Syncronize Windows Active Directory in vIDM (Workspace One Access) Aria Automation 8 (former vRealize Automation)

In this blog I will show you how you can synchronize the AD which is added to the vIDM used by Aria Automation.

Prerequisites

  • Lifecycle Manager added as REST Host in Aria Automation Orchestrator
  • Added Active Directory as Indendity Provider in vIDM
  • The LCM Call Action can be found here

For the Synchronization we need the Active Directory Config ID. The ID can be get from the vIDM as shown below.

Login into vIDM and select “Administration Console”

Navigate to Identity & Access Management -> Directories

Open the Developer Tools of your Browser. In my case I used Google Chrome

Navigate to Network and Delete all entries

Now click on the Active Directory in the vIDM

Navigate to the first entry in the List and click on it

Here you can see the ID of the Active Directory

This ID is needed to synchronize the AD vie REST API.

Create an Aria Orchestrator Action with following Inputs and Return Type

  • directoryConfigId (type string)
  • directoryType (type string)
  • isGetBeforeUpdate (type boolean)
  • isTenantConfigByPath (type boolean)
  • vidmAdminPassword (type secure string)
  • vidmAdminUser (type string)
  • vidmHost (type string)
  • Return type string
if(directoryConfigId && directoryType && isGetBeforeUpdate &&
    isTenantConfiguredByPath && vidmAdminPassword && vidmAdminUser && vidmHost){
        var body = {
            "directoryConfigId": directoryConfigId,
            "directoryType": directoryType,
            "isGetBeforeUpdate": isGetBeforeUpdate,
            "isTenantConfiguredByPath": isTenantConfiguredByPath,
            "vidmAdminPassword": vidmAdminPassword,
            "vidmAdminUser": vidmAdminUser,
            "vidmHost": vidmHost
        }
    return System.getModule("com.vmware.pso.vRA").callLcm("POST", "/lcm/authzn/api/idp/dirConfigs/syncprofile/sync", "200", JSON.stringify(body))
}else throw("No all needed Input Parameters provided.")

Now you can run the Action.

Enter the values as shown below, for sure with your specific values

Click RUN

Login into Arai Lifecyle Manager (fromer vRLCM). Click on Lifecycle Operations and navigate to Requests. A Active Directory Sync Request should be triggered.

The Active Directory was synchronized.

You will get the following output from the Action:

{
    "vmid": "f1e71892-ca4f-4246-8108-6c4eb0d5d389",
    "transactionId": null,
    "tenant": "default",
    "requestName": "triggeradsync",
    "requestReason": "Trigger Active Directory Sync",
    "requestType": "Trigger Active Directory Sync",
    "requestSource": null,
    "requestSourceType": "user",
    "inputMap": {
        "vidmDirRequestDTO": "{\"vidmHost\":\"vidm-l-01a.corp.local\",\"vidmTenant\":null,\"useServiceClient\":false,\"isTenantConfiguredByPath\":true,\"vidmAdminUser\":\"drvadmin\",\"vidmAdminPassword\":\"Winter88Traum!\",\"vidmOAuthServiceClientId\":null,\"vidmOAuthServiceClientSecret\":null,\"vidmDomainName\":null,\"baseTenantHostname\":null,\"requestId\":null,\"directoryConfigId\":\"d460591d-b92a-4ee5-a263-1c1b814a203f\",\"directoryType\":\"ActiveDirectory\",\"isGetBeforeUpdate\":true}"
    },
    "outputMap": {},
    "state": "CREATED",
    "executionId": null,
    "executionPath": null,
    "executionStatus": null,
    "errorCause": null,
    "resultSet": null,
    "isCancelEnabled": null,
    "lastUpdatedOn": 1676282832912,
    "createdBy": null
}

The Response is a JSON String. In this String you can see the vmId. With this ID you can monitor the status of the request like this:

syncResult = JSON.parse(syncResult)
var vmId = syncResult.vmid
System.log("vmId: " + vmId)
var request = System.getModule("com.vmware.pso.vRA").callLcm("GET", "/lcm/request/api/v2/requests/" + vmId, "200", null)
request = JSON.parse(request)
var completed = false
while(!completed){
	System.sleep(5000); // Wait 5 seconds
	var request = System.getModule("com.vmware.pso.vRA").callLcm("GET", "/lcm/request/api/v2/requests/" + vmId, "200", null)
    request = JSON.parse(request)
    state = request.state
    if(state.toLowerCase() == "completed"){
        completed = true
        successful = true
    }
    if(state.toLowerCase() == "failed"){
        errorMessage = JSON.parse(request.errorCause)[0].message
        completed = true
        successful = false
    }
}

Similar Posts

Leave a Reply

Your email address will not be published.

WC Captcha 60 + = 64