AD or Office 365 Exchange Online.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Friendly name
|
FriendlyName | string |
Friendly name of the JML environment held in the IA-Connect Orchestrator. |
|
Only connect if not already connected
|
OnlyConnectIfNotAlreadyConnected | boolean |
Only applies to Exchange and Office 365 Exchange Online. If set to false: This action will always connect to Exchange or Office 365 Exchange Online even if IA-Connect is already connected. If set to true (the default): If IA-Connect is already connected to Exchange or Office 365 Exchange Online with identical settings and the Exchange connection is responding, IA-Connect will do nothing since the connection is already established. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
JMLConnectToJMLEnvironmentResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to Microsoft Exchange
Connects IA-Connect to a Microsoft Exchange server. This action must be issued before running any other Exchange actions. If you specify a username and password, all subsequent Exchange actions will run as that account. If you don't specify a username and password, all subsequent Exchange actions will run as the user account the IA-Connect Agent is running as.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Username
|
Username | string |
The username of the account to use when running Exchange PowerShell commands. You can specify a username in the format 'DOMAIN\username' (e.g. TESTDOMAIN\admin) or 'username@domainFQDN' (e.g. admin@testdomain.local). If you don't specify a username and password, all subsequent Exchange actions will run as the user account the IA-Connect Agent is running as. |
|
Password
|
Password | password |
The password of the account to use when running Exchange PowerShell commands. |
|
Exchange server FQDN
|
ExchangeServerFQDN | True | string |
The Fully Qualified Domain Name (FQDN) or hostname of the Microsoft Exchange server. |
Use SSL
|
UseSSL | boolean |
Set to true if you wish to connect to the Microsoft Exchange server using HTTPS / SSL. This will encrypt all traffic but only works if the Exchange server is setup to accept PowerShell commands over SSL. |
|
Connection method
|
ConnectionMethod | string |
Which method should be used to connect to Microsoft Exchange. 'Local' imports the remote Exchange runspace locally and runs commands locally. 'Remote' runs directly in the remote Exchange runspace and may not be able to run generic PowerShell scripts due to security restrictions. |
|
Authentication mechanism
|
AuthenticationMechanism | string |
The authentication mechanism to be used if connecting to a remote computer or running the script as an alternative user. Supported values are 'Basic', 'Credssp', 'Default', 'Digest', 'Kerberos' and 'Negotiate'. |
|
Only connect if not already connected
|
OnlyConnectIfNotAlreadyConnected | boolean |
If set to false: This action will always connect to Exchange even if IA-Connect is already connected. If set to true (the default): If IA-Connect is already connected to Exchange with identical settings and the Exchange connection is responding, IA-Connect will do nothing since the connection is already established. |
|
Command types to import locally
|
CommandTypesToImportLocally | string |
The 'Local' connection method imports Exchange PowerShell commands locally. This option allows you to choose which PowerShell commands should be imported. Keeping this list to a minimum reduces both memory usage and the time to connect. 'All' (the default, for backwards compatibility) imports all PS commands. 'IA-Connect only' (the recommended option) imports only PS commands used by IA-Connect (you can specify additional PS commands). 'Specified' only imports PS commands you specify and could break some IA-Connect actions if they depend on PS commands you have not specified. |
|
Additional commands to import locally
|
AdditionalCommandsToImportLocallyCSV | string |
If using the 'Local' connection method and if you have chosen to import either 'IA-Connect only' or 'Specified' PS commands, you can specify a comma separated list of additional PS commands to import. For example: 'Get-Mailbox,New-Mailbox,New-DistributionGroup'. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
OpenExchangePowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to Office 365 with certificate
Connects IA-Connect to Office 365 using the Office 365 PowerShell modules. This action (or 'Connect to Office 365 with credentials') must be issued before running any other Office 365 actions. This action requires an Azure AD app registration with certificate and the correct roles to be setup in Azure AD before it will work, but has the advantage of not requiring MFA (2FA).
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Azure AD app registration application Id
|
ApplicationId | True | string |
The application Id of the Azure AD app registration which contains the certificate and has the required roles in Azure AD to perform the automation actions. This Azure AD app registration must have previously been setup by an administrator. |
Certificate thumbprint
|
CertificateThumbprint | True | string |
The thumbprint of the certificate used for authentication. This certificate must have been previously created and exist both on the computer where IA-Connect is performing the automation actions and in the Azure AD app registration. |
Organization
|
Organization | True | string |
The Organisation to use for authentication. For example: mytestenvironment.onmicrosoft.com. |
Exchange URL
|
ExchangeURL | string |
The optional URL of the Microsoft Exchange online server to connect to. Only use this if you have a custom URL. |
|
Connection method
|
ConnectionMethod | string |
Which method should be used to connect to Microsoft Exchange. 'EXO V1' is the original Microsoft Exchange Online PowerShell and doesn't support certificates (and hence isn't available as an option). 'EXO V2' uses the newer Microsoft Exchange Online PowerShell v2 module which runs on the computer running the IA-Connect Agent and requires the 'ExchangeOnlineManagement' v2 PowerShell module installed. |
|
Only connect if not already connected
|
OnlyConnectIfNotAlreadyConnected | boolean |
If set to false: This action will always connect to Office 365 Exchange Online even if IA-Connect is already connected. If set to true (the default): If IA-Connect is already connected to Office 365 Exchange Online with identical settings and the Office 365 Exchange Online connection is responding, IA-Connect will do nothing since the connection is already established. |
|
Command types to import locally
|
CommandTypesToImportLocally | string |
The 'EXO V2' connection method (required for certificate authentication) imports Office 365 or Exchange Online PowerShell commands locally. This option allows you to choose which PowerShell commands should be imported. Keeping this list to a minimum reduces both memory usage and the time to connect. 'All' (the default, for backwards compatibility) imports all PS commands. 'IA-Connect only' (the recommended option) imports only PS commands used by IA-Connect (you can specify additional PS commands). 'Specified' only imports PS commands you specify and could break some IA-Connect actions if they depend on PS commands you have not specified. |
|
Additional commands to import locally
|
AdditionalCommandsToImportLocallyCSV | string |
If you have chosen to import either 'IA-Connect only' or 'Specified' PS commands, you can specify a comma separated list of additional PS commands to import. For example: 'Get-Mailbox,New-Mailbox,New-DistributionGroup'. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
OpenO365PowerShellRunspaceWithCertificateResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Connect to Office 365 with credentials
Connects IA-Connect to Office 365 using the Office 365 PowerShell modules. This action (or 'Connect to Office 365 with certificate') must be issued before running any other Office 365 actions. This action either requires an account which doesn't require MFA (2FA) or you'll need to use the UI automation module to automate the 2FA component (i.e. the one-time password authentication popup). Alternatively, use the action 'Connect to Office 365 with certificate'.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Username
|
Office365Username | True | string |
The username of the account to use when running Office 365 PowerShell commands. |
Password
|
Office365Password | True | password |
The password of the account to use when running Office 365 PowerShell commands. |
Exchange URL
|
ExchangeURL | string |
The optional URL of the Microsoft Exchange online server to connect to. Only use this if you have a custom URL. |
|
Connection method
|
ConnectionMethod | string |
Which method should be used to connect to Microsoft Exchange. Both 'EXO V1 local' and 'EXO V1 remote' use the original Microsoft Exchange Online PowerShell which runs on the computer running the IA-Connect Agent and does not require any additional PowerShell modules, but will eventually be deprecated. 'EXO V1 local' imports the remote Exchange runspace locally and runs commands locally. 'EXO V1 remote' runs directly in the remote Exchange runspace and cannot run generic PowerShell scripts due to security restrictions. 'EXO V2' uses the newer Microsoft Exchange Online PowerShell v2 module which runs on the computer running the IA-Connect Agent and requires the 'ExchangeOnlineManagement' v2 PowerShell module installed. |
|
Only connect if not already connected
|
OnlyConnectIfNotAlreadyConnected | boolean |
If set to false: This action will always connect to Office 365 Exchange Online even if IA-Connect is already connected. If set to true (the default): If IA-Connect is already connected to Office 365 Exchange Online with identical settings and the Office 365 Exchange Online connection is responding, IA-Connect will do nothing since the connection is already established. |
|
Command types to import locally
|
CommandTypesToImportLocally | string |
The 'EXO v1 local' and 'EXO V2' connection methods import Office 365 or Exchange Online PowerShell commands locally. This option allows you to choose which PowerShell commands should be imported. Keeping this list to a minimum reduces both memory usage and the time to connect. 'All' (the default, for backwards compatibility) imports all PS commands. 'IA-Connect only' (the recommended option) imports only PS commands used by IA-Connect (you can specify additional PS commands). 'Specified' only imports PS commands you specify and could break some IA-Connect actions if they depend on PS commands you have not specified. |
|
Additional commands to import locally
|
AdditionalCommandsToImportLocallyCSV | string |
If using the 'EXO v1 local' or 'EXO V2' connection methods and if you have chosen to import either 'IA-Connect only' or 'Specified' PS commands, you can specify a comma separated list of additional PS commands to import. For example: 'Get-Mailbox,New-Mailbox,New-DistributionGroup'. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
OpenO365PowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Create a Microsoft Exchange mailbox for a user
Creates a Microsoft Exchange mailbox for an existing user who doesn't already have a mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the existing user you want to create a mailbox for. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. If the email address policy is enabled, this will be used to generate the name component of the Primary SMTP email address (e.g. alias@mydomain.com). If the email address policy is not enabled, you may wish to set the primary SMTP address instead. |
|
Display name
|
DisplayName | string |
The display name of the mailbox. This is visible in address lists. |
|
Linked Domain Controller
|
LinkedDomainController | string |
If you are creating a linked mailbox, this allows you to specify the domain controller in the forest where the user account resides. Use the Fully Qualified Domain Name (FQDN) of the domain controller. |
|
Linked master account
|
LinkedMasterAccount | string |
If you are creating a linked mailbox, this allows you to specify the account that the mailbox is linked to. You can specify the account by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID or Name (e.g. 'User1'). |
|
Database
|
Database | string |
The Exchange database to contain the new database. You can specify the database by Distinguished Name, GUID or Name. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the recipient. You are unlikely to be able to set this if the 'Email address policy' is enabled so either use 'Alias' instead (and the policy will create the Primary SMTP address from the alias) or disable the email address policy. |
|
Email address policy enabled
|
EmailAddressPolicyEnabled | boolean |
Set to true if you want to automatically update email addresses based on the email address policy applied to this recipient. If the email address policy is enabled, this generally will impact your ability to set the primary SMTP address. Set to false to disable the feature, giving you full control to manually setting email addresses. Leave blank if you don't want to set this option (i.e. leave at the existing or default value). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the enable mailbox action, in JSON format. |
New mailbox DN
|
NewMailboxDN | string |
The Distinguished Name (DN) of the newly created (enabled) mailbox. This is a unique identifier for the mailbox which could be used in further actions on this mailbox. |
New mailbox GUID
|
NewMailboxGUID | string |
The GUID of the newly created (enabled) mailbox. This is a unique identifier for the mailbox which could be used in further actions on this mailbox. |
Create a new Azure AD Microsoft 365 group
Creates a new Azure Active Directory Microsoft 365 group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Display name
|
DisplayName | True | string |
The display name of the group. |
Description
|
Description | string |
The group description. |
|
Mail nickname
|
MailNickname | string |
The email nickname, used to form the group email address. |
|
Group visibility
|
GroupVisibility | string |
If set to public (the default), anyone can view the contents of the group and anyone can join the group. If set to private, only members can view the contents of the group and only owners can add new members to the group or approve join requests. |
|
Check group exists
|
CheckGroupExists | True | boolean |
If set to true, IA-Connect will check if the group exists and, if it does exist, IA-Connect will simply report success for that group without having to do anything. If set to false, IA-Connect will create the group without checking, which could result in a duplicate group name. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the create distribution group action, in JSON format. This will typically hold the details of the created group. |
Group already exists
|
GroupAlreadyExists | boolean |
If the group already exists, this will be set to true to inform you that the group exists and hence IA-Connect didn't need to perform any actions. |
Created group Object Id
|
CreatedGroupObjectId | string |
The Object Id of the created group (or the existing group). |
Create a new Azure AD security group
Creates a new Azure Active Directory security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Display name
|
DisplayName | True | string |
The display name of the group. |
Description
|
Description | string |
The group description. |
|
Check group exists
|
CheckGroupExists | True | boolean |
If set to true, IA-Connect will check if the group exists and, if it does exist, IA-Connect will simply report success for that group without having to do anything. If set to false, IA-Connect will create the group without checking, which could result in a duplicate group name. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the create distribution group action, in JSON format. This will typically hold the details of the created group. |
Group already exists
|
GroupAlreadyExists | boolean |
If the group already exists, this will be set to true to inform you that the group exists and hence IA-Connect didn't need to perform any actions. |
Created group Object Id
|
CreatedGroupObjectId | string |
The Object Id of the created group (or the existing group). |
Create a new Microsoft Exchange distribution group
Creates a new Microsoft Exchange distribution group or mail-enabled security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Group name
|
Name | True | string |
The unique name for the new group. |
Alias
|
Alias | string |
The alias (also known as mail nickname) for the new group. If you don't specify a SMTP address, the alias will be used to generate the name component of the email address (e.g. alias@mydomain.com). |
|
Display name
|
DisplayName | string |
The display name of the group. This is visible in address lists. |
|
Notes
|
Notes | string |
Optional notes about the object. |
|
Managed by
|
ManagedBy | string |
The owner of the group. If you don't specify an owner, the user that created the group will become the owner. The owner can be a mailbox, mail user or mail-enabled security group. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName or User Principal Name (UPN). |
|
Members
|
Members | string |
A comma separated list of members to add to the new group. You can specify members by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
|
Organizational unit
|
OrganizationalUnit | string |
The Organizational Unit (OU) in Active Directory in which to store the group. You can specify an OU in Distinguished Name format (e.g. OU=Target OU,OU=London,DC=mydomain,DC=local), GUID format or as a path (e.g. MyGroups\London). If this is left blank, the group will be created in the 'Users' OU. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the new group. |
|
Member depart restriction
|
MemberDepartRestriction | string |
