Custom Commands for AD Management


Day-to-day Active Directory management involves many multi-step procedures that can take a lot of time and effort to execute. Adaxes significantly simplifies such activities with the help of Custom Commands, which transform any sequences of operations into one-click actions irrespective of their complexity and the number of steps involved. Such approach makes administration easier and quicker for the IT staff and even allows delegating complicated tasks to users and not worry that they will miss a step or do something wrong.

Custom Commands

How to create a custom command

Some operations within Custom Commands can be executed only if certain conditions are met. It allows carrying out different sets of actions depending on the property values of AD objects, their location, group membership or any other criteria.

One of the most common scenarios where a Custom Command can be useful is user offboarding. Instead of manually executing all the operations required for terminating a user, like disabling the account, resetting the user’s password, revoking Office 365 licenses and others, you can do all that with just one click. Adaxes even provides the Deprovision Custom Command, which is available straight out of the box.

Custom Command for user offboarding

Parameters for Custom Commands

Custom Commands can also have parameters, which allows you to vary the execution process depending on the user input. This means that you can execute different sets of actions depending on the provided parameter values or use parameters in the actions themselves.

For example, you can give your HR staff a Custom Command that executes operations required to send users on vacation. When initiating the command, HR managers can then be asked to enter a return date for the user, which can be used to set the Out-Of-Office message, and to decide whether to disable the user account by checking a corresponding checkbox.

Using Scripts with Custom Commands

Custom Commands can also be used to run your own scripts straight from the user interface. This means you no longer need to switch to the command line to accomplish custom operations and you can even delegate the execution of scripts to non-technical staff, presenting them to users as yet another one-click action. As an additional benefit, Custom Commands can serve as a centralized place to store and manage all the scripts you need for day-to-day administration.

Scripts in Custom Commands

Delegation of Custom Commands

Adaxes allows you granularly control, which users can execute which commands on which objects. For example, IT staff can have access to all the Custom Commands, whereas help desk, managers, regular users and others can see only the commands they need for their specific job duties.

Delegating permissions to execute Custom Commands

To delegate a Custom Command to users all you need to do is assign a single permission to execute a particular command and nothing more. You don’t need to grant rights to run every single step included in the procedure, which significantly reduces the risk of over-privileging your users.

Delegating permissions to execute Custom Commands

How to grant rights to execute Custom Commands

Approval-Based Workflow

Delegating certain tasks often requires additional control, for example, you might not want to execute the Deprovision command on any user accounts before an administrator reviews and approves it. This can be achieved by simply adding an approval step to the corresponding Custom Command.

Approval-Based Workflow

Approval-based workflow

Custom Commands in Automated Workflows

If the same set of actions needs to be executed in multiple automated workflows, you can share the logic between them by putting those actions in a Custom Command. For example, you can create a command that allocates users to OUs according to your policies and automatically execute it after creating new users, after updating existing accounts and on a regular basis.

Custom Commands in Automated Workflows

Sharing logic between multiple Business Rules and Scheduled Tasks

If at some point any of your policies change, all you need to do is edit a single Custom Command and the modifications will automatically apply to all the Business Rules and Scheduled Tasks it’s a part of.

So, at the end of the day, Custom Commands are a powerful tool to simplify everyday management for both technical and non-technical users, making complex multi-step management procedures more comprehensive, less prone to all sorts of errors and much easier to handle.

There's much more
about Adaxes
More Features Tutorials Free Trial