Runbook: ACT-AddUserToGroup.ps1
π Description
Adds a user to an Active Directory security group.
This runbook verifies the user exists, validates the group, and adds membership using domain controller PowerShell remoting.
SymphonyDesk handles:
- AD connection
- User & group resolution
- Logging
- Jira updates (comments + transition)
- Error handling
Common uses include onboarding, access requests, entitlement workflows, and security group assignments.
𧩠Required Parameters
| Name | Description | Example |
|---|---|---|
| UserUPN | The user’s UPN | "john.doe@contoso.com" |
| GroupName | AD group display name or SamAccountName | "VPN-Access" |
| IssueKey | Jira issue key | "ITSD-7004" |
πͺ Optional Behavior
None β group lookup is automatic.
π€ Webhook JSON Example
{
"customer": "Contoso",
"runbook": "ACT-AddUserToGroup.ps1",
"issue_key": "{{issue.key}}",
"params": {
"UserUPN": "{{issue.fields.customfield_10600}}",
"GroupName": "{{issue.fields.customfield_10601}}",
"IssueKey": "{{issue.key}}"
}
}π₯ Successful Response
{
"job_id": "job-addg-9922",
"status": "success",
"output": "User successfully added to group"
}π₯ Error Response
{
"job_id": "job-addg-9922",
"status": "error",
"message": "Group not found: VPN-Access",
"raw": "Get-ADGroup : Cannot find group..."
}π Requirements
- Runner must reach domain controller
- AD PowerShell module on DC
- Customer config must contain:
DomainController- Jira credentials must be configured in secrets.json
π Version History
| Version | Date | Notes |
|---|---|---|
| 1.0 | 2025-02-10 | Initial release |
| 1.1 | 2025-02-12 | Improved group lookup matching |
| 1.2 | 2025-02-13 | Added Jira transitions + error detail |