For a while, I didn't think there was an easy way to move an Active Directory user to a different Organizational Unit (OU) using Nintex Workflow. I thought that I'd need to write some code, maybe a web service or a custom action.
Well, it turns out there's a really easy way to do it using Nintex Workflow. Actually, a lot easier than I ever imagined.
The Update AD User action will let you do it.
Let's say your AD is set up like this. Usually, all your users are in the "Users" group there. In the root, I've create a couple of Organization Units called OU1Alpha and OU2Beta.
To move a user to OU like OU1Alpha, you simply you the above action. I believe what confused me, was the naming conventions use in the Update AD User action.
Configuration of the Update AD User Action
In the "AD fields to update", click on the Fields drop down and select "Directory location". This is the property you want to update for the user.
Then, in order to move that user to the appropriate OU, you will need the full LDAP Path. The great thing is, Nintex lets you click on the LDAP browse button and gives you a visual way of selecting the OU, through an LDAP Picker.
The awesome thing about this, is that not only can you type in an LDAP Path and not only can you select an LDAP path from the picker, but you can also use a Constant or a Variable. This really makes this action extremely dynamic, in that you may have a need to have the workflow figure out exactly what OU you want to move a user to, based on different pieces of information. As the workflow progresses, it can store the destination OU path in a variable and then use that in this action.
NOTE:This action requires an Enterprise License