Can Dell Kace Manage Active Directory groups on AD accounts?
Basically, if a user requests access which is provisioned by an active directory group that does not require an approval, can Kace put that group onto the End User's AD account automatically? And if so, what application/package (IE Service Desk) does that?
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
jknox
10 years ago
It's not an automatic process. You would either have to schedule LDAP imports or the account would update the next time the user logged into the K1000.
http://www.kace.com/support/resources/kb/article/how-to-schedule-an-ldap-import-help-desk
Comments:
-
Thank you jknox...by chance would you know what part of Kace could be used for this? Would it be the Service Desk part? - ajfee 10 years ago
-
jknox, I think what he's asking is if KACE can add members to an AD group... to which the answer, I believe is, no... KACE can only do LDAP queries to request info FROM the AD. So your answer would certainly apply after the user is added to the group on the AD side, but it seems he's looking for a way to automate the AD side of things.
That being said, you could write a VBS or Powershell script to automate adding a user to a particular group... the trick would be figuring out how/where to execute it from since it would have to be run as a user with rights to modify Domain Groups - BHC-Austin 10 years ago-
Whoops, not enough caffeine this morning apparently. Missed that part.
LDAP is read only from the K1000. Any changes would have to be made on the LDAP server itself. - jknox 10 years ago-
Could this be done by using a custom mysql rule and script? - chris.poston 6 years ago
