---
title: "ABots - Azure User Management -On/Offboarding"
slug: "abots-azure-user-management"
description: "Azure User Management On\\Offboarding ABot can automatically run user management processes in your Azure active directory.This saves time and for both the IT admin and the employee who needs the update."
updated: 2022-10-18T13:50:11Z
published: 2022-10-18T13:50:11Z
excludeFromSearch: true
excludeFromExternalSearch: true
---

> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.sysaid.com/llms.txt
> Use this file to discover all available pages before exploring further.

# ABots - Azure User Management -On/Offboarding

Once configured, the Azure User Management On\Offboarding ABot can automatically run user management processes in your Azure active directory in response to workflow tickets opened in SysAid. This saves time and for both the IT admin and the employee who needs the update in the Azure active directory.

Before you setup this ABot, ensure that your ABots platform is up and running. See the [SysAid ABot Guide](/v1/docs/abots-guide) for details.

![](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/Azure_OnBoardingIcon(1).png)

## **Skills included**

The Azure User Management On\Offboarding ABot includes the following skills:

- **Create a User** - Creates a user in Azure active directory
- **Disable a User** - Disables a user in the Azure  active directory
- **Remove a user** - Removes a user from the Azure  active directory

## **Import Skills**

1. On the main [My Apps](/v1/docs/my-apps) page, in the Azure Active Directory User Management On\Offboarding ABot's icon, click ![](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/image-1654623091102.png).
2. Click the slider.
3. Click **Import ABot Skills**.  
 The skills are imported in the background.

## **Setup the Templates**

Each skill that you import includes a built-in template, ready to launch the automated process when a ticket is submitted. To set up the template you need to ensure that it has the credentials to access the machine that you want to run the automated process from. That machine must have access to all of the relevant agents. You also will want to ensure that the template is available in the Automation panel so that the skill can be run from within another ticket.

**To add credentials**

1. In **Settings > Service Desk Templates**, locate the new template. It will have the same name as the imported skill.
2. Open the template.
3. In the Request Details tab, ensure that the **Visible in automation panel** check box is selected.  
![](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/image-1654623124790.png)
4. In the Launch ABot workflow tab, click ![](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/image-1654623137654.png).
5. In the Execution Credentials - Windows row, select the Credentials you want in the Set Values column.  
![](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/image-1654623147794.png)
6. Click **OK**.

## **Using the ABot**

Once the ABot skills have been imported, and the templates have been set up, admins and end-users can easily use the ABot's skills to initialize and automatically run the common tasks.

**To add an ABot process from any ticket**

1. In the ticket form, click **Automations**.
2. From the **Select an Automation Process** drop-down list, select the ABot skill you want to run.
3. Click **Launch**.  
![](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/image-1654623245445.png)
4. In the window that opens, enter the information in the required fields.
5. Click **Apply**.

**To run an ABot using a template**

1. Open a new request form.
2. From the template drop-down, select the template for the ABot skill you want to run.
3. Enter the information in the required fields.
4. Click **Apply**.

You can access a record for each process run by ABots in Settings > Automate Joe > [Process Monitor](/v1/docs/process-monitor).

## **Parameter Mapping**

Each skill has it's own parameter mapping that needs to be set up in the workflow template that you want to run the skill. To set up the template, see the Setup the Templates section above.

**For any of the parameters, follow the following steps:**

1. Select if you want the parameter to be populated from an SR field, an action item field, credential set, Automate Joe agent, group field, or a manual Velocity command.  
![](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/image-1654623352733.png)
2. In the Set Value column, select a field, or type input with the variable name of the field you want to populate.
3. Select**Get Text**if you want to output the field value's caption instead of the its key.
4. Click **OK**.

### Naming Convention Parameters

Naming convention parameters allow you to select how various email addresses, user names, and names are generated. If non of the available conventions meet the needs for a user you want to create, you can customize the convention for that user.

See the table below for the full list of available conventions for each parameter and further details on how to enter a custom convention.

**To enter a naming convention**

1. Select **Manual** in the Data Source column.
2. Enter the number corresponding to the naming convention you want to use. See the table below for reference.
3. (Optional) To create a custom template:
  1. Duplicate the template for this instance.
  2. Open the Parameter Mapping for the new duplicate template you just created.
  3. Enter **99** in the naming convention field.
  4. Enter the exact name as you want it to be created in the field for that parameter. See the table below for reference.

To better understand the parameters for each skill, see the reference tables below that detail the mandatory parameters that must be populated for each skill.

