3.1 Example 1: Active Directory: Account Creation New UI

This example describes the requests made when the user on an end-user client computer fills in the email address and display name, and then clicks the "OK" button on the Create Active Directory Account dialog to create a new Active Directory user account. The main member protocol used in this sequence is [MS-WSSFO] covering the stored procedures listed in the following steps. The sequence diagram has been broken into three figures because of size limitations. The three figures in this section represent a single sequence. This specific example is for Active Directory operations involving Windows SharePoint Services 3.0.

Account Creation New UI, steps 1 through 22

Figure 5: Account Creation New UI, steps 1 through 22

Account Creation New UI, steps 23 through 43

Figure 6: Account Creation New UI, steps 23 through 43

Account Creation New UI, steps 44 through completion

Figure 7: Account Creation New UI, steps 44 through completion

This scenario uses the Windows SharePoint Services user interface (UI) to create a new account for a user. It assumes that a user on an end-user client computer has selected the Add Users option on the people.aspx page under the New button. The user then clicks the Create button under the Users/Groups dialog, and fills in a valid email address and display name for a user who has never existed in this site collection. The following trace is then initiated when the user clicks the OK buttons on both the Create Active Directory Account page and the Add Users: Team Site page to add a new user to Active Directory.

The following actions happen:

  1. The user clicks the OK button, which causes the end-user client to start the UserAdd process via a page to post back to the front-end web server to verify that the new user isn't currently defined.

  2. The front-end web server first gathers information about the current environment by calling the proc_GetTpWebMetadataAndListMetadata stored procedure.

  3. The back-end database server returns the following eight result sets:

    • Web URL Result Set, which returns the store-relative URL of the root of the site.

    • Domain Group Cache Versions Result Set, which returns information about the version numbers associated with the domain group map cache for this site.

    • Domain Group Cache WFE Update Result Set, which returns binary data needed to refresh the domain group map cache.

    • Site Metadata Result Set, which returns specialized site (2) metadata.

    • Event Receivers Result Set, which returns information about the event receivers defined for the site.

    • Site Feature List Result Set, which returns a list of default feature identifiers for the site collection that contains this site.

    • Site Feature List Result Set, which returns a list of feature identifiers for this site (2).

    • Empty Result Set, which is a placeholder set returned because the site has no cached navigation scope information.

  4. The front-end web server calls the proc_SecUpdateUserActiveStatus stored procedure to update the list of active users for the site (2).

  5. The front-end web server continues collecting information about the current user list by calling the proc_GetListMetadataAndEventReceivers stored procedure using the Tabular Data Stream (TDS) protocol, as specified in [MS-TDS].

  6. The back-end database server returns the following two result sets:

    • List Metadata Result Set, which returns the metadata associated with this list.

    • Event Receivers Result Set, which returns information about the event receivers defined for this list (1).

  7. The front-end web server checks for the existence of the new account by calling the proc_SecGetAccountStatus stored procedure.

  8. The back-end database server returns an Account Status Result Set with zero rows, indicating that the email address has not yet been used in this site collection.

  9. The front-end web server gathers further information about the current count of registered users by calling the proc_SecGetCurrentUsersCount stored procedure.

  10. The back-end database server returns the User Count Result Set to indicate the number of users registered with this site collection and any quota information.

  11. The front-end web server verifies that the UserID to be created does not exist in the deleted user list by calling the proc_SecCheckDeletedAccounts stored procedure.

  12. The back-end database server returns the Login Result Set with zero results, indicating the UserID does not yet exist.

  13. The front-end web server gathers further information about the current site (2) by calling the proc_GetSiteMapById stored procedure.

  14. The back-end database server returns the Site Map By Id Result Set with one row of data on the current site (2).

  15. The front-end web server makes an Lightweight Directory Access Protocol (LDAP) AddRequest to the domain controller (DC) to add a user object with the supplied information.

  16. The DC sends an LDAP AddResponse indicating a successful insertion.

  17. The front-end web server makes an LDAP Search request to the DC to confirm that the recently added user object exists.

