Using Orchestrator to find Last Logon so I can send an email prior to an AD Account being disabled

May 1, 2013 at 4:13 AM
I am trying to create a Runbook that will pull all of the users from a security group that are no disabled that have not logged into the network (Active Directory) in the last 21 days. I am using the Active Directory IP from Codeplex. I am stuck trying to get the lastLogonTimeStamp - 21 days to actually pull valid data. For troubleshooting, I am appending the lines to a text file to figure out if it is pulling the correct data, but I am stumped.

Image
May 2, 2013 at 5:24 AM
I figured out the solution. I will post it within the next few days when I get a chance. I had to get the Orchestrator Integration Pack for Data Manipulation.oip in order to get it to work.
May 6, 2013 at 6:25 PM
Here is the final runbook.

Image

Integration Packs you will need:
  • Active Directory (CodePlex)---- imports under Activities as "SCORCH Dev - Active Directory"
  • Active Directory (Microsoft)---- imports under Activities as "Active Directory"
  • Data Manipulation (CodePlex)---- imports under Activities as "Data Manipulation"
  • Utilities (Built-in)
  • Scheduling (Built-in)
  • Email (Built-in)
Controls you will need:
  • Monitor Date/Time (from Scheduling Activity)
  • Format Date/Time (from Utilities Activity)
  • Get User (from Active Directory Activity)
  • Get Object Properties (from SCORCH Dev - Active Directory Activity)
  • Compare Multiple Values (from Date Manipulation Activity)
  • Send Email (from Email Activity)
Monitor Date / Time: Set you however you desire. I have mine to kick off at 12:00 pm every day.

-21 Days: (Format Date/Time)
Input
  1. Date / Time: Published Data from {Activity end time from "Monitor Date/Time}
  2. Format: yyyy-MM-ddThh:mm:ss
Output
  1. Format: MM/dd/yyyy hh:mm:ss
  2. Output Adjustments: Days: -21 (change this to whatever your requirements are)
Get Employee: (Get User Object)
Properties
  1. Select your domain that is pre-configured for your environment
Filters
  1. Name: MemberOf | Relation: Equals | Value: Distinguished name of the group you are querying (CN=mygroup,OU=myOU,DC=domainname,DC=com)
  2. Name: Disabled | Relation: Equals | Value: False
Get Employee Object Property Values (Get Object Property Values)
Configuration: Pre-configured with the SCORCH Dev - Active Directory (under Options from the Toolbar)

Properties
  1. Object LDAP Path: Type in LDAP:// and then Right-click/Subscribe/Published Data from {Distinguished Name from "Get Employee"}
  2. Include Child Items: True
Filters
Property_Name | Relations: Contains | Value: lastLogonTimestamp

Compare Multiple Values (Compare Mulitple Values) Note.... This is the fun one

Properties
  1. Value01 Compare Type: Number
  2. Value01 Operator: Greater Than or Equals
  3. Value01 Input01: <@DateDiff({Property_Value from "Get Employee Object Property Values"}, {Activity end time from "Monitoring Date/Time"}, 'days')>
  4. Value01 Input02: <@DateDiff({Format Result from "-21 Days"}, {Activity end time from "Monitoring Date/Time"}, 'days')>
Send Email to Employee (Send Email)
Details
  1. Subject: Format with desired text
  2. Recipients: Click on Add and then Right-Click/Subscribe/Published data. Select "Get Employee" from the drop-down and then select "Email".
  3. Body: Format with desired text.
Connect
Configure a Mail Account to send the email from and the server that will handle the SMTP connection
Sep 13, 2013 at 5:42 AM
Just created the runbook as described above but it will not work for user objects without the object property lastLogonTimestamp. If somebody has some ideas to fix that, please let me know.