10 Replies Latest reply on Apr 7, 2017 1:10 PM by Halukkocaman

    Email of Logged in User

    Halukkocaman Novice

      Hi,

      I'm trying to get the email address of logged in user in vRO. From the community search I found the discusstion below.

      Getting AD User attributes using plugin

      I try to run the script but I got an error message. I try to modify it to see were I get stuck. I just run the script below with output name  actionResult and type Array/AD:User. Script did not failed but value was empty, so it tells me that this could not find any user. What would be the reason for this?

       

      id = Server.getCurrentLdapUser().displayName;

      actionResult = ActiveDirectory.searchExactMatch("User", id);

       

      If I only run "id = Server.getCurrentLdapUser().displayName;" returns correct value. I also validate that I can get an attribute of an AD user if I select the AD user as an input.

       

      Thanks,

      Haluk

        • 1. Re: Email of Logged in User
          iiliev Champion
          Community WarriorsVMware Employees

          In the referenced discussion, the code in the last post is slightly different:

           

          requesterLogin = Server.getCurrentLdapUser().loginName;  
          targetUser = ActiveDirectory.searchExactMatch("User", requesterLogin);  
          adUser = targetUser[0];
          

           

          That is, it is using Server.getCurrentLdapUser().loginName and not Server.getCurrentLdapUser().displayName as in your code.

          • 2. Re: Email of Logged in User
            Halukkocaman Novice

            I try that too.

             

            • 3. Re: Email of Logged in User
              iiliev Champion
              VMware EmployeesCommunity Warriors

              Hmm, seems to work for me.

               

              Are you absolutely sure that the current user logged in vRO client actually exists in the Active Directory instance configured as default? If yes, then could you provide details about your environment - platformversion, AD plug-in version, configured AD servers, type of authentication, etc.?

              • 4. Re: Email of Logged in User
                Halukkocaman Novice

                Yes it is my user account and it is exist in AD.

                vRO 7.1.0.4262825 build 4262825

                AD plugin version : 3.0.2.4209033

                I have one configured AD server out of 5-6 servers and I also added ldap name. (I need to add the one server to configure as a default DC for some other workflow.)

                it is Ldap authentication.

                • 5. Re: Email of Logged in User
                  iiliev Champion
                  Community WarriorsVMware Employees

                  Could you create a test workflow with an input parameter of type AD:User and check if you'll be able to browse and select your user from the default AD server, and print its properties?

                   

                  Also, you may want to check with the latest Tech Preview version of the AD plug-in available here (although I doubt it will behave differently than the version you have) - Technical preview version of VMware vCenter Orchestrator Plug-In for Microsoft Active Directory

                  • 6. Re: Email of Logged in User
                    Halukkocaman Novice

                    I created the workflow below.

                     

                     

                    When I run this from vRO and select the user, it returns the email address.

                     

                    I present this workflow to vCenter and run it from there and as you can see it did not picked up the user name automatically.

                     

                     

                    Other think I realized is that when I push to green plus button to add a user, I only see 1000 user accounts in the filter option. I tried to find my username but I could not. Interesting thing is, there are other users are in there that in same OU as my username. If I use the Browse option (tree view) to expend the OU my username is in, I can find my username. I also try to specify the root OU in vRO but it did not work either.

                     

                    • 7. Re: Email of Logged in User
                      igaydajiev Expert
                      VMware Employees

                      Ataching sample workflow for resolving user's email. It contains 2 examples:

                      Examples are created based on functionality available in AD server 3.x+ (Technical preview version of VMware vCenter Orchestrator Plug-In for Microsoft Active Directory ).

                       

                      1. Find AD user based on users distinguished name (DN) and return it's mail.

                             Note: This example will work only in case vRO server authentication is configured to be Ldap mode. Since "DN" attribute is properly populated only in this case. In case vRO server is configured to use SSO mode "DN" attribute contains username itself and not users distinguished name.

                         

                      2. Find AD user based on it's userPrincipalName  (users logon name). more details can b found here User Naming Attributes (Windows)

                       

                      You can easily modify this example to work against arbitrary LDAP server (it is not needed to be same as LDAP server used by vRO server itself)

                       

                      Regarding 1000 entries limitaation ...

                      This is default settings of Microsoft Active directory server to return maximum "1000" entries per query (MaxPageSize). In case you need more entries you need to use paging and request them on portions or change default settings of the server (not recomended). Latest vRO plugin introduce supports for generic LDAP queries and also Paging funcitonality. Some examples are available here :Active Directory plugin 3.0.0 - New and Noteworthy

                       

                       

                      Hope it helps!

                      • 8. Re: Email of Logged in User
                        iiliev Champion
                        VMware EmployeesCommunity Warriors

                        For the issue with root OU not working in WebClient choosers - not all presentation properties you can define on an input parameter in vRO are supported in vSphere WebClient, and root object is one of the unsupported.

                         

                        For user name not picked up automatically - from where exactly did you start the workflow? Auto population of the input parameter is expected to work when you right-click on a object of certain vCenter types (like virtual machine, datacenter, etc.).

                        • 9. Re: Email of Logged in User
                          igaydajiev Expert
                          VMware Employees

                          I have forgot to add the attachement... Just added it.

                          • 10. Re: Email of Logged in User
                            Halukkocaman Novice

                            I remove the first part of the script and left only the part below. Worked like a charm. Thank you.

                             

                            var ldapClient = null;

                            ldapClient = host.getLdapClient();

                            /* You can use custom base in form 'ou=someuo,dc=somedomain,dc=com' to further limit the search*/

                            searchBase = host.getHostConfiguration().getLdapBase();

                               

                            // Find user by login name

                            // and resolve users mail.

                            var loginName = Server.getCurrentLdapUser().loginName

                                try {

                                    var username = Server.getCurrentLdapUser().loginName

                                    System.log(" == Search for user based on userPrincipalName  " +  username );

                                    entry = ldapClient.searchForEntry(searchBase , LdapSearchScope.SUB, 10000, "(userPrincipalName=" + username + ")");

                                    if (entry != null ) {

                                      email = entry.getAttributeValue("mail");

                                    }

                                } catch (e) {

                                    System.error(e);    

                                }