Source Anchor missing ms-DS-ConsistencyGUID in option
We use the microsoft recommended, and supported configuration of using ms-DS-ConsistencyGUID for Sourceanchor and immutableID's in AADsync. We use this configuration because we had multiple forests that were migrated out of, so their objectGUID (what ADManager keys off of by default) is no longer relevant to their ms-DS-consistency guid. This attribute makes it extremely easy to migrate to other forests or domains without having issues with immutableID's. Currently it is impossible to manage these
Email duplicate check
Hello, In my user creation templates I use email field as Unicode string. Is it possible to check duplicates on forest level? Regards, Anton
New Release: ADManager Plus 7030 (October 2019)
We are excited to let you know that the latest version of ADManager Plus--build 7030--has been rolled out. You can download it right away! The details of the release are mentioned below. New Features Over 10 new management operations including Add or Remove Office 365 Group Owners, Modify Calendar Permissions, and more. Over 4 new Office 365 mailbox-based reports. A flat, sleek and intuitive UI for enhanced performance and user experience. Enhancements Option to select templates during bulk group
AD Group Management automation, based on job title or other fields
We currently have a system in place for user creation where help desk technicians use the import functionality in the memberof field to import CSV files filled with groups based on job titles. What we would like to do next is implement some sort of automation that runs periodically and "fixes" any users who have had groups added or removed erroneously. Does anyone have any experience with a solution that looks at users compares their group membership to a template based on job title (or other
Custom Notification Template Variables
I'm attempting to create a notification that goes out to a userID's manager when we disable an account that has been inactive for 90 days. I would really like to use the LDAP attributes in some way so the email is more clear. As an example it would read something like this: ____________________________ Subject: Disabled due to inactivity - %cn% Dear %userManager%, The account for %cn% has been disabled because it has been inactive for 90 days. Last Logon date: %lastLogonTimestamp% Thanks! IT Infrastructure
Creating Templates
Hi Guys, I have created template to disable the user account and move it to anther OU, and also removing specific groups from that account and just keeping one group which is Domain Users Group. The Template is working only with disabling the account and it also moving it to another OU, but its not removing the groups that this account is part of. even I have created a rules for that to keep just one group, and removed the check mark from append with existing value and same thing. Is there any way
Upgrade to Notification Template?
I am new to ManageEngine AD Manager Plus and am finding extreme value in using the Notification Templates. Any feedback on if this will be built out to allow more than the macro fields? When we transfer employees to other departments, we use a paper checklist to ensure all the AD changes were done. If we can add fields such as: %name% %title% %department% %telephoneNumber% %distinguishedName% %physicalDeliveryOfficeName% to templates we can send a email to other admins in the organization that
Bulk User Creation If Statements
Hello, Is it possible to create (and perhaps provide a sample) a powershell script or built-in functionality that would allow for If/Then routines in bulk user account creation? For example, we bulk create hundreds of users from a CSV. However, a large portion of those users may already exist. Therefore, I would like to do something like: 1) Attempt to create user from csv using template if user exists: a) Determine if account is disabled. If Disabled: Re-enable, move to OU
How to Remove Help Desk Technician AD Group
I was performing some experimentation and added an AD Group to Help Desk Technicians. I can not find where to delete the group now. Any thoughts?
Automation data from MS SQL "Ignore current records in DB" greyed out/not working?
Hi, I'm having an problem with importing users from an SQL db into our AD. The first import from the SQL db is ok. But when I run it an second time then I get the error that the object already exists. Why is it doing the same users again? Is this expected behaviour? There is an option by the "Create New Automation" where you have the option to add an marker to the option "Ignore current records in DB". But when I use that option then nothing is getting imported from the SQL db. The job result is
Limit Security Group Assignment to specific OU
If this feature is already available, I would gladly appreciate help in setting it up. Case scenario. in our setup, I have Clients OU that contains a number of individual OUs specific to client (example: Clients -> ClientA, ClientB, ClientC ..etc. ): Within each client OU, there are domain accounts and security groups specific to the client (Clients -> ClientA -> userA1, userA2, userA3, securityA10, securityA20..etc). Using AD manager, I can assign one (unique) technician to each of clients OU to
Creating a new user template - SMTP primary address incorrect in Exchange online
I've setup a new user template which appears to be working well other than the fact that the wrong SMTP address is assigned to the user when I check Exchange Online. The template issues an E3 license and the mailbox is created, but the with an incorrect SMTP mail address. Where should the primary SMTP address be set in the template and are there any custom attributes required? We ARE NOT running in a hybrid environment.
