/build/static/layout/Breadcrumb_cap_w.png

Automation of Active Directory Account Creation

We have an extremely complex and lengthy process for onboarding new employees.  I am trying to come up with ways to automate as many of these steps as possible.  I was curious if anybody knew of any tricks using our K1000 that may help.

To explain further, we have an HR ticket queue where all new employee requests are created.  Within this ticket contains all the information I need to build an Active Directory account.  My thoughts are using Powershell, I could query the backend MySQL database and create a script that would create the accounts.


I wanted to reach out to see if anybody knew of any cool tricks (I'm even open to 3rd party software) that may work?

Asked 8 years ago 3592 views
1 Comment   [ + ] Show comment
  • There are many VBScripts and no doubt Powershell scripts as well, on the internet, that can manage AD. Just ask Mr Google to point you at a few. - EdT 8 years ago

Answers (2)

Posted by: anonymous_9363 8 years ago
Red Belt
0
Having worked at many larger client sites, I'd say your biggest hurdle is going to be talking HR into allowing access to the database and then talking round the DBAs to sort out appropriate access levels.
Comments:
  • To clarify, the Database in question is the Dell KACE. After working on it over the weekend I have a powershell script that will do exactly what I need. I'm having difficulty getting Powershell to connect to the KACE database to run a query. - mds1981 8 years ago
    • Were you ever able to get this to work? - gcoolong 7 years ago
Posted by: Sam Bloom 8 years ago
White Belt
0
There are many ways to do that. A good starting point really is PowerShell scripts that can take all the data from the HR (e.g. in a form of a csv file) and use this data to create a user account in AD. You can have a look at already existing scripts out there in places like technet gallery (https://gallery.technet.microsoft.com/scriptcenter), however it might not be the best idea as those scripts can be very much company specific. It will also be quite hard to maintain after a while.

You can also have a look at various 3rd party tools that provide automation for AD provisioning. There are lots of them varying on what exactly you need to do, going from really cheap (or even free) and crap ones to really advanced and expensive. Not to spam with my own recommendations, here is a good article by techrepublic that despite beaing a bit old is still very relevant. http://www.techrepublic.com/blog/five-apps/five-apps-for-active-directory-management/ 

Posted by:

mds1981 Orange Belt
Ninja since: 10 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Scripting Questions
question

Related Questions

Link

Related Links

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