nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Bulk user and groups creation on ARM Client

Chris_fqml

Allow a feature to ease the load of multiple users or groups for creation on AD.

This is particularly helpful when creating multiple users\groups at once.

Find more posts tagged with

arm

active directory

feature requests

SolarWinds ARM

Status: None

Comments

Hello Chris FQML, you could use an OpenTemplate with a TextArea and then pass the user to a PowerShell script. The same would work for groups as well. In the PowerShell script you only need a foreach loop and the passed names of the users. You can also define the SAM and many other LDAP attributes in the script.

bp00

Hey CK, how does one pass the user into a powerscript? And how does one define attributes into a script as well? I've been wanting to pass variables from a given user creation template to a powershell script

Chris_fqml

Thank you, CK, for sharing your idea. I appreciate your suggestion, but I must admit that as a non-programmer, I have faced challenges in working with Open Templates and understanding how to effectively utilize them. Similar to bp00's comment, I lack the knowledge to code the necessary script for passing user variables to ARM. Additionally, the absence of an Open Template Library further complicates the management of specific requirements.

Considering these difficulties, I believe it would greatly benefit users like us if ARM incorporated this functionality as a built-in feature. By doing so, it would alleviate the complexities associated with coding and provide a more user-friendly experience, allowing us to better manage and fulfill our specific requirements.

In the ARM configuration client. There you have to include the transfer from the OpenOrderTemplate to the PowerShell script.

bp00

This is excellent! Would you be willing to show like a screenshot what one of the script files coding on the server looks like? If not, no worries as I'm already asking too much.

Sure. In the PowerShell script below you can see how I pass the "Members" parameter from the opentemplate to the script.

param(
[String]$Members="",
) 

#Add Member to Group
try{$Members.Split(";").Trim()  | %{Add-ADGroupMember -Identity $Group1.distinguishedName   -Members $_}}catch{}

Here is the excerpt from the template.

{
					"Key": "Members",
					"Value": {
						"Type": "TextArea",
						"DefaultValue":  ";",
						"Label": "Mitglieder",
						"IsEnabled": true
					}

				}

In the ARM configuration client you only have to pass the parameter.

bp00

Hey CK, I'm attempting to follow your instructions for running the script after a user creation template. Here's a given example of the parameter "userprincipalname" to pass:

{
"Name": "userprincipalname",
"Definition": {
"Type": "TextField",
"Label": "Email Display Name",
"Description": "",
"DefaultValue": null,
"IsRequired": true,
"IsEnabled": true,
"isHidden": false,
"isHiddenFromRequester": false,
"Constraints": {
"MaxLength": -1,
"ForbiddenChars": null,
"ValidationRule": "",
"ValidationInformation": "",
"UniquenessConstraint": "properties/ldap/uniqueness",
"CreationRule": "{givenname}.{sn}@domain.com"
}
}
},

And this is the script (assignLicense.ps1) I'm trying to run with said userprincipalname parameter to:

param(
[String]$userprincipalname="",
)

Connect-MgGraph -ClientID <client id> -TenantId <tenantid> -CertificateThumbprint <cert thumb>

$e3Sku = Get-MgSubscribedSku -All | Where SkuPartNumber -eq '<license name>'
Set-MgUserLicense -UserId $userprincipalname -AddLicenses @{SkuId = $e3Sku.SkuId} -RemoveLicenses @()

Finally a screenshot of my script setup within the change actions:

I feel like I'm not passing the parameter properly

Hey bp00, I see the first error in your OpenTemplate. With open templates you have to work with key and value. Name and definition is only for the CreateNewUser template.

{
              "Key": "userprincipalname",
              "Value": {
              "Type": "TextField",
              "Label": "Email Display Name",
              "Description": "",
              "DefaultValue": null,
              "IsRequired": true,
              "IsEnabled": true,
              "isHidden": false,
              "isHiddenFromRequester": false,
              "Constraints": {
              "MaxLength": -1,
              "ForbiddenChars": null,
              "ValidationRule": "",
              "ValidationInformation": "",
              "UniquenessConstraint": "properties/ldap/uniqueness",
              "CreationRule": "{givenname}.{sn}@domain.com"
              }
              }
              },

When passing, you must faithfully pass the variable to PowerShell. As seen in the picture. You also have to store a link to the script in the OpenTemplate. SkripttoExecute in the header area of the template. This is the only way arm knows which script to use.

bp00

Understood. The templates that I've created are all based on user creation templates. Would I need to convert them over to OpenTemplate types? It looks like the only thing I really need to do is change "Name" to "Key" for the most part