Have you ever had the need to get some attributes of your Active Directory user account? Perhaps Manager for an approval, maybe direct reports, etc... but not sure how to work with the AD:User object in vCO... Well here's a great little snippet that can help you quickly identify the available information attached to the AD:User account you specify.


Show AD User Info

  • Simply place the following script into a scriptable task in a new workflow.
  • Add an input called "adUser" of type "AD:User" and bind it to your scriptable task
  • Save, Close, and Run the workflow

 

System.log("========== All Attributes ===========");
var attribs = adUser.allAttributes;
for each (attrib in attribs){
	System.log("attribute: "+attrib.name+ "("+adUser.getAttribute(attrib.name)+")");
}

When you run the code, it will appear similar to the following output:

[2014-01-15 12:47:19.756] [I] ========== All Attributes ===========
[2014-01-15 12:47:19.758] [I] attribute: whenCreated(20110717015439.0Z)
[2014-01-15 12:47:19.759] [I] attribute: objectCategory(CN=Person,CN=Schema,CN=Configuration,DC=corp,DC=local)
[2014-01-15 12:47:19.761] [I] attribute: badPwdCount(1)
[2014-01-15 12:47:19.761] [I] attribute: codePage(0)
[2014-01-15 12:47:19.762] [I] attribute: objectGUID(T�W��xH�Bս'��K)
[2014-01-15 12:47:19.762] [I] attribute: mail(This email address is being protected from spambots. You need JavaScript enabled to view it.)
[2014-01-15 12:47:19.762] [I] attribute: memberOf(CN=Private Cloud Managers,CN=Users,DC=corp,DC=local)
[2014-01-15 12:47:19.763] [I] attribute: instanceType(4)
[2014-01-15 12:47:19.763] [I] attribute: objectSid()
[2014-01-15 12:47:19.764] [I] attribute: badPasswordTime(129567168821610422)
[2014-01-15 12:47:19.764] [I] attribute: dSCorePropagationData(16010101000000.0Z)
[2014-01-15 12:47:19.765] [I] attribute: objectClass(top)
[2014-01-15 12:47:19.765] [I] attribute: company(Rainpole)
[2014-01-15 12:47:19.765] [I] attribute: name(IT Manager)
[2014-01-15 12:47:19.766] [I] attribute: sn(Manager)
[2014-01-15 12:47:19.766] [I] attribute: userAccountControl(66048)
[2014-01-15 12:47:19.767] [I] attribute: primaryGroupID(513)
[2014-01-15 12:47:19.767] [I] attribute: lastLogon(0)
[2014-01-15 12:47:19.768] [I] attribute: accountExpires(9223372036854775807)
[2014-01-15 12:47:19.768] [I] attribute: lastLogoff(0)
[2014-01-15 12:47:19.768] [I] attribute: uSNChanged(332047)
[2014-01-15 12:47:19.769] [I] attribute: cn(IT Manager)
[2014-01-15 12:47:19.769] [I] attribute: logonCount(0)
[2014-01-15 12:47:19.769] [I] attribute: sAMAccountType(805306368)
[2014-01-15 12:47:19.770] [I] attribute: givenName(IT)
[2014-01-15 12:47:19.770] [I] attribute: uSNCreated(123009)
[2014-01-15 12:47:19.771] [I] attribute: displayName(IT Manager)
[2014-01-15 12:47:19.771] [I] attribute: directReports(CN=Information Security Officer,CN=Users,DC=corp,DC=local)
[2014-01-15 12:47:19.772] [I] attribute: pwdLastSet(129553412797477533)
[2014-01-15 12:47:19.772] [I] attribute: userPrincipalName(This email address is being protected from spambots. You need JavaScript enabled to view it.)
[2014-01-15 12:47:19.772] [I] attribute: whenChanged(20120405193220.0Z)
[2014-01-15 12:47:19.773] [I] attribute: lastLogonTimestamp(129781279409263014)
[2014-01-15 12:47:19.773] [I] attribute: countryCode(0)
[2014-01-15 12:47:19.774] [I] attribute: distinguishedName(CN=IT Manager,CN=Users,DC=corp,DC=local)
[2014-01-15 12:47:19.774] [I] attribute: manager(CN=Chief I. Officer,CN=Users,DC=corp,DC=local)
[2014-01-15 12:47:19.774] [I] attribute: sAMAccountName(itmgr)


Now, based on that you should be able to determine the appropriate attribute name to pass into adUser.getAttribute();