Hi, I am a complete newbie to this but would appreciate any assistance for this. I am currently looking work a workflow for Aegis that will Active Directory for password expiry and email users to change their passwords before they are expired. Would appreciate assistance on this workflow. Thanks
This type of question isn't really a technical support question, but since its not a big workflow I can put together an answer in form of a demo workflow for you so you can import it into your lab and hopefulyl get it running ok.
There are a few main points.
#1 The workflow will probably run on a schedule - the Aegis Scheduler adapter will tell the workflow when to start, possibly once a week.
#2 The only complicated part of this workflow is the LDAP query to find the users whose passwords will expire in X days. The timeformat isn't standard but there is an easy powershell command which can be run in the workflow to calculate the upper and lower time settings of the LDAP query.
#3 Once we find the users (depending on the method), we then need to query the user for the email address which we then use to send them the email. Loop through all users and end.
So the open question would be how do we connect to AD ? Do you have NetIQ Directory and Resource Monitor - this has an installable Aegis adapter which can be used to perform the AD connection tasks.
Without the adapter we can use the dsquery Windows Ad commands to handle this. This will require parsing the screen output of the command but not a big issue.
I also have specific LDAP activities for AD and a generic LDAP adapter on the NetIQ Communities site which would also work - although these are not supported. Technically scripting isn't either but there are a lot of grey areas!
If you don't have DRA I will do the demo based on the command line options - I'm on vacation for most of the next week or so but will get to you after that.