How to add an email account to a user via workflow

I'm trying to automate some of the provisioning for our company I've got most of it working but I dont see how to add an email account to a user via work flow like the standard provisioning does 

Parents Reply Children
  • Does / can the third party app perform its actions through Active Roles or do you need Active Roles to be able to "detect" the provisioning actions that your app performs within AD?

  • i need active roles to be able to "detect" the provisioning actions that the app performs within AD

  • I haven't had much luck with getting workflows to detect changes in AD.  I have been successful by using policy scripts embedded into provisioning policies linked to the OUs where your app is creating the users.

    In your policy script, you will need to create an onPostCreate function.  Within this function, you should stamp the edsaCreateMsExchMailbox = TRUE attribute I mentioned above to trigger the mailboxe enabling.  Remember to also supply the mailnickname (I could be wrong but I don't believe that a provisioning policy rule for "Alias" will fire in the case of a native user create).

    When you setup the policy script in your provisioning policy, you will also need to enable "Handle Changes from Dirsync Control" to the script will respond to native AD changes.  (see below)

    You are getting into the realm of what most customers hire Consultants to setup so don't be surprised if there's a bit of a learning curve to this.

    I suggest you have a look at the SDK that comes with the product to get more familiar with the idea of Policy Scripts.  The SDK is a help file that installs with the product.  If you search the installed folder structure on your AR server, you will find it.

  • the way I'm going about detecting an AD change is having the 3rd party put the users into and onboarding group  then run the workflow against that group once it finds a users it does the "provisioning work" then removes the user from the group

  • That'll work!  So all you have do then is have a scheduled (Automation) workflow to execute the mail enabling as I described - i.e. the setting of the requisite attributes.

  • yes thanks you the last part if figuring out how to make a directory with PowerShell based on the samaccount name

  • If you mean a home directory folder / share, there is a HomeFolderAutoprovisioning policy available in Active Roles which you can trigger by stamping the virtual property edsvaHomeDirectoryNetShare.  Below is the dialog that defines its behavior.  There's one other setting you need to configure that defines the acceptable locations.  This all assumes on-premises home folder storage.  There is a separate set of functionality pertaining to use of OneDrive.

  • no its a custom directory that we create for each user ( like a home dir but not one) we currently use a PowerShell script to create it I'm working on how to pass the samaccountname variable  from the search I currently do

  • If you use a Search Activity in your workflow, here's the info on how to grab the users from the result.  The thing to understand is that by using a script with a search activity, the script will run for each object returned.  From the example, you should be able to replace '.distinguishedname' with '.samaccountname' if you feel you need to.