Update AD Object activity

The Update AD Object activity updates an object in Windows Active Directory.

This activity only replaces existing values with new values. It cannot add new values to AD records such as adding a new group member to an AD group. For complex AD operations, use the Run PowerShell activity instead. The activity fails if it cannot find an existing account with matching object name and data.

To access this activity in the workflow editor, select the Custom tab, and then navigate to Custom Activities > Active Directory.
Note: This activity replaces an AD activity by the same name available in prior releases. If you have a workflow that uses the deprecated activity, your workflow will continue to work normally after upgrading to Instanbul. However, all new workflows must use the custom version of this activity, which was built with the PowerShell activity designer.

Input variables

Table 1. Update AD Object input variables
Variable Description
DomainController IP address of the domain controller machine.
ObjectName The sAMAccountName of the Active Directory object.
ObjectData A JSON object containing Active Directory properties and their values. For example, to set the first name, last name, and title of a user, clear the user's manager, and set the VIP flag to true, the Object Data specifies:
{ "givenName" : "John", "SN" : "Doe", "title" : "Sr. Account Specialist", "manager" : null, "msTSAllowLogon" : false }
Type The object type to update: user, group, or computer.

Output variables

Table 2. Update AD Object output variables
Variable Description
result Either success or failure.
errorMessage The executionResult.errorMessages from the Activity designer parsing sources.

Conditions

Table 3. Update AD Object conditions
Condition Description
Success AD object was successfully updated.
Failure An error occurred while attempting to update an AD object. Additional details may be available in the workflow log.