Allows you to specify restrictions on a member leaving a distribution group. 'Open' is the default and allows members to leave the group without approval, 'Closed' restricts members from leaving the group. This option is ignored for security groups since users cannot remove themselves from security groups. |
|
Member join restriction
|
MemberJoinRestriction | string |
Allows you to specify restrictions on a member joining a distribution group after it has been created. 'Open' allows members to join the group without approval, 'Closed' (the default) restricts members from joining the group, 'ApprovalRequired' allows a member to request joining the group and they are added if a group owner accepts the request. This option is ignored for security groups since users cannot add themselves to security groups. |
|
Require sender authentication
|
RequireSenderAuthenticationEnabled | boolean |
Set to true to specify that the group will only accept messages from authenticated (internal) senders. Set to false to accept messages from all senders. |
|
Group type
|
Type | string |
Specify the type of group to create. 'Distribution' is the default and creates a distribution group. 'Security' is used to create a mail-enabled security group. |
|
Exception if group already exists
|
ErrorIfGroupAlreadyExists | boolean |
Should an exception occur if the group already exists? Set to false to simply do nothing if the group already exists (e.g. it has already been created). Set to true if the group already existing is an error (i.e. it was not expected to exist). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the create distribution group action, in JSON format. This will typically hold the details of the created group. |
Group already exists
|
GroupAlreadyExists | boolean |
If the group already exists (and 'Exception if group already exists' is set to false), this will be set to true to inform you that the group didn't actually get created because it already exists. |
New group DN
|
NewGroupDN | string |
The Distinguished Name (DN) of the newly created group. This is a unique identifier for the group which could be used in further actions on this group. |
New group GUID
|
NewGroupGUID | string |
The GUID of the newly created (enabled) group. This is a unique identifier for the group which could be used in further actions on this group. |
Create a new Office 365 distribution group
Creates a new Microsoft Exchange Online or Office 365 distribution group or mail-enabled security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Group name
|
Name | True | string |
The unique name for the new group. |
Alias
|
Alias | string |
The alias (also known as mail nickname) for the new group. If you don't specify a SMTP address, the alias will be used to generate the name component of the email address (e.g. alias@mydomain.com). |
|
Display name
|
DisplayName | string |
The display name of the group. This is visible in address lists. |
|
Notes
|
Notes | string |
Optional notes about the object. |
|
Managed by
|
ManagedBy | string |
The owner of the group. If you don't specify an owner, the user that created the group will become the owner. The owner can be a mailbox, mail user or mail-enabled security group. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName (even users in non Active Directory connected environments have a SAMAccountName) or User Principal Name (UPN). |
|
Members
|
Members | string |
A comma separated list of members to add to the new group. You can specify members by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
|
Organizational unit
|
OrganizationalUnit | string |
The Organizational Unit (OU) in Azure Active Directory in which to store the group. You can specify an OU in Distinguished Name format (e.g. OU=Target OU,OU=London,DC=mydomain,DC=local) or GUID format. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the new group. |
|
Member depart restriction
|
MemberDepartRestriction | string |
Allows you to specify restrictions on a member leaving the group. 'Open' is the default and allows members to leave the group without approval, 'Closed' restricts members from leaving the group. |
|
Member join restriction
|
MemberJoinRestriction | string |
Allows you to specify restrictions on a member joining the group after it has been created. 'Open' allows members to join the group without approval, 'Closed' (the default) restricts members from joining the group, 'ApprovalRequired' allows a member to request joining the group and they are added if a group owner accepts the request. |
|
Require sender authentication
|
RequireSenderAuthenticationEnabled | boolean |
Set to true to specify that the group will only accept messages from authenticated (internal) senders. Set to false to accept messages from all senders. |
|
Group type
|
Type | string |
Specify the type of group to create. 'Distribution' is the default and creates a distribution group. 'Security' is used to create a mail-enabled security group. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the create distribution group action, in JSON format. This will typically hold the details of the created group. |
Group already exists
|
GroupAlreadyExists | boolean |
If the group already exists, this will be set to true to inform you that the group didn't actually get created. |
Created group DN
|
CreatedGroupDN | string |
The Distinguished Name (DN) of the created group (or the existing group). |
Created group GUID
|
CreatedGroupGUID | string |
The GUID of the created group (or the existing group). |
Created group Identity
|
CreatedGroupIdentity | string |
The identity of the created group (or the existing group). |
Create Microsoft Exchange Online mailbox and user account
Create a mail-enabled user in on-premises Active Directory and create an associated remote mailbox in Microsoft Exchange Online or Office 365. Only use this action if the user doesn't exist in on-premises Active Directory. If the user already exists, use the action 'Create Microsoft Exchange Online mailbox for a user'. The request is sent via your on-premises Microsoft Exchange server.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
First name
|
FirstName | string |
The user's first name. |
|
Last name
|
LastName | string |
The user's last name / surname. |
|
Organizational unit
|
OnPremisesOrganizationalUnit | string |
The Organisation Unit (OU) in which to store the user in Distinguished Name format (e.g. OU=Target OU,OU=London,DC=mydomain,DC=local), GUID format or as a path (e.g. MyUsers\London). If this is left blank, the user will be created in the 'Users' OU. |
|
Name
|
Name | True | string |
The name of the Active Directory user. This appears in the 'Name' column in AD users and computers and in the top of the User 'General' tab. This is not the user logon name. |
Display name
|
DisplayName | string |
The optional user display name. |
|
Remote routing address
|
RemoteRoutingAddress | string |
Set this to override the SMTP address of the mailbox in Microsoft Exchange Online or Office 365 that this user is associated with. If you leave this field blank (the default), the remote routing address is automatically calculated based on your directory synchronisation between on-premises and Microsoft Exchange Online. |
|
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. If the email address policy is enabled, this will be used to generate the name component of the Primary SMTP email address (e.g. alias@mydomain.com). If the email address policy is not enabled, you may wish to set the primary SMTP address instead. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the recipient. You are unlikely to be able to set this if the 'Email address policy' is enabled so either use 'Alias' instead (and the policy will create the Primary SMTP address from the alias) or disable the email address policy. |
|
User Principal Name
|
UserPrincipalName | True | string |
The user logon name in Active Directory. This generally should be in the format 'name@domainFQDN' (e.g. 'TestUser1@domain.local'). The user can logon using this format: name@domainFQDN. |
SAM account name
|
SamAccountName | string |
The user logon name (pre-Windows 2000) in Active Directory. This is in the format 'name' (e.g. 'TestUser1'). The user can logon using this format: DOMAIN\name. |
|
Account password
|
Password | password |
The user password. This must be specified and must meet the Active Directory password complexity rules. If this is a 'Stored' password, enter in the format {IAConnectPassword:StoredPasswordIdentifier} and set the 'stored password' input to true. If this is an Orchestrator generic credential, enter in the format {OrchestratorCredential:FriendlyName} and set the 'stored password' input to true. |
|
Account password is stored password
|
AccountPasswordIsStoredPassword | boolean |
Set to true if the password is an IA-Connect stored password identifier (for example: generated by the 'Generate password' action) or an IA-Connect Orchestrator generic credential (for example: If using IA-Connect with Power Automate). |
|
User must change password at next logon
|
ResetPasswordOnNextLogon | boolean |
Set to true if you want to force the user to change their password when they login (i.e. the new password being set here is a one-time password to get the user logged-in). Set to false if this is the password the user will use until they manually change it. |
|
Is shared mailbox
|
SharedMailbox | boolean |
Set to true if the mailbox being created should be a shared mailbox. |
|
Email address policy enabled
|
EmailAddressPolicyEnabled | boolean |
Set to true if you want to automatically update email addresses based on the email address policy applied to this recipient. If the email address policy is enabled, this generally will impact your ability to set the primary SMTP address. Set to false to disable the feature, giving you full control to manually setting email addresses. Leave blank if you don't want to set this option (i.e. leave at the existing or default value). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the new remote mailbox action, in JSON format. |
New mailbox DN
|
NewMailboxDN | string |
The Distinguished Name (DN) of the newly created mailbox. This is a unique identifier for the mailbox which could be used in further actions on this mailbox. |
New mailbox GUID
|
NewMailboxGUID | string |
The GUID of the newly created mailbox. This is a unique identifier for the mailbox which could be used in further actions on this mailbox. |
Create Microsoft Exchange Online mailbox for a user
Creates a Microsoft Exchange Online or Office 365 (remote) mailbox or archive mailbox for an existing user in on-premises Active Directory who doesn't already have a mailbox. The request is sent via your on-premises Microsoft Exchange server. You can also use this action to archive an existing remote mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the existing user you want to create a mailbox for. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. If the email address policy is enabled, this will be used to generate the name component of the Primary SMTP email address (e.g. alias@mydomain.com). If the email address policy is not enabled, you may wish to set the primary SMTP address instead. |
|
Display name
|
DisplayName | string |
The display name of the mailbox. This is visible in address lists. |
|
Remote routing address
|
RemoteRoutingAddress | string |
The SMTP address of the mailbox in Microsoft Exchange Online or Office 365 that this user is associated with. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the recipient. You are unlikely to be able to set this if the 'Email address policy' is enabled so either use 'Alias' instead or disable the email address policy. |
|
Create archive mailbox
|
Archive | boolean |
Set to true if you want to additionally create an archive mailbox in Microsoft Exchange Online or Office 365. |
|
Email address policy enabled
|
EmailAddressPolicyEnabled | boolean |
Set to true if you want to automatically update email addresses based on the email address policy applied to this recipient. If the email address policy is enabled, this generally will impact your ability to set the primary SMTP address. Set to false to disable the feature, giving you full control to manually setting email addresses. Leave blank if you don't want to set this option (i.e. leave at the existing or default value). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the enable remote mailbox action, in JSON format. |
New mailbox DN
|
NewMailboxDN | string |
The Distinguished Name (DN) of the newly created (enabled) mailbox. This is a unique identifier for the mailbox which could be used in further actions on this mailbox. |
New mailbox GUID
|
NewMailboxGUID | string |
The GUID of the newly created (enabled) mailbox. This is a unique identifier for the mailbox which could be used in further actions on this mailbox. |
Disable Active Directory user account
Disables an Active Directory user account. If a user account is disabled, the user cannot logon.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryDisableADUserByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Disable Azure AD user
Disables an Azure Active Directory user.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
UserObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Revoke user refresh tokens
|
RevokeUserRefreshTokens | boolean |
Set to true to revoke any refresh tokens issued to the user, which will cause any open sessions to stop working, typically within the hour (when their sessions attempt to use a refresh token to keep their connection alive). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2DisableUserResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Disable the Microsoft Exchange mailbox for a user
Disable an existing Microsoft Exchange mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the disable mailbox action, in JSON format. |
Disable the Microsoft Exchange Online mailbox for a user
Disable an existing Microsoft Exchange Online or Office 365 (remote) mailbox. The request is sent via your on-premises Microsoft Exchange server.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange Online or Office 365 (remote) mailbox. You can specify a Microsoft Exchange Online or Office 365 (remote) mailbox by Active Directory object Id, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Action result JSON
|
PowerShellJSONOutput | string |
The output from the disable mailbox action, in JSON format. |
Disconnect from Active Directory
If you have used the action 'Open Active Directory PowerShell runspace with credentials' to run Active Directory PowerShell commands as an alternative user account or to an alternative domain, this action returns the IA-Connect Agent to the default behaviour of running Active Directory actions as the user account the IA-Connect Agent is running as.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
CloseActiveDirectoryPowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Disconnect from Azure AD
Disconnects IA-Connect from Azure using the Azure AD v2 PowerShell modules (connected using one of the 'Connect to Azure AD' actions). You will not be able to issue Azure AD v2 actions again until you reconnect.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
CloseAzureADv2PowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Disconnect from Microsoft Exchange
Disconnects IA-Connect from a Microsoft Exchange server (connected using the action 'Connect to Microsoft Exchange'). You will not be able to issue Microsoft Exchange PowerShell actions again until you reconnect.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
CloseExchangePowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Disconnect from Office 365
Disconnects IA-Connect from Office 365 using the Office 365 PowerShell modules (connected using the action 'Connect to Office 365'). You will not be able to issue Office 365 PowerShell actions again until you reconnect.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
CloseO365PowerShellRunspaceResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Does Microsoft Exchange mailbox exist
Returns whether the specified Exchange mailbox exists.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by identity, provide the name of the property to filter the mailboxes by. Common property names are: Name, Alias, PrimarySMTPAddress, DisplayName, SamAccountName. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by 'Filter property name' as an alternative to searching by identity, enter the type of comparison here (for example: If the filter property name is 'Alias', the comparison could be 'equals' or 'like'). If you wish to enter a raw filter (in OPATH format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by identity, enter the value of the filter property here (for example: If the filter property name is 'Alias', the filter property value might be 'JohnDoe'). |
|
Recipient type details
|
RecipientTypeDetails | string |
The type of mailbox to search for. If this field is left blank, all types of mailbox will be included in the search. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Mailbox exists
|
MailboxExists | boolean |
True if the Exchange mailbox exists. False if the Exchange mailbox does not exist. |
Does Microsoft Exchange Online mailbox exist
Returns whether the specified Microsoft Exchange Online or Office 365 (remote) mailbox exists. The request is sent via your on-premises Microsoft Exchange server.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | string |
The identity of the Microsoft Exchange Online or Office 365 (remote) mailbox. You can specify a Microsoft Exchange Online or Office 365 (remote) mailbox by Active Directory object Id, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID or User Principal Name (UPN). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by identity, provide the name of the property to filter the mailboxes by. Common property names are: Name, Alias, PrimarySMTPAddress, DisplayName. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by identity, enter the type of comparison here (for example: If the filter property name is 'Alias', the comparison could be 'equals' or 'like'). If you wish to enter a raw filter (in OPATH format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by identity, enter the value of the filter property here (for example: If the filter property name is 'Alias', the filter property value might be 'JohnDoe'). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Mailbox exists
