When running the Add User to Group AD activity, the activity fails due to the missing distinguishedName parameter. This parameter is required when leveraging the LDAP ADSI provider in Powershell to populate a group.

Steps to Reproduce

  1. Activate the Orchestration plugin.
  2. Open the Workflow Editor.
  3. Create a workflow that includes the Add User to Group AD activity.
  4. Fill out the required fields.
  5. Run the workflow.


  1. Navigate to the mid script files.
  2. Open the ActiveDirectory.psm1 file.
  3. Find the addADUserAccountToGroup function.
  4. Replace the following lines:

$replTextexpr1= [regex]"=";
$replTextexpr2= [regex]",CN";
$userDNafter_1=$replTextexpr1.replace($userDNb4, "=""", 1);
$userDNafter=$replTextexpr2.replace($userDNafter_1, """,CN", 1);



Seen In

Geneva Patch 1
Geneva Patch 5
Geneva Patch 5 Hot Fix 1
Geneva Patch 6
Geneva Patch 7

Fixed In

Geneva Patch 8

