Configuration guide: License reclamation
Last updated
Last updated
To get started with this library pack, please ensure all related content is installed and configured appropriately. This page provides guidance on which content is included and how to configure it.
Please keep in mind this is just a guide and represents suggested configurations. You are free to customize and edit content as you see fit based on your specific environment.
This page will guide you through the structure of the content.
This library pack contains content from the following expansion products
Some of these products offer default access to their respective content, and can still be used without the expansion products. To learn more about the default thresholds for expansion products, visit the extended documentation.
| Type | Name | Description | Dependencies |
|---|---|---|---|
To effectively use this library pack, the content must be installed and configured appropriately. Below are some suggested steps to install and configure the content properly before use.
Step 1) Install library pack content
Go to the Nexthink Library and install all required content.
Step 2) Edit campaigns
Navigate to the manage campaigns administration page to review and edit your campaigns.
For each installed campaign, please ensure to:
Customize the sender name and image.
Review and adjust questions.
Publish the campaign when you are ready to use it.
We recommend the following configurations for these campaigns:
Step 3) Configure remote action(s)
Invoke remove user from AD group - input parameters
Step 4) Configure Entra ID integration
The configuration of connector credentials is essential for enabling API calls. See detailed information at Connector credentials . Each Service/API thinklet has a dropdown field for credentials that needs to be filled out. When the workflow is installed or copied from the Library, this field will be blank as it is a local setup of each environment and is not included in the Library.
Step 5) Check workflow parameters
The parameters for the workflow are defined to capture 3 elements controlling the process of automatic license assignment group members.
Ask for permission?: This parameter determines whether user consent is necessary for reclaiming the license.
Authorization group: Authorization group display name.
Application name: Application whose licensing is managed by an authorization group.
Step 6) Maintain API thinklets locally defined credentials
Each Service/API thinklet requires locally maintained credentials. In this step review all relevant thinklets and maintain credentials.
Step 7) Maintain workflow trigger
This workflow recommended trigger is “Schedule” . To configure the trigger attribute, select the "Schedule" checkbox in the "General" configuration tab of the workflow.
Multiple schedules can be defined. Typically, each application will have a dedicated license group and a dedicated schedule.
The NQL query example below identifies all users who have used the "Salesforce Lightning" application for less than 5 minutes in the past 90 days. It omits users who were targeted in the previous campaign run and indicated they need the license, regardless of their usage time being under 5 minutes in the past 90 days. To utilize this query, the application must be set up in both Application Experience and Software Metering.
Your content is now configured and ready to be used. For usage overview and recommendations, you can visit the usage guide:
Usage guide: License reclamation
RELATED TOPICS
| Name | Trigger | Priority |
|---|---|---|
| Name | Trigger | Schedule Query | Parameters to edit |
|---|---|---|---|
| Name | Default value | Description | Allow the user to enter a custom value |
|---|---|---|---|
License reclamation
An API call to Entra ID removes a user (based on their user ID) from an application group, which automatically reclaims the license.
License reclamation (on-premises Active Directory)
Triggers a remote action to Active Directory to remove a user (based on their SAM account name) from an application group, which automatically reclaims the license.
License reclamation request - Workflow invoke
Asks users if they are still using an application.
Invoke remove user from AD group
The purpose of the Remote Action is to remove a specified user from an on-premises Active Directory group.
Device assignment verification
API
Not urgent
Invoke remove user from AD group
API trigger should be enabled so that it can be triggered from the Workflow
Username
None
User account SAM name of the target user
Yes
Groupname
None
Active Directory group SAM name on the target domain
Yes
