Rule description
This rule moves Active Directory objects to an OU defined directly or mapped dynamically in a CSV file.
When to use this rule
This rule queries the specified Active Directory scope and then moves Active Directory objects to an OU defined directly or mapped dynamically in a CSV file.
The text file’s first column name must be set to the name of the "key" attribute of the Active Directory user, for example, "Department". This attribute value is used to determine the user’s final OU location, which is taken from the second column.
The values in the first column should be unique and represent the possible values for the "key" user attribute. The text file’s second column should be named "OU" and contain the DN of the Organizational Units associated with the data in the first column.
Example CSV File:
Department; OU
IT; OU=IT,OU=User Accounts,OU=Corp,DC=cayodemo,DC=com
Marketing; OU=Marketing,OU=User Accounts,OU=Corp,DC=cayodemo,DC=com
Rule Settings
Query Section
Setting name | Description |
---|---|
Limit scope to this Domain or OU |
This setting defines the search query scope To improve query performance, limit the scope to specific OU. Important: To test rule configuration, limit the rule scope to an OU that contains test accounts or objects.
|
Query Criteria |
Query criteria are sent with the query and may improve query performance. Tip: For different samples on the criteria builder, see KB20180410-1.
|
Filter |
To hide unwanted data based on criteria, not supported by the Active Directory query, set the filtering conditions here. Example: filter by the found object Distinguished Name. Tip: For optimal performance, use the Query criteria above to filter objects whenever possible.
|
More options |
|
Returned Properties |
To display additional properties for each object found by the query, add those properties to the list. |
Sort by |
Sort result objects list. |
Initialization script |
|
Script |
Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule. Due to PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria. Important: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.
Example: Update AD users, created in the last ten days.
{$global:DatePeriod = (Get-Date).AddDays(-10)}
|
Action Section
Setting name | Description |
---|---|
Select Data Source |
Specifies the text file to be imported. Click the […] button to browse for the file, and the Create button to create or edit of the file in the Cayosoft Administrator data source editor. |
Separator used in file |
Use this setting to select the separator used in the file. |
Move to this OU |
Select an OU directly to move all objects or a column containing OU path in the data file to dynamically map the target OU based on an attribute. |
Filter CSV data |
This setting specifies the filter that can remove data rows from the imported text file that satisfies the specific condition. |
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Enforce/Schedule section article.
Change History
Version | Notes |
---|---|
9.3.0 | The rule has been added to the product. |
Comments
0 comments
Please sign in to leave a comment.