Active Directory management & automation

Send Initial Password to Newly Created Users via SMS

Using Adaxes you can automatically send email and SMS notifications on practically any event in Active Directory. In this tutorial you will learn how to configure Adaxes to automatically send an SMS with the username and initial password to each new user created in Active Directory.

Adaxes can deliver SMS messages through any SMS gateway service that supports SMTP and HTTP/S delivery. You need to have either an internal SMS gateway service or subscribe to an external provider that supports the Email to SMS or HTTP/S to SMS feature.

To configure SMS settings, right-click your Adaxes service in Adaxes Administration Console, click Properties in the context menu, and activate the SMS Settings tab.

To automatically send SMS messages to newly created users, you need to define a Business Rule triggered by creation of new user accounts in Active Directory.

Launch Adaxes Administration Console, right-click your Adaxes service, point to New and click Business Rule. The Create Business Rule wizard will open.

Launching the Create Business Rule wizard


Enter the name for the new Business Rule and click Next.

On the Triggering Operation page you need to specify when the new Business Rule must be executed. As we want to send an SMS after a new user account is created, do the following:
  • Select User in the Object Type list.
  • Select After in the Operation section.
  • Select Creating a User in the Operation section.
  • Click Next.

Selecting the triggering operation for the Business Rule


At the next step, you need to specify what the Business Rule will do when a new user is created. To send an SMS, the Business Rule must execute the Send SMS action.
  • Click the Add Action link.
  • In the dialog that opens, select the Send SMS action.
  • In the To field, enter a value reference to the property that contains mobile phone numbers of AD users. If mobile numbers are stored in the Mobile Phone property, specify %mobile% in the edit box.
  • In the SMS text field, enter the SMS message text. For example:
     Username: %username% Password: %unicodePwd%
    To include information about the newly created user in the SMS text, you can use value references (e.g. %name%, %department%, %title%). Before sending an SMS message, Adaxes will replace these value references with the property values of this user. To include the user password in the text, use %unicodePwd%.

    Run PowerShell Script action.


Optionally, you may want the Business Rule to send SMS messages only if certain conditions are met. For example, to send SMS only if a mobile phone number is specified for the user, perform the following steps:
  • Select the action/condition set and click the Add Condition icon.
  • In the dialog that opens, select the If <property><relation><value> condition type.
  • In the Condition Parameters section, specify Mobile Phone is not empty.
  • Click OK.

Adding Business Rule condition

To make sure that the Mobile Phone property is always specified for newly created users, you can use Property Patterns:
  • Select the built-in Property Pattern called User Pattern in the Console Tree.
  • Add a Property Pattern item for the Mobile Phone property.
  • Enable The property is required option for the item.
  • Click OK and then Save changes.
For more details on how to make a property mandatory, see Make Employee ID a required property & specify its format.
If necessary, specify other actions and conditions for this Business Rule. When finished, click Next.

Here, at the Activity Scope page you need to specify where in Active Directory a user must be created to trigger this Business Rule. Click Add.

Specifying rule activity scope

In the Business Rule Activity Scope dialog that opens, you need to specify the Active Directory locations where the Business Rule will be effective. Select one of the following items:
  • All Objects - select if you want this Business Rule to be executed when a user is created in any AD domain managed by Adaxes.

  • Specific Domain - select if you want this Business Rule to be executed when a user is created in the AD domain you specify.

  • OU or Container - select if you want this Business Rule to be executed only when a new user is created under the selected Organizational Unit.

Select the item you need and click Add. When finished, click OK.

The specified activity scope items will be displayed in the Assignments list. Click Finish.


Now, every time a new user is created in Active Directory (no matter in which way - using Administration Console, Web Interface, during data import, via PowerShell scripts, etc.), Adaxes will automatically send an SMS message with username and password to this user.

It is highly recommended to force new users to change initial passwords at the first logon. For this purpose, you need to select the User must change password at next logon option for new users. Using Property Patterns, you can specify what user account options are set by default. For details, see Set Default Account Options for New Users.

Send SMS using PowerShell Scripts

In advanced cases you may prefer to send SMS messages using a PowerShell script. To do this, your Business Rule must execute the Run a program or PowerShell script action.

Example:

    $mobilePhone = "%mobile%"
    if ([System.String]::IsNullOrEmpty($mobilePhone))
    {
        $Context.LogMessage("Mobile phone is not specified.", "Warning")
        return
    }
    $smsText = "Username: %username% Password: %unicodePwd%"
    $Context.SendSms($mobilePhone, $smsText)
  

? Waiting

Progress status: Checking...