  18. The DC sends an LDAP Search response indicating that the user object exists.

  19. The front-end web server builds a transactional dynamic SQL query that performs the following tasks:

    1. The query begins a new SQL transaction.

    2. The proc_SecAddUser stored procedure is executed to add the requesting user to Active Directory environment.

    3. In the event of any error, the transaction is rolled back, and the final select statement is returned.

    4. If the new user account does not already exist, it is added to the user list using the proc_AddListItem stored procedure.

    5. In the event of any error, the transaction is rolled back, and the final select statement is returned.

    6. The transaction is committed, and the final select statement is returned with the variables used to create the new User account.

  20. The back-end database server returns a dynamic SQL result set, indicating that the new user account has been successfully added, and displaying the variables used when creating the new account.

  21. The front-end web server then makes an LDAP Search request to the DC to request attributes for the recently added user object.

  22. The DC sends an LDAP Search response indicating the additional user object attributes.

  23. The front-end web server then makes an LDAP Modify request to the DC to modify the mail attribute for the added user object.

  24. The DC sends an LDAP Modify response indicating the successful attribute change.

  25. The front-end web server verifies the availability of the new account's email address by calling the proc_SecGetPrincipalByE-mail stored procedure.

  26. The back-end database server returns the Principal User Information Result Set, containing information about the user associated with the specified email address.

  27. Control is passed back to the end-user client on the Add Users page, with the new user listed in the Users/Groups dialog box.

  28. The User clicks OK on the Add Users page to add the newly created user to the site group (section 2.9.1.5).

  29. The front-end web server requests status data by calling the proc_GetTpWebMetadataAndListMetadata stored procedure.

  30. The back-end database server returns the following 14 result sets:

    • Web URL Result Set, which returns the URL of the root of the site (2).

    • Domain Group Cache Versions Result Set, which returns information about the version numbers associated with the domain group map cache for this site (2).

    • Domain Group Cache WFE Update Result Set, which returns binary data needed to refresh the domain group map cache.

    • Site Metadata Result Set, which returns specialized site metadata.

    • Event Receivers Result Set, which returns information about the event receivers defined for this site (2).

    • Site Category Result Set, which returns categories of this site (2).

    • Site Metainfo Result Set, which returns the specialized site metadata.

    • Site Feature List Result Set, which returns a list of default feature identifiers for the site collection that contains this site (2).

    • Site Feature List Result Set, which returns a list of feature identifiers of this site (2).

    • Empty Result Set, which is a placeholder set returned because the site (2) has no cached navigation scope information.

    • List Metadata Result Set, which returns the metadata associated with the specified document list.

    • NULL Unique Permissions Result Set, which is a placeholder set returned because the list has no individual list permissions.

    • Event Receivers Result Set, which returns information about the event receivers defined for this document list (1).

    • List Web Parts Result Set, which returns information about the list Web Parts defined for this document list.

  31. The front-end web server requests information about the new account by calling the proc_SecResolvePrincipal stored procedure.

  32. The back-end database server returns the Principal Information Result Set with a single row containing basic information about the user.

  33. The front-end web server creates a dynamic SQL query, which selects information from the UserData view joined with the Docs view.

  34. The back-end database server returns a dynamic SQL result set, which contains one row of data with the new user account information.

  35. The front-end web server creates a dynamic SQL query, which selects information from Sec_SiteGroupsView.

  36. The back-end database server returns a dynamic SQL result set with all site group membership levels.

  37. The front-end web server creates a dynamic SQL query to check the requesting user permissions for this activity by calling the proc_SecGetUserPermissionOnGroup stored procedure.

  38. The back-end database server returns a dynamic SQL result set representing the permission levels of the calling user.

  39. The front-end web server calls the proc_SecUpdateUserActiveStatus stored procedure to update the list of active users for the site (2).

  40. The front-end web server requests the account status for the new account by calling the proc_SecGetAccountStatus stored procedure.

