Syncronize Windows Active Directory in vIDM (Workspace One Access) Aria Automation 8 (former vRealize Automation)
In this blog I will show you how you can synchronize the AD which is added to the vIDM used by Aria Automation.
Prerequisites
For the Synchronization we need the Active Directory Config ID. The ID can be get from the vIDM as shown below.
Login into vIDM and select “Administration Console”
Navigate to Identity & Access Management -> Directories
Open the Developer Tools of your Browser. In my case I used Google Chrome
Navigate to Network and Delete all entries
Now click on the Active Directory in the vIDM
Navigate to the first entry in the List and click on it
Here you can see the ID of the Active Directory
This ID is needed to synchronize the AD vie REST API.
Create an Aria Orchestrator Action with following Inputs and Return Type
if(directoryConfigId && directoryType && isGetBeforeUpdate &&
isTenantConfiguredByPath && vidmAdminPassword && vidmAdminUser && vidmHost){
var body = {
"directoryConfigId": directoryConfigId,
"directoryType": directoryType,
"isGetBeforeUpdate": isGetBeforeUpdate,
"isTenantConfiguredByPath": isTenantConfiguredByPath,
"vidmAdminPassword": vidmAdminPassword,
"vidmAdminUser": vidmAdminUser,
"vidmHost": vidmHost
}
return System.getModule("com.vmware.pso.vRA").callLcm("POST", "/lcm/authzn/api/idp/dirConfigs/syncprofile/sync", "200", JSON.stringify(body))
}else throw("No all needed Input Parameters provided.")
Now you can run the Action.
Enter the values as shown below, for sure with your specific values
Click RUN
Login into Arai Lifecyle Manager (fromer vRLCM). Click on Lifecycle Operations and navigate to Requests. A Active Directory Sync Request should be triggered.
The Active Directory was synchronized.
You will get the following output from the Action:
{
"vmid": "f1e71892-ca4f-4246-8108-6c4eb0d5d389",
"transactionId": null,
"tenant": "default",
"requestName": "triggeradsync",
"requestReason": "Trigger Active Directory Sync",
"requestType": "Trigger Active Directory Sync",
"requestSource": null,
"requestSourceType": "user",
"inputMap": {
"vidmDirRequestDTO": "{\"vidmHost\":\"vidm-l-01a.corp.local\",\"vidmTenant\":null,\"useServiceClient\":false,\"isTenantConfiguredByPath\":true,\"vidmAdminUser\":\"drvadmin\",\"vidmAdminPassword\":\"Winter88Traum!\",\"vidmOAuthServiceClientId\":null,\"vidmOAuthServiceClientSecret\":null,\"vidmDomainName\":null,\"baseTenantHostname\":null,\"requestId\":null,\"directoryConfigId\":\"d460591d-b92a-4ee5-a263-1c1b814a203f\",\"directoryType\":\"ActiveDirectory\",\"isGetBeforeUpdate\":true}"
},
"outputMap": {},
"state": "CREATED",
"executionId": null,
"executionPath": null,
"executionStatus": null,
"errorCause": null,
"resultSet": null,
"isCancelEnabled": null,
"lastUpdatedOn": 1676282832912,
"createdBy": null
}
The Response is a JSON String. In this String you can see the vmId. With this ID you can monitor the status of the request like this:
syncResult = JSON.parse(syncResult)
var vmId = syncResult.vmid
System.log("vmId: " + vmId)
var request = System.getModule("com.vmware.pso.vRA").callLcm("GET", "/lcm/request/api/v2/requests/" + vmId, "200", null)
request = JSON.parse(request)
var completed = false
while(!completed){
System.sleep(5000); // Wait 5 seconds
var request = System.getModule("com.vmware.pso.vRA").callLcm("GET", "/lcm/request/api/v2/requests/" + vmId, "200", null)
request = JSON.parse(request)
state = request.state
if(state.toLowerCase() == "completed"){
completed = true
successful = true
}
if(state.toLowerCase() == "failed"){
errorMessage = JSON.parse(request.errorCause)[0].message
completed = true
successful = false
}
}