|
MailboxExists | boolean |
True if the Microsoft Exchange Online mailbox exists. False if the Microsoft Exchange Online mailbox does not exist. |
Enable Active Directory user account
Enables an Active Directory user account. If the account is not disabled, this command does nothing.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryEnableADUserByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Enable Azure AD user
Enables an Azure Active Directory user.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
UserObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2EnableUserResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Get Active Directory domain FQDN from DN
A utility function. Given an Active Directory user's Distinguished Name (DN), returns the Active Directory domain containing the user.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User DN
|
DN | True | string |
The search user's Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Domain FQDN
|
DomainFQDN | string |
The Active Directory domain containing the user. |
Get Active Directory domain info
Retrieves information about an Active Directory domain.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to send the domain request to. The domain controller will then obtain the requested information for the specified domain. |
|
Predefined Domain identity
|
PredefinedIdentity | string |
User: Information will be retrieved for the domain the currently logged in user belongs to. Computer: Information will be retrieved for the domain the computer (on which the IA-Connect session is running on) belongs to. Manual: Enter the Active Directory Domain in the 'Domain identity' field. If this field is blank and the 'Domain identity' field has a value, that value will be used. |
|
Domain identity
|
Identity | string |
This field is only used if the 'Predefined Domain identity' is set to 'Manual' (or blank). The identity of an Active Directory domain to retrieve domain information for. You can specify an Active Directory domain by Distinguished Name (e.g. DC=mydomain,DC=local), GUID, SID, DNS domain name (e.g. mydomain.local) or NetBIOS name (e.g. MYDOMAIN). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Distinguished name
|
DistinguishedName | string |
The Distinguished Name (DN) of the domain. |
DNS root name
|
DNSRoot | string |
The name of the top-level DNS root of the domain. |
Domain mode
|
DomainMode | string |
The mode or level of the domain (e.g. Windows2003Domain or Windows2016Domain). |
Domain SID
|
DomainSID | string |
The Security Identifier (SID) of the domain. |
Forest
|
Forest | string |
The name of the Active Directory forest (the top-most logical container). |
Infrastructure master
|
InfrastructureMaster | string |
The name of the Domain Controller (DC) with the infrastructure master role. |
Domain NetBIOS name
|
NetBIOSName | string |
The NetBIOS name of the domain (e.g. MYDOMAIN). |
Domain GUID
|
ObjectGUID | string |
The GUID of the domain. |
PDC emulator
|
PDCEmulator | string |
The name of the Domain Controller (DC) with the PDC emulator role. |
RID master
|
RIDMaster | string |
The name of the Domain Controller (DC) with the RID master role. |
Get Active Directory group
Returns the properties of a specified Active Directory group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Identity
|
Identity | True | string |
The identity of the Active Directory group. You can specify a group by Distinguished Name (e.g. CN=Group1,OU=My Groups,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'Group1') or Name (e.g. 'Group1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of groups (and their requested properties) which match the search identity. |
Count of groups found
|
CountOfGroupsFound | integer |
The number of groups found which match the search identity. Usually 1. |
Get Active Directory OU from user DN
A utility function. Given an Active Directory user's Distinguished Name (DN), returns the Organizational Unit (OU) the user is located within.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User DN
|
UserDN | True | string |
The search user's Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
User OU
|
UserOU | string |
The Organizational Unit (OU) the user is located within. |
Get Active Directory user
Returns the properties of a specified Active Directory user.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Identity
|
Identity | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by identity, provide the name of the property to filter the users by. Common property names are: city, company, country, department, description, displayname, division, emailaddress, enabled, givenname, homedirectory, homedrive, homephone, initials, manager, office, organization, postalcode, profilepath, samaccountname, scriptpath, state, streetaddress, surname, title, userprincipalname. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by identity, enter the type of comparison here (for example: If the filter property name is 'Alias', the comparison could be 'equals' or 'like'). If you wish to enter a raw filter (in OPATH format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
As an alternative to searching by identity, the value of the 'Filter property name' to filter the users by. |
|
Search OU base
|
SearchOUBase | string |
The top-level Organization Unit (OU) to search under. If not specified, the entire domain is searched. The OU can be specified in Distinguished Name format (e.g. OU=Target OU,OU=London,DC=mydomain,DC=local), GUID format or as a path (e.g. MyUsers\London). |
|
Properties to retrieve
|
Properties | string |
A comma separated list of additional user properties to retrieve. Common properties include: city, company, country, department, description, displayname, division, emailaddress, enabled, givenname, homedirectory, homedrive, homephone, initials, manager, office, organization, postalcode, profilepath, samaccountname, scriptpath, state, streetaddress, surname, title, userprincipalname. If you leave this field blank, a default set of properties are returned. |
|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Properties to return as collection
|
PropertiesToReturnAsCollectionJSON | string |
Some properties (in the PowerShell return results) are collections of values (e.g. an array or table) and by default are not returned in the IA-Connect PowerShell response. This option allows you to specify which properties IA-Connect should attempt to return as a collection and can be entered in JSON or CSV format. For example: To return the EmailAddresses and MemberOf array properties, enter [{"PropertyName": "EmailAddresses"}, {"PropertyName": "MemberOf"}] (JSON format) or EmailAddresses,MemberOf (CSV format). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of users (and their requested properties) which match the search identity, in JSON format. |
Count of users found
|
CountOfUsersFound | integer |
The number of users found which match the search identity. Usually 0 or 1 if searching by identity, or 0 or more if searching by filter property. |
Get Active Directory user group membership
Returns a list of Active Directory groups the specified user is a member of, minus the primary group (usually 'Domain users') since it technically isn't a membership.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Group membership JSON
|
GroupMembershipJSON | string |
The list of AD groups the user is a member of, in JSON format. |
Count of groups found
|
CountOfGroupsFound | integer |
The number of AD groups the user is a member of, minus the primary group (usually 'Domain users') which isn't counted. |
Get Azure AD groups
Returns the details of groups in Azure Active Directory (also known as Azure AD or AAD), using the Azure AD v2 PowerShell modules. You can search by object Id or using a filter. An object Id search should return 0 or 1 results. A filter search could return 0 or more results.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Group object Id
|
ObjectId | string |
The object Id of an Azure Active Directory group to search for. You can specify a group by Display Name (e.g. "Finance users") or ObjectId (e.g. UUID/GUID value). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by group object Id, provide the name of the property to filter the groups by. Common group property names are: Description, DisplayName and Mail. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by group object Id, enter the type of comparison here (for example: If the filter property name is 'DisplayName', the comparison could be 'equals' or 'starts with'). If you wish to enter a raw filter (in ODATA 3 format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by group object Id, enter the value of the filter property here (for example: If the filter property name is 'DisplayName', the filter property value might be 'London users'). |
|
Is no result an exception
|
NoResultIsAnException | boolean |
Set to true to raise an exception if no groups are found. Set to false to simply report a count of 0 if no groups are found. Note the 'false' option may not work when used with Identity in non-English languages so consider searching using filters instead. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of groups which match the search object Id or filter, in JSON format. |
Count of groups found
|
CountOfGroupsFound | integer |
The number of groups found which match the search object Id or filter. |
Get Azure AD license SKUs
Returns a list of Azure Active Directory license Stock Keeping Units (SKUs) which the connected Azure AD is subscribed to, using the Azure AD v2 PowerShell modules.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
License SKU JSON
|
LicenseSKUJSONOutput | string |
The list of subscribed Stock Keeping Units, in JSON format. |
Count of SKUs found
|
CountOfSKUsFound | integer |
The number of Azure AD subscribed Stock Keeping Units (SKUs). |
Get Azure AD user group membership
Returns a list of Azure Active Directory groups the specified user is a member of, using the Azure AD v2 PowerShell modules.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Properties to return
|
PropertiesToReturn | string |
A comma separated list (CSV) of all group properties to return. If blank (the default), IA-Connect will return all group properties. Available since IA-Connect 9.3. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Group membership JSON
|
PowerShellJSONOutput | string |
The list of Azure AD groups the user is a member of, in JSON format. |
Count of groups found
|
CountOfGroupsFound | integer |
The number of Azure AD groups the user is a member of. |
Get Azure AD user license service plans
Retrieves a list of licenses plans assigned to a specified Azure AD user license (SKU), using the Azure AD v2 PowerShell modules. For example: If the user has the FLOW_FREE license assigned, this will allow you to view which service plans they have provisioned to that license.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
License SKU part number
|
LicenseSKUPartNumber | True | string |
The part number of the license SKU. For example: FLOW_FREE or SPE_E3. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
User license SKU service plans JSON
|
UserLicenseSKUServicePlansJSONOutput | string |
The list of service plans assigned to the specified Azure AD license SKU assigned to the user, in JSON format. |
Count of license SKU service plans found
|
CountOfUserLicenseSKUServicePlansFound | integer |
The number of Azure AD service plans assigned to the specified license SKU assigned to the user. |
Get Azure AD user licenses
Retrieves a list of licenses (SKU) assigned to a Azure AD user, using the Azure AD v2 PowerShell modules.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
User license SKU JSON
|
UserLicenseSKUJSONOutput | string |
The list of Azure AD license SKUs assigned to the user, in JSON format. |
Count of user license SKUs found
|
CountOfUserLicenseSKUsFound | integer |
The number of Azure AD license SKUs assigned to the user. |
Get Azure AD users
Returns the details of users in Azure Active Directory (also known as Azure AD or AAD), using the Azure AD v2 PowerShell modules. You can search by object Id or using a filter. An object Id search should return 0 or 1 results. A filter search could return 0 or more results.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | string |
The object Id of an Azure Active Directory user to search for. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by user object Id, provide the name of the property to filter the users by. Common property names are: UserPrincipalName and DisplayName. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by user object Id, enter the type of comparison here (for example: If the filter property name is 'UserPrincipalName', the comparison could be 'equals' or 'starts with'). If you wish to enter a raw filter (in ODATA 3 format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by user object Id, enter the value of the filter property here (for example: If the filter property name is 'UserPrincipalName', the filter property value might be 'JohnDoe@mydomain.com'). |
|
Is no result an exception
|
NoResultIsAnException | boolean |
Set to true to raise an exception if no users are found. Set to false to simply report a count of 0 if no mailboxes are found. Note the 'false' option may not work when used with Identity in non-English languages so consider searching using filters instead. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of users which match the search filter, in JSON format. |
Count of users found
|
CountOfUsersFound | integer |
The number of users found which match the search object Id, UPN or filter. |
Get Microsoft Exchange distribution group members
Retrieve a list of the members of a Microsoft Exchange Distribution group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group to search for. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Distribution group members
|
DistributionGroupMembersJSON | string |
A list of members of the Exchange Distribution group, in JSON format. |
Count of distribution groups members
|
CountOfDistributionGroupsMembers | integer |
The number of members of the Microsoft Exchange distribution group. |
Get next available account name
Given details regarding the naming format for Active Directory and Exchange account names, provides the details of the next available spare account name. Used to determine which Active Directory and Exchange account to create for a given user. This action does not create any accounts, it provides information regarding name availability.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
First name
|
FirstName | string |
The user's first name. Leave blank if a user's first name is not used to construct account names (rare). |
|
Middle name
|
MiddleName | string |
The user's middle name (optional). Leave blank if a user's middle name is not used to construct account names. |
|
Last name
|
LastName | string |
The user's last / family / sur name. Leave blank if a user's last name is not used to construct account names. |
|
Field A
|
FieldA | string |
An additional field used to construct account names. Leave blank if no additional fields are required to construct an account name. |
|
Field B
|
FieldB | string |
An additional field used to construct account names. Leave blank if no additional fields are required to construct an account name. |
|
Field C
|
FieldC | string |
An additional field used to construct account names. Leave blank if no additional fields are required to construct an account name. |
|
Field D
|
FieldD | string |
An additional field used to construct account names. Leave blank if no additional fields are required to construct an account name. |
|
M start value
|
VariableMStartValue | integer |
Optionally allows you to set the initial value for the {M} variable which can be used in the property format to represent a variable which increases with each iteration. |
|
N start value
|
VariableNStartValue | integer |
Optionally allows you to set the initial value for the {N} variable which can be used in the property format to represent a variable which increases with each iteration. |
|
X start value
|
VariableXStartValue | integer |
Optionally allows you to set the initial value for the {X} variable which can be used in the property format to represent a variable which increases with each iteration. |
|
Maximum attempts
|
MaxAttempts | integer |
The maximum number of attempts (trying different values) before IA-Connect gives up trying to find an available account. |
|
Fallback causes retest
|
FallbackCausesRetest | boolean |
If set to true: If any availability check for any rule requires falling back to a different format, tests will re-start from the top of the list to ensure that all properties use the same format (e.g. primary, primary, primary or fallback, fallback, fallback). This keeps the results in sync and is the recommended value. Only set to false if you know exactly what you are doing. |
|
List of numbers not to use
|
NumbersNotToUse | string |
A comma separated list of numbers not to use for values of M, N or X. For example: '13, 666'. |
|
Characters to remove from inputs
|
CharactersToRemoveFromInputs | string |
A string containing all of the characters you wish to remove from the inputs (for example if a user's name contains invalid characters). For example: !@&?^*. |
|
Remove diacritics from inputs
|
RemoveDiacriticsFromInputs | boolean |
If set to true, IA-Connect will attempt to remove all diacritics from the input fields, replacing characters with a diacritic with the same character minus the diacritic. For example: replacing 'acute accented a' with 'a'. In scenarios where there is no direct mapping to a simple character, the character is removed. For example: The German sharp S is removed. |
