VMware Cloud Community
pedjono
Enthusiast
Enthusiast
Jump to solution

create vRO Action to return availiable AD:OrganizationUnits

Hi all,

I have googled this a lot as i thought I cant be the only person wanting to do it.. but I cant quite find something that will work..

I am new to using the AD plugin but I have it configured to see our DEV and Test domains etc..

What I want to do is have a drop down list of available OU's so that when someone is deploying a VM it joins the domain via customization spec and then is put in the selected OU..

I just want something to do a get and return the list of names that can then be selected from the drop down list..

I have found ways to return the info of an OU but that requires me typing in the name.. but we dont want people to type in the name, and I also want to allow for cases where they requested a new OU, to make sure it has been created first.. (NO vRO is not allowed to just go and create it.... "yet")

Any help appreciated.

Thank you,

Jono.

1 Solution

Accepted Solutions
qc4vmware
Virtuoso
Virtuoso
Jump to solution

Sorry I misread your question... is there a reason just using a tree select for the OU won't do what you want?

Screen Shot 2019-08-19 at 12.18.39 AM.png

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

View solution in original post

6 Replies
qc4vmware
Virtuoso
Virtuoso
Jump to solution

This will get you a list of the hosts then you can extract the information you need

var hosts = AD_HostManager.findAllHosts();

Reply
0 Kudos
pedjono
Enthusiast
Enthusiast
Jump to solution

Thanks for the response.. But it doesnt really help. I mean it does exactly what you said in that it returns a list of ADhosts..

Im guessing there's a bit of scripting required passed my experience level.. to get the list of OUs

Reply
0 Kudos
qc4vmware
Virtuoso
Virtuoso
Jump to solution

Sorry I misread your question... is there a reason just using a tree select for the OU won't do what you want?

Screen Shot 2019-08-19 at 12.18.39 AM.png

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

pedjono
Enthusiast
Enthusiast
Jump to solution

Hi qc4vmware

Thanks for that Idea! it is very close to what I want..  rather than a tree though i used value pick, which while yes it goes against having to type it in, its atleast not just a free text field it will match something in the list.

The tree is a problem because it gives "users" to much visibility (the whole tree) and we dont want them putting it in a completely random spot.

Using the value picker they can start typing the OU name and it will pop up to select..

Only problem now is we have the same OU names in DEV, TEST and often Prod....  so this happens

pastedImage_0.png

now the question is which one is the right one...

So that is why I have marked your reply as helpful as now I am a lot closer.. But I will need to keep looking further.

Thanks.

qc4vmware
Virtuoso
Virtuoso
Jump to solution

If you click on one of the items in the list it will pop up the DN of the ou which will show the domain.

I have always used a service account for the AD plugin but it can be setup per user.  You could lock down in AD what OU's the users can see and only those will be exposed to them within vRO (I think).

Reply
0 Kudos
pedjono
Enthusiast
Enthusiast
Jump to solution

qc4vmware​ I have actually ended up doing what you suggested for now... using the tree and letting the OU be selected down the tree. So therefore marking your answer as correct.

It does exactly what I need in that the "computer" gets created in the selected OU, and for where we are at with this as far as MVP#1 it is perfect.

Later when we are at MVP#3 or #4 I will revisit this.

So for anyone else that finds this...

Having the OU selected was only part of the battle.

I have also, configured the "Event Broker Service" to send the PRE-Build Payload to a workflow I created, there is scriptable task, extracting the attribute values from the payload.

These attributes are set as input parameters to another scriptable task that converts the 'OU' data string into something usable. Because I have multiple domains configued with AD, I have predefined "AD:adhost" attributes, and the correct one is picked dependent on the "Domain" that was pulled from the payload, NOTE the targetOU attribute is of type "Any" the code below has been borrowed from here and slightly modified to work for my use case.. It will take the targetOU attribute's  string and pull out the name to then search for it in the "adhost" and then populate the "ou" (AD:OrganizationUnit) attribute.

pastedImage_3.png

if (domainName = "dev.example.co.nz") {

  ad_host = adHostDev

} else if (domainName = "test.example.co.nz") {

  ad_host = adHostTest

}

System.log("ad Host name: " +ad_host.name);

var searchOU = targetOU.split("=")[1].split(",")[0];

System.log("Search OU: " +searchOU);

var ouArray = ActiveDirectory.search("OrganizationalUnit", searchOU, ad_host);

System.log("ouArray : " +ouArray);

ou = ouArray[0]

System.log("OU : " +ou.name)

Now add the in-built workflow "Create a computer in an organizational unit" to your workflow and configure the IN parameters accordingly for "ou", "computerName" and "domainName"

pastedImage_0.png pastedImage_4.png

In the end your workflow will look a bit like this, and all going well, when you provision your machine, EBS will fire this workflow creating the computer in the OU..

pastedImage_5.png

Disclaimer: There are some assumptions here, that you have EBS setup, and can get the payload etc.. this works for me so I hope it helps someone else too...