VMware Aria Automation Orchestrator

Hi,

short question regarding the creation of groups using the AD plugin. Is it possible to create an universal group ?, the createUserGroup creates a Global group. (The same question for a domain local group)

Regards

     Thomas

By using "createUserGroup" WF you will be able to create only UserGroups of type "Security Group - Global". I think that this can be workarounded by later setting the attribute "groupType" of the UserGroup object to(see table bellow):

However when I tried this I got an AD error probably stating insufficient priveleges.

The code I use is:

userGroup.setAttribute("groupType", "&H4");

The error I got was:

Unable to remove attribute: Error while modifying element: [LDAP: error code 21 - 00000057: LdapErr: DSID-0C090A85, comment: Error in attribute conversion operation, data 0, vece ]

10 years late, but relevant still for me!

First, the values you'll want to use are listed here:
https://devblogs.microsoft.com/scripting/how-can-i-tell-whether-a-group-is-a-security-group-or-a-distribution-group/

Secondly, you can't convert directly from 'Global' to 'Domain Local', you have to make a pit-stop at 'Universal' in between.
https://social.technet.microsoft.com/Forums/windows/en-US/3cc3d71b-ca71-4d85-9a86-93579dae9fd4/convert-domain-global-group-to-local?forum=winserverDS

Other two years passed but AD Plugin still works as described .

@BrettK1 Thanks for sharing the solution.