Display Group Membership

Hello William Lemons​ -

I was working with another community member on something very similar so I took what I did for them and changed it slightly to accomplish what you are looking for. In the post Nintex Workflow - Ldap security query , I created a workflow that looks up a user's information based on email address and then checks if they are a member of a specific user group.

Taking that same functionality, we can take the user's email address and simply send a notification to them with what groups they are currently in.

I attached the .nwf file for you so that you can upload it into a test environment and give it a shot.

The workflow is the same as what I described in the linked post, but rather than checking for a specific group, I create a readable list of groups and then send an email (I provided a brief description of it below, but might be worth the read).

First action is to call a web service (GetUserLoginFromEmail) to get the user's login.

Take note of the emailXML input syntax (casued a bit of a hiccup to get it right). At this point, I would "Run Now" with your email address to ensure you are getting results.

Once we have that in place, it is time to pick apart the results and get the User Login. We can do that using a Query XML action.

Now we have the user's login based on their email address. We can use this to get their CN by looking up their Distinguished Name is in User Profile and set it to a variable using Set variable action.

This will provide you with a string like so:

Store that in the variable userCN, and then you can plug that into your LDAP query.

Again, I would run this with predictable data to check that it is working. Once that is setup and working, all that is left is to loop through the groups to create a readable list of groups.

Create a notification and fill it in with the groups

***Keep in mind that you will need to provide credentials for the web service and query LDAP actions. Also, you will need to update the LDAP path to reflect your environment.***

Hope this helps!

Let me know how this works for you!

Ryan Greenaway  - Yes that would save a step and allow a workflow variable to be plugged right into that. The reason I did it this way was because I was helping someone with a similar request and all they had to go on was email address.  With that in mind, you need to know the user's ID in order to user Query User Profile action.

If you do not know the login, and all you have to go on is email address, then the way I did it will get you there. However, if you know the user's login, then all you need to do is go after the Distinguished Name from user profile.

Please let us know how it works out for you.

Also, as Ryan mentioned above, if you know the user's login, you can skip the first 2 actions and simply go after the Distinguished Name from the Query User Profile.

Ultimately you'll need to login, just depends on how you are getting it.

Excellent William Lemons​! Glad to hear you got it working. Be sure to mark your question as answered so others can find it.

As for displaying it on a form while the user is filling it out might be a bit trickier.  You might be able to go after it via JavaScripting, but not 100%.

Alternatively, you could have the user enter their info, submit it, run the workflow and update the list item with the results. This would require the user to have to come back and reopen the form, so probably not the best experience.

I will see what I can come up with if I get some time.

Glad to help!

Ryan Greenaway​ -

Great idea! I swear I read something about that somewhere in the community. I believe it was an example displaying the status of the workflow on the form. Let me do some searching and see what I can find.