[REWST - TASK] Remove Supervisor

This workflow automates the removal of supervisor relationships in both Azure AD and on-premises Active Directory environments, serving as a critical building block in user offboarding, role changes, and organizational restructuring processes. MSPs will find this particularly valuable when handling staff departures, promotions, or departmental reorganizations across multiple client environments, eliminating manual intervention in both cloud and on-premises directories simultaneously. The workflow functions by first checking both environments to determine where supervisor relationships exist, then leveraging Microsoft Graph API to remove cloud-based supervisor assignments and executing PowerShell scripts through an RMM tool to handle on-premises AD modifications. This dual-environment approach ensures comprehensive cleanup of supervisor relationships regardless of the client's infrastructure setup, making it an efficient component in broader HR-triggered automation workflows.

This workflow contains 7 tasks.

Inputs

  • rmm_site - string

    • Provide the RMM site ID (optional)

  • idp_config - string

    • Accepted values are: on_prem, hybrid_no_sync, azure_ad, on_prem_only. If no value is provided value will be determined via org var logic.

  • on_prem_dc - string

    • The hostname of the On-Prem Domain Controller.

  • aad_user_id - string

    • The GUID of the Azure/Entra User.

  • default_rmm - string

    • Default RMM

  • on_prem_user_id - string

    • The User ID of the On-Prem user.

Outputs

  • automation_log: Standardized Rewst automation log

  • success: Boolean; States if workflow was successful.

Key tasks

  • failure_catch: Core integration: noop

  • check_onprem: Validation/verification

  • check_aad: Validation/verification

  • remove_aad_supervisor: Microsoft Graph integration: Graph API Request

  • remove_onprem_supervisor: Workflows integration: [REWST - TASK] Run Powershell via RMM

Jinja examples

Example 1

{{ - data_ns.status - }}

Used in publishing 'automation_log'

Example 2

{{ - data_ns.status < 2000 - }}

Used in publishing 'automation_log'

Previous[REWST - TASK] Remove Group MembershipsNext[REWST - TASK] Run AD Sync/Entra Cloud Sync

Last updated

Was this helpful?