This blog post is part of a series of posts that describe how to build an Active Directory Help Desk tool with PowerShell Universal. Here is a listing of other posts in this series.
The full source code can be found on our template repository.
First, let’s configure authentication for our Universal instance. We will be using the basic forms authentication and calling the Active Directory cmdlets to validate that the user has access to the system. To edit the forms authentication within the Universal Admin Console, you will first have to login as the default Admin using the the credentials Admin\<any password>. Next, navigate to the Settings \ Security and click Settings on the Forms authentication line.
The forms authentication code is provided a PSCredential object which we can then pass to Get-ADUser to validate that the user has access to Active Directory. This code is available on GitHub here.
Your users should be able to authenticate against Universal using their domain credentials.
Creating a Dashboard
Now that we can login, we can create a dashboard to house the tools that we wish to provide our users. Navigate to Dashboard \ Dashboards. Click Add Dashboard. For the purposes of our Help Desk tool, we will set the dashboard as the root of our website and name it Help Desk. We are using Universal Dashboard v3 for this blog series.
After clicking Ok, the dashboard will be created and will already be running. To edit the dashboard, click the Info button. You will now see the built in code editor for the dashboard. If you click the Edit button in the top right, you’ll be able to change the dashboard script.
Connecting to Active Directory
First, we need to indicate where the dashboard should query for Active Directory. We can insert our server name and credentials.
Universal uses the Microsoft Secret Management module to securely store secrets. In this case, we are use the Get-Secret cmdlet to retrieve those secrets. You can create a secret through Universal by clicking Automation \ Variables and then clicking Add Variable. This will allow you to enter your own credentials for your domain. Adding a variable through Universal will store it in Secret Management but not within Universal itself.
Building an Input Form
Now that we have the credentials configured, we can create a form to collect the information we need to view user objects within our domain. We’ll take advantage of New-UDForm, Session variables, Sync-UDElement and Show-UDToast for error messages. The script below creates a UDCard that contains the form. Within the form we have a single textbox to enter the identity of the user to find. When the form is submitted, we use Get-ADUser to search Active Directory for that user and store it in a Session variable. If the user isn’t found, we will show a toast. If the user is found, we will call Sync-UDElement to update the table.
Building an Output Table
Now that we have the form to search for the user, we can create a table to show the user’s properties. We wrap the table in a New-UDDynamic so that we can update the table dynamically. This is what Sync-UDElement is updating in the previous section. We define two columns for the name and value of the property. We then pass the properties into the data parameter of New-UDTable.
The script for this section can be found within our template repository.
Using the View User Tool
Now that we have completed our dashboard, you can visit the root of your website to view it. You can also click the View button on the Dashboards table. Enter a user name and click Submit to view the properties of that user.
In this post, we looked at how to setup a dashboard in PowerShell Universal to view Active Directory users. Follow this blog series for more information on how to build an Active Directory Help Desk tool.