Active Directory Query v2 - Added the ad-modify-user-ou command (demi…

…sto#22943)

* Added ad_modify_user_ou command

* Added ad-modify-user-ou to the readme file

* Updated the docker image

* Added ad-modify-user-ou to the AD Test TPB

* Added RN

Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py

@@ -1325,6 +1325,25 @@ def modify_computer_ou(default_base_dn):
     demisto.results(demisto_entry)
 
 
+def modify_user_ou_command(default_base_dn):
+    assert conn is not None
+    args = demisto.args()
+
+    user_name = args.get('user-name')
+    dn = user_dn(user_name, args.get('base-dn') or default_base_dn)
+
+    success = conn.modify_dn(dn, "CN={}".format(user_name), new_superior=args.get('full-superior-dn'))
+    if not success:
+        raise Exception("Failed to modify user OU")
+
+    demisto_entry = {
+        'ContentsFormat': formats['text'],
+        'Type': entryTypes['note'],
+        'Contents': "Moved user {} to {}".format(user_name, args.get('full-superior-dn'))
+    }
+    demisto.results(demisto_entry)
+
+
 def expire_user_password(default_base_dn):
     args = demisto.args()
 
@@ -1914,6 +1933,9 @@ def main():
         elif command == 'ad-modify-computer-ou':
             modify_computer_ou(DEFAULT_BASE_DN)
 
+        elif command == 'ad-modify-user-ou':
+            modify_user_ou_command(DEFAULT_BASE_DN)
+
         elif command == 'ad-create-contact':
             create_contact()
 

Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.yml

@@ -283,6 +283,14 @@ script:
     - name: full-superior-dn
       description: Superior DN. For example, OU=computers,DC=domain,DC=com (the specified domain must be the same as the current computer domain).
     description: Modifies the computer organizational unit within a domain.
+  - name: ad-modify-user-ou
+    arguments:
+      - name: user-name
+        required: true
+        description: "The name of the user to modify."
+      - name: full-superior-dn
+        description: Superior DN. For example, OU=users,DC=domain,DC=com (the specified domain must be the same as the current user domain).
+    description: Modifies the user organizational unit within a domain.
   - name: ad-get-user
     arguments:
     - name: dn

Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md

@@ -571,6 +571,35 @@ There is no context output for this command.
 "mike" was successfully moved to "OU=Sarah,DC=demisto,DC=int"
 ```
 
+### ad-modify-user-ou
+***
+Modifies the user organizational unit within a domain.
+
+#### Base Command
+
+`ad-modify-user-ou`
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| user-name | The name of the user to modify. | Required | 
+| full-superior-dn | Superior DN. For example, OU=users,DC=domain,DC=com (the specified domain must be the same as the current user domain). | Optional | 
+
+
+#### Context Output
+
+There is no context output for this command.
+
+##### Command Example
+```
+!ad-modify-user-ou user-name=username full-superior-dn=OU=users,DC=demisto,DC=int
+```
+
+##### Human Readable Output
+```
+"username" was successfully moved to "OU=users,DC=demisto,DC=int"
+```
+
 ### ad-get-user
 ***
 Retrieves detailed information about a user account. The user can be specified by name, email address, or as an Active Directory Distinguished Name (DN). If no filter is specified, all users are returned.

Packs/Active_Directory_Query/ReleaseNotes/1_5_9.md

@@ -0,0 +1,4 @@
+
+#### Integrations
+##### Active Directory Query v2
+- Added the ***ad-modify-user-ou*** command that modifies the user organizational unit within a domain.