Document toolboxDocument toolbox

Active Directory

Owned by Anthony Shevlin (Deactivated)
Jan 09, 2024
4 min read

Active Directory is a directory service that Microsoft developed for Windows domain networks.

Connect Active Directory with Devo SOAR

  1. Navigate to Automations > Integrations.

  2. Search for Active Directory.

  3. Click Details, then the + icon. Enter the required information in the following fields.

    • Label: Enter a connection name.

    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input.

    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).

    • Remote Agent: Run this integration using the Devo SOAR Remote Agent.

    • Host: The host of the Active Directory. Append port (example: x.x.x.x:636) for custom port configuration. By default, LDAP uses port 389. LDAP SSL uses port 636.

    • Base DN: Base DN (for example 'dc=logichub,dc=com').

    • NTLM (Optional): Authenticate using NTLM (New Technology LAN Manager).

    • Allow Unsecure Connection (Optional): Allow unsecure connection to AD host over SSL.

    • Username: The username used to connect to the host.

    • Password: The password used to connect to the host.'

    • CA Certificate: Upload a .crt CA Certificate file.

  4. After you've entered all the details, click Connect.

Actions for Active Directory

Find Organizational Unit

Find the Organizational Unit of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Email

Email of the user whose organizational unit is to be found.

Required

Output

A JSON object containing details of the organizational unit of the user with the specified email.

JSON

{ "has_error": true, "error": "User with email not found" }

List Members of an Organizational Unit

List all the members of an organizational unit.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

OU String

Organizational Unit string to list its members.

Required

Output

A JSON object containing all members of this OU.

JSON

{ "reason": { "dn": "", "referrals": null, "description": "noSuchObject", "result": 32, "message": "0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n\u0000", "type": "searchResDone" }, "has_error": true, "error": "Some error occurred. Exception(\"Query '(&(objectClass=User)(objectCategory=person))' for '' base_dn failed!\",)" }

LDAP Search

Searches members in Active Directory of an organization.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Search Filter

Enter jinja-templated RFC 2254-compliant search string.

Required

Search Base

Enter jinja-templated Base DN as the starting point instead of the default one provided in Connection.

Optional

Search Scope

Select BASE / LEVEL / SUBTREE option to specify how broad the search context is (default is SUBTREE).

Optional

Dereference Aliases

Select option DEREF_NEVER / DEREF_SEARCH / DEREF_BASE / DEREF_ALWAYS to specify how the server must treat references to other entries (default is DEREF_ALWAYS).

Optional

Attributes

Enter comma-separated attributes to be returned by the search. Enter * to return all user attributes or enter + to return all operational attributes (default is * that is, all user attributes).

Optional

Size Limit

Enter a maximum number of entries returned by the search (default is 0 that is, the whole set of found entries is returned).

Optional

Time Limit

Enter the number of seconds allowed for the search (default is 0 that is, the search can take an unlimited amount of time unless the server has a more restrictive rule.)

Optional

Types Only

Select option True/False to return only attribute names and not return attribute values (default is False).

Optional

Microsoft Active Directory set a hard limit of 1000 entries returned by any search. Therefore, a paginated search is performed by the integration automatically to return Size Limit results (all results if specified 0 or unspecified).
The Time Limit is respected per search of this paginated search.

Output

A JSON object containing multiple rows of results:

  • has_error: true/false

  • error: msg/null

  • other fields of the queried response object

Disable User Account

Disables account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Identity Column

Identity of user. Supported identities (DistinguishedName, sAMAccountName).

Required

Identity Type

Type of identity supplied above (DistinguishedName, sAMAccountName).

Required

Output

A JSON object containing multiple rows of results.

Enable User Account

Enables the account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Identity Column

Identity of user. Supported identities (DistinguishedName, sAMAccountName).

Required

Identity Type

Type of identity supplied above (DistinguishedName, sAMAccountName).

Required

Output

A JSON object containing multiple rows of results.

Reset Password

Reset the user's password.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Identity Column

Identity of the user. Supported identities (DistinguishedName, sAMAccountName).

Required

Identity Type

Type of identity supplied above (DistinguishedName, sAMAccountName).

Required

New Password

The new password to replace the old one. A random password will be used if this input-field is not filled.

Optional

Output

A JSON object containing multiple rows of results.

Delete User Account

Delete the account of a user.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Identity Column

Identity of user. Supported identities (DistinguishedName, sAMAccountName).

Required

Identity Type

Type of identity supplied above (DistinguishedName, sAMAccountName).

Required

Output

A JSON object containing multiple rows of results.

Release Notes

  • v2.0.0 - Updated architecture to support IO via filesystem

  • v1.1.0 - Added optional field to upload CA Certificate at connection level.