Rule description
This rule moves Active Directory users to an OU defined directly or mapped dynamically in a CSV file.
NOTE: The data source text file must be in the comma or semi-colon separated values format (CSV). The CSV file must be encoded in UTF-8 if you are using diacritics (á, ä, é, í, ö, ü, etc.).
Video tutorial
Use cases
The rule queries the specified Active Directory scope and then moves AD users to an OU defined explicitly or mapped dynamically in a CSV file. The first column name in the file must be set to the name of the key attribute of the Active Directory user, e.g., Office. The attribute value is used to determine the final OU location for a user; the final location is picked from the second column.
The values in the first column must be unique and represent the possible values for the key user attribute. The second column of the CSV file must be named OU; it must contain the distinguishedName attributes of the OUs associated with the data in the first column. Refer to the example of the CSV file:
Office; OU
Columbus; OU=Columbus,OU=User Accounts,OU=Corp,DC=cayodemo,DC=com
Atlanta; OU=Atlanta,OU=User Accounts,OU=Corp,DC=cayodemo,DC=comNOTE: The rule supports multi-valued attributes used as the key attributes in the rule.
Rule settings
| Setting name | Description |
|---|---|
| Query section | |
| Limit scope to this Domain or OU |
Define the search query scope. Limit the scope to a specific OU to improve the query performance. IMPORTANT: When testing a rule configuration, limit the rule scope to an OU containing test accounts and/or objects. |
| Query criteria | Filter the query output using the query criteria; they may improve the query performance. Refer to the following article to learn more: How to use Query Builder dialog for Query Criteria and Filter rule settings. |
| Filter |
Hide unwanted data based on the filters not supported by the AD query, e.g., filter by DNs. It is recommended to use query criteria instead to ensure optimal performance. |
| Returned properties | Display properties for each object found by the query by adding the properties to the list. |
| Sort by | Sort the results by a property. |
| Script |
Initialize a global variable to use it in the Query criteria field. IMPORTANT: To use a variable declared in the initialization script in the query scope, the variable must be global:
Scenario: Update AD users, created in the last ten days.
|
| Action section | |
| Select Data Source | Specify the text file to import. |
| Separator used in file | Select a separator used in the file. |
| Move to this OU |
Select an OU to move all objects to. The field supports three options:
IMPORTANT: When using a custom PowerShell script, the following points must be observed:
|
| Filter CSV data | Specify a filter to remove data rows from the imported CSV file. |
Output section
This section defines the output format of this rule.
To get more information about this section, please see the Rule Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Rule Enforce/Schedule section article.
Additional information
-
When the provided CSV file contains only a single column, Cayosoft Administrator prompts the following error:
The specified file does not contain enough dataAdd a column containing the OU path to the CSV file and specify the column name in the Move to this OU field. Alternatively, add a column named OU to the CSV file to resolve the issue.
Comments
0 comments
Please sign in to leave a comment.