Hi, as part of access request workflow we are currently assigning a task to level 2 team to assigning security group for user. We would like to automate this process so did anybody achieve this through ETM? We will pass the users samAccountName and Security group name to a ETM channel and it will integrate with Active Directory to provision security group for that user.
Etm integration with AD to provision security group
I don't think this can be answered without more information.
- Are you self-hosted or a SaaS customer?
- Are you on premises, hybrid or cloud with your Active Directory/ Entra?
- What version of ETM are you running with?
We have managed this in our own solution but not using ETM (yet). We are a SaaS customer of assyst and the group management aspect uses Azure Automation Account - Hybrid Workers.
HI, here is the reply to your quesry
- Self-Hosted
- hybrid, cloud account get sync with in premise Active Directory.
- Version: 1.7.1
So as I understand it, as a self-hosted customer you will have the integration server on your network. So you might be able to run PowerShell scripts directly from that VM without too much trouble.
Something like...
Add-ADGroupMember $GroupName –members ($Device or $User) -Credential $CredsThis is exactly what we do but as a SaaS customer we use an Azure Hybrid Worker to run the script in an Automation Account instead.
If the group is is Azure Entra then you can use ETM to perform an MS Graph command directly.
You can invoke PowerShell scripts from ETM (self hosted or cloud) using Azure runbooks. The PowerShell can run either in the cloud or on-premise.
There isn’t any way to run PowerShell directly from ETM, regardless of whether ETM is on-prem or cloud.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.