Import users from AD groups and provisioning in Devolution server

Hello,

No script is required to accomplish your goal. Simply head over to Administration > Server Settings > Authentication > Domain and enable thr automatic user creation. In that section, you can also specify what group the user must be a member of in order for them to be created: https://helpserver.devolutions.net/authentication_domain.html

Please note it will not add the users on a schedule, it will rather create them the first time they authenticate, either from RDM or the web interface.

Let us know if you need any additional information!

Best regards,

Hi Richard,

Let me simplify my request. I have disabled the default vault for the users. Instead I need to create the server vault when the user first time login since individual vault can not be managed by the administrator.

I need to create vault as attached. But this vault was manually created and assigned. I would like to automate this process.

Hello,

In that case, you could have a script like the following. Please note you will need the AD PowerShell module installed as well.

$members = Get-ADGroupMember 'groupname' | Get-ADUser | select userPrincipalName

Foreach ($member in $members){
	if ($(Get-RDMUser -Name $member) -eq $null) {
		New-RDMUser -AuthentificationType "Domain" -login $member -SetUser
	}
}

Best regards,

Hi

Mentioned logic only supported Get-RDMUsers as it’s had valid parameters to pass, but we need to get this done to the cmdlets of
DPM (Password Manager server). Password Manager cmdlet “Get-DSDomainUsers /Import-DSAdUsers doesn’t have name parameters to pass


 

Hello,

I would recommend using the New-DSUSer cmdlet instead:

New-DSUser -AuthenticationType "Domain" -Username $member

For more information and all the parameters: https://github.com/Devolutions/devolutions-server/blob/main/Powershell%20Module/Devolutions.Server/Public/Users/New-DSUser.ps1

Best regards,