vRealize Orchestrator – createUserGroup Active Directory module does not set SamAccountName

Posted on by Dean Grant

I was recently creating a workflow task in vRealize Orchestrator to create a security group using a scriptable task so that the action of creating the security group is based on conditional logic to if the object currently exists in Active Directory the step will be skipped rather than report an error, something the out of the box createUserGroup action from the Active Directory plug-in does not provide. However, on creating the security group object using the workflow on viewing the details in Active Directory, the SamAccountName was not displayed as expected.

vCOGroupName

Following a little investigation I found the resolution to the cause of the issue here. So I modified my scriptable task for creating the security group to also modify the SamAccount Name property value following creation, as below:

// Creates security group in the organizational unit. 
 System.getModule("com.vmware.library.microsoft.activeDirectory").createUserGroup(groupName,container) ;
 
// Sets the SAMAccountName attribute to the groupName value.
userGroup = System.getModule("com.vmware.library.microsoft.activeDirectory").getUsergroupFromContainer(container,groupName);
userGroup.setAttribute('SamAccountName',groupName);

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s