Provision A New AD Group Based On SharePoint List Item Using Nintex Workflow 2016

SharePoint 2016 general availability was announced in the Future Of SharePoint conference, in May 2016. The series that discusses the installation of SharePoint 2016 in Azure can be found at C# Corner from the below links:

Nintex is a premium technology partner for SharePoint. With the announcement of SharePoint 2016, Nintex has made the announcement of the general availability of Nintex Workflow 2016 on July 11th 2016.

Article Scope

In this article, we will see how to create an AD Group using Nintex Workflow, based on the list item created in a configuration list. The scope of the article will be:

  • Create a configuration list that will hold the AD Group creation information.
  • Create an item in the list which will include AD Group Name.
  • Trigger a Nintex Workflow on item creation and create an AD Group based on the configuration of list item column values.

Environment Setup

So, the first step is to create a list with the name, say: Group Operations in SharePoint.

Environment Setup

Once the configuration list is created, add the following columns to the list:

AD Group Name – This will serve as the AD Group name of the future groups to be created.

AD Group Name

Create the Nintex workflow

Now, the basic infrastructure is in place. Let’s go ahead and design the workflow. Click on ‘Create a Workflow in Nintex Workflow’ from the Workflow Settings option.

Workflow

This will open up the Nintex Workflow designer. The left pane contains all the actions that can be used within the workflow. Drag and drop the required action item into the designer. In our case, it is ‘Create AD Group’.

Create AD Group

Configure Nintex Workflow

The action will show the following warnings as some of the configuration values are missing.

Configure

From the drop down, click on ‘Configure’.

Configure

The configuration page contains the details that will be used for AD group creation.

configuration

We have to fetch the Active Directory against which we will be creating the AD Security Group. Click on the Database disk icon. Select the Active Directory root object and click on Close.

ldap

This will add the Active Directory information to the form. Add the Domain Administrator credentials using which the workflow will connect to the active directory. Since we are trying to create a local security group, specify the group scope as “Domain Local” and Group Type as “Security” .

Security

We will be fetching the configuration list item column values to populate the AD Group Name. In order to dynamically fetch these values, assign the column name in the text boxes by selecting the ‘Item Properties’ tab. Group name can be assigned by selecting the ‘AD Group Name’ column Item Properties tab.

Properties

The configuration for the action will look, as below.

Configuration

Once the configuration entries are filled, click on ‘Save’ which will update the configuration values that will be used to create the AD Group. Now, we have to specify when to create the AD Group. In order to do these, go to the Workflow Settings option.

Workflow Settings

Specify the workflow name and description. Change ‘Start when items are created’ to Yes. This will cause the workflow to run whenever a new item is created. Click on Save.

Workflow Settings

Now, when the workflow is configured, let’s go ahead and publish it.

publish

In case you get the below error, it could be because of some missing/faulty configuration of the workflow action.

configuration

Hovering over the action will indicate the error.

error

In this case, it is faulty domain administrator credentials. Clear all the errors and publish the workflow once again.

credentials

Make the  final changes (if any) to the workflow name and description.

description

The publishing of the workflow has started.

workflow

Finally, the workflow is published.

published

Now, let’s go ahead to the list and create a new list item, so that the workflow will be triggered.

list

A new column by the name of the workflow has come up in the list and it shows the status of the workflow. The status has become ‘Completed’ which indicates the successful group creation.

Completed

Let’s go to the Active Directory Users and Computers window to check the newly created AD group. As you can see below, a new security group by the name of the List Item column value has been created in the AD.

AD

Summary

Thus, we saw how to create a new AD group based on the SharePoint List item created, by using Nintex Workflow 2016.