Use Case: While resigning an employee, the HR department sends the employee’s details to the IT department via email. IT department in turn, will delete the employee from the Active Directory. This process entails redundant work, its time consuming.
Deleting an user account in AD can be automated with ServiceDesk Plus’ in-product capabilities.
Making use of the DRE in ServiceDesk Plus, we can invoke a Deluge script which will delete the user account in AD using ADManager Plus API.
Steps to set it up:
1. Goto Admin > Request custom function > Global Functions.
We will need the ADMP hosted url, AuthToken and Domain Name for establishing the connection with ADMP.
Set the return type to "Map" and copy the script from attachment. [File - ADMP_Configuration.txt]
Storing these information as a global function will help us re-use these in other scripts as well.
2. Create Incident Additional fields to store the ADMP field values. Include these additional fields in the required template.
SDP Additional field names can be fetched from Admin > Incident - Additional Field > API Field Name
3. The functional part of the script has to be defined under Admin > Request custom function > Custom Action.
Update the LDAP Field values and SDP Additional field API Field Names in the script. Ensure the LDAPFields and SDPFields are mapped correctly.
Eg: sAMAccountName is stored in udf_sline_30
4. Refer attachment for the deluge script. [File: Delete_ADMP_User.txt]
5. With custom triggers we can configure a criteria such as ‘when a request is created or approved’ to invoke the deluge script stored in the custom function and automatically deletes the user account in ADMP.