Question

Looking for direction setting up Workflow\Request for access to AD on-Prem security groups

  • 10 March 2023
  • 4 replies
  • 93 views

Badge

Our organization has FreshService and has already set up Orchestration Center.

AD is on-prem.

Trying to set up an automated Request that gives a user (or group of users) access to an AD Security group(s).

It seems like there should be an out-of-the-box solution for this.


4 replies

Userlevel 2
Badge +4

Dont know if it will help, but i saw this one 5 months ago

How to add a user to an AD security group from a sevice request. | Freshworks Community

Badge

Thanks BartVB.  It looks like the one you referenced is similar, but I am looking for something that can provide a search or pull down to our AD Security Groups, which are many.

The requester would be asking for themselves or that someone else be added to a range of AD Security Groups.  Specifically, each of our projects have a unique project number and dedicated security group.

Ultimately, we want to automate the request and assignments to the specific group or groups.  I’m told that it can be done but it is somewhat complicated. There would also need to be an approval piece to the Workflow. - Jeff

Userlevel 2
Badge +3

Hi Joakes

You can set up a custom object with the following fields that would then work. Depending on how dynamic your groups are you may wish to use the Microsoft APIs to update the records automatically.

Group Name (User Friendly) - Make this primary

Object ID

Group Name (AD name)

 

Then you can use the custom object as a look up in the service request item, and use a read node to find the matching object ID for your workflow. If you want to be really clever you can also add approver(s) as a field in your custom objects so the workflow may automatically assign approvals to the right person before proceeding with the add user command.

Userlevel 7
Badge +16

@Roxwell nailed it! Custom Objects is the best way to customize data to your business needs. And utilize that data later in automations.

Reply