Online Manual: "User Management Resource Adminstrator"
Go to: User Management Resource Administrator homepage
Script Action: Move - rename user (AD)
Function
Move an user account in Active Directory to another OU, container or
domain. Alternatively, you can also use this action to rename a user account
in an organizational unit - container of Active Directory. When moving
a user account to another domain, several restrictions apply:
The source and destination
domain must be in the same forest of domains. - The destination domain must be in native mode.
Deployment
This action is typically used in a script that is intended to manage
existing user accounts. With this action you can execute 2 operations:
Move user account(s)
to other organizational units or domains:
The user account can be moved to another organizational unit in the same
domain or another domain. If the domain is changed, the domain must be
in the same forest and the destination domain must be in native mode.
When the account is moved, the common name of the user account is not
changed by default. The common name is part of the full LDAP name of the
user account that uniquely identifies the user account in the organizational
unit or container. Hence, the common name must be unique in the organizational
unit. If you execute this action and move an account to an OU and a user
account with the same common name already exists in the OU, the action
will fail. Alternatively, you can rename the account (property NewName). Rename a user
account: With this action you
can change the common name of the user account. The common name is part
of the full LDAP name of the user account that uniquely identifies the
user account in the organizational unit or container. Hence, the common
name must be unique in the organizational unit. If the new common name
is not unique, the action will fail and an error is generated.
You can also combine the 2 possible
operations and both move and rename the user account. When you want to
move the user account, you need to specify the destination organizational
unit or container of the user account. If you only want to rename the
user account, the destination organizational unit or container is not
changed for the user account. To specify the destination organizational
unit or container you have 2 options:
Specify properties
Domain
and Organizational Unit-Container: When moving user accounts to another organizational
unit, you must specify the new name of the OU. If the domain is not changed,
you don't need to specify property Domain. If you want to use this option, you don't
need to specify the property OU-Container
LDAP name Specify property
OU-Container LDAP name: If you use this option, you need to specify
the full LDAP name of the destination organizational unit - container.
Examples: ou=Schools, dc=Tools4ever, dc=Com, LDAP://ou=Schools,
dc=Tools4ever, dc=Com, LDAP://domaincontroller/ou=Schools, dc=Tools4ever,
dc=Com. With this option, you don't need to specify the properties Domain
and Organizational Unit-Container.
Properties
|
Property Name |
Description |
Typical setting |
Remarks |
|
User Object |
An data structure representing the user account.
Use the action 'Get user (AD)' to find the user account in Active Directory
and setup the variable that contains the 'User Object'. |
%UserObject% |
The User Object must always be specified as
a variable. This variable must have been set by a previous script action,
for example Script Action: Get
user (AD). |
|
Domain |
The name of destination domain (DNS or NETBIOS
style, e.g. tools4ever.com or TOOLS4EVER) of the user account. If the
domain name is not specified, the application assumes that the account
is not moved across domains. When no destination Organizational Unit-Container
is specified, the user account is not moved but renamed only. |
|
Specification of this property is required
only if you want to move and optionally rename the user account across
domains. |
|
Organizational Unit-Container |
The name of the destination Organizational
Unit-Container of the user account (example: Students or Students/Group1).
When this property is not specified, the user account is not moved but
renamed only unless the property 'OU-Container LDAP name' is specified. |
|
Specification of this property is required
only if you want to move and optionally rename the user account to another
organizational unit or container. |
|
OU-Container LDAP name |
The full LDAP name of the destination Organizational
Unit-Container (example: ou=Schools, dc=Tools4ever, dc=Com). When specified,
the properties 'Domain' and 'Organizational Unit-Container' are ignored.
When no destination Organizational Unit-Container is specified, the user
account is not moved but renamed only. |
|
Specification of this property is required
only if you want to move and optionally rename the user account to another
organizational unit or container. |
|
Domain controller |
Optional: The name of the domain controller,
used to access to the domain, container or organizational unit where the
account is moved to or where the account exists in case of a rename operation.
This property 'helps' User Management Resource Administrator to access
Active Directory. |
|
|
|
New name |
The new name of the user account. The name
is the name that identifies the user account in Active Directory e.g.
the 'Common-Name'. If this property is not specified, the account is not
renamed. To rename other names of user accounts, use the action 'Edit
user (AD)'. |
|
You only need to specify this property if
you want to rename the user account, e.g. change the common name. |
More information:
Principle of operation
Project operations - Input data
Project operations - Manage script actions
Project operations - Variables
Help on help
|
