Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This example describes the process for creating a user account manually. It corresponds to the "Create an Account" use case that is described in section 2.5.1. After the account is created, the protocol client publishes presence information for the account to the associated relay server, which corresponds to the "Publish Presence Status" use case that is described in section 2.5.2.
In this example, an administrator has added the user to a domain on the management server. The user has an account configuration code and the URL of the management server.
The protocol client communicates with the management server by using the Client to Management Server Groove SOAP Protocol, as described in [MS-GRVSPCM]. The protocol client publishes presence information to the relay server by using the Wide Area Network Device Presence Protocol (WAN DPP), as described in [MS-GRVWDPP].
The following steps describe the process for creating an account manually, and assume that no errors occur during the process:
The user installs and starts the protocol client.
The protocol client detects that the user is not configured to create an account automatically and displays the UI for creating an account manually.
The user enters the account configuration code and the URL of the management server.
The protocol client receives and validates the information entered by the user. If there are any errors in the information, the protocol client prompts the user for the correct information.
The protocol client sends a KeyActivation request, as described in [MS-GRVSPCM], to the management server. The request contains the user’s account configuration code.
The management server receives the request and uses the account configuration code to find the user in the user database.
The management server returns a KeyActivationResponse success message to the protocol client. The message includes the user’s identity, domain, and usage policies.
The protocol client receives the response from the management server, creates the user’s account and associates the account with the user’s identity, domain, and usage policies.
The protocol client sends a CreateAccount request, as described in [MS-GRVSPCM], to the management server to register the user’s account with the account GUID.
The management server receives the account registration request and registers the user’s account in the database.
The management server returns a CreateAccountResponse success message to the protocol client.
The protocol client sends a ManagedObjectInstall message, as described in [MS-GRVSPCM], to the management server to indicate that the user’s identity and usage policies were installed on the protocol client.
The management server returns a ManagedObjectInstallResponse success message to the protocol client.
The protocol client sends a DomainEnrollment request, as described in [MS-GRVSPCM], to the management server to activate the user in the domain.
The management server receives the request and activates the user in the domain. It also signs the data for the user’s identity with the domain certificate.
The management server returns a DomainEnrollmentResponse success message to the protocol client. The message includes the signed data for the user’s identity.
The protocol client receives the response and updates the user’s identity with the signed data.
The protocol client sends a Publish message, as described in [MS-GRVWDPP], to the relay server that is associated with the account. This message changes the status of the account to online.
The protocol client notifies the user that the account was created successfully and is ready to use.
If an error occurs during the account creation process, the user’s account is not created and the protocol client notifies the user of the error. The user can then start the account creation process again.
If the protocol client cannot connect to the management server, the user’s account cannot be created and the protocol client displays an error message to the user. It is possible that the user entered an incorrect URL for the management server.
The following diagram illustrates the message sequence for this example.
Figure 24: Message sequence for creating an account manually
The following diagram illustrates the state of system components during the account creation process.
Figure 25: Component states during the account creation process