Direct Inward Dialing: +1 408 916 9393
Free EditionThis API helps in removing user accounts from Active Directory groups from your application.
Request URL (JSON) Format: http:// <hostname> : <port> /RestAPI/RemoveUsersFromGroup
Request Parameters:
| Parameters | Mandatory | Description |
| AuthToken | Yes | Authentication token obtained using the Generate AuthToken API. |
| domainName | Yes | Domain in which the user object's group membership has to be modified |
| inputFormat | Yes | Details of the attributes of user accounts to be modified. This attribute should be a JSONArray string and should be in the format mentioned below. [>,<JSONObject>,<JSONObject>]; JSONObject - key/value pair of LDAP attributes and their corresponding values Sample code in java: JSONArray userDetails = new JSONArray(); JSONObject json = new JSONObject(); json.put("sAMAccountName", "John"); userDetails.put(json); json = new JSONObject(); json.put("sAMAccountName", "Damien");userDetails.put(json); Note: If the "templateName" attribute is not included in the key/value pair, the default user modification template assigned for the technician will be used. |
| PRODUCT_NAME | Yes | Product name/module name from which the request is being sent; will be needed for auditing. |
| isRemoveFromAllGroup | Yes | Remove all the existing memberships of the specific user. The value of this parameter can be set to True or False based on the requirements. |
| removeGroup | No | List of all sAMAccountName of the groups. |
Response:
The response will be a JSON array string which contains the list of JSONObjects. Each JSONObject in the list represents a user sent in the inputFormat attribute in the request. Each object will contain the following properties about the status.
| Parameters | Description |
| status | Status of the user modification operation: '1' on successful modification. '0' if there is an error. |
| statusMessage | Contains the message about the issues or errors that occur while performing the specified action. |
| sAMAccountName | sAMAccountName of the user account removed. |
| userPrincipalName | userPrincipalName of the user account removed. |
Sample request:
http://admanager:8080/RestAPI/RemoveUsersFromGroup?PRODUCT_NAME=MODULE&AuthToken=75adb327-91a0-4384-98b6-6c42332f8263&domainName=admp.local&inputFormat=[{"sAMAccountName":"john"}]&isRemoveFromAllGroup=false&removeGroup=[Account Operators, Administrators]
http://admanager:8080/RestAPI/RemoveUsersFromGroup?PRODUCT_NAME=MODULE&AuthToken=75adb327-91a0-4384-98b6-6c42332f8263&domainName=admp.local&inputFormat=[{"sAMAccountName":"john"}]&isRemoveFromAllGroup=true
Sample Response:
[{"sAMAccountName":"john","objectSID":"S-1-5-21-2664452653-2810534411-3271467435-4097","userPrincipalName":"john@admp.local","statusMessage":"Successfully modified.","status":"1"}]
Technician-based remove users from group limit
The total number of times that technicians can remove users from a group, in a day using the RemoveUsersFromGroup API depends on the total number of licensed help desk technicians (HDTs).
The maximum number of API calls that an HDT can make is 50/day, irrespective of the tasks that the HDT performs. If you have two HDT licenses, the total number of API calls that you can make is 100/day, that is 2*50.
As the per day API call limit is not task-specific, you can perform any operation but the total number of API calls should not exceed 100. That is, an HDTcan perform a variety of operations like user creation, OU creation, password reset, etc., but the number of API calls for all the tasks put together should not exceed 100.
