EV Reach - IT Process Automation Tutorial - Running Employee Access Termination Workflows

Last modified on 2023/07/12 14:03

ProcessAutomationsCaution

   These tutorial is for demonstration purposes. Please test all Scope Actions before deploying them into production.

Objectives

In this tutorial, you will learn to use EV Reach's Process Automation framework to handle some of the IT processes and active directory management tasks traditionally associated with employee termination from disabling accounts to archiving emails and login history.

This tutorial requires building several IT workflows and running them sequentially in one Master Scope Action:

  • Terminate Employee - This workflow will log off the console user from any detected workstation, create a login history report, create a recursive group member report and move/disable/reset the password of the Active Directory account.
  • Report NTFS Permissions - This workflow will create an NTFS permissions report on a file server and filter the results by the user account that is being terminated.
  • Export Mailbox to PST - This workflow will run a PowerShell script against an Exchange server and export the mailbox to a PST.
  • Master Termination Scope Action - This workflow will run the other three workflows in their specific order.

Prerequisites

ProcessAutomationsPrerequisites_FreeTrialProduct

  • You will need access to the full version of EV Reach and its Process Automation framework. If you don’t currently own a valid license, you can download a free version of our remote access software on our website. The 15-day trial is free and no credit card is required.

Best Practice

ProcessAutomationsBestPractice

Step by Step Tutorial

Step 1: Creating the Terminate Employee Workflow

1. Create the Scope Module.

  • Select User Target Type.
  • Add the user who's access will be terminated.

          tutorial-sa30-1.png

2. Create the Action Modules.

Action Module 1

  • Select the Log off Current Sessions Action Module item from the Add\Remove button
  • Select the following Action Module
    • Execute User Action --> Logged-in computers --> Log off Console User
  • Specify the Arguments.

          tutorial-sa31.png
 

Action Module 2

  • Select the Login History Report Action Module from the Add\Remove button
  • Select the following Action Module
    • Report User Property --> Computer Login History --> All Login Event Information
       

Action Module 3

  • Select the Recursive Group Membership Report Action Module from the Add\Remove button
  • Select the following Action Module
    • Report User Property --> Groups --> AD Account Name
    • Report User Property --> Groups --> Members (Effective).AD Account Name
    • Report User Property --> Groups --> Members (Effective).

          tutorial-sa35.png
 

Action Module 4

  • Select the Move, Disable and Reset Password Action Module from the Add\Remove button
  • Select the following Action Module
    • Set User Property --> User Account Information --> Account Disabled TRUE
    • Set User Property --> User Account Information --> Password *Set password*
    • Execute User Action --> Move Object *New OU location*

          tutorial-sa36.png
 

Step 2: Creating the Report NTFS Permissions Workflow

1. Create the Scope Module.

  • Select Computer Target Type.
  • Add the file server that is hosting the files to be queried.

2. Create the Action Module.

  • Set the path that needs to be queried using the Manage Accessible Directories screen.
    Report Computer Property --> File System Permissions --> Manage Accessible Directories

          tutorial-sa36-1.png

  • Use the tutorial-sa37.png icon to add a new path that will be queried.
    • Enter the local path that will be queried for permissions. This field supports wildcards and Windows Environment Variables.
    • In this example, we will query the C:\Corporate Shares directory on the corporate file server. We set the recursive depth to 2 by settings the "Include subdirectories field to 2. Give this object a display name.
               tutorial-sa39-1024x596.png
  • Once the Accessible Directory is set, set the following report item:
    Report Computer Property --> File System Permissions --> YOUR ACCESSIBLE PATH DIR --> Parent Directory, Object Name, Principle, Access (Basic) and Is Inherited.
  • Set a condition to filter all permissions related to the user who is being terminated.
    • In the section called "Only if the following is true" set the following option with the Add \ Remove button
    • Set Computer Condition --> File System Permissions --> YOUR ACCESSIBLE PATH DIR --> Principle
    • Condition is "=" and desired value is the DOMAIN\Username of the terminated employee.

          tutorial-sa40.png
 

Step 3: Creating the Export Mailbox to PST Workflow

   Caution:

  • This script will require Exchange Server 2010 SP3 or later. The script also assumes you have the permissions to export the mailbox. If not you may need to alter the script to use an encrypted password file as described in this article. http://stackoverflow.com/questions/6239647/using-powershell-credentials-without-being-prompted-for-a-password

1. Once you have the script working correctly, add it to EV Reach Batch and Script.

See Find out more

Caution: Be sure to enter the "Report Output" setting to catch any output from the script.

          tutorial-sa41.png

2. Create the Scope Module.

Enter the Exchange server that is hosting the mailbox as the target.

3. Create the Action Module.

  • Select the Export to PST Powershell Action Module from the Add\Remove button
  • Select the following Action Module
    • Execute Computer Action --> Processes --> Run a batch or script package
    • Specify the Arguments: Select the script package that will run the Export to PST PowerShell script.

          tutorial-sa42.png
 

Step 4: Creating the Master Termination Scope Action

1. Create the Scope Action.

This scope action will run the above three scope actions sequentially.

See the Running Multiple Workflows Within One Scope Action tutorial for configuring this scope action.

2. After this scope action is created, run it to start the termination process.

Tags:
Powered by XWiki © EasyVista 2024