Pia: Re-enable Terminated Account
Overviewβ
This package will re-enable an already terminated account, reassign licenses and reset the account passwords. If known the previously assigned groups will be readded as user group memberships and the user will be relocated to their original Organizational Unit. If the mailbox was a shared mailbox, it will be converted to a user mailbox.
Platformsβ
The package supports the following platforms
- Cloud Hybrid
- Cloud Only
- On Prem
Requirementsβ
The package has different requirements depending on which platforms are being supported.
Cloud Hybrid Orchestrator agents in a valid state on
- Primary Domain Controller
- Azure Active Directory Connect Server
On Prem Orchestrator agent in a valid state on
- Primary Domain Controller
Cloud Only
- Microsoft Graph API Authorization and Delegation
Setup & Configurationβ
What the package needs to be configured to operate successfully. Global Config
- Primary Domain Controller
- Azure Active Directory Connect Server
Microsoft Graph API
- Authorization and Delegation configured
Processβ
The steps that the package takes during process execution are:
tabset {.tabset}
Cloud Hybridβ
Step 1 Retrieve a list of disabled users.
Step 2 Pia will check the datastore if there is any termination data stored by Pia
Step 3 Check for available licenses in the Microsoft Office 365 Tenant
Step 4 Present the License Select form to the Chat User.
Step 5 If no termination data was found in the datastore, present a list of Available Organization Units that the user can be moved to.
Step 6 Present the Password Confirmation Form to the Chat User.
Step 7 Pia will advise that the account will be enabled. Pia will perform the following actions in Active Directory on the primary domain controller
- Enable the account
- Add the user to the GAL (msExchHideFromAddressLists = FALSE)
- Add the user
- Move the user to a selected Organizational Unit.
- Assign selected licenses.
If termination data has been retrieved. The user will be added back to ALL previous groups, licenses and moved back to their original Organizational Unit.
Pia will run a directory sync to Office 365 on the Microsoft Azure Active Directory Connect server
Step 8 Assign the selected licenses to the user.
Step 9 Convert the Users mailbox from Shared back to Regular
Cloud Onlyβ
Step 1 Retrieve a list of disabled users.
Step 2 Pia will check the datastore if there is any termination data stored by Pia
Step 3 Check for available licenses in the Microsoft Office 365 Tenant
Step 4 Present the License Select form to the Chat User.
Step 5 Present the Password Confirmation Form to the Chat User.
Step 6 Pia will advise that the account will be enabled. Pia will execute the following against the Microsoft Office 365 tenant.
- Enable the account
- Convert the user's Mailbox back to a User Mailbox (if it exists)
- Add the user
- Assign selected licenses.
If termination data has been retrieved. The user will be added back to ALL previous groups and licenses.
Step 7 Tell Microsoft Graph API to perform the password reset with the new password.
Step 8 Add user back to groups
Prem Onlyβ
Step 1 Retrieve a list of disabled users.
Step 2 Pia will check the datastore if there is any termination data stored by Pia
Step 3 If no termination data was found in the datastore, present a list of Available Organization Units that the user can be moved to.
Step 4 Present the Password Confirmation Form to the Chat User.
Step 5 Pia will advise that the account will be enabled. Pia will perform the following actions in Active Directory on the Primary Domain Controller
- Enable the account
- Add the user to the GAL (msExchHideFromAddressLists = FALSE)
- Add the user
- Move the user to a selected Organization Unit.
If termination data has been retrieved. The user will be added back to ALL previous groups and moved back to their original Organization Unit.