Remove Users from Security Groups (via csv file)
Does AD Manager allow to bulk update user membership via csv load? For instance, I have 10 requests to remove users from particular security groups. Please note that these could be 10 different users and 10 different security groups. I do not want to remove all users from a specified security group. Also, a user might belong to other security groups, so I cannot remove all groups membership for that user. Appreciate any feedback.
Automation Information Needed
I started looking at the automation piece AD Manager Plus for some routine tasks, specifically cleaning up inactive users in our AD and adding Account State locked attribute for reporting. I think I have everything setup correctly but I have a couple of question about using this automation. How does one go about testing their automation? I don’t see a way to stop it from running through the entire tree, and I find it hard to believe ME would think that’s OK. I’m assuming that when we select inactive
error connection exchange in user creation by template
Hi, I create a user in AD per template, I also try to enable remote mailbox with routing address, and I create mailbox in 365. The user creates it well in AD and in 365 it creates the mailbox, but it fails to connect with exchange and can not enable the remote mailbox or add the address. Administrators confirm that the account we use for the connection has permissions in exchange. I have another template that does the same in another domain and makes everything perfect. I pass you log of the errors:
Can ADManager also automate the process of setting user security groups and folder permissions?
Hello, Our agency is currently using ADManager Plus for automating new user account setups. As far as I know we just use it to create the user profile, send user's name to the Brivo badging system and setup the user's email. can ADManager also automate the process of adding security groups and folder permissions during user account creation based on job titles? Right now I have to manually enter the new user's security groups and folder permissions after the user's profile is created via ADManager.
Problem editing GPO
Hello, I am just editing a GPO through ADManager and getting the error I am sending you attached. Could you please help us on this matter?
ADManager Issues...
I am really surprised with my environment after seeing several issues, Is I am the only person facing all these issues\concerns or others too.. I am too curious to see the feedback on the below issues which I am currently facing in ADManager Plus. - Bulk Edit is not working more than 5 groups - Reports are not running for certain conditions - Don't have clear view function for delegation OU details (Refer delegation OU Screenshot) - HA Function (Audit Report Archive Data) is unable to show the results
How to perform Active Directory (AD) user provisioning with a CSV file, using ADManager Plus
As opposed to the native AD tools, ADManager Plus enables you to create multiple Active Directory (AD) users in one go, by importing a CSV file that contains the required user details, without using PowerShell scripts. Rules for creating a CSV file required for bulk user creation: 1. The first row of the CSV file must contain the LDAP names of the AD attributes whose values you wish to set. To view a complete list of all the LDAP attributes that can be specified in a CSV file for user creation or
ADManager Plus Usability \ Features
Do anyone have any other concerns on ADManger Plus like me... - When delegating OU's to specific technician, tech logs in tool only displays Computers etc, Users etc... - Failover \ High Availability is not properly implemented - Lot of usability issues in UI - Role Based OU delegation in single user and group modifications - So far none of my upgrades have been successful, and I am keep getting multiple patches, Simultaneously new patches creating new issues
How to set or modify NTFS permissions using ADManager Plus
ADManager Plus, an AD management and reporting solution, simplifies file server permissions management by offering built-in options to set, modify or revoke NTFS and share permissions of folders. With ADManager Plus, you can not only manage the access rights of multiple folders at once, but also assign granular NTFS and share permissions for individual folders. Prerequisite for setting or modifying NTFS permissions via ADManager Plus: The file server, which hosts the folders whose permissions
Notification for Automation Policy
Hi Guys I created a automation policy and a automtion, which disable, move users they leaving us, 30 days later the users will be deleted. I tried to configure a notification profile for the last step, if the users are deleted. but the notification only works, when i (personally) delete the user. Somebody a idea how to solve this problem? The notification profile has two criterias, 1. when user is deleted 2. from specified ou which the user stays for 30 days before deleting.
Is its possible manageengine integration to confluence tool
Is its possible manageengine integration to confluence tool?? if its possible means guide me how to i proceed it .
AD Domain as first choice in the logon screen
HI, how can i set the active directory domain as the first choice in the logon screen ?
reset the password by an applicant
Hi, Is there any way that when an applicant requests to reset password, or modify user (per template could make one in it to reset the password) and could be executed without another technician's action, for example that the application launch an automation process or configure an automation process to execute the request. Or some other way? Regards,
SQL Versions supported
Hi, We are getting close to a purchase of AD Manager Plus and wanted to confirm whether SQL 2014 is supported. I can see some information about SQL in the user/setup manual but not the exact supported versions. Can anyone confirm?