|
Remove non alphanumeric from inputs
|
RemoveNonAlphaNumericFromInputs | boolean |
If set to true, IA-Connect will remove all non-alphanumeric characters from the input fields. |
|
Sequence A1
|
SequenceA1 | string |
A comma separated list of strings to use for the {A1} variable which can be used in the property format to represent a value which changes with each attempt to find an available account. For example: If you specify 'A,B,C,D,E,F' for this value, the format '{FirstName}{A1}' would check the availability of {FirstName}A followed by {FirstName}B etc. |
|
Property
|
PropertyToCheck | string |
Which account property to check for availability |
|
Format
|
PropertyNameFormat | string |
The format for the value of this property. For example: {FirstName}.{LastName} or {FirstName first 1}.{LastName} |
|
Format fallback
|
PropertyNameFallbackFormat | string |
The fallback format for the value of this property if the value is already taken. For example: {FirstName}.{LastName}{N2} or {FirstName first 1}.{LastName}{N2} |
|
Format second fallback
|
PropertyNameFallbackFormat2 | string |
The second fallback format for the value of this property if the value and first fallback is already taken. For example: {FirstName}.{LastName}{N2} or {FirstName first 1}.{LastName}{N2} |
|
Value max length
|
PropertyNameMaxLength | integer |
The maximum length for the value of this field before something has to be cut |
|
Field to cut if max length
|
PropertyNameMaxLengthFieldToCut | string |
If the maximum length for the value of this field is exceeded, which input should be cut. For example: Choose LastName if you want to cut from the Last name / family name / surname to shorten the property value. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
AD User SAMAccountName
|
ActiveDirectorySAMAccountName | string |
The available Active Directory user SAMAccountName (if it was one of the properties to check for availability). |
AD User account name
|
ActiveDirectoryAccountName | string |
The available Active Directory user account name (if it was one of the properties to check for availability). |
AD User Principal Name
|
ActiveDirectoryUPN | string |
The available Active Directory User Principal Name (if it was one of the properties to check for availability). |
AD User Email Address
|
ActiveDirectoryEmailAddress | string |
The available Active Directory Email Address (if it was one of the properties to check for availability). |
Exchange mailbox email address
|
ExchangeMailboxAddress | string |
The available Exchange email mailbox address (if it was one of the properties to check for availability). |
Exchange mailbox alias
|
ExchangeMailboxAlias | string |
The available Exchange mailbox alias (if it was one of the properties to check for availability). |
Exchange remote mailbox address
|
ExchangeRemoteMailboxAddress | string |
The available Exchange remote mailbox address (if it was one of the properties to check for availability). |
Azure AD User Principal Name
|
AzureADUPN | string |
The available Azure Active Directory User Principal Name (if it was one of the properties to check for availability). |
Office 365 User Principal Name
|
Office365UPN | string |
The available Office 365 User Principal Name (if it was one of the properties to check for availability). |
Office 365 mailbox email address
|
Office365MailboxEmailAddress | string |
The available Office 365 email mailbox address (if it was one of the properties to check for availability). |
M final value
|
MValue | integer |
The final value of the variable M, if it was used. |
N final value
|
NValue | integer |
The final value of the variable N, if it was used. |
X final value
|
XValue | integer |
The final value of the variable X, if it was used. |
Format index used
|
FormatIndexUsed | integer |
The index of the format that was used to match properties. 1 = Primary format, 2 = Fallback format, 3 = Second fallback format. This lets you know if your initial format resulted in an available account or if IA-Connect had to fallback to a different supplied format. |
Get Office 365 distribution group
Returns the properties of the specified Microsoft Exchange Online or Office 365 distribution group or mail-enabled security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group to add to. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
The output of the PowerShell script, formatted as JSON. |
Count of groups found
|
CountOfGroupsFound | integer |
The number of distribution groups found which match the search identity. Usually 1. |
Get Office 365 mailbox
Returns the properties of the specified Microsoft Exchange Online or Office 365 mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | string |
The Id of a Microsoft Exchange Online or Office 365 mailbox. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName (even users in non Active Directory connected environments have a SAMAccountName) or User Principal Name (UPN). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by identity, provide the name of the property to filter the mailboxes by. Common property names are: Name, Alias, PrimarySMTPAddress, DisplayName, SamAccountName. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by identity, enter the type of comparison here (for example: If the filter property name is 'Alias', the comparison could be 'equals' or 'like'). If you wish to enter a raw filter (in OPATH format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by identity, enter the value of the filter property here (for example: If the filter property name is 'Alias', the filter property value might be 'JohnDoe'). |
|
Is no result an exception
|
NoResultIsAnException | boolean |
Set to true to raise an exception if no mailboxes are found. Set to false to simply report a count of 0 if no mailboxes are found. Note the 'false' option may not work when used with Identity in non-English languages so consider searching using filters instead. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of mailboxes (and their properties) which match the search identity, in JSON format. |
Count of mailboxes found
|
CountOfMailboxesFound | integer |
The number of mailboxes found which match the search identity. Usually 1. |
Is Azure AD v2 PowerShell module installed
Reports if the PowerShell modules required for Azure AD v2 are installed on the computer where the IA-Connect Agent is running.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Azure AD v2 PowerShell module is installed
|
AzureADv2PowerShellModuleInstalled | boolean |
Set to true if the Azure AD v2 PowerShell modules are installed. |
Is connected to Active Directory
Reports if IA-Connect is connected to Active Directory. By default, IA-Connect is automatically connected to the Domain the computer running the IA-Connect Agent is a member of, using the account the IA-Connect Agent is running as. Use the action 'Connect to Active Directory with credentials' to connect using alternative credentials or to an alternative domain.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Connected to Active Directory
|
ActiveDirectoryRunspaceOpen | boolean |
Set to true if IA-Connect is connected to Active Directory. This should always return true since IA-Connect is automatically connected to the domain the computer running the Agent is a member of. |
Local passthrough connection
|
ActiveDirectoryLocalPassthroughRunspace | boolean |
Set to true if IA-Connect is connected to the Domain the computer running the IA-Connect Agent is a member of, using the account the IA-Connect Agent is running as. |
Active Directory server
|
ActiveDirectoryServer | string |
The Active Directory server connected to. If blank, IA-Connect is using the default Active Directory Domain Controller for the computer running the Agent, based on AD site settings. |
Active Directory DNS domain
|
ActiveDirectoryDNSDomain | string |
The Active Directory DNS domain for the Domain IA-Connect is connected to. If blank, IA-Connect is using the default Active Directory Domain for the computer running the Agent. For example: mydomain.local. |
Active Directory domain DN
|
ActiveDirectoryDomainDN | string |
The Active Directory domain DN for the Domain IA-Connect is connected to. If blank, IA-Connect is using the default Active Directory Domain for the computer running the Agent. For example: DC=mydomain,DC=local. |
Authenticated username
|
AuthenticatedUsername | string |
The authenticated username IA-Connect is using for the connection to Active Directory. If blank, IA-Connect is using the account the IA-Connect Agent is running as. |
Is connected to Azure AD
Reports if IA-Connect is connected to Azure using the Azure AD v2 PowerShell modules. Use one of the 'Connect to Azure AD' actions to connect.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Azure AD v2 PowerShell runspace is open
|
AzureADv2RunspaceOpen | boolean |
Set to true if IA-Connect is connected to Azure using the Azure AD v2 PowerShell modules. |
Is connected to Microsoft Exchange
Reports if IA-Connect is connected to a Microsoft Exchange server. Use the action 'Connect to Microsoft Exchange' to connect.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Test communications
|
TestCommunications | boolean |
If set to false: IA-Connect will not issue a test command to confirm the Exchange server connection is functional and will rely on the last-known state. If set to true (the default): IA-Connect will issue a test command to confirm the Exchange server connection is functional. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Connected to Microsoft Exchange
|
ExchangeRunspaceOpen | boolean |
Set to true if IA-Connect is connected to Microsoft Exchange. |
Exchange connection method
|
ExchangeConnectionMethod | string |
Holds the current Exchange connection method: Local or Remote. |
Is connected to Office 365
Reports if IA-Connect is connected to Office 365 using the Office 365 PowerShell modules. Use the action 'Connect to Office 365' to connect.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Test communications
|
TestCommunications | boolean |
If set to false: IA-Connect will not issue a test command to confirm the Office 365 Exchange Online connection is functional and will rely on the last-known state. If set to true (the default): IA-Connect will issue a test command to confirm the Office 365 Exchange Online connection is functional. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Connected to Office 365
|
O365RunspaceOpen | boolean |
Set to true if IA-Connect is connected to Office 365 using the Office 365 PowerShell modules. |
Office 365 connection method
|
Office365ConnectionMethod | string |
Holds the current Office 365 connection method: EXOV1 or EXOV2. |
Is user in Azure AD user group
Returns whether a user is a member of an Azure Active Directory group, using the Azure AD v2 PowerShell modules.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Group object Id or display name
|
GroupObjectId | True | string |
The Id or display name of an Azure Active Directory group. You can specify a group by Display Name (e.g. "Finance users") or ObjectId (e.g. UUID/GUID value). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
User is in group
|
UserIsInGroup | boolean |
Whether the user is a member of the Azure AD group. |
Modify a Microsoft Exchange mailbox email addresses
Modify the email addresses on a Microsoft Exchange mailbox. You can add, remove and replace primary and alias email addresses.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. If the email address policy is enabled, this will be used to generate the name component of the Primary SMTP email address (e.g. alias@mydomain.com). If the email address policy is not enabled, you may wish to set the primary SMTP address instead. Leave blank if you don't want to change the current value. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the recipient. You are unlikely to be able to set this if the 'Email address policy' is enabled so either use 'Alias' instead (and the policy will create the Primary SMTP address from the alias) or disable the email address policy. Leave blank if you don't want to change the current value. |
|
Email address policy enabled
|
EmailAddressPolicyEnabled | boolean |
Set to true if you want to automatically update email addresses based on the email address policy applied to this recipient. If the email address policy is enabled, this generally will impact your ability to set the primary SMTP address. Set to false to disable the feature, giving you full control to manually setting email addresses. Leave blank if you don't want to set this option (i.e. leave at the existing or default value). |
|
Email addresses to add
|
EmailAddressesToAddList | array of string |
A list of additional (non-primary) email addresses to assign to the mailbox. |
|
Replace email addreses
|
ReplaceEmailAddresses | boolean |
Set to true if you want the supplied list of email addresses to replace all existing email addresses (not including the Primary SMTP address). Set to false if you want the supplied list of email addresses to add to any existing addresses. |
|
Email addresses to remove
|
EmailAddressesToRemoveList | array of string |
A list of additional (non-primary) email addresses to remove from the mailbox (if they are present). This only has a purpose if 'Replace email addreses' is set to false or if you aren't adding any email addresses. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Mailbox Email addresses
|
MailboxEmailAddresses | array of string |
The mailbox email addresses after the modify action was performed. The primary SMTP email address will appear as SMTP:emailaddress, secondary (proxy) SMTP email addresses will appear as smtp:emailaddress, X.400 email addresses will appear as x400:address and Exchange Unified Messaging (EUM) addresses as eum:address. |
Modify a Microsoft Exchange Online mailbox email addresses
Modify the email addresses on an an existing Microsoft Exchange Online or Office 365 (remote) mailbox. You can add, remove and replace primary and alias email addresses. The request is sent via your on-premises Microsoft Exchange server.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange Online or Office 365 (remote) mailbox. You can specify a Microsoft Exchange Online or Office 365 (remote) mailbox by Active Directory object Id, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID or User Principal Name (UPN). |
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. If the email address policy is enabled, this will be used to generate the name component of the Primary SMTP email address (e.g. alias@mydomain.com). If the email address policy is not enabled, you may wish to set the primary SMTP address instead. Leave blank if you don't want to change the current value. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the recipient. You are unlikely to be able to set this if the 'Email address policy' is enabled so either use 'Alias' instead (and the policy will create the Primary SMTP address from the alias) or disable the email address policy. Leave blank if you don't want to change the current value. |
|
Email address policy enabled
|
EmailAddressPolicyEnabled | boolean |
Set to true if you want to automatically update email addresses based on the email address policy applied to this recipient. If the email address policy is enabled, this generally will impact your ability to set the primary SMTP address. Set to false to disable the feature, giving you full control to manually setting email addresses. Leave blank if you don't want to set this option (i.e. leave at the existing or default value). |
|
Email addresses to add
|
EmailAddressesToAddList | array of string |
A list of additional (non-primary) email addresses to assign to the mailbox. |
|
Replace email addreses
|
ReplaceEmailAddresses | boolean |
Set to true if you want the supplied list of email addresses to replace all existing email addresses (not including the Primary SMTP address). Set to false if you want the supplied list of email addresses to add to any existing addresses. |
|
Email addresses to remove
|
EmailAddressesToRemoveList | array of string |
A list of additional (non-primary) email addresses to remove from the mailbox (if they are present). This only has a purpose if 'Replace email addreses' is set to false or if you aren't adding any email addresses. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Mailbox Email addresses
|
MailboxEmailAddresses | array of string |
The mailbox email addresses after the modify action was performed. The primary SMTP email address will appear as SMTP:emailaddress, secondary (proxy) SMTP email addresses will appear as smtp:emailaddress, X.400 email addresses will appear as x400:address and Exchange Unified Messaging (EUM) addresses as eum:address. |
Modify Active Directory common user properties
Modify common properties of an Active Directory user. You can only assign values to properties, not set them to blank. To set properties to blank, use the action 'Modify Active Directory user string properties'.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
City
|
City | string |
The user's 'City' property (in the 'Address' tab in AD users and computers). |
|
Company
|
Company | string |
The user's 'Company' property (in the 'Organization' tab in AD users and computers). |
|
Country
|
Country | string |
The user's 'Country' property (in the 'Address' tab in AD users and computers). This must be a two character country code (e.g. GB for United Kingdon, US for United States, FR for France, ES for Spain, JP for Japan). |
|
Department
|
Department | string |
The user's 'Department' property (in the 'Organization' tab in AD users and computers). |
|
Description
|
Description | string |
The user's 'Description' property (in the 'General' tab in AD users and computers). |
|
Display name
|
DisplayName | string |
The user's display name (in the 'General' tab in AD users and computers). |
|
