6 Replies Latest reply on Aug 21, 2019 3:44 PM by pedjono

    create vRO Action to return availiable AD:OrganizationUnits

    pedjono Novice

      Hi all,

       

      I have googled this a lot as i thought I cant be the only person wanting to do it.. but I cant quite find something that will work..

      I am new to using the AD plugin but I have it configured to see our DEV and Test domains etc..

       

      What I want to do is have a drop down list of available OU's so that when someone is deploying a VM it joins the domain via customization spec and then is put in the selected OU..

      I just want something to do a get and return the list of names that can then be selected from the drop down list..

       

      I have found ways to return the info of an OU but that requires me typing in the name.. but we dont want people to type in the name, and I also want to allow for cases where they requested a new OU, to make sure it has been created first.. (NO vRO is not allowed to just go and create it.... "yet")

       

      Any help appreciated.

      Thank you,

      Jono.

        • 1. Re: create vRO Action to return availiable AD:OrganizationUnits
          qc4vmware Master

          This will get you a list of the hosts then you can extract the information you need

           

          var hosts = AD_HostManager.findAllHosts();

          • 2. Re: create vRO Action to return availiable AD:OrganizationUnits
            pedjono Novice

            Thanks for the response.. But it doesnt really help. I mean it does exactly what you said in that it returns a list of ADhosts..

            Im guessing there's a bit of scripting required passed my experience level.. to get the list of OUs

            • 3. Re: create vRO Action to return availiable AD:OrganizationUnits
              qc4vmware Master

              Sorry I misread your question... is there a reason just using a tree select for the OU won't do what you want?

               

              Screen Shot 2019-08-19 at 12.18.39 AM.png

              1 person found this helpful
              • 4. Re: create vRO Action to return availiable AD:OrganizationUnits
                pedjono Novice

                Hi qc4vmware

                Thanks for that Idea! it is very close to what I want..  rather than a tree though i used value pick, which while yes it goes against having to type it in, its atleast not just a free text field it will match something in the list.

                The tree is a problem because it gives "users" to much visibility (the whole tree) and we dont want them putting it in a completely random spot.

                Using the value picker they can start typing the OU name and it will pop up to select..

                Only problem now is we have the same OU names in DEV, TEST and often Prod....  so this happens

                now the question is which one is the right one...

                 

                So that is why I have marked your reply as helpful as now I am a lot closer.. But I will need to keep looking further.

                Thanks.

                • 5. Re: create vRO Action to return availiable AD:OrganizationUnits
                  qc4vmware Master

                  If you click on one of the items in the list it will pop up the DN of the ou which will show the domain.

                   

                  I have always used a service account for the AD plugin but it can be setup per user.  You could lock down in AD what OU's the users can see and only those will be exposed to them within vRO (I think).

                  • 6. Re: create vRO Action to return availiable AD:OrganizationUnits
                    pedjono Novice

                    qc4vmware I have actually ended up doing what you suggested for now... using the tree and letting the OU be selected down the tree. So therefore marking your answer as correct.

                    It does exactly what I need in that the "computer" gets created in the selected OU, and for where we are at with this as far as MVP#1 it is perfect.

                    Later when we are at MVP#3 or #4 I will revisit this.

                     

                    So for anyone else that finds this...

                    Having the OU selected was only part of the battle.

                    I have also, configured the "Event Broker Service" to send the PRE-Build Payload to a workflow I created, there is scriptable task, extracting the attribute values from the payload.

                    These attributes are set as input parameters to another scriptable task that converts the 'OU' data string into something usable. Because I have multiple domains configued with AD, I have predefined "AD:adhost" attributes, and the correct one is picked dependent on the "Domain" that was pulled from the payload, NOTE the targetOU attribute is of type "Any" the code below has been borrowed from here and slightly modified to work for my use case.. It will take the targetOU attribute's  string and pull out the name to then search for it in the "adhost" and then populate the "ou" (AD:OrganizationUnit) attribute.

                    if (domainName = "dev.example.co.nz") {
                      ad_host = adHostDev
                    } else if (domainName = "test.example.co.nz") {
                      ad_host = adHostTest
                    }
                    System.log("ad Host name: " +ad_host.name);
                    var searchOU = targetOU.split("=")[1].split(",")[0];
                    System.log("Search OU: " +searchOU);
                    
                    
                    var ouArray = ActiveDirectory.search("OrganizationalUnit", searchOU, ad_host);
                    System.log("ouArray : " +ouArray);
                    ou = ouArray[0]
                    System.log("OU : " +ou.name)
                    
                    
                    

                     

                    Now add the in-built workflow "Create a computer in an organizational unit" to your workflow and configure the IN parameters accordingly for "ou", "computerName" and "domainName"

                    In the end your workflow will look a bit like this, and all going well, when you provision your machine, EBS will fire this workflow creating the computer in the OU..

                    Disclaimer: There are some assumptions here, that you have EBS setup, and can get the payload etc.. this works for me so I hope it helps someone else too...

                    1 person found this helpful