Automate User creation via Service Connect or DMT

We are looking to do some automated user creation and provisioning. When we create the user in Active Directory I would like to call a script or some way to create the user in Epicor 10 and assign the correct roles and company. Has any one created this process.

Why don’t you just use the Import Active Directory users function in the Admin console?

I like what you’re trying to do but why not start with PowerShell and have it do the Active Directory, then Epicor in one fell-swoop? If you’re on 10.1.600+, you should be able to add the user via REST. And while you’re at it, why not add them as an employee, a supplier, a work force, a buyer, etc. (where necessary) and include all of the Authorized Users entries as well?

Then share it with us, because it’s on my backlog… :wink:

Mark W.


well I have the command to work with the dmt we have powershell creating a .csv file with nessacary columns but im not familier with rest and that part. but here is my script that works so far. right now it calls the dmt runs the entries and goes from there.

DMT.EXE -sso -add -Import “Users” -Sourcefile “Local path to csv” -ConfigValue EpicorErp.sysconfig

In your PowerShell, you can certainly build a .csv file and call DMT too. I’m just not an Active Directory export to know how to catch a trigger there.

In the unrelated-related department, some shops are using DevOps to do these kinds of things. So a user fills out a form (electronic), it starts a workflow that might get some approvals, and at the final approval, a json file is checked into a respository. This starts a DevOps build/release and it performs all the work. The SOX auditors love it because there’s a complete trail of the work from beginning to end.

Mark W.


Do you happen to have a name for any of these dev ops?

Welcome to the group Kevin!

Microsoft is ALL IN on using DevOps to run their own business. They eat their own dog food and use their own product -

The idea behind DevOps is to reduce the distance from developer to operations to the customer. The old way of building software was to have a bunch of developers jacked up on coffee build software and throw it over the wall for testing and then release. The customers would get it in an 18 to 24 month cycle. Then the complaints and bug reports would come in and they would release service packs. The new way to release software is sometimes daily - even several times a day. The only way to do this is to have good automation tooling. The Azure DevOps product (and others) orchestrates these steps with many tools so nothing is forgotten along the way. This is a nice explanation of DevOps and tooling.

Mark W.


A little bit advanced for me, my only reason for getting into the epicor in the first place is that a client of mine has basically a full workgroup setup and they are expanding sites etc. All this time they’ve been buying the computers, firewalls, server etc. from epicor and just upgrading PC’s etc. has been so cumbersome as there are specific PC’s within the workgroup that affect so much of the network of how they do business and PCI compliance has been difficult to maintain. So I’m slowly in the process of helping them switch over to faster AD setup. They are a retail store, and they are just about to move into another location. I’m thinking of setting up a xcp-ng or xenserver for the simplicity of management. Ideally, connecting users to epicore additions is a dream. But, based on the stuff you sent me, would take a while to learn and simply push back my deployment.