Email address
|
EmailAddress | string |
The user's 'E-mail' property (in the 'General' tab in AD users and computers). |
|
First name
|
GivenName | string |
The user's first name (in the 'General' tab in AD users and computers). |
|
Home phone number
|
HomePhone | string |
The user's 'Home' phone number property (in the 'Telephones' tab in AD users and computers). |
|
Initials
|
Initials | string |
The user's initials (in the 'General' tab in AD users and computers). |
|
IP phone number
|
IPPhone | string |
The user's 'IP phone' property (in the 'Telephones' tab in AD users and computers). |
|
Manager
|
Manager | string |
The user's Manager property (in the 'Organization' tab in AD users and computers). You can specify a Manager in Distinguished Name format (e.g. CN=MrBig,OU=London,DC=mydomain,DC=local), GUID format, SID or SAMAccountName (e.g. 'MrBig'). |
|
Mobile phone number
|
MobilePhone | string |
The user's 'Mobile' phone number property (in the 'Telephones' tab in AD users and computers). |
|
Notes
|
Notes | string |
The user's 'Notes' property (in the 'Telephones' tab in AD users and computers). |
|
Office
|
Office | string |
The user's 'Office' property (in the 'General' tab in AD users and computers). |
|
Telephone number (Office)
|
OfficePhone | string |
The user's 'Telephone number' property (in the 'General' tab in AD users and computers). |
|
Postal code / Zip code
|
PostalCode | string |
The user's 'Zip/Postal Code' property (in the 'Address' tab in AD users and computers). |
|
Profile path
|
ProfilePath | string |
The user's 'Profile path' property (in the 'Profile' tab in AD users and computers). |
|
Logon script
|
ScriptPath | string |
The user's 'Logon script' property (in the 'Profile' tab in AD users and computers). |
|
State / province
|
State | string |
The user's 'State / province' property (in the 'Address' tab in AD users and computers). |
|
Street address
|
StreetAddress | string |
The user's 'Street address' property (in the 'Address' tab in AD users and computers). |
|
Last name
|
Surname | string |
The user's 'Last name' property (in the 'General' tab in AD users and computers). |
|
Job title
|
Title | string |
The user's 'Job title' property (in the 'Organization' tab in AD users and computers). |
|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryModifyADUserPropertiesResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Modify Active Directory user boolean property
Modify an individual boolean (true / false) property of an Active Directory user. This allows you to modify a very specific user setting, including custom properties.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Property name
|
PropertyName | True | string |
The name of the individual user property to modify. Common boolean properties are: enabled, mTSAllowLogon, msExchHideFromAddressLists. |
Property value
|
PropertyValue | boolean |
The true / false value to assign to the specified property. |
|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryModifyADUserBooleanPropertyByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Modify Active Directory user home folder
Sets the home folder / directory / drive for an Active Directory user.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Home drive
|
HomeDrive | string |
If the home directory / folder is on a network share, specify a drive letter which will be mapped to that location. The drive letter is typically a single character between 'F' and 'Z'. If the home directory / folder is local, leave this value blank. If you are setting the home directory / folder to blank, also leave this value blank. |
|
Home directory
|
HomeDirectory | True | string |
Specify the path for the home folder / directory. If you are also specifying a home drive letter then the home drive will be mapped to this folder / directory. If you are setting the home directory / folder to blank, set this value to blank. |
Create folder
|
CreateFolder | boolean |
Set to true if you want to create the home folder / directory if it doesn't exist. |
|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectorySetADUserHomeFolderByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Modify Active Directory user string properties
Modify individual string property(s) of an Active Directory user. This allows you to modify very specific user settings, including custom properties. You can also set individual user properties to blank.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Property
|
Property | string | ||
Value
|
Value | string | ||
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Replace value
|
ReplaceValue | boolean |
Set to true to replace the values. Set to false to add the value. Adding will not work if the value already exists (this only impacts custom properties) whereas replace can be used to create a new value or replace an existing value. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryModifyADUserStringPropertyByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Modify Azure AD user properties
Modify common properties of an Azure Active Directory user. You can only assign values to properties, not set them to blank, because a blank value is interpreted as a intent to leave the value unchanged.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
First name
|
FirstName | string |
The user's first name. |
|
Last name
|
LastName | string |
The user's family name / last name / surname. |
|
Display name
|
DisplayName | string |
The full display name for this user. |
|
City
|
City | string |
The name of the City the user lives in, or where their office is located. |
|
Company name
|
CompanyName | string |
The name of the company the user works for. |
|
Country or region
|
Country | string |
The Country or Region the user lives in, or where their office is located. |
|
Department
|
Department | string |
The name of the department the user works for within the Company. |
|
Fax number
|
FaxNumber | string |
The user's fax (facsimile) telephone number. |
|
Job title
|
JobTitle | string |
The user's job title. |
|
Mobile phone number
|
MobilePhone | string |
The user's mobile phone number. |
|
Office
|
Office | string |
The name of the office where the user works. |
|
Telephone number
|
PhoneNumber | string |
The user's telephone number. |
|
ZIP or postal code
|
PostalCode | string |
The ZIP or postal code where the user lives, or the office they work in. |
|
Preferred language
|
PreferredLanguage | string |
The user's preferred language. This is typically entered as a two letter language code (ISO 639-1), followed by a dash, followed by a two letter upper-case country code (ISO 3166). For example: en-US, en-GB, fr-FR, ja-JP. |
|
State or province
|
State | string |
The state, province or county the user lives in, or where their office located. |
|
Street address
|
StreetAddress | string |
The street address where the user lives, or their office street address. |
|
Usage location
|
UsageLocation | string |
A two letter country code (ISO 3166). Required for users that will be assigned licenses due to a legal requirement. For example: US (United States), JP (Japan), GB (United Kingdom), FR (France), IN (India). See https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes. |
|
Age group
|
AgeGroup | string |
The age group of the user, for parental control purposes. |
|
Consent provided for minor
|
ConsentProvidedForMinor | string |
If the 'Age group' is 'Minor', this field allows you to specify whether consent has been provided for the minor, for parental control purposes. |
|
Mail nickname
|
MailNickName | string |
The user's mail nickname. |
|
Employee Id
|
EmployeeId | string |
The employee Id. You might use this to uniquely distinguish between each user in your organisation. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2SetAzureADUserResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Move Active Directory user to OU
Moves an Active Directory user to an existing Active Directory Organizational Unit (OU).
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Target path
|
TargetPath | True | string |
The path to the target Organization Unit (OU) in Distinguished Name format (e.g. OU=Target OU,OU=London,DC=mydomain,DC=local), GUID format or as a path (e.g. MyUsers\London). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryMoveADUserToOUByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Perform Active Directory DirSync
Performs a synchronisation between Active Directory (on-premises) and Azure Active Directory (cloud). This command must be issued to the server with the 'DirSync' role (i.e. the computer performing the synchronisation).
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Policy type
|
PolicyType | string |
The type of synchronisation to perform. Options are 'Delta' to perform a sync of changes since the last sync (the default option) and 'Initial' to perform a full sync (do not do this unless you know exactly what you are doing). |
|
Computer name
|
ComputerName | string |
The server which has the 'DirSync' role (i.e. the computer performing the synchronisation). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
DirSync result JSON
|
PowerShellJSONOutput | string |
The result of the Active Directory sync operation, in JSON format. |
Remove Active Directory group member
Removes an Active Directory user from an Active Directory group where the group is specified by identity.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Group identity
|
GroupIdentity | string |
The identity of the Active Directory group. You can specify a group by Distinguished Name (e.g. CN=Group1,OU=My Groups,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'Group1') or Name (e.g. 'Group1'). |
|
Group name
|
GroupName | string |
As an alternative to searching by identity, the name of the Active Directory group. |
|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryRemoveADGroupMemberByGroupIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Remove Active Directory user
Removes a user from Active Directory.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryRemoveADUserByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Remove Active Directory user from all groups
Removes an Active Directory user from all of the Active Directory groups they are a member of. IA-Connect removes the user from as many groups as possible and reports on the outcome.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
AD groups removed successfully
|
ADGroupsRemovedSuccessfully | integer |
The number of AD groups the user was successfully removed from. |
AD groups failed to remove
|
ADGroupsFailedToRemove | integer |
The number of AD groups that the user failed to remove from. |
Remove AD groups error message
|
RemoveADGroupsMasterErrorMessage | string |
If the user failed to remove from some of the AD groups, this error message provides details of the problem. |
Remove Active Directory user from multiple groups by name
Removes an Active Directory user from multiple existing Active Directory groups where the groups are specified by name. IA-Connect removes the user from as many groups as possible and reports on the outcome.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD groups to remove by name
|
GroupNamesJSON | True | string |
A list of the names of AD groups to remove the user from, in JSON or CSV format. For example: [{"GroupName": "Group 1"}, {"GroupName": "Group 2"}] (JSON format) or Group 1,Group 2 (CSV format). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Max groups per call
|
MaxGroupsPerCall | integer |
If a large number of AD groups is specified for removal, this might cause a timeout. By setting the 'Max groups per call' value to 1 or higher, the IA-Connect Orchestrator will split this action into multiple calls to the IA-Connect Director and Agent with the specified maximum number of groups per call. First available in IA-Connect 9.3. For example: If you set a value of 5 and 14 groups are requested for removal, the Orchestrator will split this into requests of 5, 5, 4. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
AD groups removed successfully
|
ADGroupsRemovedSuccessfully | integer |
The number of AD groups the user was successfully removed from. |
AD groups failed to remove
|
ADGroupsFailedToRemove | integer |
The number of AD groups that the user failed to remove from. |
Remove AD groups error message
|
RemoveADGroupsMasterErrorMessage | string |
If the user failed to remove from some of the AD groups, this error message provides details of the problem. |
Remove all Azure AD user licenses
Removes all Azure AD user license (SKU) assigned to a user, using the Azure AD v2 PowerShell modules.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2RemoveAllAzureADUserLicenseResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Remove Azure AD security or Microsoft 365 group
Remove an Azure Active Directory security group or Microsoft 365 group. This action cannot remove mail enabled security groups or distribution lists: Use the action 'Remove Office 365 distribution group' instead.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Group object Id or display name
|
GroupObjectId | True | string |
The Id or display name of an Azure Active Directory group. You can specify a group by Display Name (e.g. "Finance users") or ObjectId (e.g. UUID/GUID value). |
Exception if group does not exist
|
ErrorIfGroupDoesNotExist | boolean |
Should an exception occur if the group does not exist? Set to false to simply do nothing if the group doesn't exist (e.g. it may have already been deleted). Set to true if the group not existing is an error (i.e. it was expected to exist). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Group existed
|
GroupExisted | boolean |
If the group existed and was deleted, this will be set to true. If the group didn't exist (and 'Error if group does not exist' was set to false so no exception was raised), this will be set to false to inform you that the group did not exist and hence IA-Connect didn't have to perform any action. |
Remove Azure AD user from all groups
Removes an Azure Active Directory user (or other object) from all of the Azure Active Directory groups they are a member of.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
UserObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Exception if any groups fail to remove
|
ExceptionIfAnyGroupsFailToRemove | True | boolean |
If set to true: An exception (failure) will be raised if any single group fails to remove. Some groups (for example: Office 365 groups) might not remove so an exception could be common. If set to false and no other exception is raised, this action will report how many groups were deleted successfully and how many failed to delete. |
Exception if all groups fail to remove
|
ExceptionIfAllGroupsFailToRemove | True | boolean |
If set to true: An exception (failure) will be raised if all groups fail to remove (i.e. no successes and some failures). If set to false and no other exception is raised, this action will report how many groups were deleted successfully and how many failed to delete. |
Max Azure AD groups per call
|
MaxAzureADGroupsPerCall | integer |
If the user is a member of a large number of Azure AD groups, this might cause a timeout. By setting the 'Max Azure AD groups per call' value to 1 or higher, the IA-Connect Orchestrator will split this action into multiple calls to the IA-Connect Director and Agent with the specified maximum number of groups per call. For example: If you set a value of 5 and 14 groups need to be removed, the Orchestrator will split this into requests of 5, 5, 4. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Azure AD groups removed successfully
|
AzureADGroupsRemovedSuccessfully | integer |
The number of Azure AD groups the user was successfully removed from. |
Azure AD groups failed to remove
|
AzureADGroupsFailedToRemove | integer |
The number of Azure AD groups that the user failed to remove from. |
Remove Azure AD groups master error message
|
RemoveAzureADGroupsErrorMessage | string |
If the user failed to remove from some of the Azure AD groups, this error message provides details of the problem. |
Remove Azure AD user from group
Removes an Azure Active Directory user (or other object) from an Azure Active Directory group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
UserObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Group object Id or display name
|
GroupObjectId | True | string |
The Id or display name of an Azure Active Directory group. You can specify a group by Display Name (e.g. "Finance users") or ObjectId (e.g. UUID/GUID value). |
Check user group memberships first
|
CheckUserGroupMembershipsFirst | True | boolean |
If set to true, IA-Connect will check the user's group memberships before attempting to remove them from the group. If the user is not a member of the group, IA-Connect will simply report success without having to do anything. If set to false, IA-Connect will immediately remove the user from the group without checking, resulting in an error if the user is not in the group. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2RemoveUserFromGroupResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Remove Azure AD user from multiple groups
Removes an Azure Active Directory user (or other object) from multiple existing Azure Active Directory groups where the groups are specified by object Id or display name. IA-Connect removes the user from as many groups as possible and reports on the outcome.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
UserObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Azure AD groups to remove
|
GroupNamesJSON | True | string |
A list of the Ids or display names of Azure AD groups to remove the user from, in JSON or CSV format. For example: [{"GroupName": "Group 1"}, {"GroupName": "Group 2"}] (JSON format) or Group 1,Group 2 (CSV format). |
Exception if any groups fail to remove
|
ExceptionIfAnyGroupsFailToRemove | True | boolean |
