Skip to main content

IAM - Activate User In Active Directory

This Playbook is part of the IAM Pack.#

This playbook activates users in Active Directory. It generates a password, sets the account with the new password, and enables the account. Additionally, it sends out an email to the email provided in the “ServiceDeskEmail” input which includes the new user’s temporary password for preparing new hires’ environments.


This playbook uses the following sub-playbooks, integrations, and scripts.


This playbook does not use any sub-playbooks.


  • Active Directory Query v2


  • DeleteContext
  • GetServerURL
  • SetAndHandleEmpty
  • Sleep
  • IAMInitADUser
  • PrintErrorEntry


  • iam-get-user
  • closeInvestigation
  • send-mail
  • setIndicator
  • setIncident
  • iam-create-user
  • findIndicators

Playbook Inputs#

NameDescriptionDefault ValueRequired
ServiceDeskEmailEmail to send the domain user password (from Active directory) of new users, so that their equipment can be prepared by IT when they're being hired.Required
PasswordGenerationScriptNameThe name of the automation script that will be used to generate a random password for newly created Active Directory users. The default script used for this is GeneratePassword, but depending on your password complexity policy, you may or may not want to use it.GeneratePasswordRequired
ITNotificationEmailEmail to notify about errors in the provisioning process.Required
SecondsToWaitBeforeWelcomeEmailDetermines how many seconds to wait before sending the welcome email to the user and their manager after activation.0Required
ManuallyApprovePastHireDatesWhether to ask the user to manually approve activations for users who have past hire dates (hire date is 1 day or more before the current date). Can be True or False.TrueOptional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Setup Account