Sample Workflow – Create User Account in ActiveDirectory

This example shows how a new Active Directory User Account can be created as part of a machine’s provisioning process. For example a breakglass account etc.
The solution contains the following files:
  1. ClearAsCloud.ActiveDirectory.Activities.dll – this contains the actual C# code in which to create a new user (I added group aswell) into ActiveDirectory. This file needs to be loaded into the repository using the CloudUtil.exe command.
  2. CreateADUserWorkflow.xaml – the actual workflow that will run in the repository and will perform the required business logic, in this case take some incoming virtualmachine properties and use pass them to the custom activities.
  3. External-CreateADUserWorkflow.xml – this is the file that instructs the VCAC Application Server to run the CreateADUserWorkflow workflow. This needs to be added to the system.

Custom Code Activities

Custom code activities can be used to run c# code, instead of out of the box VCO, powershell etc. A code activity takes inputs like this:
Example input property:
[RequiredArgument]
public InArgument DataContext { get; set; }
ManagementModelEntities is the ODATA/RESTFul connection into the DCAC Database, this is created by default in the workflow and can be used within an activity to query or update the database.

The CreateUser Code Activity

//———————————————————————–
// This code is experimental only and not endorsed by VMware
//———————————————————————–
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Activities;
using System.DirectoryServices.AccountManagement;

namespace ClearAsCloud.ActiveDirectory.Activities
{

    public sealed class CreateUser : CodeActivity
    {
// Create the Input Arguments the Activity requires
        [RequiredArgument]
        public InArgument UserName { get; set; }

        [RequiredArgument]
        public OutArgument Password { get; set; }

        [RequiredArgument]
        public InArgument OrganisationalUnit { get; set; }

        [RequiredArgument]
        public InArgument Domain { get; set; }


// The main body of the code, this method is automatically created when a CodeActivity type is used in VisualStudio
        protected override void Execute(CodeActivityContext context)
        {

//Store the Workflow Input arguments as local variables
            string user = context.GetValue(this.UserName);
            string password = context.GetValue(this.Password);
            string ou = context.GetValue(this.OrganisationalUnit);
            string domain = context.GetValue(this.Domain);

//Execute DotNet 3.5 ActiveDirectory logic to create a new user
            try
            {
                //Setup the Context
                PrincipalContext adCtx = new PrincipalContext(ContextType.Domain, domain, ou);

                //Find a user account in AD
                UserPrincipal userPrincipal = ActiveDirectoryHelper.FindOne(new UserPrincipal(adCtx) { SamAccountName = user });
                if (userPrincipal == null || string.IsNullOrEmpty(userPrincipal.SamAccountName))
                {
                    userPrincipal = new UserPrincipal(adCtx, user, password, true);
                    ActiveDirectoryHelper.Create(userPrincipal);
                }

            }
            catch (Exception ex)
            {
                throw new ApplicationException(string.Format(“Failed to create user {0}”, user) ,ex);
            }
        }
    }
}

The Workflow