If set to true: An exception (failure) will be raised if any single group fails to remove. Some groups (for example: Office 365 groups) might not remove so an exception could be common. If set to false and no other exception is raised, this action will report how many groups were deleted successfully and how many failed to delete. |
Exception if all groups fail to remove
|
ExceptionIfAllGroupsFailToRemove | True | boolean |
If set to true: An exception (failure) will be raised if all groups fail to remove (i.e. no successes and some failures). If set to false and no other exception is raised, this action will report how many groups were deleted successfully and how many failed to delete. |
Check user group memberships first
|
CheckUserGroupMembershipsFirst | True | boolean |
If set to true, IA-Connect will check the user's group memberships before attempting to remove them from each group. If the user is not a member of a particular group, IA-Connect will simply report success for that group without having to do anything. If set to false, IA-Connect will immediately remove the user from each specified group without checking, resulting in an error if the user is not in the group. |
Max Azure AD groups per call
|
MaxAzureADGroupsPerCall | integer |
If the user is a member of a large number of Azure AD groups, this might cause a timeout. By setting the 'Max Azure AD groups per call' value to 1 or higher, the IA-Connect Orchestrator will split this action into multiple calls to the IA-Connect Director and Agent with the specified maximum number of groups per call. For example: If you set a value of 5 and 14 groups need to be removed, the Orchestrator will split this into requests of 5, 5, 4. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Azure AD groups removed successfully
|
AzureADGroupsRemovedSuccessfully | integer |
The number of Azure AD groups the user was successfully removed from. |
Azure AD groups failed to remove
|
AzureADGroupsFailedToRemove | integer |
The number of Azure AD groups that the user failed to remove from. |
Remove Azure AD groups master error message
|
RemoveAzureADGroupsErrorMessage | string |
If the user failed to remove from some of the Azure AD groups, this error message provides details of the problem. |
Remove Microsoft Exchange distribution group
Remove a Microsoft Exchange distribution group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Bypass security group manager check
|
BypassSecurityGroupManagerCheck | boolean |
By default, if the IA-Connect Agent automation account is not an owner of the Distribution Group, it will be unable to remove the Distribution Group. Alternatively, you can set this option to true and this will remove that check, but it requires the automation account to be in the Exchange 'Organization Management' role group or have the 'Role Management' role assigned - this is a single role to give you permissions to modify any Exchange Distribution group instead of being an owner of all Distribution groups you need to modify. |
|
Exception if group does not exist
|
ErrorIfGroupDoesNotExist | boolean |
Should an exception occur if the group does not exist? Set to false to simply do nothing if the group doesn't exist (e.g. it may have already been deleted). Set to true if the group not existing is an error (i.e. it was expected to exist). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeRemoveDistributionGroupResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Remove Microsoft Exchange mailbox permission from user
Remove mailbox permissions from a specifed mailbox user, user or security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
User
|
User | True | string |
The user to remove from the mailbox permissions. You can specify a user by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Access rights
|
AccessRights | True | string |
The access rights to remove from the user's permissions on the mailbox. Available options are 'ChangeOwner', 'ChangePermission', 'DeleteItem', 'ExternalAccount', 'FullAccess' and 'ReadPermission'. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeRemoveMailboxPermissionResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Remove Microsoft Exchange member from distribution group
Remove a member (for example a user) from an Exchange distribution group. If the member is not in the group, no action is taken.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group to add to. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Member to remove
|
Member | True | string |
The identity of the member to remove from the distribution group. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Bypass security group manager check
|
BypassSecurityGroupManagerCheck | boolean |
By default, if the IA-Connect Agent automation account is not an owner of the Distribution Group, it will be unable to modify the Distribution Group. Alternatively, you can set this option to true and this will remove that check, but it requires the automation account to be in the Exchange 'Organization Management' role group or have the 'Role Management' role assigned - this is a single role to give you permissions to modify any Exchange Distribution group instead of being an owner of all Distribution groups you need to modify. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeRemoveDistributionGroupMemberResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Remove Office 365 distribution group
Remove a Microsoft Exchange Online or Office 365 distribution group or mail-enabled security group.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group to add to. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Bypass security group manager check
|
BypassSecurityGroupManagerCheck | boolean |
By default, if the IA-Connect Agent automation account is not an owner of the Distribution Group, it will be unable to remove the Distribution Group. Alternatively, you can set this option to true and this will remove that check, but it requires the automation account to be in the Exchange 'Organization Management' role group or have the 'Role Management' role assigned - this is a single role to give you permissions to modify any Office 355 Exchange Online Distribution group instead of being an owner of all Distribution groups you need to modify. |
|
Exception if group does not exist
|
ErrorIfGroupDoesNotExist | boolean |
Should an exception occur if the group does not exist? Set to false to simply do nothing if the group doesn't exist (e.g. it may have already been deleted). Set to true if the group not existing is an error (i.e. it was expected to exist). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
O365RemoveDistributionGroupResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Reset Active Directory user password
Resets an Active Directory user's password with a new password.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
New password
|
NewPassword | True | password |
The new password. This must be specified and must meet the Active Directory password complexity rules. If this is a 'Stored' password, enter in the format {IAConnectPassword:StoredPasswordIdentifier} and set the 'stored password' input to true. If this is an Orchestrator generic credential, enter in the format {OrchestratorCredential:FriendlyName} and set the 'stored password' input to true. |
Account password is stored password
|
AccountPasswordIsStoredPassword | boolean |
Set to true if the password is an IA-Connect stored password identifier (for example: generated by the 'Generate password' action) or an IA-Connect Orchestrator generic credential (for example: If using IA-Connect with Power Automate). |
|
User must change password at next logon
|
ChangePasswordAtLogon | boolean |
Set to true if you want to force the user to change their password when they login (i.e. the new password being set here is a one-time password to get the user logged-in). Set to false if this is the password the user will use until they manually change it. You cannot set this option to true at the same time as setting either 'User cannot change password' or 'Password never expires' to true. |
|
User cannot change password
|
CannotChangePassword | boolean |
Set to true to stop the user from being able to change their password. Set to false if the user can change the password. You cannot set this option to true at the same time as setting 'User must change password at next login' to true. |
|
Password never expires
|
PasswordNeverExpires | boolean |
Set to true if the password never expires (i.e. the user will never be prompted to change the password). Set to false if the password can expire as set in Active Directory Domain policy. You cannot set this option to true at the same time as setting 'User must change password at next login' to true. |
|
Reset password twice
|
ResetPasswordTwice | boolean |
Set to true to reset the password twice, the first reset being a randomisation of the requested new password (same number of uppercase, lowercase, numbers and the same symbols but in a random order). This mitigates the risk of a pass-the-hash vulnerability if you are synchronising this user to Azure Active Directory. Set to false (the default) to set the requested password without first setting a randomised password. |
|
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryResetADUserPasswordByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Reset Azure AD user password
Resets an Azure Active Directory user's password with a new password.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User Principal Name
|
UserPrincipalName | True | string |
The user logon name in Azure Active Directory. This generally should be in the format 'name@domainFQDN' (e.g. 'TestUser1@mydomain.onmicrosoft.com'). |
New password
|
NewPassword | True | password |
The new password. This must be specified and must meet the Azure Active Directory password complexity rules. If this is a 'Stored' password, enter in the format {IAConnectPassword:StoredPasswordIdentifier} and set the 'stored password' input to true. If this is an Orchestrator generic credential, enter in the format {OrchestratorCredential:FriendlyName} and set the 'stored password' input to true. |
Account password is stored password
|
AccountPasswordIsStoredPassword | boolean |
Set to true if the password is an IA-Connect stored password identifier (for example: generated by the 'Generate password' action) or an IA-Connect Orchestrator generic credential (for example: If using IA-Connect with Power Automate). |
|
Force change password at next login
|
ForceChangePasswordNextLogin | boolean |
Set to true if you want to force the user to change their password when they next login (i.e. the new password being set here is a one-time password to allow the user to log in). Set to false if this is the password the user will use until they manually change it. |
|
Enforce change password policy
|
EnforceChangePasswordPolicy | boolean |
Set to true to enforce the Azure Active Directory change password policy which (depending on your environment) can define how often the user should change their password, password recovery options and additional security verification. This may cause the user to be prompted for additional information. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2ResetAzureADUserPasswordResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Reset Azure AD user properties
Reset common properties of an Azure Active Directory user to a blank value.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Reset first name
|
ResetFirstName | boolean |
Set to true to reset the user's first name to blank. |
|
Reset last name
|
ResetLastName | boolean |
Set to true to reset the user's family name / last name / surname to blank. |
|
Reset city
|
ResetCity | boolean |
Set to true to reset the name of the City the user lives in, or where their office is located to blank. |
|
Reset company name
|
ResetCompanyName | boolean |
Set to true to reset the name of the company the user works for to blank. |
|
Reset country or region
|
ResetCountry | boolean |
Set to true to reset the Country or Region the user lives in, or where their office is located to blank. |
|
Reset department
|
ResetDepartment | boolean |
Set to true to reset the name of the department the user works for within the Company to blank. |
|
Reset fax number
|
ResetFaxNumber | boolean |
Set to true to reset the fax (facsimile) telephone number to blank. |
|
Reset job title
|
ResetJobTitle | boolean |
Set to true to reset the user's job title to blank. |
|
Reset mobile phone number
|
ResetMobilePhone | boolean |
Set to true to reset the user's mobile phone number to blank. |
|
Reset office
|
ResetOffice | boolean |
Set to true to reset the name of the office where the user works to blank. |
|
Reset telephone number
|
ResetPhoneNumber | boolean |
Set to true to reset the user's telephone number to blank. |
|
Reset ZIP or postal code
|
ResetPostalCode | boolean |
Set to true to reset the ZIP or postal code where the user lives, or the office they work in to blank. |
|
Reset preferred language
|
ResetPreferredLanguage | boolean |
Set to true to reset the user's preferred language to blank. |
|
Reset state or province
|
ResetState | boolean |
Set to true to reset the state, province or county the user lives in, or where their office located to blank. |
|
Reset street address
|
ResetStreetAddress | boolean |
Set to true to reset the street address where the user lives, or their office street address to blank. |
|
Reset usage location
|
ResetUsageLocation | boolean |
Set to true to reset the usage location to blank. This is required for users that will be assigned licenses due to a legal requirement, so resetting to blank is likely to break things. |
|
Reset age group
|
ResetAgeGroup | boolean |
Set to true to reset the age group of the user, for parental control purposes, to blank. |
|
Reset consent provided for minor
|
ResetConsentProvidedForMinor | boolean |
Set to true to reset whether consent has been provided for the minor, for parental control purposes, to blank. |
|
Reset employee Id
|
ResetEmployeeId | boolean |
Set to true to reset the employee Id to blank. You might use this to uniquely distinguish between each user in your organisation. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2ResetAzureADUserPropertiesResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Reset the properties on a Microsoft Exchange mailbox
Set the specified properties of an existing Microsoft Exchange mailbox to blank.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Reset Custom attribute 1
|
ResetCustomAttribute1 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 2
|
ResetCustomAttribute2 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 3
|
ResetCustomAttribute3 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 4
|
ResetCustomAttribute4 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 5
|
ResetCustomAttribute5 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 6
|
ResetCustomAttribute6 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 7
|
ResetCustomAttribute7 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 8
|
ResetCustomAttribute8 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 9
|
ResetCustomAttribute9 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 10
|
ResetCustomAttribute10 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 11
|
ResetCustomAttribute11 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 12
|
ResetCustomAttribute12 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 13
|
ResetCustomAttribute13 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 14
|
ResetCustomAttribute14 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 15
|
ResetCustomAttribute15 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeResetMailboxAttributesResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Reset the properties on a Microsoft Exchange Online mailbox
Set the specified properties of an existing Microsoft Exchange Online or Office 365 (remote) mailbox to blank. The request is sent via your on-premises Microsoft Exchange server.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange Online or Office 365 (remote) mailbox. You can specify a Microsoft Exchange Online or Office 365 (remote) mailbox by Active Directory object Id, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID or User Principal Name (UPN). |
Reset Custom attribute 1
|
ResetCustomAttribute1 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 2
|
ResetCustomAttribute2 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 3
|
ResetCustomAttribute3 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 4
|
ResetCustomAttribute4 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 5
|
ResetCustomAttribute5 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 6
|
ResetCustomAttribute6 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 7
|
ResetCustomAttribute7 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 8
|
ResetCustomAttribute8 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 9
|
ResetCustomAttribute9 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 10
|
ResetCustomAttribute10 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 11
|
ResetCustomAttribute11 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 12
|
ResetCustomAttribute12 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 13
|
ResetCustomAttribute13 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 14
|
ResetCustomAttribute14 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Reset Custom attribute 15
|
ResetCustomAttribute15 | boolean |
Set to true if you want to reset the custom attribute field (set to a blank value). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeResetRemoteMailboxAttributesResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Retrieve a Microsoft Exchange mailbox email addresses
Retrieves a list of all email addresses assigned to a Microsoft Exchange mailbox. This includes the primary SMTP address, proxy email addresses, X.400 addresses and EUM (Exchange Unified Messaging) addresses.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Mailbox Email addresses
