Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[TR-2953] Azure AD Account Unlocking #2739

Merged
merged 68 commits into from
Aug 18, 2023
Merged

[TR-2953] Azure AD Account Unlocking #2739

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
68 commits
Select commit Hold shift + click to select a range
5f0b748
Created Playbook
ljstella Jun 22, 2023
3094ed1
updated name
ljstella Jun 22, 2023
7ecbf5f
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
b185b61
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
9cd9c1d
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
daed604
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
5939e9d
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
dbba184
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
4584d22
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
0456c05
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
deaf00f
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
3d04d88
Branch was auto-updated.
srv-rr-gh-researchbt Jun 22, 2023
33854c1
Branch was auto-updated.
srv-rr-gh-researchbt Jun 23, 2023
e60663b
Branch was auto-updated.
srv-rr-gh-researchbt Jun 23, 2023
7abbcaa
Branch was auto-updated.
srv-rr-gh-researchbt Jun 23, 2023
5909be9
Branch was auto-updated.
srv-rr-gh-researchbt Jun 23, 2023
3cbacf9
Branch was auto-updated.
srv-rr-gh-researchbt Jun 23, 2023
aaee83e
Branch was auto-updated.
srv-rr-gh-researchbt Jun 27, 2023
fea4bc3
Branch was auto-updated.
srv-rr-gh-researchbt Jun 27, 2023
9bc56b2
Branch was auto-updated.
srv-rr-gh-researchbt Jun 27, 2023
13bfa74
Branch was auto-updated.
srv-rr-gh-researchbt Jun 27, 2023
f245566
Branch was auto-updated.
srv-rr-gh-researchbt Jun 27, 2023
01565c2
Branch was auto-updated.
srv-rr-gh-researchbt Jun 27, 2023
8a77424
Branch was auto-updated.
srv-rr-gh-researchbt Jul 11, 2023
5f0b502
Branch was auto-updated.
srv-rr-gh-researchbt Jul 11, 2023
528d887
Branch was auto-updated.
srv-rr-gh-researchbt Jul 11, 2023
561de04
Branch was auto-updated.
srv-rr-gh-researchbt Jul 11, 2023
8bedcdf
Branch was auto-updated.
srv-rr-gh-researchbt Jul 11, 2023
3a58df1
Branch was auto-updated.
srv-rr-gh-researchbt Jul 11, 2023
cc2d583
Branch was auto-updated.
srv-rr-gh-researchbt Jul 11, 2023
a93c03e
Branch was auto-updated.
srv-rr-gh-researchbt Jul 12, 2023
daafc98
Branch was auto-updated.
srv-rr-gh-researchbt Jul 13, 2023
53f44dd
Branch was auto-updated.
srv-rr-gh-researchbt Jul 13, 2023
8e00b97
Branch was auto-updated.
srv-rr-gh-researchbt Jul 13, 2023
9b45f96
Branch was auto-updated.
srv-rr-gh-researchbt Jul 14, 2023
b34d579
Branch was auto-updated.
srv-rr-gh-researchbt Jul 18, 2023
7f40b11
Branch was auto-updated.
srv-rr-gh-researchbt Jul 21, 2023
99e2133
Branch was auto-updated.
srv-rr-gh-researchbt Jul 24, 2023
248bd31
Branch was auto-updated.
srv-rr-gh-researchbt Jul 24, 2023
4171528
Branch was auto-updated.
srv-rr-gh-researchbt Jul 25, 2023
36bdbcc
Branch was auto-updated.
srv-rr-gh-researchbt Jul 31, 2023
9613c22
Branch was auto-updated.
srv-rr-gh-researchbt Jul 31, 2023
6bb2f6f
Branch was auto-updated.
srv-rr-gh-researchbt Jul 31, 2023
8cc61ab
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
826ca2b
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
fc212e8
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
ec6d668
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
cc763bb
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
222da95
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
2dd1d36
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
05b1845
Branch was auto-updated.
srv-rr-gh-researchbt Aug 2, 2023
5bfae86
Branch was auto-updated.
srv-rr-gh-researchbt Aug 7, 2023
ab88745
Branch was auto-updated.
srv-rr-gh-researchbt Aug 7, 2023
8e612f4
Branch was auto-updated.
srv-rr-gh-researchbt Aug 7, 2023
fcb2f5f
Branch was auto-updated.
srv-rr-gh-researchbt Aug 7, 2023
6b5a79c
Branch was auto-updated.
srv-rr-gh-researchbt Aug 8, 2023
c660871
Branch was auto-updated.
srv-rr-gh-researchbt Aug 9, 2023
3142916
Resolved feedback
ljstella Aug 14, 2023
3a2eeb3
fix dispatch
ljstella Aug 14, 2023
5fc2146
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
e3fc6b1
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
fcf5e7b
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
c0ea32f
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
0807021
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
daceae5
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
7f8a7d8
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
b581e3a
Branch was auto-updated.
srv-rr-gh-researchbt Aug 17, 2023
c025008
Branch was auto-updated.
srv-rr-gh-researchbt Aug 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
275 changes: 275 additions & 0 deletions playbooks/Azure_AD_Account_Unlocking.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,275 @@
{
"blockly": false,
"blockly_xml": "<xml></xml>",
"category": "Account Unlocking",
"coa": {
"data": {
"description": "Accepts user name that needs to be enabled in Azure Active Directory. Generates an observable output based on the status of account unlocking or enabling.",
"edges": [
{
"id": "port_0_to_port_2",
"sourceNode": "0",
"sourcePort": "0_out",