  41. The back-end database server returns the Account Status Result Set.

  42. The front-end web server builds a transactional dynamic SQL query which performs the following tasks:

    1. The query begins a new SQL transaction (3).

    2. The proc_SecAddUser stored procedure is executed to add the requesting user to the appropriate security groups in the Active Directory environment.

    3. In the event of any error, the transaction (3) is rolled back, and the final select statement is returned.

    4. If the new user account does not already exist, it is added to the user list using the proc_AddListItem stored procedure.

    5. In the event of any error, the transaction is rolled back and the final select statement is returned.

    6. The transaction is committed, and the final select statement is returned with the variables used to create the new user account.

  43. The back-end database server returns a dynamic SQL result set indicating the success of the add procedures and the variables used in the new account.

  44. The front-end web server builds a transactional dynamic SQL query, which performs the following tasks:

    1. The query begins a new SQL transaction (3).

    2. The proc_AddListItem stored procedure is executed to add the new user account to the appropriate Windows SharePoint Services list.

    3. In the event of any error, the transaction (3) is rolled back and the final select statement is returned.

    4. The new user account is updated, using the proc_UpdateListItem stored procedure with additional user data as necessary.

    5. In the event of any error, the transaction is rolled back and the final select statement is returned.

    6. The transaction is committed, and the final select statement is returned with the variables used to create the new user account.

  45. The back-end database server returns a dynamic SQL result set with information about the newly created user.

  46. The front-end web server creates a dynamic SQL query to either add the user data by calling the proc_AddListItem stored procedure, or to update the user data by calling the proc_UpdateListItem stored procedure.

  47. The back-end database server returns the following two result sets:

    • Item Update Result Set, which returns pertinent information about the update.

    • Dynamic SQL Result Set, which returns the output status value from the update.

  48. The front-end web server can now add the new user account to the appropriate site group by calling the proc_SecAddUserToSiteGroup stored procedure.

  49. The back-end database server responds with a return code, but no result sets are returned.

  50. The front-end web server requests further status data by calling the proc_GetTpWebMetadataAndListMetadata stored procedure.

  51. The back-end database server returns the following 14 result sets:

    • Web URL Result Set, which returns the URL of the root of the site (2).

    • Domain Group Cache Versions Result Set, which returns information about the version numbers associated with the domain group map cache for this site (2).

    • Domain Group Cache WFE Update Result Set, which returns binary data needed to refresh the domain group map cache.

    • Site Metadata Result Set, which returns specialized site metadata.

    • Event Receivers Result Set, which returns information about the event receivers defined for this site (2).

    • Site Category Result Set, which returns categories of this site (2).

    • Site Metainfo Result Set, which returns the specialized site metadata.

    • Site Feature List Result Set, which returns a list of default feature identifiers for the site collection that contains this site (2).

    • Site Feature List Result Set, which returns a list of feature identifiers of this site (2).

    • Empty Result Set, which is a placeholder set.

    • List Metadata Result Set, which returns the metadata associated with the specified document list (1).

    • NULL Unique Permissions Result Set, which is a placeholder set.

    • Event Receivers Result Set, which returns information about the event receivers defined for the document list (1).

    • List Web Parts Result Set, which returns information about the list (1) Web Parts defined for this document list (1).

  52. The front-end web server creates a dynamic SQL query selecting all information from the Sec_SiteGroupsView view for this site (2) to generate the final website (2) display.

  53. The back-end database server returns a dynamic SQL result set with all site group membership levels.

  54. The front-end web server creates a dynamic SQL query, selecting information from the UserData view, Docs view, and AllUserData view for details on the website (2) display.

  55. The back-end database server returns a dynamic SQL result set of user data as it applies to the current display.

  56. The front-end web server creates a dynamic SQL request for user permission information by calling the proc_SecGetUserPermissionOnGroup stored procedure.

  57. The back-end database server returns a dynamic SQL result set representing the permission levels of the calling user.

  58. The front-end web server creates a dynamic SQL request for information from the UserData view and Docs view for website (2) display.

  59. The back-end database server returns a dynamic SQL result set of user data as it applies to the current display.

  60. Control is then returned to the UI.

  • Last updated on