Remove Users From AD Group Using Nintex Workflow and SharePoint Server 2016

SharePoint 2016 general availability was announced in the Future Of SharePoint conference in May 2016. The series that discusses the installation of SharePoint 2016 in Azure can be found at C# Corner from the below links

Nintex is a premium technology partner for SharePoint. With the announcement of SharePoint 2016, Nintex has made the announcement of the general availability of Nintex Workflow 2016 on July 11 2016.

In this article we will see how to automate the removal of AD Users from an AD Group using Nintex Workflow and SharePoint Server 2016. The scope of the article will be

  • Create a configuration list that will hold the AD Group Name and the AD Users.
  • Create an item in the list which will contain the AD Group name.
  • Trigger a Nintex workflow on item modification and remove the User from the AD group using Nintex Workflow.

So the first step is to create a list with the name, say: AD Group Users in SharePoint which will act as the configuration list.

Nintex

Add the below column to the List.

Remove User? – Modifying this column will trigger the workflow to remove the user

Now the basic infrastructure is in place. Let’s go ahead and design the workflow. Click on ‘Create a Workflow in Nintex Workflow’ from the Workflow Settings option.

Nintex

This will open up the Nintex Workflow designer. Drag and drop the workflow activity “Remove user from AD Group”.

Nintex

The action will show the below warnings as some of the configuration values are missing.

Nintex

From the drop down click on ‘Configure’.

Nintex

The configuration page contains the details that will be used for removing the user from the AD group. In the LDAP path field click on the browse icon, it will open up the pop up for choosing the AD.

Nintex

In order to remove the user we will have to specify the group name and the user login name. This will be dynamically read from the list. In the User form field, assign the ‘User’ List column.

Nintex

In the Group form field, assign the ‘AD Group Name’ List column

Nintex

After configuring the settings, the form will look like

Nintex

Before publishing the workflow we have to set the workflow starting condition. Click on Workflow Settings.

Nintex

Specify the Workflow title, description and set ‘Start When items are modified’ to ‘Yes’.

Nintex

Let’s publish the workflow.

Nintex

Make any final changes to the workflow title and description.

Nintex

The workflow is being published.

Nintex

Finally the workflow has been published.

Nintex

Now let’s go to the configuration list and update the ‘Remove User?’ column to ‘Yes’. This will trigger the workflow. A column by the name of the workflow will be created in the list. It shows the status of the workflow and has been changed to ‘In Progress’.

Nintex

After some time it will change to ‘Completed’ indicating the successful completion of the workflow.
.
Nintex

Going back to the AD Group we can see that the user has been removed by the workflow.

Nintex

Summary

Thus we have seen how to automate the decommissioning of users in the AD group using a SharePoint Configuration List and Nintex Workflow 2016.