VMware Cloud Community
Cit3Jon
Contributor
Contributor
Jump to solution

Move ADUser to Different OU

Hello Folks,

Full disclosure - I'm very new to scripting in Orchestrator, and I'm having a hard time getting my arms around how to navigate through some of the more custom scripting that's required sometimes. 

My challenge is pretty simple. I need to move an AD User to a new OU. I've done a good amount of research, and have come up empty.

Did some digging in the API Explorer and found the rename method of the AD_User object, but honestly.. I'm not sure if this is going to be helpful or how to even use it.

My ask is pretty simple: Has anyone done this before, and if so, would you mind sharing a snippet of how you acheived this?

Reply
0 Kudos
1 Solution

Accepted Solutions
iiliev
VMware Employee
VMware Employee
Jump to solution

Hi,

You need to use ActiveDirectory.rename(), not AD_User.rename().

Check ActiveDirectory.rename() documentation in vRO API Explorer, there is an example how the parameters look like.

View solution in original post

3 Replies
iiliev
VMware Employee
VMware Employee
Jump to solution

Hi,

You need to use ActiveDirectory.rename(), not AD_User.rename().

Check ActiveDirectory.rename() documentation in vRO API Explorer, there is an example how the parameters look like.

Cit3Jon
Contributor
Contributor
Jump to solution

This helped, thank you!

I now realize how trivial this was.. just had to get my arms around how exactly the javascript interacts with objects.

I'll do my best to explain this simply so others that may be starting off with vRO can have an easier time than I did 🙂

I ended up creating inputs for the scriptable task that required the AD:User type and the AD:OrganizationalUnit type. This object is then consumed by ActiveDirectory.rename(). I did find the documentation slightly confusing, but it became more clear when I realized you can both rename and/or move objects using ActiveDirectory.Rename().

According to the API Explorer, the parameters for ActiveDirectory.Rename are:

- From (string)

    Think of this as the reference for everything else you do. It requires the distinguished name, not the object itself.

- To (string)

    Think of this as the name of the object in the destination. In my testing, if you pass anything but "'CN='+objAdUser.name", the user object will be named something you don't intend.

- New_Parent (string)

    This is simply the container you want the object to live in.

If any of this is incorrect, please let me know!

Here's the example snippet:

//Begin Snippet

/*

    Inputs: NewOU (AD:OrganizationalUnit), objAdUser (AD:User)

*/

ActiveDirectory.rename(objAdUser.distinguishedName,"CN="+objAdUser.name,NewOU.distinguishedName)

//End Snippet

Reply
0 Kudos
mcity
Contributor
Contributor
Jump to solution

Please elaborate more on this solution.

Reply
0 Kudos