Rule description
This rule queries the specified CSV file containing a list of Active Directory or Microsoft 365 users and adds them as group members according to the Action section settings.
When to use this rule
Use this rule when you need to add Active Directory or Microsoft 365 users that are defined in the CSV file to Azure Cloud Groups.
This rule requires a source text file in the comma-separated variable format (CSV). You can use the template CSV files provided with the rule, or create a file in Microsoft Excel and export it as CSV.
Rule Settings
Query Section
Setting name | Description |
---|---|
Select data source |
Specifies the text file to be imported. The […] button allows the user to browse for the file and the Create/Edit button allows the creation or editing of the existing file in the built-in Data Source editor. |
Data source anchor attribute |
Select a column in the data source that contains the attribute value for identifying and mapping a user. It can be one of these attributes:
|
Account source system |
Select the source system of the accounts listed in the CSV file: Hybrid or Microsoft 365. |
User anchor attribute |
Automap searches for a user using the standard identity attributes:
Select a custom attribute if your users are identified by a different attribute. Note: Microsoft best practices assume the Active Directory and Office 365/Azure AD UPNs match. |
More Options |
|
Filter CSV data |
This setting specifies the filter that can remove data rows from the imported text file that satisfies the specific condition. |
Properties to display |
To display additional properties for each object found by the query, add those properties to the list. |
Filter Office 365 users |
To hide unwanted data set the filtering conditions here. |
Limit AD scope to this domain or OU |
This setting defines the search query scope. To improve query performance, limit the scope to specific OU. Important: To test rule configuration, limit the rule scope to an OU that contains test accounts or objects.
|
Initialization Script |
|
Script |
Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule. Due to PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria. Important: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.
Example: Update AD users, created in the last ten days.
{$global:DatePeriod = (Get-Date).AddDays(-10)}
|
Action Section
Setting name | Description |
---|---|
Target groups selection mode |
One of these values is possible:
|
Action |
Specify one of these actions:
|
Group names | Specify group names separated by ';' or click '...' to select from the cloud. |
Dynamic Mapping from File Settings | |
Data source |
This setting specifies the text file for import. The […] button allows the user to browse for the file and the Create button allows creation or editing of the file in the Cayosoft Administrator data source editor. |
Separator used in file | Use this setting to select the separator used in the file. |
Azure Active Directory anchor attribute |
Specify cloud user attribute. For each object returned by the query, the selected attribute value will be used to map the object with the selected data source anchor. |
CSV anchor match column | Select the CSV column that contains the values that will be matched to the AD anchor attribute values. |
Azure AD group column | Select the CSV file column containing the Azure AD group name if using a dynamic mapping file. |
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Enforce/Schedule section article.
Change History
Version | Notes |
---|---|
10.3.0 | The rule has been introduced in the product. |
Comments
0 comments
Please sign in to leave a comment.