|
MailboxEmailAddresses | array of string |
The mailbox email addresses. The primary SMTP email address will appear as SMTP:emailaddress, secondary (proxy) SMTP email addresses will appear as smtp:emailaddress, X.400 email addresses will appear as x400:address and Exchange Unified Messaging (EUM) addresses as eum:address. |
Retrieve a Microsoft Exchange Online mailbox email addresses
Retrieves a list of all email addresses assigned to an existing Microsoft Exchange Online or Office 365 (remote) mailbox. This includes the primary SMTP address, proxy email addresses, X.400 addresses and EUM (Exchange Unified Messaging) addresses. The request is sent via your on-premises Microsoft Exchange server.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange Online or Office 365 (remote) mailbox. You can specify a Microsoft Exchange Online or Office 365 (remote) mailbox by Active Directory object Id, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Mailbox Email addresses
|
MailboxEmailAddresses | array of string |
The mailbox email addresses. The primary SMTP email address will appear as SMTP:emailaddress, secondary (proxy) SMTP email addresses will appear as smtp:emailaddress, X.400 email addresses will appear as x400:address and Exchange Unified Messaging (EUM) addresses as eum:address. |
Retrieve Microsoft Exchange distribution group details
Retrieve the details of a Microsoft Exchange Distribution group. You can search by Identity or using a filter. An Identity search should return 0 or 1 results. A filter search could return 0 or more results.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Distribution group identity
|
Identity | True | string |
The identity of the distribution group to search for. You can specify a distribution group by Name, Alias, Distinguished Name (e.g. CN=MyGroup,OU=My Groups,DC=mydomain,DC=local), Email address or GUID. |
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by identity, provide the name of the property to filter the distribution groups by. Common property names are: DisplayName, Name, GroupType, PrimarySMTPAddress. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by identity, enter the type of comparison here (for example: If the filter property name is 'Alias', the comparison could be 'equals' or 'like'). If you wish to enter a raw filter (in OPATH format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by identity, enter the value of the filter property here (for example: If the filter property name is 'Alias', the filter property value might be 'JohnDoe'). |
|
Is no result an exception
|
NoResultIsAnException | boolean |
Set to true to raise an exception if no distribution groups are found. Set to false to simply report a count of 0 if no distribution groups are found. Note the 'false' option may not work when used with Identity in non-English languages so consider searching using filters instead. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of Microsoft Exchange distribution groups which match the search identity or filter, in JSON format. |
Count of distribution groups found
|
CountOfDistributionGroupsFound | integer |
The number of Microsoft Exchange distribution groups found which match the search identity or filter. Usually 1. |
Retrieve Microsoft Exchange mailbox details
Returns the properties of the specified Exchange mailbox. You can search by Identity or using a filter. An Identity search should return 0 or 1 results. A filter search could return 0 or more results.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by identity, provide the name of the property to filter the mailboxes by. Common property names are: Name, Alias, PrimarySMTPAddress, DisplayName, SamAccountName. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by identity, enter the type of comparison here (for example: If the filter property name is 'Alias', the comparison could be 'equals' or 'like'). If you wish to enter a raw filter (in OPATH format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by identity, enter the value of the filter property here (for example: If the filter property name is 'Alias', the filter property value might be 'JohnDoe'). |
|
Recipient type details
|
RecipientTypeDetails | string |
The type of mailbox to search for. If this field is left blank, all types of mailbox will be included in the search. |
|
Is no result an exception
|
NoResultIsAnException | boolean |
Set to true to raise an exception if no mailboxes are found. Set to false to simply report a count of 0 if no mailboxes are found. Note the 'false' option may not work when used with Identity in non-English languages so consider searching using filters instead. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of Exchange mailboxes (and their requested properties) which match the search identity, in JSON format. |
Count of mailboxes found
|
CountOfMailboxesFound | integer |
The number of Exchange mailboxes found which match the search identity or filter. 1 result is expected if searching by identity. 0 or more results are expected if searching by filter. |
Retrieve Microsoft Exchange mailbox distribution group membership
Retrieve which distribution groups a mailbox is a member of.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of Microsoft Exchange distribution groups the mailbox is a member of, in JSON format. |
Count of distribution groups found
|
CountOfDistributionGroupsFound | integer |
The number of Microsoft Exchange distribution groups the mailbox is a member of. |
Retrieve Microsoft Exchange Online mailbox details
Returns the properties of the specified Microsoft Exchange Online or Office 365 (remote) mailbox. The request is sent via your on-premises Microsoft Exchange server. You can search by Identity or using a filter. An Identity search should return 0 or 1 results. A filter search could return 0 or more results.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | string |
The identity of the Microsoft Exchange Online or Office 365 (remote) mailbox. You can specify a Microsoft Exchange Online or Office 365 (remote) mailbox by Active Directory object Id, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID or User Principal Name (UPN). |
|
Filter property name
|
FilterPropertyName | string |
As an alternative to searching by identity, provide the name of the property to filter the mailboxes by. Common property names are: Name, Alias, PrimarySMTPAddress, DisplayName. If using a filter, you also need to populate the 'Filter property comparison' and 'Filter property value' fields. |
|
Filter property comparison
|
FilterPropertyComparison | string |
If searching by filter as an alternative to searching by identity, enter the type of comparison here (for example: If the filter property name is 'Alias', the comparison could be 'equals' or 'like'). If you wish to enter a raw filter (in OPATH format), choose a comparison type of 'Raw: Enter filter manually' and enter the full filter in the 'Filter property value' field. |
|
Filter property value
|
FilterPropertyValue | string |
If searching by filter as an alternative to searching by identity, enter the value of the filter property here (for example: If the filter property name is 'Alias', the filter property value might be 'JohnDoe'). |
|
Is no result an exception
|
NoResultIsAnException | boolean |
Set to true to raise an exception if no mailboxes are found. Set to false to simply report a count of 0 if no mailboxes are found. Note the 'false' option may not work when used with Identity in non-English languages so consider searching using filters instead. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
A list of Microsoft Exchange Online or Office 365 mailboxes (and their requested properties) which match the search identity, in JSON format. |
Count of mailboxes found
|
CountOfMailboxesFound | integer |
The number of Microsoft Exchange Online or Office 365 mailboxes found which match the search identity or filter. Usually 1. |
Run Active Directory PowerShell script
Runs a PowerShell script in the Active Directory runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. This is the recommended action for running your own custom Active Directory PowerShell code.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
PowerShell script contents
|
PowerShellScriptContents | True | string |
The contents of the PowerShell script to execute in the Active Directory runspace. IA-Connect will execute this script as-is by passing directly to the PowerShell automation engine. No PowerShell script is actually created on-disk. |
Is no result an error
|
IsNoResultAnError | boolean |
If no data is returned by the PowerShell command, does this suggest an error? |
|
Return complex types
|
ReturnComplexTypes | boolean |
Should properties which have complex types (as opposed to a simple type such as System.String or System.Boolean or System.Date) be returned? |
|
Return boolean as boolean
|
ReturnBooleanAsBoolean | boolean |
Should Boolean properties be returned as a Booleans? If false, these are returned as strings. |
|
Return numeric as decimal
|
ReturnNumericAsDecimal | boolean |
Should Numeric properties be returned as a Numerics? If false, these are returned as strings. |
|
Return date as date
|
ReturnDateAsDate | boolean |
Should Date properties be returned as a Dates? If false, these are returned as strings. |
|
Properties to return as collection
|
PropertiesToReturnAsCollectionJSON | string |
Some properties (in the PowerShell return results) are collections of values (e.g. an array or table) and by default are not returned in the IA-Connect PowerShell response. This option allows you to specify which properties IA-Connect should attempt to return as a collection and can be entered in JSON or CSV format. For example: To return the EmailAddresses and MemberOf array properties, enter [{"PropertyName": "EmailAddresses"}, {"PropertyName": "MemberOf"}] (JSON format) or EmailAddresses,MemberOf (CSV format). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
PowerShell output JSON
|
PowerShellJSONOutput | string |
The output of the PowerShell script, formatted as JSON. |
Run Azure AD PowerShell script
Runs a PowerShell script in the Azure AD v2 runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. This is the recommended action for running your own custom Azure AD v2 PowerShell code.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
PowerShell script contents
|
PowerShellScriptContents | True | string |
The contents of the PowerShell script to execute in the Azure AD v2 runspace. IA-Connect will execute this script as-is by passing directly to the PowerShell automation engine. No PowerShell script is actually created on-disk. |
Is no result an error
|
IsNoResultAnError | boolean |
If no data is returned by the PowerShell command, does this suggest an error? |
|
Return complex types
|
ReturnComplexTypes | boolean |
Should properties which have complex types (as opposed to a simple type such as System.String or System.Boolean or System.Date) be returned? |
|
Return boolean as boolean
|
ReturnBooleanAsBoolean | boolean |
Should Boolean properties be returned as a Booleans? If false, these are returned as strings. |
|
Return numeric as decimal
|
ReturnNumericAsDecimal | boolean |
Should Numeric properties be returned as a Numerics? If false, these are returned as strings. |
|
Return date as date
|
ReturnDateAsDate | boolean |
Should Date properties be returned as a Dates? If false, these are returned as strings. |
|
Properties to return as collection
|
PropertiesToReturnAsCollectionJSON | string |
Some properties (in the PowerShell return results) are collections of values (e.g. an array or table) and by default are not returned in the IA-Connect PowerShell response. This option allows you to specify which properties IA-Connect should attempt to return as a collection and can be entered in JSON or CSV format. For example: To return the EmailAddresses and MemberOf array properties, enter [{"PropertyName": "EmailAddresses"}, {"PropertyName": "MemberOf"}] (JSON format) or EmailAddresses,MemberOf (CSV format). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
PowerShell output JSON
|
PowerShellJSONOutput | string |
The output of the PowerShell script, formatted as JSON. |
Run Exchange PowerShell script
Runs a PowerShell script in the Exchange runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. This is the recommended action for running your own custom Exchange PowerShell code.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
PowerShell script contents
|
PowerShellScriptContents | True | string |
The contents of the PowerShell script to execute in the Exchange runspace. IA-Connect will execute this script as-is by passing directly to the PowerShell automation engine. No PowerShell script is actually created on-disk. |
Is no result an error
|
IsNoResultAnError | boolean |
If no data is returned by the PowerShell command, does this suggest an error? |
|
Return complex types
|
ReturnComplexTypes | boolean |
Should properties which have complex types (as opposed to a simple type such as System.String or System.Boolean or System.Date) be returned? |
|
Return boolean as boolean
|
ReturnBooleanAsBoolean | boolean |
Should Boolean properties be returned as a Booleans? If false, these are returned as strings. |
|
Return numeric as decimal
|
ReturnNumericAsDecimal | boolean |
Should Numeric properties be returned as a Numerics? If false, these are returned as strings. |
|
Return date as date
|
ReturnDateAsDate | boolean |
Should Date properties be returned as a Dates? If false, these are returned as strings. |
|
Properties to return as collection
|
PropertiesToReturnAsCollectionJSON | string |
Some properties (in the PowerShell return results) are collections of values (e.g. an array or table) and by default are not returned in the IA-Connect PowerShell response. This option allows you to specify which properties IA-Connect should attempt to return as a collection and can be entered in JSON or CSV format. For example: To return the EmailAddresses and MemberOf array properties, enter [{"PropertyName": "EmailAddresses"}, {"PropertyName": "MemberOf"}] (JSON format) or EmailAddresses,MemberOf (CSV format). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
PowerShell output JSON
|
PowerShellJSONOutput | string |
The output of the PowerShell script, formatted as JSON. |
Run Office 365 PowerShell script
Runs a PowerShell script in the Office 365 runspace in the session where the IA-Connect Agent is running, where the script contents are passed to the IA-Connect Agent as part of the command. Due to Office 365 PowerShell security restrictions, this action is likely to be blocked.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
PowerShell script contents
|
PowerShellScriptContents | True | string |
The contents of the PowerShell script to execute in the Office 365 runspace. IA-Connect will execute this script as-is by passing directly to the PowerShell automation engine. No PowerShell script is actually created on-disk. |
Is no result an error
|
IsNoResultAnError | boolean |
If no data is returned by the PowerShell command, does this suggest an error? |
|
Return complex types
|
ReturnComplexTypes | boolean |
Should properties which have complex types (as opposed to a simple type such as System.String or System.Boolean or System.Date) be returned? |
|
Return boolean as boolean
|
ReturnBooleanAsBoolean | boolean |
Should Boolean properties be returned as a Booleans? If false, these are returned as strings. |
|
Return numeric as decimal
|
ReturnNumericAsDecimal | boolean |
Should Numeric properties be returned as a Numerics? If false, these are returned as strings. |
|
Return date as date
|
ReturnDateAsDate | boolean |
Should Date properties be returned as a Dates? If false, these are returned as strings. |
|
Properties to return as collection
|
PropertiesToReturnAsCollectionJSON | string |
Some properties (in the PowerShell return results) are collections of values (e.g. an array or table) and by default are not returned in the IA-Connect PowerShell response. This option allows you to specify which properties IA-Connect should attempt to return as a collection and can be entered in JSON or CSV format. For example: To return the EmailAddresses and MemberOf array properties, enter [{"PropertyName": "EmailAddresses"}, {"PropertyName": "MemberOf"}] (JSON format) or EmailAddresses,MemberOf (CSV format). |
|
PowerShell local scope
|
LocalScope | boolean |
Should the underlying Office 365 PowerShell command be run in the local scope. By default this is not set and hence PowerShell falls back to defaults. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
PowerShell output JSON
|
PowerShellJSONOutput | string |
The output of the PowerShell script, formatted as JSON. |
Set Active Directory server
Sets a specific Active Directory server to use for all further Active Directory actions.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Predefined AD server choice
|
PredefinedADServerChoice | string |
User PDC: The PDC emulator for the domain the currently logged in user belongs to will be used. Computer PDC: The PDC emulator for the domain the computer (on which the IA-Connect session is running on) belongs to will be used. Manual: Enter the Active Directory Domain Controller (DC) in the 'AD server' field. If this field is blank and the 'AD server' field has a value, that value will be used. |
|
AD server
|
ADServer | string |
This field is only used if the 'Predefined AD server choice' is set to 'Manual' (or blank). The name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact for all further Active Directory actions. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectorySetADServerResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set Active Directory user protected from accidental deletion
Sets an Active Directory account to be protected (or not protected) from accidental deletion. If you protect an account from accidental deletion, you cannot delete that account until you remove the protection.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
