In order to automatically disable users on Drund when their corresponding Active Directory account is deleted, a powershell script must be scheduled to run periodically. The script will poll for deleted AD users, and send a list of usernames to Drund to deactivate.
Follow the steps below to schedule the script to run at set intervals. The more frequent it is scheduled, the less potential time there is between a user being deleted in Active Directory, and their Drund user being deactivated.
Step 1: Open the Task Scheduler app.
Step 2: Create a new task.
Step 3: In the general tab, give the task an appropriate name. Choose a user account to run as which has permissions to search for deleted Active Directory users. Run whether the user is logged on or not.
Step 4: In the triggers tab, add a new schedule. This can be configured to your preference. The example below will run every 5 minutes every day.
Step 5: In the actions tab, add a new action.
- The action will be to start a program.
- For the program/script, use the powershell.exe file found in the installation path of Powershell on your server. This is often a location similar to:
- For arguments, add “./” followed by the name of the powershell script.
- For start in, add the location where the powershell script is saved.