1 of 1

Onboarding form inputs and workflow process

All onboarding form fields

This section provides a complete breakdown of all onboarding form fields, including hidden fields that are conditionally displayed based on other selections.

Expand each of the categories below to see its related reference table.

Basic settings required for all configurations

Advanced: Manual approver fields

Advanced: User attributes

Advanced: RMM options

Advanced: Mail attributes

Advanced: Password settings

Advanced: PSA options

Device and software assignments

Form fields present if using OpenText SecureCloud

When filling out the Microsoft: User Onboarding form after setting the organization variable required to use this integration with the Crate, four new fields will populate.

Secure Cloud User Location
Secure Cloud Microsoft Services
SecureCloud Security Services
Secure Cloud Exchange Services

Choose the Secure Cloud User Location from the drop-down selector, and at least one Secure Cloud Microsoft Service from that relevant drop-down list. The other fields are optional.

Decoded advanced Jinja conditions

In some cases, form fields are dynamically determined using complex Jinja logic.

For example: Identity provider configuration field visibility

The field will only show if ORG.VARIABLES.primary_identity_provider is On-Prem, Hybrid without Sync, or On-Prem Only.
If Azure AD is selected, the field will be hidden.

Onboarding form inputs and workflow process

All onboarding form fields

This section provides a complete breakdown of all onboarding form fields, including hidden fields that are conditionally displayed based on other selections.

Expand each of the categories below to see its related reference table.

Basic settings required for all configurations

Advanced: Manual approver fields

Advanced: User attributes

Advanced: RMM options

Advanced: Mail attributes

Advanced: Password settings

Advanced: PSA options

Device and software assignments

Form fields present if using OpenText SecureCloud

When filling out the Microsoft: User Onboarding form after setting the organization variable required to use this integration with the Crate, four new fields will populate.

Secure Cloud User Location
Secure Cloud Microsoft Services
SecureCloud Security Services
Secure Cloud Exchange Services

Choose the Secure Cloud User Location from the drop-down selector, and at least one Secure Cloud Microsoft Service from that relevant drop-down list. The other fields are optional.

Decoded advanced Jinja conditions

In some cases, form fields are dynamically determined using complex Jinja logic.

For example: Identity provider configuration field visibility

The field will only show if ORG.VARIABLES.primary_identity_provider is On-Prem, Hybrid without Sync, or On-Prem Only.
If Azure AD is selected, the field will be hidden.

custom_display_name

Custom Display Name

Text Input

Optional

advanced_options_user_attributesis checked

license_group_assignment

License Group Assignment

Multi-Select Dropdown

Optional

user_exists is true OR licencing_choose_subscription is enabled

direct_m365_license_assignment

Direct M365 License Assignment

Dropdown

Optional

user_exists is true OR licencing_choose_subscription is enabled

license_subscription

License Subscription

Dropdown

Optional

user_exists is true OR licencing_choose_subscription is enabled

copy_user_attributes

Copy User Attributes

Checkbox

Optional - select this box to choose a user to copy attributes from. Any attributes set in the form will overwrite the attribute from the copied user.

Always visible

user_to_copy

User To Copy

Dropdown

Optional

copy_user_attributes is checked. For Azure, this will copy: User Location, City, Address Line 1, Desk Phone Number, Company Name, Usage Location, Department Title, Phone Number, Post Code, State. For on-prem, this will copy: country/region code (ISO two-letter), country/region (full name), locality (city), state or province, company, numeric country code, department, manager, office location, postal code, street address, title.

