The ERP I work with is called Vision and is created by Deltek. This holds all the data for all departments in the company, including employee data. Active Directory (AD) is Microsoft’s repository of usernames and passwords that can access a network. But AD stores information about the employees which is then used for display in Outlook and Lync: Such as phone, mobile, address, title, name, supervisor, and so on. Having this information accurate is critical. Rather than creating some kind of procedure or policy to govern it, I created code.
I could create a custom workflow DLL using Vision’s API. The catch was, at the time, I had to go back to Visual Studio 2003 to do this, per the requirements of Vision. No problem: Microsoft will send me a copy and I can learn it quick. Using C# .NET, I was able to read the active employee list from Vision, impersonate a network administrator, query AD using LDAP, and match Vision employees to AD objects. Then it was a simple matter of determining what AD called the fields in code and just mapping in the appropriate data from Vision.
Since it was a custom Vision workflow, I was able to use Vision to schedule this to run nightly. The coolest part about it, for me, was the ability to actually tie an employee in AD to his/her supervisor in AD: I can actually see a full list of employees a given Team Leader manages, right in the AD object for that Team Leader. Automation!
The next steps for this project was to fully automate the generation of an employee on the network just by having someone approve them in Vision. Create the AD object, fill it with the appropriate data, create and enable the mailbox, set calendar permissions, create a home folder with proper permissions on the proper file server, enable Lync, send welcome email to the appropriate people, and so on. There is only so much time in a year.