Active Directory
Microsoft on-prem Active Directory integration which allows A-Ops to authenticate and perform ldap queries.
Triggers
AD Asset Discovery
Discover assets within an Active Directory.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | Unique identifier of object | input | False | False |
Name | Display name for the trigger object. | input | False | False |
Enabled | Enable / Disable this trigger object. | checkbox | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Schedule | How often to run the flow. e.g. 10s - every 10 seconds, 1-5h - random start between 1 and 5 hours, */5 * * * * - every 5 minutes. | input | False | False |
Max Duration | The number of seconds that a flow can be running before it is automatically killed and/or considered dead and restarted. | input | False | False |
Search Base | LDAP base search i.e. DC=domain,DC=local | input | True | False |
Search Filter | LDAP search filter i.e. (&(objectClass=person)(objectClass=user)) | input | False | False |
Username | Username to use when connecting to the defined active directory. | input | True | False |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | False |
Server | LDAP server address to connect. | input | True | False |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Search Period | Defines how far back to look for assets by using the 'lastlogontimestamp' attribute. This should be a numeric value relating to the units defined within Search Period Units. | input | True | False |
Search Period Units | The units relating to the search period. | dropdown | True | False |
Comment | User defined comments. | input | False | False |
Concurrency | How many events to run through the flow at once. | input | False | False |
Take Snapshots | When checked snapshots of every execution will be saved. | checkbox | False | False |
Max Retries | The number of attempts to automatically reattempt a failing trigger. | input | False | False |
Retry Delay | Delay time between failure and automatically reattempting a failing trigger. | input | False | False |
On Trigger Crash | Trigger ID to call when a trigger crashes. | input | False | False |
On Trigger Killed | Trigger ID to call when a trigger overruns its max duration and is killed. | input | False | False |
Fail Trigger On Action Crash | When true the entire flow will crash if a single action crashes. | group-checkbox | False | False |
On Action Crash | Trigger ID to call when an action crashes and Fail Trigger On Action Crash is checked. | input | False | False |
Actions
AD Add User to Group
Add a defined user as a member of a defined group.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Target User | The user object to add to the target group. | input | True | True |
Target Group | The group for which the user will be added as a member. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Remove User from Group
Remove a user from an AD group.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Target User | The user object to remove from the target group. | input | True | True |
Target Group | The group for which the user will be removed as a member. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Reset User Password
Reset the password for a given user within Active Directory.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Target User | The user object to reset the password on. | input | True | True |
New Password | The password will be reset to this value for the target user. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Create User
Create a new user within Active Directory.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
New Username | The username for the new user. | input | True | True |
New Password | Password value to set for the new user after it is created. | password-input | True | True |
User Attributes | Attributes dictionary containing key, value for each you wish to define. | json-input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Create Group
Create a new group within Active Directory.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Enable User
Enable a disabled user account.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Target User | The user object to enable. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Disable User
Disable an enabled user within Active Directory.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Target User | The user object to disable. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Delete User
Delete a user account within Active Directory.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Target User | The user object to delete. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Search
Search for objects within Active Directory based on an LDAP search filter.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
_id | input | False | False | |
Name | Display name for the action object. | input | False | False |
Enabled | Enable / Disable this action object. | checkbox | False | False |
Logic | Logic that when defined must be evaluated as true for the action object to return True otherwise False will be returned. | input | False | False |
Variables | Variables to define when triggering an event. | var | False | True |
Search Base | LDAP base search i.e. DC=domain,DC=local | input | True | True |
Search Filter | LDAP search filter i.e. (&(objectClass=person)(objectClass=user)) | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Comment | User defined comments. | input | False | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Set Object Attribute
Sets an attribute value on a given object.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Target Object | The object to update the attribute on. | input | True | True |
Attribute | Attribute on the object to update. | input | True | True |
Value | Value to set on the given attribute. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
AD Set Account Expiry
Defines an account expiry from an epoch provided value.
Input
Name | Description | Type | Required | Syntax |
---|---|---|---|---|
Target Object | The object to update the attribute on. | input | True | True |
Epoch Value | Epoch timestamp of when the account should expire. | input | True | True |
Username | Username to use when connecting to the defined active directory. | input | True | True |
Password | Password for the defined username when connecting to the defined active directory. | password-input | True | False |
Domain Name | Domain name of the domain being connected to. | input | True | True |
Server | LDAP server address to connect. | input | True | True |
LDAPS | When checked SSL will be used when connecting to the defined LDAP server. | checkbox | True | False |
Output
Name | Description | Type | always_present | values |
---|---|---|---|---|
result | Returns True when successful. | boolean | True | {"True": {"description": "Successful."}, "False": {"description": "Failure."}} |
rc | Returns the exit code for the action. | number | True | {"0": {"description": "Successful."}} |
Examples
Search for AD Users
Example use of the Trigger AD Asset Discovery
Download template
Requirements
- Username and Password capable of reading AD assets
- Domain Name
- Server IP address
Walkthrough
- Configure Connection Details tab
- Username
- Password
- Domain Name
- Server IP
- Configure Main tab
- Search Base
- Search Period
- Search Filter
- Search Period Units
Create a new AD User and add to an existing AD group
Example use of the Actions AD Create User and AD Add User to Group
Download template
Requirements
- Username and Password capable of performing changes to an AD
- Domain Name
- Server IP address
Walkthrough
- Configure Connection Details tab on both actions
- Username
- Password
- Domain Name
- Server IP
- Configure Main tab of Create User Account
- Username for new user
- Password for new user
- Configure Main tab of AD Add User to Group
- Target User
- Target Group
Remove a User from an AD group and disable User account
Example use of the Actions AD Remove User from Group and AD Disable User
Download template
Requirements
- Username and Password capable of performing changes to an AD
- Domain Name
- Server IP address
Walkthrough
- Configure Connection Details tab on both actions
- Username
- Password
- Domain Name
- Server IP
- Configure Main tab of AD Remove User from Group
- Target User
- Target Group
- Configure Main tab of AD Disable User
- Target User
Delete a User from AD
Example use of the action AD Delete User
Download template
Requirements
- Username and Password capable of performing changes to an AD
- Domain Name
- Server IP address
Walkthrough
- Configure Connection Details tab of AD Delete User
- Username
- Password
- Domain Name
- Server IP
- Configure Main tab of AD Delete User
- Target User
Reseting User password and securely sharing user password can be found here: Guide Page
Python Requirements
- ldap3
Default configuration requirements are automatically installed when an integration is installed.
Open Source Attributions
SecureAck integration includes the following additional python third-party software/licensing:
----------------
** ldap3 ( https://github.com/cannatag/ldap3/ )
GPL-3.0
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with this program in the COPYING and COPYING.LESSER files.
If not, see <http://www.gnu.org/licenses/>.