copy_user_groups

Copy User Groups

Checkbox

Optional

copy_user_attributes is checked

onprem_security_groups

On-Prem Sec Groups

Multi-Select Dropdown

Optional

primary_identity_provider is On-Prem AD or Hybrid

onprem_dist_groups

On-Prem Dist Groups

Multi-Select Dropdown

Optional

primary_identity_provider is On-Prem AD or Hybrid

azure_ad_security_groups

Entra Security Groups

Multi-Select Dropdown

Optional

primary_identity_provider is Azure AD or Hybrid

azure_ad_mail_groups

Entra Mail-Enabled Groups

Multi-Select Dropdown

Optional

primary_identity_provider is Azure AD or Hybrid

organizational_unit

Organizational Unit

Dropdown

Optional

primary_identity_provider is On-Prem AD or Hybrid

manual_approver_email

Manual Approver E-Mail

Text Input

Optional

advanced_options_approval is checked

home_directory_server

Home Directory Server

Dropdown

Optional

home_directory is checked

home_directory_path

Home Directory Path

Text Input

Optional

home_directory is checked

home_directory_drive_letter

Dropdown

Home Directory Drive Letter

Optional

home_directory is checked

description

Description (AD Only)

Multi-line Input

Optional

primary_identity_provider is On-Prem AD or Hybrid

secondary_email_domains

Secondary Email Domains

Multi-Select Dropdown

Optional

advanced_options_mailis checked

shared_mailboxes

Shared Mailboxes

Multi-Select Dropdown

Optional

advanced_options_mailis checked

shared_mailboxes_allow_send_as

Allow Send As the Shared Mailboxes?

Checkbox

Optional

shared_mailboxes is checked

shared_mailboxes_allow_send_on_behalf

Allow Send on Behalf of the Shared Mailboxes?

Checkbox

Optional

shared_mailboxes is checked

cannot_change_password

User cannot change password (On-Prem)

Checkbox

Optional

advanced_options_password is checked

password_never_expires

Password Never Expires (On-Prem)

Checkbox

Optional

advanced_options_password is checked

store_password_in_ticket

Store Password in Ticket

Checkbox

Optional

advanced_options_password is checked

send_sms_to_user

Send Password to User Mobile

Checkbox

Optional

ORG.VARIABLES.send_sms_to_userand

sms_with_country_code

SMS Number with Country Code

Number Input Field

Optional

send_sms_to_user and advanced_options_password

vpn

Dial-In VPN access for the user.

Checkbox

Optional

advanced_options_user_attributesis checked and show_advanced_options is checked

psa_child_company

PSA Child Company

Dropdown

Optional

advanced_options_psa is checked

device_description

Device Description Information

Multi-line Input

Optional

advanced_options_devicesis checked

required_applications

Required Applications

Multi-Select Dropdown

Optional

advanced_options_apps is checked

{% set idp_config = "invalid_idp" %}
{%- if ORG.VARIABLES.primary_identity_provider|d|lower in ["azure_ad","azuread"] or CTX.mail_only_user|d(false) -%}
    {%- set idp_config = "azure_ad" -%}
{%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] and ORG.VARIABLES.onprem_no_adsync|d|lower in ["true","1"] -%}
    {%- set idp_config = "hybrid_no_sync" -%}
{%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] and ORG.VARIABLES.no_azure_ad|d|lower == "true" -%}
    {%- set idp_config = "on_prem_only" -%}
{%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] -%}
    {%- set idp_config = "on_prem" -%}
{%- endif %}
{{- idp_config in ["hybrid_no_sync", "on_prem_only", "on_prem"] -}}

{% set idp_config = "invalid_idp" %}
{%- if ORG.VARIABLES.primary_identity_provider|d|lower in ["azure_ad","azuread"] or CTX.mail_only_user|d(false) -%}
    {%- set idp_config = "azure_ad" -%}
{%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] and ORG.VARIABLES.onprem_no_adsync|d|lower in ["true","1"] -%}
    {%- set idp_config = "hybrid_no_sync" -%}
{%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] and ORG.VARIABLES.no_azure_ad|d|lower == "true" -%}
    {%- set idp_config = "on_prem_only" -%}
{%- elif ORG.VARIABLES.primary_identity_provider|d|lower in ["on_prem"] -%}
    {%- set idp_config = "on_prem" -%}
{%- endif %}
{{- idp_config in ["hybrid_no_sync", "on_prem_only", "on_prem"] -}}