Automatically move users between organizational units

You can configure Adaxes to automatically move objects between organizational units based on certain rules. For example, when a new user account is created, Adaxes can automatically move the account to the organizational unit that corresponds to the user's city. When the City property of a user account is changed, Adaxes can move the account to the OU associated with the new city. To ensure that all directory objects are always placed into appropriate OUs, you can use scheduled tasks to move objects on a periodic basis.

To share the move object rules between different business rules and scheduled tasks, you can create a custom command that will contain all the necessary actions and conditions, and then execute the command in business rules and scheduled tasks.

In this tutorial, you will learn how to create a custom command that will move users between OUs based on their city, and how to execute the command in business rules and scheduled tasks.

1. Launch Adaxes Administration console.

    How {id=collapse1}

   • On the computer where Adaxes Administration console is installed, open Windows Start menu.

   • Click Adaxes Administration Console.

     

2. Right-click your Adaxes service, point to New and click Custom Command.

   

3. Enter a name for the new custom command.

4. Since the custom command will be executed by business rules and scheduled tasks only, clear the Enabled checkbox. Disabled commands are not displayed in the user interface.

   

   Click Next.

5. On the Object type step, select User.

   

6. Click Next twice.

7. On the Actions step, click Add an action.

8. Select the Move the user action.

   In the Action Parameters section, select the organizational unit that corresponds to one of the cities.

   

   Click OK.

9. Right-click the newly added action and then click Add Condition in the context menu.

   

10. Select the If <property> <relation> <value> condition.

    In the Condition Parameters section, specify City - equals - <city name>.

    

    Click OK.

11. Right-click the condition/action block, and then click Copy in the context menu. To copy the whole block, make sure no actions and conditions are selected.

    

    Right-click the condition/action block again, and then click Paste in the context menu.

    

    Double-click the action and condition in the pasted Else If block and configure them for another city.

    

    Repeat the steps above for each city.

    To move an Else If block up and down, select it, and use the buttons. To move the whole block, make sure no actions and conditions are selected.

    Optionally, add the Else block to move users to a specific organizational unit if none of the conditions are met.

    

    Using templates

    With the help of templates, you can create a single action that will move users to different OUs based on user account properties. For this purpose, provide a template that will be used to build the distinguished name (DN) of the target organizational unit. For example, to move users to the organizational unit that has the same name as the user's city, you can use the following template:

    OU=%l%,DC=example,DC=com
    

    Value reference %l% will be replaced with the value of the City property of user accounts. For example, if the City property of a user account is set to New York, the account will be moved to organizational unit OU=New York,DC=example,DC=com.

    

     How {id=using_templates_how}

    • Click Add an action.

    • Select the Move the user action.

    • In the Action Parameters section, click the button.

      

    • Activate the Template tab.

    • In the Template field, specify a template for the distinguished name of the target organizational unit.

      

      To insert a value reference, click the button.

    • Click OK.

    Click Next.

12. On the Permissions step, click Finish.

13. Add the custom command to a business rule or scheduled task:

    • Select a business rule or scheduled task that will execute the custom command.

    To execute the custom command after a new user account is created, you can use a built-in business rule, After user creation. For details on how to configure and activate the rule, see Automate user provisioning.

    For instructions on how to create a scheduled task, see Schedule tasks for directory management.

    • Add the action for executing the custom command:

    • Click Add new action set.

    • Right-click Do nothing, and then click Add Action in the context menu.

      

    • In the Add Action dialog, select Execute a Custom Command.

    • In the Action Parameters section, select the custom command.

      

    • Click OK.

    • If the custom command is executed in a business rule triggered After updating a user, add the If the City property has changed condition.

    

    • Add the custom command to other business rules and scheduled tasks.

    

    

To make the City property required and allow users to select a city from a drop-down list, you can use property patterns.

For details, see Make an input field a drop-down list.

See also

• Automate group membership management

• Automate user provisioning