"targetNode": "2",
"targetPort": "2_in"
},
{
"conditions": [
{
"index": 0
}
],
"id": "port_2_to_port_3",
"sourceNode": "2",
"sourcePort": "2_out",
"targetNode": "3",
"targetPort": "3_in"
},
{
"id": "port_4_to_port_1",
"sourceNode": "4",
"sourcePort": "4_out",
"targetNode": "1",
"targetPort": "1_in"
},
{
"id": "port_3_to_port_5",
"sourceNode": "3",
"sourcePort": "3_out",
"targetNode": "5",
"targetPort": "5_in"
},
{
"conditions": [
{
"index": 0
}
],
"id": "port_5_to_port_4",
"sourceNode": "5",
"sourcePort": "5_out",
"targetNode": "4",
"targetPort": "4_in"
}
],
"hash": "28807b4b67e7fd29b25e171fedb8e0b3461b08f4",
"nodes": {
"0": {
"data": {
"advanced": {
"join": []
},
"functionName": "on_start",
"id": "0",
"type": "start"
},
"errors": {},
"id": "0",
"type": "start",
"warnings": {},
"x": 19.999999999999986,
"y": -5.115907697472721e-13
},
"1": {
"data": {
"advanced": {
"join": []
},
"functionName": "on_finish",
"id": "1",
"type": "end"
},
"errors": {},
"id": "1",
"type": "end",
"warnings": {},
"x": 19.999999999999986,
"y": 860
},
"2": {
"data": {
"advanced": {
"customName": "user name filter",
"customNameId": 0,
"delimiter": ",",
"delimiter_enabled": true,
"description": "Filter user name inputs to route inputs to appropriate actions.",
"join": [],
"note": "Filter user name inputs to route inputs to appropriate actions."
},
"conditions": [
{
"comparisons": [
{
"conditionIndex": 0,
"op": "!=",
"param": "playbook_input:user",
"value": ""
}
],
"conditionIndex": 0,
"customName": "user_name_check",
"logic": "and"
}
],
"functionId": 1,
"functionName": "user_name_filter",
"id": "2",
"type": "filter"
},
"errors": {},
"id": "2",
"type": "filter",
"warnings": {},
"x": 60,
"y": 140
},
"3": {
"data": {
"action": "enable user",
"actionType": "generic",
"advanced": {
"customName": "enable user account",
"customNameId": 0,
"description": "Enables the user accounts provided by the filtered playbook inputs",
"join": [],
"note": "Enables the user accounts provided by the filtered playbook inputs"
},
"connector": "Azure AD Graph",
"connectorConfigs": [
"azure_ad_graph"
],
"connectorId": "c6d3b801-5c26-4abd-9e89-6d8007e2778f",
"connectorVersion": "v1",
"functionId": 1,
"functionName": "enable_user_account",
"id": "3",
"parameters": {
"user_id": "filtered-data:user_name_filter:condition_1:playbook_input:user"
},
"requiredParameters": [
{
"data_type": "string",
"field": "user_id"
}
],
"type": "action"
},
"errors": {},
"id": "3",
"type": "action",
"warnings": {},
"x": 0,
"y": 320
},
"4": {
"data": {
"advanced": {
"customName": "username observables",
"customNameId": 0,
"description": "Format a normalized output for each user.",
"join": [],
"note": "Format a normalized output for each user."
},
"functionId": 1,
"functionName": "username_observables",
"id": "4",
"inputParameters": [
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.parameter.user_id",
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.status",
"filtered-data:filter_enable_result:condition_1:enable_user_account:action_result.message"
],
"outputVariables": [
"observable_array"
],
"type": "code"
},
"errors": {},
"id": "4",
"type": "code",
"userCode": "\n # Write your custom code here...\n username_observables__observable_array = []\n \n for user_id, status, msg in zip(filtered_result_0_parameter_user_id, filtered_result_0_status, filtered_result_0_message):\n user_acc_status = {\n \"type\": \"Azure AD Account\",\n \"value\": user_id,\n \"message\": msg,\n \"status\": status\n }\n username_observables__observable_array.append(user_acc_status)\n #phantom.debug(username_observables__observable_array)\n",
"warnings": {},
"x": 0,
"y": 680
},
"5": {
"data": {
"advanced": {
"customName": "filter enable result",
"customNameId": 0,
"delimiter": ",",
"delimiter_enabled": true,
"description": "filter check if the user is enabled successfully.",
"join": [],
"note": "filter check if the user is enabled successfully."
},
"conditions": [
{
"comparisons": [
{
"conditionIndex": 0,
"op": "==",
"param": "enable_user_account:action_result.status",
"value": "success"
}
],
"conditionIndex": 0,
"customName": "enabled_success",
"logic": "and"
}
],
"functionId": 2,
"functionName": "filter_enable_result",
"id": "5",
"type": "filter"
},
"errors": {},
"id": "5",
"type": "filter",
"warnings": {},
"x": 60,
"y": 500
}
},
"notes": "Inputs: users\nInteractions: Azure AD Graph\nActions: enable user\nOutputs: observables"
},
"input_spec": [
{
"contains": [
"user name",
"azure user principal name"
],
"description": "A user name provided to be enabled - Azure AD",
"name": "user"
}
],
"output_spec": [
{
"contains": [],
"datapaths": [
"username_observables:custom_function:observable_array"
],
"deduplicate": false,
"description": "An array of observable dictionaries ",
"metadata": {},
"name": "observable"
}
],
"playbook_type": "data",
"python_version": "3",
"schema": "5.0.10",
"version": "6.0.1.123902"
},
"create_time": "2023-08-14T15:28:43.647352+00:00",
"draft_mode": false,
"labels": [
"*"
],
"tags": [
"user",
"azure_ad_graph",
"enable_account",
"D3-RUAA",
"active_directory"
]
}
Binary file added playbooks/Azure_AD_Account_Unlocking.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Loading