Adaxes

Create Temporary AD account for network access

0 votes

Our network team is working on a system to allow temporary AD user accounts that will be allowed to obtain access to network services. (They are doing this by allowing access to a group called CO_Wireless_LOC_Event_Users).

The process is as follows:

  1. Colleagues submits a ticket to our Help Desk with event name and start/conclusion date.
  2. The Help Desk login to Adaxes, click on "Create LOC Guest Wifi"
  3. Adaxes prompts Help Desk for: a. Colleague name/email (So it knows who to send the username and password to) b. Event name (Username of AD account, avoid spaces) c. Event expiration date (When the AD account will be deleted/disabled)
  4. Adaxes creates the user account in a OU called "LOCGuestWifi" and makes that user a member of the "CO_Wireless_LOC_Event_Users" AD group which wll also have an expiration date for the account and and a randomly generated password.
  5. Adaxes then sends the colleague the username/password and event details in an email.
  6. Because the AD User account has an expiration date, it will automatically disable at conclusion of event.
by (240 points)
0

Hello Ray,

For us to provide you with a solution, please, specify the version of Adaxes you are using. For information on how to check it, have a look at the following help article: https://www.adaxes.com/help/CheckServiceVersion.

by (289k points)
0

Product version: 3.14.19312.0

by (240 points)

1 Answer

0 votes
by (289k points)

Hello Ray,

Thank you for specifying. To configure the desired workflow:

  1. Create a Web interface action of Create User type. The action should be configured specifically for the LOCGuestWifi OU. image.png On the form the action should only have the required properties including an Adaxes custom date attribute (e.g. CustomAttributeDate1) to specify when the user must be disabled. For information on how to manage Web interface actions, have a look at the following tutorial: https://www.adaxes.com/tutorials_WebInterfaceCustomization_ConfigureActionsPane.htm.
  2. Create a business rule triggering After creating a user. The rule will add accounts created in the LOCGuestWifi OU to the COWirelessLOCEventUsers group. image.png
  3. Create a scheduled task that will be executed daily and disable users in the LOCGuestWifi OU when the time comes. image.png

Related questions

+1 vote
1 answer
Is generating and distributing a Temporary Access Pass (TAP) from Azure AD instead of a password supported?

Aiming to go passwordless, this is a must-have

asked Aug 30, 2023 by JM (30 points)
0 votes
1 answer
Create temporary password for new user accounts in Office 365

I have a business rule to create a user in our AD, and then have it create a new O365 account and assign it a license. How can I have it create a temporary password that I specify during that business rule?

asked Jun 17, 2020 by keecit (60 points)
0 votes
1 answer
Recommended way to create new user account when using Azure AD Connect?

We have internal AD that syncs to o365 via Azure AD Connect. It is not a hybrid environment; there is no Exchange on site. I am trying to find the best way to use Adaxes to ... so I am not sure the best way to handle that. Thanks for any help you can provide.

asked Apr 15, 2020 by Jasonmh (540 points)
0 votes
1 answer
We need to know specifically for self service password management what level of access in AD do I specifically need.

We need to know specifically for self service password management what level of access in AD do I specifically need.

asked May 9 by justinspring (20 points)
0 votes
0 answers
Annual AD Account Re-Authorization process for Audit

Is there a mechanism to perform an annual account re-authorization? on an Annual basis, People Managers are required to re-authorize the AD user account permissions there reports have ... Adaxes perform such an action? It appears that it may be able to do so.

asked Feb 17, 2020 by nicolais (20 points)
3,548 questions
3,239 answers
8,232 comments
547,814 users