Introduction
This task creates one self-service product per Active Directory group in a specified OU. Each created product contains a Change AD group membership task which grants membership to the respective AD group on product approval, and another one which revokes membership on product return.
HelloID users can subsequently use these products to request access to AD groups through product requests on their end user dashboard.
You may want to run the HelloID Product Ownership Sync task after this task.
Note: For the product actions to work, you must provide a value for the Default AD Domain in Settings > Company. Learn more about this setting here.
Task Settings
|
Name |
Description |
Example |
Comment |
|
HelloID API key |
The key value of a HelloID API key. |
TYZAJTCEWBVBJXEPSFNXUVUBYEAJPPLA |
|
|
HelloID API secret |
The secret value of a HelloID API key |
dZqAfxYzLpethsgrzzwLgAVyDXcDSurG |
|
|
Prefix of product name |
This string will be added at the beginning of each new product's name. |
AD Sync Group |
For example, if you have a group called "Accounting", and you provide a prefix of "AD Sync Group", the new product name would be "AD Sync Group Accounting".
If a prefix is specified, this task will overwrite products with the same name. If no prefix is specified, this task will not overwrite products with the same name. |
|
Prefix of product description |
This string will be added at the beginning of each new product's description |
AD Sync Group Description |
This value must be set for consistent operation. |
|
FA-Icon name |
The name of the Font Awesome icon that will be associated with the new product. |
group |
For more valid icon names, see the Font Awesome cheat sheet here. |
|
HelloID product category |
The name of the category to which the product will be associated. If no category of this name exists, a new one will be created. |
General |
Learn more about product categories here. |
|
HelloID Approval Workflow |
The name of the workflow that will be launched when a user requests the product. |
Auto Approve |
Learn more about approval workflows here. |
|
The default manager |
The HelloID username of the person who will be the manager of the new product if the AD group does not have a manager. |
Administrator |
|
|
The Active Directory OU path |
The base OU path in which HelloID should search for groups, specified as the distinguished name. |
OU=groups,DC=enyoi,DC=local |
|
|
The Active Directory search filter |
You may filter the resulting groups by their name. (Optional) |
*HelloID* |
Use an asterisk as a wildcard character in your filter. In the example of "*HelloID*", the filter will match any group that contains the string "HelloID". |
|
Remove product if group does not exist |
Every time this task runs, any products with the specified Prefix of product name will be deleted, if the corresponding group no longer exists in AD. |
|