Needing to get back built in technician accounts
One of our other IT techs accidentally deleted a few of the built in technician accounts from ADManager Plus and I was just seeing if there is a way to get those back or just create other accounts that just are local to the application. The one in particular we need is the built in HR Associate account as we have a few HR reps that will need to create users. Thanks!
AD Manager Plus not launching on Terminal Server
We are running both AD Password Self Service Plus and AD Manager Plus on the same terminal server but recently the Java Wrapper Service will launch at startup on this server for AD Password Self Service plus fine but for AD Manager Plus the java wrapper service doesn't start automatically and when you try to launch it manually it will try to start the service and then goes to "Initializing Service" and then just dies. And Event Viewer doesn't display any warning error messages. The only way to get
run custom script - create 365 account in another domain
Hi, I create a user in AD and then I want to create a 365 account in a domain that is not the same as the AD. For this I configure in the script the connection with administrator username and password 365. If I execute it from the machine by hand it does it well, but once I include it in the ADManager I get the following error: Result:ConvertTo-SecureString : Key not valid for use in specified state. At C:\ManageEngine\ADManager Plus\bin\usernewcomer365.ps1:5 char:17 + $SecureString = ConvertTo-SecureString
pass variable to custom script
Hi, I want to pass the variable "mail of the applicant" in a personalized template, what would the name of the variable be? the same value that is used in the template of notifications by mail Regards,
Java Heap Change Resets
Hi, When I change the value of Java Heap Max in Wrapper.conf it reverts back to the previous setting, what am I doing wrong? Thanks
Send Notification on Disable User
Is it possible to configure a notification profile when an account is disabled through ADManager?
error when requesting to create user by template
Hi, When the "requestor" makes a user registration request by template, the alert message appears: This design does not have a user creation method. This template creates a user in AD and in 365, if I uncheck the 365 tab, let me continue. However, in another template that I have the same but for another domain, it does not give me any warning message and it does it well. What can be eto? Attached screen of the message Regards,
Copy DistinguishedName value to an ExtensionAttribute and move user
Hello everyone, I'm trying to make a user modification template to save the current distinguishedName value to an ExtensionAttribute and then move that user to another OU using a modification rule. My problems are 2: First, the extensionAttribute remains empty after user modification, I am currently passing the variable %distinguishedName% to it in the template. Second, I set the modification rule to modify the "Select Container" value to the new OU location (with no conditions) but the user won't
Notification of account creation in specific location (country)
Hi, we're moving to a flat OU structure for win 10 and the current account creation notifications, created when a Win 7 account is made in the current Office specific OU will no longer work. I've looked at changing it but the only selectable fields in profile criteria are Action, Container, Technician and Domain Name. My unique identifier for the location of accounts will soon be Office as it's shown in AD. any ideas how I can get different people notified of new accounts in their office? David
execute script in two domains
Hi, I have a problem, when I run custom ps1 script in user creation template. I have two domains, to create users, in domain A I failed until we put a user with permissions on the ADManager server service, but that user is from domain A. Now that I create a user in domain B I do not run the script, how can I fix it? Regards,
Is it possible to automate Contact Creation from a New Account?
Hi folks, I have a Create User template set up for our on-site IT folks to run for certain user requests. These user accounts do not get an Exchange Mailbox, so no email is created for them. However, they do need to have a contact created for them. Is it possible to automate the contact creation based on the data entered in the User Account and can that process be automatically triggered by the User Creation task? If so, how do I go about starting this process? Thanks, Adam
Templates
Hi, I might be being stupid here but I can't find where to create templates in ADManager (for use in automation, etc). Can anybody advise?
simple powershell script to clean a field
Hi, As much as I check and have checked in the community I do not find where I fail, I execute a powershell script once I have created a user to clean a field.and it does not do anything to me. When I run ADManager it indicates the log: [12:23:04:353]|[05-16-2019]|[SYSOUT]|[INFO]|[50030]: Starting CustomScriptThread ...| [12:23:04:353]|[05-16-2019]|[SYSOUT]|[INFO]|[150317]: Custom Script Command::powershell C:\Software\Personalizacion\ManageEngine\usernew.ps1 nappe11| [12:23:04:353]|[05-16-2019]|[SYSOUT]|[INFO]|[150317]:
Filtering, cloning, or editing default reports
I want to filter the "users never logged on" default report so that it only shows me enabled user accounts. I can't find a way to filter the results, so I looked for a way of editing the report settings - I couldn't find that either. I then tried to create a custom report, but this requires that the 'last logon date' is specified in relation to an existing date - I couldn't find a way of specifying 'never'. I then tried to see if I could clone the existing default report but couldn't see a way
Next Page