Workspace Automation
Overview
Workspace provides events that can be used to execute Powershell scripts on assignment or removal of a Workspace Item at both customer and user level.
Scripts
Scripts are managed through the Script Upload feature. Users must be granted explicit access to the script upload feature which is available to the Atria Service Provider Developer role by default. Visit the Script Upload page for information on accessing and managing scripts within Atria.
Workspace Item Events
Workspace Item Event handlers can be defined and changed at multiple levels, allowing you to cater for the requirements of individual resellers or customers.
This means that through configuration, assignment of a Workspace item to different customers, could execute a different process.
The following events are available:
| event | when event occurs | use for |
|---|---|---|
customer.provision | Item first assigned to a customer | setup or configuration of applications |
customer.deprovision | Item removed from a customer | archiving or deletion of data |
user.assign | Item first assigned to user | configuration of user, add to external system |
user.unassign | Item removed from a user | archival, deletion of data related to user |
The Powershell script will target the appropriate environment given the Item Type. For example, if the Item is an Azure item, then the script will automatically authenticate to the Customer in Azure, and execute the script within this context. If the Item's group type is an Active Directory group, then the script will target the Local AD environment.
Use Case : Preparation of application container
In a scenario where an ISV has a provisioning process for their application, this might involve publishing the application to a desktop, and also behind the scenes it may require a new containerised database to be created and then configured.
To solve this problem, a PowerShell script can be attached to a Workspace Item customer provision event to perform the creation of the new container, whenever a customer is assigned a specific Workspace Item, the automation will run ensuring that the application is automatically setup without needing manual configuration.
Use Case : Creating a user in an application database
The above scenario caters for setting up a new customer with a working application environment. When a user needs to be set up, they may also need to be added to the database and granted access.
By adding automation to the User Assignment event, a script can be executed, it automatically gains the context of the user, and the customer and can subsequently execute the desired process to create the user in the application.
Use case : Storage Management
An application that requires disk or cloud storage may also need to add storage on assignment to a customer. This could also increase limits based on how many users are assigned.
Use case : Archiving of data
Automated process to archive data can be applied when removing a Workspace Item from a user. By adding a script to copy data into an archival folder, data is not lost and process for specific customers is automatically executed.
Adding Events to Workspace Type
Workspace Item Types act as a template and grouping for Workspace Items. If every Workspace Item of that type will require the same automation script to execute, then you should define the event at the Workspace Item Type level. It will then be inherited by every workspace item of this type.
Example : Workspace Item Type "User Group Policy"
A Workspace Item type is defined that applies group policy based on a users membership of a group.
Automation added that will create the GPO when the Workspace Item is assigned to the Customer. In this case, the automation would be added at the Workspace Item Type level as each Workspace Item needs to run the automation.
Adding Events to Specific Workspace Items
If the automation is specific to a particular Workspace Item, Define the automation at the Workspace Item level.
You can also have automation applied at both the Workspace Type and the Workspace Item level - both automations will be executed sequentially when the event fires.
Context and Properties
Atria ensures that the context of the customer is available for customer.provision and customer.deprovision events. In addition the user context is provided for user events.
The actual properties may vary based on how your Customer and User entities are configured. The below tables show the baseline properties available for Customer and User events.
