Automate Active Directory tasks with a few Clicks

Having seen automated scheduled tasks all over the network (at both hardware and software level), most administrators wonders if it is also possible to automate Active Directory tasks. If you do not have a time to delve into to the complex world of scripting and get familiar with PowerShell jargon and complicated syntaxes, then try Active Directory automation feature of Borna AD manager.


Active Directory automation feature allows administrators to specify a particular Active Directory task and schedule it to run periodically or only once in time. Almost all the tasks which can be done by Borna manually (for instance, visit Bulk User Management), can also be defined as an Active Directory automation. These automations which can be defined to automate certain tasks on users, computers and groups, are of extremely value for periodic tasks or Active Directory tasks which often are being forgotten. Using approval-based AD automation feature, you can also indicate an automation to be approved and edited before execution.



active directory Automation Configuration in Borna ad manager

A real-case AD automation scenario

When Administrators periodically scrutinize AD user accounts, they often realize that some users were inactive (have not logged in) for long time. Through careful examination, it will usually turn out that these users were laid off and they do not work for the company anymore. By disabling these users, administrators can prevent potential security threats and malicious activities. But finding these user accounts are not only an exhaustive and difficult task with Active Directory Users and Computers (ADUC) tool, but also a tedious and forgettable task.


Active Directory automation feature in Borna enables administrators to define such tasks and schedule to run it periodically. For instance, you can define an AD automation which find all the users who have been inactive for 30 days and disable them. Then, you can set Borna to run this AD automation at the beginning of each month. As a result, administrators can safely automate these crucial and attention-requiring tasks using reliable Borna AD manager service. 


Active Directory Automation Using Borna Powerful Reports

All Active Directory reports available in Borna, can be used to define Active Directory automation. For instance, you can define an automation that finds all users whose email attribute is empty, and then move them to a pre-defined OU. As another example, Active Directory automation can find all computers whose OS is windows XP, and then remove all their membership and join them to a particular group with restricted privilege. These few examples out of numerous possible scenarios reveal how flexible and effective Active Directory automation is.

To see the list of all AD reports, visit Active Directory Reports.

Active Directory Automation on Different AD Objects

The most important objects in Active Directory are user accounts, computer accounts and group accounts which are usually modified (created, deleted, moved, changes, etc.) on an hourly basis. Active Directory automation can perform all these tasks on user, computer and group objects.


Approval-based AD Automation

With the aim of Active Directory Workflows feature of Borna, a complete workflow, consisting of requester, approver, and executer, can be implemented for AD requests. However, this feature can work in tandem with Active Directory Automation feature to request automation tasks instead of directly executing them. That is, an AD automation submit a request based on its defined task. As a result, this task is not going to execute automatically unless an approver approve it. Additionally, since a request is submitted, approver can see all the object going to be affected and eliminate some of them to be assured that they remain intact.


To learn more about AD Workflow feature, visit Active Directory Workflow.




active directory Automtion list in Borna ad manager

