
close
close
Over the last number of posts we have achieved a lot with System Center 2012 SP1 – Orchestrator and EUPSCO, so congratulations for following along! In this post we’re going to demonstrate how this all ties together by creating a simple runbook with which we’ll create a new user account — and add that account into a specific group — to demonstrate the simplicity of the runbook creation procedure.
The next objective is to offer this runbook to the HR team, providing them with the ability to create accounts. Of course we could have just provided access to the Active Directory Administrative Center to achieve the same objective, but with Orchestrator we can easily extend the logic of the runbook to create home folders, enable Lync, Mailboxes, and so on – a procedure we would never consider passing outside our control. In our next post we will utilize the End User Portal for this interaction to implement this second objective.
advertisment
Let’s begin in the Runbook Designer to make our “Create Account” runbook.
At this point, we now have our new empty runbook ready for drawing. This next phase of the process will evolve over time as you extend the runbook’s function, adding additional features and error handling. For the main Active Directory work, we will use the Open Source Active Directory Integration Pack shared on the community CodePlex.com site. Follow the instructions we posted in our earlier post on installing System Center 2012 SP1 – Orchestrator integration packs to get this deployed to your environment.
With many of the integration packs that connect to external systems, you are going to have to first establish a connection to the target system.
advertisment
With the configuration work now complete, we can begin by placing the activities for our Orchestration.
For our Runbook to be of use, we need to accept from the user the name of the new employee, for whom we are going to create the new AD account.
Next, we will connect the activities on the canvas to design the actual flow of the runbook, or the sequence of execution
advertisment
Repeat this connection procedure connecting up the remaining activates as follows:
We next need to define the actions the activities are to execute for us. In this sample there are two main actions currently, both of which will expect slightly different data for their correct execution.
Start by right-clicking on the Create AD User activity and selecting properties.
Next, we can configure the Add User to Group activity, again right-clicking and selecting properties.
In the field Group LDAP Path, replace the text to match the LDAP Path to the Group in AD to which you wish to join the users account.
Congratulations, your first runbook is now complete. Before checking in the runbook to make it available for use, you should give it a test and ensure that everything works as you designed. The Runbook Tester shortcut is available from the main ribbon and will allow you to provide both your Firstname and Surname parameters to the runbook, while also enabling you to step through each activity in the runbook to ensure that the indeed behave as expected.
If you do encounter issues, you can simply close the Runbook Tester, edit the canvas to resolve any issues you might have in the design, and then relaunch the Runbook Tester again until such time as all your issues have being resolved and you are satisfied that everything behaves as expected.
After you have completed all your tests, you should finally “Check In” the runbook. Simply righ-click on the Runbook Name tab, and select the Check In option from the context menu. After a few moments the Icon will change from “Edit” to “Runbook”. If you are feeling confident you could (and should) extend the runbook with some error handling, or additional steps to possibly automatically generate a password.
I look forward to your comments – and good luck!
More from Damian Flynn
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in System Center
Microsoft Endpoint Configuration Manager Can Now Visualize Content Distribution Status
Feb 2, 2022 | Rabia Noureen
Microsoft Endpoint Manager Simplifies Remote PC Management During Pandemic
Jan 26, 2021 | Russell Smith
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group