AD Users | Set User Home Folder by OU
The rule queries the specified Active Directory user scope and assigns them user home folders based on the Organizational Unit (OU) in which the user account is located.
When to use this rule
Use this rule when you need to set user home folders based on the Organizational Unit (OU) in which the user account is located.
The Action section of the rule, using a CSV text file, will construct the path where the user’s home folder is to be located.
NOTE: The column order of the CSV file is critical, but the names of the columns are not important. You should separate each value in the file with a semi-colon instead of a comma because some key attributes will contain strings with commas.
Column content should be as follows:
Column 1 must contain the OU DistinguishedName in which the user(s) to be given a home folder are located. The DistinguishedName should be in the form OU=Name,DC=Domain,DC=com and can easily be copied from Microsoft’s Active Directory Users and Computers console.
Column 2 must contain the server share path in the form
\\Server\Share\%USERNAME%-
Column 3 must contain the drive letter to which the share would be connected in the form
Z:
-
Column 4 should be left empty if the OU DistinguishedName from Сolumn 1 must exactly matches the user for which the home folder should be created. If the word Subtree is entered into the fourth column, the user may be in the OU listed in Сolumn 1 or in any
sub-OUs of that OU.
NOTE: Users defined in the scope that do not belong to any of the OUs specified in the CSV file will have the settings from the Action section applied. If the Action section settings are empty, the existing values will not be changed
Rule settings
Query section
NOTE: Usually this rule is used as a post-rule for New User Web Action. So by default Use Web Query Scope and ObjectGUID of User Created in Web UI values are used in the Limit scope and Account status settings.
| Setting name | Description |
|---|---|
| Limit scope to this domain or OU |
This setting defines the search query scope. To improve query performance, limit the scope to a specific OU. IMPORTANT: To test the rule configuration, limit the rule scope to an OU that contains test accounts or objects and use the Preview feature. |
| Account status | Specify user account status. |
| Select data source |
Specify the text file to be imported. The […] (three dots) button allows the user to browse for the file and the Create/Edit button allows the creation or editing of the existing file in the built-in Data Source editor. |
| Separator used in file | Specify separator used in the file: comma or semi-colon. |
| More options | |
| Filter |
Set the filtering conditions to hide unwanted data based on criteria not supported in the Query criteria setting. Example: filter by the found object Distinguished Name. TIP: For optimal performance, use the Query criteria setting above to filter objects whenever possible. |
| Properties to display |
Each object property defined in this setting matches the column that will be displayed in the Web Portal for this web query. To display additional columns, add the required properties to the Properties to display list. To add extension attribute 1 that is synchronized from AD, you need to use a value like:
Copy
|
| Sort by | Sort result object list. |
Action section
| User Profile | |
| Profile path | Specify a path to the user's profile. |
| Logon script | Specify a path to the user's logon script. |
| Home Folder | |
| Local path | Specify this setting if you use a local folder for user home folders. |
| Connect | Specify a drive that is associated with the path defined in the To setting. |
| To | Specify a shared folder for the user's home directory. |
| More Options | |
|
Specify integer value. |
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Rule Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Rule Enforce/Schedule section article.
Change History
| Version | Notes |
|---|---|
| 9.1.0 | Domain Controller and Credentials settings have been removed. |
Comments
0 comments
Please sign in to leave a comment.