Anonymous_User Absent Member.
Absent Member.
2778 views

Aegis Active Directory Password Expiry workflow


Hi, I am a complete newbie to this but would appreciate any assistance
for this. I am currently looking work a workflow for Aegis that will
Active Directory for password expiry and email users to change their
passwords before they are expired. Would appreciate assistance on this
workflow. Thanks


--
imranulghar
------------------------------------------------------------------------
imranulghar's Profile: https://forums.netiq.com/member.php?userid=11097
View this thread: https://forums.netiq.com/showthread.php?t=54933

0 Likes
2 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Aegis Active Directory Password Expiry workflow

imranulghar,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your issue been resolved? If not, you might try one of the following options:

- Visit http://www.netiq.com/support and search the knowledgebase and/or check all
the other support options available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.netiq.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.netiq.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your NetIQ Forums Team
http://forums.netiq.com


0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Aegis Active Directory Password Expiry workflow


Hi Imranulghar,

This type of question isn't really a technical support question, but
since its not a big workflow I can put together an answer in form of a
demo workflow for you so you can import it into your lab and hopefulyl
get it running ok.

There are a few main points.

#1 The workflow will probably run on a schedule - the Aegis Scheduler
adapter will tell the workflow when to start, possibly once a week.

#2 The only complicated part of this workflow is the LDAP query to
find the users whose passwords will expire in X days. The timeformat
isn't standard but there is an easy powershell command which can be run
in the workflow to calculate the upper and lower time settings of the
LDAP query.

#3 Once we find the users (depending on the method), we then need to
query the user for the email address which we then use to send them the
email. Loop through all users and end.


So the open question would be how do we connect to AD ? Do you have
NetIQ Directory and Resource Monitor - this has an installable Aegis
adapter which can be used to perform the AD connection tasks.

Without the adapter we can use the dsquery Windows Ad commands to handle
this. This will require parsing the screen output of the command but
not a big issue.

I also have specific LDAP activities for AD and a generic LDAP adapter
on the NetIQ Communities site which would also work - although these are
not supported. Technically scripting isn't either but there are a lot
of grey areas!

If you don't have DRA I will do the demo based on the command line
options - I'm on vacation for most of the next week or so but will get
to you after that.

Martin


--
martincotter
------------------------------------------------------------------------
martincotter's Profile: https://forums.netiq.com/member.php?userid=3942
View this thread: https://forums.netiq.com/showthread.php?t=54933

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.