Here’s a sample workflow to demonstrate the use of the Orchestration app to automate employee onboarding along with Microsoft 365 license assignment.


Terminologies

SKU

In Microsoft 365, licenses from licensing plans (also called SKUs or Microsoft 365 plans) give users access to the Microsoft 365 services that are defined for those plans.


Before we proceed with defining a workflow in the automator, we need to -

  1. Create a Service Request item and

  2. Create  a custom object with Microsoft 365 license mappings


Service Request Item


The service request item will contain the following fields:

  1. Employee First Name

  2. Employee Last Name

  3. Department

  4. Job Title

  5. Location


Custom Object Mappings



The custom object definition will contain the following fields:


Designation

License Name

SKU ID


A record in this custom object will hold information on licenses corresponding to a specific “Designations” i.e. based on the designation/job title of the employee the relevant licenses information will be read from this custom object and the license will be assigned to the employee in the workflow automator.


Workflow Definition



  1. The very first node will check if the event of an Azure AD Employee Onboarding service request is raised.

  2. Then we pull in the App Node which will have the following configurations:

                    App Name: Azure AD - Orch

        App Action: Get User Details By Username


    

We only need to specify the username/user principal name, this step will ensure that the user does not exist already with the same UPN/username.


After every Azure AD app node execution, we are checking the status code and adding a relevant success or failure note to the ticket.


3. If the user is not found you can then pull in the App Node which will have the following configurations:

            App Name: Azure AD - Orch

            App Action: Create User



Notes when Configuring Inputs:

  • user_principal_name - The user principal name is built with the following format:

<first_name>.<last_name>@<active_directory_domain>.com


To retain the lowercase convention for user principal names we’re also using liquid templates as following in the app node as a placeholder:


Example

{{ticket.ri_46_cf_first_name | downcase}}.{{ticket.ri_46_cf_last_name | downcase}}@fdstaging-office365.com

4. Next, we set the newly created users usage location, we need to set the usage location since it is required for license assignment. To do this we pull in the App Node which will have the following configurations:

            App Name: Azure AD - Orch

App Action: Update User


Notes when Configuring Inputs:

username - The user principal name of the user created in step 3.

usage_location - Based on the users’ location in the SR specify the usage_location.



5. Once the users’ usage location is set, we need to do a group lookup, this will give us the group identifier, to do this we pull in the App Node which will have the following configurations:

            App Name: Azure AD - Orch

App Action: Lookup Group


Notes when Configuring Inputs:

display_name - This is the placeholder for the department in the SR. For example, the Engineering department will have a corresponding group “Engineering” in Azure Active Directory.



6. We’ll get the group identifier from step 5, now we will proceed to add the user to the relevant group. We pull in the App Node which will have the following configurations:

            App Name: Azure AD - Orch

App Action: Add User to Group


Notes when Configuring Inputs:

username - This is the placeholder for the user principal name which we get in response after creating a new user in step 3.

group_object_id - This is the placeholder for the group object identifier we receive in response to step 5.



7. We pull in a reader node to read the custom object which contains the mappings of license SKU IDs, License Names and Designations. These are elaborated in the Custom Objects section above in this document.


This reader node will look for the “Job Title” given in the SR in the custom object entries, and return the relevant license SKU ID in the subsequent nodes.



8. Next, we do the license assignment for the newly created employee. To do this we pull in the App Node which will have the following configurations:

            App Name: Azure AD - Orch

            App Action: Add License to User with Username


Notes when Configuring Inputs:

sku_id - This will be the placeholder for the SKU ID from the reader node in the previous step.



Let’s see the use case execution in action.