Protected from accidental deletion
|
ProtectedFromAccidentalDeletion | True | boolean |
Set to true to protect a user from accidental deletion. Set to false to remove protection from accidental deletion. |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectorySetADUserProtectedFromAccidentalDeletionByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set automatic replies (Out of Office) for a Microsoft Exchange mailbox
Set automatic replies (Out of Office) for a Microsoft Exchange mailbox. This action won't work for remote mailbox in Microsoft Exchange Online or Office 365: Use the action 'Set automatic replies (Out of Office) for an Office 365 mailbox' instead.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Automatic reply state
|
AutoReplyState | True | string |
Allows you to enable or disable automatic replies. |
Internal message
|
InternalMessage | string |
The automatic reply (Out of Office) message to send to internal senders. Set to blank to remove the message. |
|
External audience
|
ExternalAudience | string |
Allows you to specify whether automatic replies are sent to external audiences. By default, replies are sent to all external senders. |
|
External message
|
ExternalMessage | string |
The automatic reply (Out of Office) message to send to external senders, if the external audience was set to 'All' or 'Known'. Set to blank to remove the message. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeSetMailboxAutoReplyConfigurationResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set automatic replies (Out of Office) for an Office 365 mailbox
Set automatic replies (Out of Office) for a Microsoft Exchange Online or Office 365 mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The Id of a Microsoft Exchange Online or Office 365 mailbox. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName (even users in non Active Directory connected environments have a SAMAccountName) or User Principal Name (UPN). |
Automatic reply state
|
AutoReplyState | True | string |
Allows you to enable or disable automatic replies. |
Internal message
|
InternalMessage | string |
The automatic reply (Out of Office) message to send to internal senders. Set to blank to remove the message. |
|
External audience
|
ExternalAudience | string |
Allows you to specify whether automatic replies are sent to external audiences. By default, replies are sent to all external senders. |
|
External message
|
ExternalMessage | string |
The automatic reply (Out of Office) message to send to external senders, if the external audience was set to 'All' or 'Known'. Set to blank to remove the message. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
O365SetO365MailboxAutoReplyConfigurationResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set Azure AD user's manager
Set an Azure Active Directory user's mananger.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
Manager
|
Manager | string |
To add a manager, specify the user's manager Object Id (e.g. UUID/GUID value) or UPN (e.g. myboss@mydomain.com). To remove the user's manager, set this field to blank. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2SetAzureADUserManagerResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set Azure AD user license
Adds or removes an Azure AD user license (SKU), using the Azure AD v2 PowerShell modules.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User object Id or UPN
|
ObjectId | True | string |
The Id of an Azure Active Directory user. You can specify a user by UPN (e.g. user@mydomain.onmicrosoft.com) or ObjectId (e.g. UUID/GUID value). |
License to add
|
LicenseToAdd | string |
A single Azure AD license SKU to add. This can be entered as a SKU Id (a GUID) or a SKU part number (a word). For example: TEAMS_EXPLORATORY. If you wish to enable multiple licenses, call this action once per license. |
|
License plans to add
|
LicensePlansChoice | string |
Some licenses have plans: If you wish to enable all plans (or don't know), choose 'All'. If you wish to only enable certain named plans, choose 'Opt-in' and enter the plans to enable in the 'License plans CSV' field. If you wish to enable all plans except those you specify, choose 'Opt-out' and enter the plans to disable in the 'License plans CSV' field. |
|
License plans
|
LicensePlansCSV | string |
A comma separated list (CSV) of the license plans (a component the the license) to enable or disable. If you leave this field blank, all license plans will be enabled. This can be entered as a SKU Id (a GUID) or a SKU part number (a word). For example: YAMMER_ENTERPRISE,SHAREPOINTSTANDARD. |
|
Licenses to remove
|
LicensesToRemoveCSV | string |
A comma separated list of Azure AD license SKUs to remove. This can be entered as a comma separated list of SKU Id (a GUID) or SKU part number (a word). For example: TEAMS_EXPLORATORY,FLOW_FREE. |
|
Usage location
|
UsageLocation | string |
A two letter country code (ISO 3166). Required for users that will be assigned licenses due to a legal requirement. For example: US (United States), JP (Japan), GB (United Kingdom), FR (France), IN (India). See https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes. If you don't set this value, the user must already have their usage location set or the license will fail to apply. |
|
PowerShell local scope
|
LocalScope | boolean |
Should the underlying Azure AD v2 PowerShell command be run in the local scope. By default this is not set and hence PowerShell falls back to defaults. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
AzureADv2SetAzureADUserLicenseResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set Exchange mailbox send on behalf of
Specify who can send on behalf of this existing mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Grant send on behalf to
|
GrantSendOnBehalfTo | True | string |
The identify of a user, group or mailbox that can send emails on behalf of this mailbox. You can specify a user by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeSetMailboxSendOnBehalfOfPermissionResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set Exchange to view entire Active Directory forest
Specify whether the entire Active Directory forest (including sub-domains) is searched / viewed when performing Exchange actions. You may need to use this action if you have multiple linked domains.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
View entire forest
|
ViewEntireForest | True | boolean |
Set to true if you want to search the entire Active Directory forest, false if you only want to search the current Active Directory domain. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeSetADServerToViewEntireForestResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set the properties on a Microsoft Exchange mailbox
Set the properties of an existing Microsoft Exchange mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange mailbox. You can specify a mailbox by Name, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID, SAMAccountName or User Principal Name (UPN). |
Account disabled
|
AccountDisabled | boolean |
Set to true if you want to disable the account, false if you want to enable the account or don't specify a value to leave the current setting untouched. |
|
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. If the email address policy is enabled, this will be used to generate the name component of the Primary SMTP email address (e.g. alias@mydomain.com). If the email address policy is not enabled, you may wish to set the primary SMTP address instead. Leave blank if you don't want to change the current value. |
|
Display name
|
DisplayName | string |
The display name of the mailbox. This is visible in address lists. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the recipient. You are unlikely to be able to set this if the 'Email address policy' is enabled so either use 'Alias' instead (and the policy will create the Primary SMTP address from the alias) or disable the email address policy. Leave blank if you don't want to change the current value. |
|
Hidden from address lists
|
HiddenFromAddressListsEnabled | boolean |
Set to true to hide the mailbox from address lists, false to show the mailbox in address lists or don't specify a value to leave the current setting untouched. |
|
Custom attribute 1
|
CustomAttribute1 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 2
|
CustomAttribute2 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 3
|
CustomAttribute3 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 4
|
CustomAttribute4 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 5
|
CustomAttribute5 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 6
|
CustomAttribute6 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 7
|
CustomAttribute7 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 8
|
CustomAttribute8 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 9
|
CustomAttribute9 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 10
|
CustomAttribute10 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 11
|
CustomAttribute11 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 12
|
CustomAttribute12 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 13
|
CustomAttribute13 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 14
|
CustomAttribute14 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 15
|
CustomAttribute15 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Email address policy enabled
|
EmailAddressPolicyEnabled | boolean |
Set to true if you want to automatically update email addresses based on the email address policy applied to this recipient. If the email address policy is enabled, this generally will impact your ability to set the primary SMTP address. Set to false to disable the feature, giving you full control to manually setting email addresses. Leave blank if you don't want to set this option (i.e. leave at the existing or default value). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeSetMailboxResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set the properties on a Microsoft Exchange Online mailbox
Set the properties of an existing Microsoft Exchange Online or Office 365 (remote) mailbox. The request is sent via your on-premises Microsoft Exchange server.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The identity of the Microsoft Exchange Online or Office 365 (remote) mailbox. You can specify a Microsoft Exchange Online or Office 365 (remote) mailbox by Active Directory object Id, Alias, Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), DOMAIN\username, Email address, GUID or User Principal Name (UPN). |
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. If the email address policy is enabled, this will be used to generate the name component of the Primary SMTP email address (e.g. alias@mydomain.com). If the email address policy is not enabled, you may wish to set the primary SMTP address instead. Leave blank if you don't want to change the current value. |
|
Display name
|
DisplayName | string |
The display name of the mailbox. This is visible in address lists. Leave blank if you don't want to change the current value. |
|
Primary SMTP address
|
PrimarySmtpAddress | string |
The primary return email address that is used for the recipient. You are unlikely to be able to set this if the 'Email address policy' is enabled so either use 'Alias' instead (and the policy will create the Primary SMTP address from the alias) or disable the email address policy. Leave blank if you don't want to change the current value. |
|
Mailbox type
|
Type | string |
The type of mailbox. Leave blank if you don't want to change the current value. |
|
Hidden from address lists
|
HiddenFromAddressListsEnabled | boolean |
Set to true to hide the mailbox from address lists, false to show the mailbox in address lists or don't specify a value to leave the current setting untouched. |
|
Custom attribute 1
|
CustomAttribute1 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 2
|
CustomAttribute2 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 3
|
CustomAttribute3 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 4
|
CustomAttribute4 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 5
|
CustomAttribute5 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 6
|
CustomAttribute6 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 7
|
CustomAttribute7 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 8
|
CustomAttribute8 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 9
|
CustomAttribute9 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 10
|
CustomAttribute10 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 11
|
CustomAttribute11 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 12
|
CustomAttribute12 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 13
|
CustomAttribute13 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 14
|
CustomAttribute14 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Custom attribute 15
|
CustomAttribute15 | string |
A value for the custom attribute field. Leave blank if you don't want to specify a value. If you want to set the value to blank (i.e. it already has a value and you want to reset it), use the 'Reset' action. |
|
Email address policy enabled
|
EmailAddressPolicyEnabled | boolean |
Set to true if you want to automatically update email addresses based on the email address policy applied to this recipient. If the email address policy is enabled, this generally will impact your ability to set the primary SMTP address. Set to false to disable the feature, giving you full control to manually setting email addresses. Leave blank if you don't want to set this option (i.e. leave at the existing or default value). |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ExchangeSetRemoteMailboxResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Set the properties on a Office 365 mailbox
Set the properties on a Microsoft Exchange Online or Office 365 mailbox.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The Id of a Microsoft Exchange Online or Office 365 mailbox. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName (even users in non Active Directory connected environments have a SAMAccountName) or User Principal Name (UPN). |
Account disabled
|
AccountDisabled | boolean |
Set to true if you want to disable the account, false if you want to enable the account or don't specify a value to leave the current setting untouched. |
|
Alias
|
Alias | string |
The Exchange alias (also known as mail nickname) for the user. |
|
Display name
|
DisplayName | string |
The display name of the mailbox. This is visible in address lists. |
|
Hidden from address lists
|
HiddenFromAddressListsEnabled | boolean |
Set to true to hide the mailbox from address lists, false to show the mailbox in address lists or don't specify a value to leave the current setting untouched. |
|
Custom attribute 1
|
CustomAttribute1 | string |
A value for the custom attribute 1 field. |
|
Custom attribute 2
|
CustomAttribute2 | string |
A value for the custom attribute 2 field. |
|
Custom attribute 3
|
CustomAttribute3 | string |
A value for the custom attribute 3 field. |
|
Custom attribute 4
|
CustomAttribute4 | string |
A value for the custom attribute 4 field. |
|
Mailbox type
|
Type | string |
The type of mailbox. Leave blank if you don't want to change the current value. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
O365SetO365MailboxResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Unlock Active Directory account
Unlock an Active Directory account. If the account is not locked, this command does nothing.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
User identity
|
UserIdentity | True | string |
The identity of the Active Directory user. You can specify a user by Distinguished Name (e.g. CN=User1,OU=My Users,DC=mydomain,DC=local), GUID, SID, SAMAccountName (e.g. 'User1') or Name (e.g. 'User1'). |
AD server
|
ADServer | string |
The optional name or Fully Qualified Domain Name (FQDN) of an Active Directory Domain Controller (DC) to contact to perform the requested action. If left blank, the Active Directory Domain Controller (DC) is automatically determined using site settings. |
|
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Command result
|
ActiveDirectoryUnlockADAccountByIdentityResult | boolean |
The result of the command (success or failure). |
Error message
|
ErrorMessage | string |
If the command was not successful, this will contain the error message that was returned. |
Wait for a Office 365 mailbox
Wait for a specified Microsoft Exchange Online or Office 365 mailbox to exist. This is common if you are waiting for an AD sync or license setting to take effect. If the mailbox already existed, the action will immediately return successful.
Parameters
Name | Key | Required | Type | Description |
---|---|---|---|---|
Mailbox identity
|
Identity | True | string |
The Id of a Microsoft Exchange Online or Office 365 mailbox. You can specify a mailbox by Name, Alias, Object Id (e.g. UUID/GUID value), Email address, GUID, SAMAccountName (even users in non Active Directory connected environments have a SAMAccountName) or User Principal Name (UPN). |
Number of times to check
|
NumberOfTimesToCheck | True | integer |
The number of times to check for the mailbox to exist. Each check is separated by a configurable amount of time. |
Seconds between tries
|
SecondsBetweenTries | True | integer |
How many seconds to wait between each check. |
Workflow
|
Workflow | True | string |
Add the following expression here: workflow() |
Returns
Name | Path | Type | Description |
---|---|---|---|
Search results JSON
|
PowerShellJSONOutput | string |
The properties of the located mailbox if it already existed or existed after waiting, in JSON format. |
Count of mailboxes found
|
CountOfMailboxesFound | integer |
The number of mailboxes found which match the search identity. 1 would represent a successful wait (or the mailbox already existed). 0 would represent the mailbox not existing, even after waiting. |