This help site is based on the available in-product assistance as of December 2016. Please note that this site is provided as a convenience and it does not go through rigorous layout testing.


Back Forward Home Print
Nintex Workflow 2010 > Workflow Actions
Update AD User

* This topic applies to Nintex Workflow Enterprise Edition only

This workflow action will update the properties of an Active Directory user account.

To use the workflow action:

  • Locate the action in Workflow Actions Toolbox (located on the left hand-side);
    • Click on the Category listings to reveal the actions; OR
    • Search for the action using a keyword.
  • Select the action, drag it onto the design canvas and drop it onto a design pearl.

Alternatively

  • Left-clicking the pearl, mouse-over Insert Action and then the Categories to reveal the actions, click the required action from the list.

To change the settings used by the action:

  • On the action’s title click the down arrow to activate a drop-down
  • Select Configure; OR
  • Double-click the action's icon.

For more information on the other options in the drop-down, please refer to the Getting started with the Nintex Workflow designer.

Options within this action

Where the account is located

LDAP Path

To configure the LDAP Path, refer to the LDAP Picker for more information.

Account to update

sAMAccountName

The username (sAMAccountName) of the Active Directory entry.

AD Fields to update

Fields

Select fields from the drop down list. At least 1 field must be updated.

If a field to update is not available, select Other, and type the field name, then click the Add button.

Note: The Add button will appear when Other is selected.

The property name entered must be a valid Active Directory schema property. Some properties cannot be set within this workflow action. E.g. 'memberOf' must be updated via the 'Add User to AD Group' and 'Remove User from AD Group' workflow actions.

AD Fields to take note of:

  • Country: If selected, this option correctly sets the 3 Active Directory properties; c, co and countryCode.
  • Password: If selected, this option allows the resetting of a password. Use this drop down option to set password information correctly. The Password option provides the following additional settings:
    • Generate password: If checked, a random password will be automatically generated by the action. If unchecked, specify the password for the account in the New password textbox.
    • Store generated password: The automatically generated password can be stored in a text type workflow variable. This can then be used in other actions.
  • Manager: If selected, this value must be the sAMAccountName of an existing Active Directory account.
  • Directory Location: Use this property to move the AD object from one location to another. Use the LDAP Picker to select a valid location, or enter an LDAP path, in the format LDAP://OU=someOU,DC=company,DC=country. E.g. LDAP://OU=archived users,DC=nintex,DC=com

Note: The credentials entered in the Username and Password fields at the top of the page will be used to connect to the new AD location.

  • Rename: Use this property to rename an AD object. Use the format CN=[new name] or [new name]. E.g. CN=John Smith, or John Smith.

Note: Setting this property will only affect the cn, canonicalName, distinguishedName and name properties in AD. Setting the Display Name, Given Name and Last Name properties to complete a rename operation may also be required.

OCS properties such as SIP Address and email will need to be set separately. The 'Rename' field is available from the 'Other fields' drop down menu.

  • Account Activation: Use this property for the following operations:
    • To unlock a locked-out account.
    • To re-enable a disabled account.
    • To disable an account.
    • Any combination of the above.

Note: An account can't be locked out. By unchecking Enable, the account is disabled. Leaving it checked ensures it will be left in, or change to an enabled state. Checking Unlock will unlock the account.

  • Account Options: Use this property to set the following account options:
    • User must change password at next logon.
    • User cannot change password.
    • Password never expires.
    • User cannot change password AND Password never expires.

Note: Leaving all 3 checkboxes unchecked will remove all options. The only valid multiple selection is User cannot change password AND Password never expires.

  • Other: Allows a property that is not available in the list to be specified.