Skip to main content

Articles in this section

See more
Print

Import SQL Data | Suspend AD Users rule

  • Updated

Import SQL Data | Suspend AD Users rule

This rule queries the specified Microsoft SQL data source and suspends matching Active Directory user accounts according to the settings specified in the provided AD User Suspend configuration.

IMPORTANT: This rule works only if the Use modern suspend setting is set to Yes in the Cayosoft Administrator Console in the Active Directory extension settings.

When to use this rule

Use this rule when you need to suspend Active Directory user accounts based on the data in the external data source, for example, an HR system.

Rule Settings

Setting name Description

Limit Scope to this Domain or OU
This setting defines the search query scope. To improve query performance, limit the scope to a specific OU.To test the rule configuration, limit the rule scope to an OU that contains test accounts or objects and use the Preview feature.

SQL Instance

Specify the name of the SQL Instance as defined in the Utils Extension SQL Server configuration. Using the Default SQL Instance setting will retrieve the current setting from the SQL Connection settings of the Utils extension.

NOTE: For more information, please see the Connecting to Microsoft SQL Server data source article.

SQL Database Name

Specify the database name from the selected SQL Instance.

SQL Table

Specify SQL Table or View from the selected database. Click the [...] button to display a list of tables from which to choose.

SQL Credentials

Specify the database from the data source SQL Instance. Click the [...] button to enter SQL Credentials.

NOTE: Cayosoft Administrator does not support Windows Authentication for connecting to a Microsoft SQL Server database. The database connection must use SQL Server Authentication, where the credentials (username and password) are created and managed within SQL Server itself. Mixed Mode refers to the SQL Server configuration that allows both SQL Server Authentication and Windows Authentication, but only SQL Server Authentication is supported by Cayosoft.

Data Source Filter

You can use the point-and-click filter builder for the specified data source.

NOTE: If the Where clause is also specified, it will be applied and the Data Source Filter will be ignored.

More options

Return These SQL Columns

Specify columns returned by the data source.

Where Clause

Define a WHERE statement in the SQL query sent to the data source to limit the rows returned by SQL Server.

Returned Properties

To display additional properties for each object found by the query, add those properties to the list.

Filter

Set the filtering conditions to hide unwanted data based on criteria not supported in the Query criteria setting.

Example: filter by the found object Distinguished Name.

TIP: For optimal performance, use the Query criteria setting above to filter objects whenever possible.
Sort by

Sort result object list.

Data Source Anchor attribute

Select a column in the data source that contains the attribute value for identifying and mapping a computer.

Active Directory Anchor attribute

Select the attribute in Active Directory to compare the Data Source Anchor attribute when searching for a matching user account.
Initialization Script

Initialization script

Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule.

Due to the PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria.

IMPORTANT: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.

Example: Update AD users, created in the last ten days.

  1. Add this initialization script

    Copy
    {$global:DatePeriod = (Get-Date).AddDays(-10)}

  2. Use the $DatePeriod variable in the query criteria builder:

Action Section

Setting name Description
AD Suspend configuration Specify the existing AD Computer suspend configuration to be applied during the computer suspend.You can use the default configuration or create a custom one.Learn more in: AD computer Suspend (default configuration) Overview and Creating a custom Suspend configuration.
Microsoft 365 Suspend configuration

Select an existing Microsoft 365 Suspend™ configuration that will be used to suspend related Microsoft 365 user accounts.

Output Section

This section defines the output format of this rule.

To get more information about this section, please see the Rule Output section article.

Enforce/Schedule section

This section defines the schedule for how often to run the rule.

To get more information about this section, please see the Rule Enforce/Schedule section article.

Change History

Version Notes
10.3.0 The rule has been introduced in the product.

© Copyright 2013-2026 Cayosoft Inc. All rights reserved.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.