Hi,
I'm trying to get user info and to modify a group membership by adding/removing a user using Power Automate Desktop. Everything else so far i.e. Connect to server using LDAP path, Get group info using this connection, Get group members using this connection gets me all details.
It completely fails to identify the AD user in any of the method I tried i.e. Get user info or Modify group. In both of these methods, its completely fails to identify the user using Distinguished name I'm supplying. The Distinguished name is also correct as I pulled it up and verified using two methods i.e.
1. Windows Explorer -> Security for any Folder -> Search User -> Columns -> Distinguished Name
2. .Net C# Code -> Object of UserPrincipal -> FindByIdentifity -> DistinguishedName property
Both method shows same vale for DN but same DN in Power Automate actions fails to resolve the user.
Please suggest if there is any known resolution for this. Also, instead of DN is there a way to provide User ID or Email for these actions as a more straight forward way to find and act on users.
Hi
I have managed to get this to work. Get user info and added the user to group successfully. The correct distinguished names have to be used.
Connect to Server - LDAP path: LDAP://dcname.domain.local (you can check distinguished name attribute on your domain in AD users and computers. Your domain might be domainname.com)
Get user info - Distinguished name: CN=Nimeshin Govender,OU=Users,DC=domain,DC=local (depending on which OU the account is located eg. if the account is located in IT OU inside of Users OU then OU=IT,OU=Users,DC=domain,DC=local )
You can get the distinguished name including the full OU path and domain on the AD user object. Just view the attribute Editor tab and look for distinguishedName attribute and click view button, copy and paste the value. Ensure Advanced Features is ticked on you AD snap in so you will see this tab.
Hope this helps.
No Luck 😞
Maybe you shouldn't have the OU.
Mine worked right away with 'CN=XXX XXXX, CN=Users, DC=XXXX, DC=XXX'
I looked up the distinguished name on the AD server
Hi @Rkv_ , thanks for responding... no luck with that as well... 😞
Try Removing LDAP:// within the action.
The LDAP path should be something like this for server dc=prefix,dc=example,dc=com
WarrenBelz
146,745
Most Valuable Professional
RandyHayes
76,287
Super User 2024 Season 1
Pstork1
66,091
Most Valuable Professional