**Create a User**

| **Parameter** | **Description** |
| --- | --- |
| **Required Parameters** |
| Execution Agent - Windows | The Windows agent that the ABot uses to run the process. |
| Execution Credentials - Windows | The credentials set to access the service on which you the ABot will execute the automated process. |
| Execution Agent - REST | The REST agent that the ABot uses to run the process. |
| Authentication Username | The field that contains the Azure authentication username name of the user created by this process. |
| Authentication Password | The field that contains the Azure authentication password name for the user created by this process. |
| First name | The field that contains the first name of the user created by this process. |
| Last name | The field that contains the last name of the user created by this process. |
| Account enabled (1/0) | Determines if the new user is enabled in SysAid. 0 - No 1 - Yes |
| Location | The field that contains the country code for the user created by this process. |
| Domain | The field that contains the UPN suffix of the email address value for the user created by this process. |
| Mail nickname convention | The format for the user mail nickname for the new user in Azure Active Directory. 1 - {first_name}.{last_name}@{email_domain} - for example: “Jennifer.Wilson@Acme.com” 2 - {last_name}.{first_name}@{email_domain} - for example: “Wilson.Jennifer@Acme.com” 3 - {initial_first_name}{last_name}@{email_domain} - for example: “J.Wilson@Acme.com” 4 - {initial_last_name}{first_name}@{email_domain} - for example: “W.Jennifer@Acme.com” 5 - {3_initials_firstname}{3_initials_last_name}@{email_domain} - for example: “Jen.Wil@Acme.com” For a custom convention enter **99** in this field and enter the email address in the format you want in the Preset Mail Nickname field. |
| User Principal Name Convention | The format for the user principal name for the new user in Azure Active Directory. Select **Manual** in the Data Source column and enter the number corresponding to the naming convention you want to use. If the field is left blank, the ABot uses the first naming convention by default. 1 - {first_name}.{last_name} - for example: “Jennifer.Wilson” 2 - {last_name}.{first_name} - for example: “Wilson.Jennifer” 3 - {initial_first_name}{last_name} - for example: “JWilson” 4 - {initial_last_name}{first_name} - for example: “WJennifer” 5 - {3_initials_firstname}{3_initials_last_name} - for example: “JenWil” For a custom convention enter **99** in this field and enter the principle name in the format you want in the Preset User Principal Name field. |
| Displayname Convention | The format for the display name for the new user in Azure Active Directory. Select **Manual** in the Data Source column and enter the number corresponding to the naming convention you want to use. If the field is left blank, the ABot uses the first naming convention by default. 1 - {first_name} {last_name} - for example: “Jennifer Wilson” 2 - {last_name}, {first_name} - for example: “Wilson, Jennifer” 3 - {first_name} {middle_name} {last_name} - for example: “Jennifer Rebbecca Wilson” 4 - {first_name} {first_initial_middle_name} {last_name} - for example: “Jennifer R Wilson” For a custom convention enter **99** in this field and enter the display name in the format you want in the Preset Display Name field. |
| Preferred language | The field that contains the language code for the user created by this process. |
| **Output parameters** |
| Process exit code | Code that displays the result of the process run by the ABot. 0 - The process was successfully executed 1 - The process failed Select the field you where you want this information displayed. |
| Process last message | Message that states if the process was successful or not. Select the field you where you want this information displayed. |
| Created principal name | The principle name created for the new user in Azure Active Directory. Select the field you where you want this information displayed. |
| Created display name | The display name created for the new user in Azure Active Directory. Select the field you where you want this information displayed. |
| Created initial password | The value of the custom field that contains the initial password for the new user. Select the field you where you want this information displayed. |
| Created object guid | The unique reference ID for the new user in Azure Active Directory. Select the field you where you want this information displayed. |

**Add a License to a User**

| **Parameter** | **Description** |
| --- | --- |
| **Required Parameters** |
| Execution Agent - Windows | The Windows agent that the ABot uses to run the process. |
| Execution Credentials - Windows | The credentials set to access the service on which you the ABot will execute the automated process. |
| Execution Agent - REST | The REST agent that the ABot uses to run the process. |
| Authentication Username | The field that contains the Azure authentication username name for the user you want to add the license to. |
| Authentication Password | The field that contains the Azure authentication password name for the user you want to add the license to. |
| Request user | The field that contains the user who is requesting the license added by this process. |
| Requested license | The field that contains [the CI](/docs/abots-azure-user-management#new-ci-type) for the Azure license added by this process. |
| **Output parameters** |
| Process exit code | Code that displays the result of the process run by the ABot. 0 - The process was successfully executed 1 - The process failed Select the field you where you want this information displayed. |
| Process last message | Message that states if the process was successful or not. Select the field you where you want this information displayed. |

**Remove a License from a User**

| **Parameter** | **Description** |
| --- | --- |
| **Required Parameters** |
| Execution Agent - Windows | The Windows agent that the ABot uses to run the process. |
| Execution Credentials - Windows | The credentials set to access the service on which you the ABot will execute the automated process. |
| Execution Agent - REST | The REST agent that the ABot uses to run the process. |
| Authentication Username | The field that contains the Azure authentication username name for the user you want to remove the license from. |
| Authentication Password | The field that contains the Azure authentication password name for the user you want to remove the license from. |
| Request user | The field that contains the user who is requesting the license removal executed by this process. |
| Requested license | The field that contains the CI for the Azure license removed by this process. |
| **Output parameters** |
| Process exit code | Code that displays the result of the process run by the ABot. 0 - The process was successfully executed 1 - The process failed Select the field you where you want this information displayed. |
| Process last message | Message that states if the process was successful or not. Select the field you where you want this information displayed. |

## **Other ABots**

For information about other available ABots, see any of the following help pages:

- [Active Directory User Management - On\Offboarding](/v1/docs/abots-active-directory-user-management)
- [Active Directory - User Management - Groups and OU](/v1/docs/abots-active-directory-user-management-2)
- [Azure Active Directory - User Management - Licensing](/v1/docs/abots-azure-ad-user-management-licensing)
- [Microsoft Exchange - User Management - Distribution Groups](/v1/docs/abots-microsoft-exchange-user-management)