Env Key:
- * - Both Windows and Azure environments
- a - Azure only
- w - Windows only
Customer Propertes available
| Env | Property | example | Purpose |
|---|---|---|---|
| * | CreatedBy | jamesp_adp | Username of user initiating change |
| * | CreatedByCustomerId | 3821 | CustomerID of the user initiating the change |
| * | CreatedByUserEmail | james@adpsol.com | Email address of user initiating change |
| * | CreatedByUserID | 43433 | UserID of user initiating change |
| * | CreatedByUserLabel | James Peach | Display name of user initiating change |
| * | CreatedByUserName | Jamesp_adp | Username of user intitiating change |
| * | CreatedByUserPrincipalName | james@adpsol.com | UPN of user initiating change |
| * | CustomerContact | Ethan Bracks | Primary contact name stored on customer record |
| * | CustomerContactEmail | Ethan@avenues.co.uk | Email address of contact from customer record |
| * | CustomerID | 2188 | Unique CustomerID of customer service is provisioned to |
| * | CustomerKeyAttribute | adminDescription,extensionAttribute15 | AD attributes that will be stamped with the CustomerID for User and OU objects |
| * | CustomerLongName | Avenues Recruitment Ltd | Full name of customer, the servie is being provisioned to |
| * | CustomerOUPattern | Avenues Recruitment Ltd (ARL) *should be removed* | Name of OU for customer |
| * | CustomerPath | Customers *should be removed* | Path to customers OU |
| * | CustomerShortName | ARL | Short identifying name for customer |
| * | ItemDescription | Microsoft Word is the worlds leading word processor for windows | Full description of the Workspace Item being assigned to the customer or user. |
| * | ItemDisplayName | Microsoft Word | The name of the Workspace Item |
| * | RequestID | 239920 | Identifier for the request |
| * | RequestedBy | Jamesp_adp | Name of the user requesting the change |
| * | RequestedByUserID | 43433 | Id of user requesting change |
| * | ServiceID | 24999 | Service identifier for Workspace |
| * | ServiceLabel | Workspace | Descriptive name of service |
| * | ServiceName | WS | Name of Service |
| * | ServiceObjectID | 288839 | Object Identifier, unique within Atria objects |
| * | dirResName | resMsWord | Typically the groupname, although in Azure the Displayname is used |
| * | dirResNameUID | e9c41e95-71be-4214-b620-ac6aaaca7ea0 | The UniqueID of the group |
| w | dirUserGroupName | ARL resMsWord | For Group where users are made members when an item is shared |
| w | dirUserGroupNameUID | 251fd013-fdfb-4bd9-b852-8745fef8f3f3 | The UniqueID of the UserGroup |
| * | IDPType | ActiveDirectory | AzureAD | The base group type (or Environment) |
| * | IDPGroupType | 0x80000002 | The actual group type |
| * | IsCreateGroupItem | True | False | Specifies whether an actual group is created for the item |
| w | IsSharedItem | True | False | Is the group shared among other customers or not |
| w | UserIDPType | ActiveDirectory | Same as IDPType, but for the User Group |
| w | UserIDPGroupType | 0x80000002 | Same as IDPGroupType, but for the User Group |
| * | SKU | msw12 | User Specified SKU for the item |
User Properties available
| Env | Property | example | Purpose |
|---|---|---|---|
| a | AzureUserID | DBFE7060-A562-4D18-9C58-6684CD55E930 | The Azure UserID making it easier to find the user affected within Azure |
| * | ListName | ARL Private List | The name of the list that the item is associated with |
| * | ProvisioningString | ws-ad-msword | User defined Provisioning String associated with the item |
| * | Type | Desktop Application | The WorkSpace item type |
| * | UserEmail | ethan@bracks.co.uk | Name of User the Workspace Item is being assigned to |
| * | UserExternalEmail | ethan192@gmail.com | External email of user |
| * | Userfullname | Ethan Bracks | Full name of user |
| * | UserID | 213 | User Identifier |
| * | Username | ethan_arl | User username (and unique identifier within customer) |
Configuring
Event script properties retrieved or set through the Add|Remove|Set-AtriaWorkSpaceEventScriptProperties functions.
Add-AtriaWorkSpaceEventScriptProperties Syntax
Add-AtriaWorkSpaceEventScriptProperties [-ScriptEnvironment] <string> [-Target] <string> [-Name] <string[]> [<CommonParameters>]
ScriptEnvironment
The environment associated with the property. Available values are currently Windows or Azure
Target
Either User or Customer
Name
The name of the property to add to the list of properties for this particular event type. Note: The property must be a property that is available within the Provisioning Request.
Get-AtriaWorkSpaceEventScriptProperties Syntax
Get-AtriaWorkSpaceEventScriptProperties [-ScriptEnvironment] <string> [-Target] <string> [<CommonParameters>]
Remove-AtriaWorkSpaceEventScriptProperties Syntax
Remove-AtriaWorkSpaceEventScriptProperties [-ScriptEnvironment] <string> [-Target] <string> [-Name] <string[]> [<CommonParameters>]