Changing Active Directory OU of vRA Provisioned Machines

In this post we will make use of ActiveDirectory.rename in the vRO Active Directory plugin to move a computer object to a new OU as a custom action from within the vRA portal. Although technically it isn’t quite Solarwinds integration with vRA, we can cheat by monitoring the new OU. In this setup we will have vRA provision machines to a standard unmonitored OU, and then have an action in the portal triggering a vRO workflow to move the computer account to a monitored OU.

vRO Configuration

• Log into the vRealize Orchestrator client and switch to Design view. Open the Workflows tab.
• The steps below assume that an Active Directory server has been registered with vRA. If this is not the case then browse to Library, Microsoft, Active Directory, Configuration. Run the Add an Active Directory server workflow and enter the AD information. If successful the AD server should be listed in the Inventory tab under Active Directory.
• Now from the Workflow tab right click the folder where the new workflow will be created and click New workflow. Enter a name for the new workflow and click Ok.
• Enter a description if required. Under the Attributes header add a new attribute, give the attribute a name (in this case AD_Host) and change the type to AD:AdHost. The value will be the Active Directory host already configured as mentioned above.

• Click the Inputs tab. Add a new parameter, give the parameter a name (in this case vmName) and change the type to VC:Virtual Machine. There are no outputs.
• Click the Schema tab. Drag and drop the Scriptable task item onto the design canvas.
• Click the Scriptable task. From the Info tab update the task name (in this case I have used Add to Monitored OU).
• From the IN tab click the Bind to workflow parameter/attribute button. Select the attribute (AD_Host) and parameter (vmName) we created earlier.

• Open the Scripting tab. The commands I have used are below, this finds and outputs the computer name (using the vmName parameter) from AD (searching the Active Directory host specified in the AD_Host attribute), and then moves it to the new OU.
• Save and close the workflow.

var object = ActiveDirectory.getComputerAD(vmName.name,AD_Host);

System.log("Searching for computer: " + vmName.name)
System.log("Found computer: " + object)

ActiveDirectory.rename(object.distinguishedName, "CN= " +vmName.name , "OU=Monitored,OU=Servers,DC=Corp,DC=Local" , AD_Host)

vRA Configuration

The next step is to hook the vRO workflow into vRA. Log into the vRealize Automation portal as a user with service architect permissions. From the Design tab select XaaS and Resource Actions. Any existing resource actions are listed. Click New.

Map the resource action to the relevant vRO workflow. In this case we need to expand Library, Solarwinds and select the Add to Monitoring workflow.

The input mappings should already be populated; the resource type is IaaS VC Virtual Machine, the input parameter matches up with the parameter configured in the vRO workflow (vmName which passes the virtual machine name), and this maps to the VC:VirtualMachine orchestrator type.

Accept the default values in the Details tab. Edit the Form as appropriate, in this example I have added just a text description for the user. When you’re done click Finish.

The new resource action is now listed as a draft. To start using the action select it and click Publish. Now select the Administration tab and Catalog Management. Open the Actions page, the new resource action we created should now be displayed.

If you want to change the icon of the resource action you can do so by selection the action and clicking Configure. There are a number of useful vRA icons available here, including sample icons for day 2 actions. Note for users of vRA 7.2 there is a known issue with changing the icon for custom actions, resolved in 7.3 as per this KB article.

The next step is to assign our custom action to an entitlement. Open the Entitlements page and select the relevant entitlement. Click the Items & Approvals tab, under Entitled Actions click the green plus symbol. Locate the new resource action and select the check box to add it to the entitled actions. Click Ok and Finish.

To confirm the configuration has worked browse to the Items tab and select Machines. Any virtual machines that have the custom resource action added to the entitlement will show the new action in the drop-down Actions menu.

When selecting the new action I am presented with the action form as per the design canvas we saw earlier. In this example when I click Submit the Add to Monitoring workflow is run moving the computer object of the virtual machine to the OU specified in the script.