Active Directory Organization and User Management


Summary

This article provides a summary for managing Active directory Organizations and Users.

Applies To
This article applies to MachPanel v6 and above.
Active Directory Domain
To add an Active Directory Domain, Please review following KB:
http://kb.machsol.com/Knowledgebase/Article/50263
Active Directory Organizations (OU) Management
Organizational units (OU) are Active Directory containers into which you can place users, groups, computers, and other organizational units. An organizational unit cannot contain objects from other domains.
  1. After the successful integration of the servers you can create Active Directory Organizations from the following path: Home >> Service Director >> Active Directory >> Organizations
  2. There is new filter to search organization with Enterprise services enabled as shown below:
  3. To add a new Organization Unit, click on Add Organization Unit button.
  4. You can also perform bulk operations by selecting the organization as highlighted in green.
  5. You can also Add AD User, Add Users in Bulk, Update users in bulk, Enable ADSync, create Security Groups on the single organization under Options. To add Security Group review KB: http://kb.machsol.com/Knowledgebase/Article/55552
  6. You can also Sync Organization from Backend, using Sync from backend option. Please review more details at the following KB: http://kb.machsol.com/Knowledgebase/Article/54533
  7. You can also add and manage Logon Hours Template using this interface

Active Directory Organization Management:

    • You can also add Users, Security Groups, Contacts, assign Certificates to users and set password policies for Active Directory organizations.

    ​

    Users

    • You can add user, Add Bulk User (Using CSV), Update Bulk User (Using CSV), perform Group Actions on number of Users selected and also Export locked/Expired Users

    Certificates

    • You can upload certificate and assign to user

    ​

    • The client side certificate '.Cer' and '.p7b' are supported.
    • After selecting the certificate it will shown as below

      â€‹

    • After the job is completed in Job Queue it shown under Certificates listing and also you can verify directly on AD user under Published Certificates.

    ​​

    Security Groups

    • You can create Security Groups (Domain Level, Global and Universal)

    Contacts

    • You can add Mail Contact, add bulk Mail Contact (Using CSV) and Export to Excel

    ​​

      Settings:
      • Under Defaults
        • You can set Ad user Password settings

      • Also you can 'Send Email Alert' for Password expiry to users

      • You can also apply password policy (steps to create password policy shown below):

       

      • Also below permissions can also be allowed, under Other configuration.

      ​​

      • Click Password Polices tab to add new Policy

      •  Now select password policy.

      • You can also setup Enrollment Option

      ​

      Job Queue

      • Under the Job Queue you can see the jobs added for this particular organization

      ​

      Active Directory Users Management
      • To add a new user to the active directory, navigate to the path: Home >> Service Director >> Active Directory >> Users.
      • You can select users and remove, enable, disable, unlock as shown by yellow block.
      • Click on Add User button to create a new AD user.

      Important Note: Please note that when you delete a Mailbox, SharePoint, Lync or CRM user the Active Directory User is not get deleted. You can remove AD users in bulk as highlighted in green.

      • Select customer name, organizational unit from the dropdown list and provide user display name, UPN, email address and password.

      Note: If the organization is already subscribed to a service such as Exchange, Lync, SharePoint, CRM etc. then you will also see a section to enable that service on the Active Directory User.

      • Click on Optional fields section to expand. You can provide here the AD user contact information, organization\company details and customize company logo etc.
      • Click on Enable Exchange Service section to expand. You can provide here the details to Add a mailbox, select Distribution List Membership and Public Folder permissions.
      • Click Save when done.

      Bulk Active Directory Users Management

      1. You can also add Active Directory users in Bulk from the path: Home >> Service Director >> Active Directory >> Users.
      2. Select Users and click on "Update Bulk User" button.

      • To add bulk Logon Hours Template for Active directory users. Navigate to Path: Home > Service Director > Active Directory > Active Directory Users
      • In Search field filter your AD users by "Organization name" and select all users and apply Logon Hours Template as shown below:

      Group Actions
      • You can perform Group Action to multiple user of an particular Active Directory Organization at the path: Home >> Service Director >> Active Directory >> Organization and click Manage the respective organization. Then under Users menu click Group Actions

      ​

      • You can select multiple users and perform multiple operation available on this interface.

      ADSync Usage Report
      • You can view ADSync Organization Report and Users Synchronized under respective tabs at the path: Home >> Service Director >> Active Directory >> ADSync Usage Report.

      • You can View Active Directory Usage Report which covers Organization, User and Security Group.

      Note: The Active Directory Usage report will be shown for AD domains which are provisioned via Active Directory Service Plan. See details at KB: http://kb.machsol.com/Knowledgebase/Article/55557