Use SMS messages to automate some of the administrative tasks in your company. Reset the Active Directory password using SMS messages with WEBCON BPS.
General application concept – SMS commands
In the previous post, I described how to integrate GAMMU for Windows (WAMMU) with WEBCON BPS. Thanks to this, you are able to send and receive SMS through your web browser using WEBCON BPS. Today I am going to show how you can take advantage of this solution in your WEBCON apps.
The idea of my application is a WEBCON BPS process that can receive SMS commands from trusted users (for example company employees) and make some operations. After that, the SMS sender is going to receive the result back via SMS.
Of course, you do not need to use GAMMU just like me. If you feel more comfortable with APIS, you may use commercial REST or SOAP APIs for sending and receiving SMS. The concept described below will fit regardless of whether you are using GAMMU or API.
What do you need to start?
- SMS module to sending and receiving SMS integrated with WEBCON BPS. You can use GAMMU for Windows or a SMS API.
- Any data source that contains trusted SMS Senders (their phone numbers). You may use WEBCON BPS fixed values list, SharePoint List or Active Directory.
Generic process description – SMS Processing
Below is a general workflow diagram:
Firstly WEBCON in an automatic way gets newly received SMS messages. To do this you may use cyclical actions with proper action configured. Then each SMS is verified in terms of who it was received from. If the SMS was received from an untrusted sender, further processing is canceled. Otherwise, the workflow proceeds to the “Command execution” step. In this flow control step, there is message content verified. If the command is known, then the flow directs the WEBCON instance to the appropriate path, where the necessary operations are performed. If the command is unknown, the processing is canceled.
Practical use case – resetting Active Directory user password
Let’s try to configure a real use case process of the described concept above. When a company employee will send the SMS containing “Reset”, his active directory password will be reset and the sender will get another new one-time password. My workflow diagram looks like below.
Before configuring workflow I added some form fields:
- [TECH] GAMMU SMS ID (Integer) – ID of SMS from GAMMU inbox table
- Sender (Text) – phone number of the sender
- SMS Text In (Text) – text of an incoming message
- SMS Text Out(Text) – text of an outcoming message
- Sender account login (Text) – Active Directory user login
- One-time password (Text) – form field to store auto-generated password
WEBCON BPS Workflow configuration
To get all unprocessed SMS messages, we need to configure cyclical action. In my case, I am using directly “Start a subworkflow (SQL)” action which is executed every 1 minute in an infinity loop. Below are screenshots with action configuration:
At the “Register” transition path there should be an action, that is verifying, that sender number is known. In my case, I am trying to get the user account login with a given phone number. If there will be no such user, action will allow an empty value.
In my case “Is Sender trusted” flow control step flow controls looks like below. I am simply checking, that the “Sender account login” is not empty. If the user was found and form field is no empty, workflow goes to another flow control step “Command execution”. Otherwise, the process ends.
At the “Command execution” flow control step, the system verifies, that received text message is correct. If not, the process ends. If sent command is correct, the flow goes with a proper transition path. In my example, I have got only one “Reset” command.
At the “Reset password” transition path, there are two actions. The first one is a “Manage users” action which is changing the account password of the sender. Note configuration at the “Properties” tab. Setting pwdLastSet property to 0, will force the user to change his password at the next login.
The second configured action is the “Run an SQL procedure”, to add SMS to send to the “outbox” GAMMU table.
And that’s all. After sending SMS command from a trusted user (phone number was found in Active Directory cache), WEBCON will reset that user password and sent back a new one. Below is the result:
I presented only the basic usage of this concept. You can upgrade the application with the following:
- Add more commands and extend possible actions
- Add action at “Unknown command” transition path, to send trusted sender possible commands when he sends the wrong SMS
- Before Command execution add another flow control step, which will check, that another, the same command was not executed in the recent past (for example if a user send three “Reset” messages in one minute)
Featured Image: Technology photo created by slidesgo.com – www.freepik.com