Similar to issue described here: http://connect.nintex.com/forums/thread/13027.aspx. The difference is I'm trying to remove a user from a group versus adding a user to a group.
I have a workflow that is trying to remove a user from all their AD groups as a part of a Termination Process.
I have the LDAP Query returning the memberOf attribute to a Collection as described in http://connect.nintex.com/forums/thread/27976.aspx
I have a For each task that loops through each of the ldap strings in the memberOf collection and runs a Remove user from AD group task. Both the sAMAccountName and group are workflow variables.
Whenever I run the workflow I receive the following error:
Unable to find Active Directory object 'CN=Foo,OU=Bar,OU=ES,OU=Some,DC=Contoso,DC=local' in location 'LDAP://DC=Contoso,DC=local'.
I have tried to parse the sAMAccountName into a person variable and that didn't work. I also tried the same with the group variable without success. I've also used RegEx to extract just the group name without success. It is like the Remove AD user task isn't searching the LDAP sub-tree.
I know the sAMAccountName variable works because I have a Update AD User task that moves the user to a different OU and a Decomission AD user task that disables the user account after the For Each group loop that work without any issues.
Any help is greatly appreciated.