Skip to main content

Pia: Add/Remove User from Groups

Overview​

This package allows the Chat User to add or remove the end user from groups.

Platforms​

  • Cloud Only
  • Cloud Hybrid
  • Prem Only

Requirements​

Cloud Hybrid Orchestrator agents in a valid state on

  • Primary Domain Controller
  • Azure AD Connect Server

Prem Only Orchestrator agent in a valid state on

  • Primary Domain Controller

Setup & Configuration​

Global Config

  • All Staff AD Group
  • (Prem Only) Primary Domain Controller
  • (Prem Only / Cloud Hybrid) Azure AD Connect Server

Microsoft Graph API

  • (Cloud Only) Authorization and Delegation configured

Process​

The steps that the package takes during process execution are:

WuwwLa~ {.tabset}

Prem Only​

  1. Pia will connect to Active Directory on the Primary Domain Controller and retrieve a list of group members
  2. Pia presents the engineer with a form that allows the engineer to select a single user, which will allow modification of their group memberships
  3. Pia will connect to Active Directory on the Primary Domain Controller and retrieve a list of group members
  4. Pia will connect to Active Directory on the Primary Domain Controller and retrieve a list of all groups
  5. The engineer will be prompted with a list of changes and Pia requests the engineer confirm the changes
  6. Pia queries the primary Domain Controller and removes the user from the groups previously selected by the engineer
  7. Pia queries the primary Domain Controller and assigns the user to the groups previously selected by the engineer
  8. Pia presents the engineer with a list of changes, advising of what groups the user was added to or removed from.

Cloud Only​

  1. Pia will connect to Azure and retrieve a list of group members
  2. Pia presents the engineer with a form that allows the engineer to select a single user, which will allow modification of their group memberships
  3. Based on the information gathered in the previous form Pia will query Azure and collect the selected user details
  4. Pia queries Azure and collects a list of groups the selected user is a member of
  • A list of groups includes Unified, Security, Distribution, Mail-Enabled Security Groups
  1. Pia queries Azure and obtains a list of all groups
  2. Pia presents the engineer with a form, to allow the engineer to select which groups the user will be added to or removed from.
  • A list of groups includes Unified, Security, Distribution, Mail-Enabled Security Groups
  1. Pia queries Azure and removes the user from the groups previously selected by the engineer
  2. Pia queries Azure and assigns the user to the groups previously selected by the engineer
  3. Pia presents the engineer with a list of changes, advising of what groups the user was added to or removed from.

Cloud Hybrid​

  1. Pia will connect to Azure and retrieve a list of group members
  2. Pia presents the engineer with a form that allows the engineer to select a single user, which will allow modification of their group memberships
  3. Based on the information gathered in the previous form Pia will query Azure and collect the selected user details
  4. Pia queries Azure and collects a list of groups the selected user is a member of
  • A list of groups includes Unified, Security, Distribution, Mail-Enabled Security Groups
  1. Based on the information gathered in the previous form Pia queries the primary Domain Controller and obtains a list of group memberships that the selected user is a member of.
  2. Pia queries the primary Domain Controller and obtains a list of all groups
  3. Pia presents the engineer with a form, to allow the engineer to select which groups the user will be added to or removed from.
  • A list of groups includes Unified, Security, Distribution, Mail-Enabled Security Groups
  1. Pia queries Azure and removes the user from the groups previously selected by the engineer
  2. Pia queries Azure and assigns the user to the groups previously selected by the engineer
  3. Pia queries the primary Domain Controller and removes the user from the groups previously selected by the engineer
  4. Pia queries the primary Domain Controller and assigns the user to the groups previously selected by the engineer
  5. Pia performs a directory sync to replicate the changes to other Domain Controllers in the forest
  6. Pia presents the engineer with a list of changes, advising of what groups the user was added to or removed from.
  7. Pia performs an Azure Policy Type Delta directory sync to replicate the changes to Azure