As a part of our termination process I have a business requirement to check what AD groups a user is a member of, save the result in a list item and then remove the user from all of the groups. What type of action/query should I use to accomplish it? Thanks!
Solved! Go to Solution.
The method will depend on what version of Nintex Workflow you have. If you have Enterprise Edition, then you will have the provisioning controls for AD interaction. Using the control "Remove user from AD group".
To get the listing of groups a user belongs to use a LDAP query to return the "memberOf" property and load that into a collection variable. You should be able to save this out for your records.
Then you will need to loop through the collection and remove the user from the applicable groups.
I've just discovered LDAP Add/Remove and I'm using it in a Workflow that a user can submit to subscribe themselves to a number of AD Groups. It seems to be working well I have!! and it's very exciting.
But now I want to get a bit more sophisticated and tell my users which Groups they are subscribed to. I've looked at the Query LDAP action and it's a bit intimating! Can you walk me through the following requirement?
I have 8 AD Groups - I want to know If John Smith is part of any of the 8 Groups.