Active Directory Group (Create, Delete, Query)

Use the Active Directory Group Tasks (under Provisioning) to create an Active Directory Group, or to delete and query all Active Directory Groups:

• in a specific Active Directory folder (optionally including subfolders).
• with a specific group name.
• with a specific value for a specific Active Directory Computer property.
• without any members.

With Create Active Directory Group, you can create an Active Directory Group with a specific name in a specific Organizational Unit, and you can determine the group scope and type.

With Delete Active Directory Group, you can delete Active Directory Groups.

With Query Active Directory Group, you can obtain overviews of all Active Directory Groups. Use the Group Properties tab to include additional Active Directory properties in the results, such as Organizational Unit, Group Type, Description, and so on.

Configuration

• If you are going to run the Task on a Domain controller, you can leave the Domain controller field on the Settings tab empty and select Local Agent (domain controller) instead.
• On the Settings tab, group name refers to the pre-Windows 2000 name.
• OU information should be entered in the following format: OU=IT,OU=Amsterdam,OU=Netherlands,DC=d-energy,DC=local.

• The execution speed of Active Directory Queries may depend on the number of additional Active Directory properties that are to be reported in the query.
• It is possible to abort long running Active Directory Query Tasks. It may take around 10 seconds for the abort to be detected by the Agent, after which the Job will fail with status Aborted. Long running Active Directory Tasks that update, move or delete Active Directory objects cannot be aborted - the Task will always run until it is completed.