Share via


Preferred DC Active Directory Provider

Executes Active Directory directory service operations so that they bind to a specified domain controller. Used by Microsoft Provisioning Framework (MPF).

Each procedure in this provider calls the corresponding procedure in Active Directory Provider. Each DC procedure also includes a call to the Make Path Domain Controller Specific procedure, which passes the preferred domain controller as a parameter. An actual domain controller can be passed as well.

This namespace is useful for occasions when it is necessary to execute a transaction that performs multiple operations on an Active Directory object. Using a single preferred domain controller eliminates replication delays that arise between multiple controllers. It is also useful if a transaction provisions another service that uses Active Directory, and you know which domain controller it is most likely to use. For example, if the other service is Microsoft Exchange 2000 and the Exchange server is in a particular Active Directory Site, that site's domain controller should be the preferred domain controller.

Implementation

This namespace is a wrapper for procedures in Active Directory Provider, implemented as Program Files\Microsoft Provisioning\Providers\MPFADProv.dll. It is installed whenever Active Directory Provider is installed .

Input XML Schema

The following code fragment shows the format for sending data to these procedures.

<executeData>1..1 
   <preferredDomainController>0..1</preferredDomainController> 
   <domainController>0..1</domainController> 
   <!-- other elements vary by procedure, see procedure for details --> 
</executeData>

Output XML Schema

The following code fragment shows the format for data these procedures return.

<executeData>1..1 
   <dcPath>1..1</dcPath> 
   <domainController>1..1</domainController> 
   <!-- other elements vary by procedure, see procedure for details --> 
</executeData>

Public Methods

The XML schemas for requests will be a combination of the elements in Make Path Domain Controller Specific and one of the Active Directory Provider procedures referenced below.

Active Directory Provider::Create Object

Creates an object of the specified schema class for the specified container.

Active Directory Provider::Delete Object

Deletes the specified object.

Active Directory Provider::Get DACL

Returns the discretionary access control list (DACL) for the specified object.

Active Directory Provider::Get Properties

Returns one or more properties for an object.

Active Directory Provider::Get SACL

Returns the system access control list (SACL) for the specified object.

Active Directory Provider::Group Add

Adds an object to a group.

Active Directory Provider::Group IsMember

Checks whether an object is part of the specified group.

Active Directory Provider::Group Members

Returns the members of the specified group.

Active Directory Provider::Group Remove [HMC SDK1]

Removes an object from a group.

Active Directory Provider::Move Object [HMC SDK1]

Moves the specified object.

Active Directory Provider::Rename Object [HMC SDK1]

Renames the specified object.

Active Directory Provider::Search [HMC SDK1]

Performs a directory search.

Active Directory Provider::Set Properties [HMC SDK1]

Sets one or more properties for an object.

Active Directory Provider::Update ACL

Updates an object's security descriptor. The security descriptor consists of the discretionary access control list (DACL) that sets permissions and the system access control list (SACL) that sets auditing.

Active Directory Provider::User Change Password

Changes user passwords.

Active Directory Provider::User Groups

Lists the groups for a user.

Active Directory Provider::User Set Password

Sets a user's initial password.

Example

<request> 
  <data/> 
  <procedure> 
    <execute namespace='Preferred DC Active Directory Provider' procedure='Create Object'> 
      <executeData> 
        <preferredDomainController>dc1.ntdomain.microsoft.com</preferredDomainController> 
        <container>LDAP://CN=Users,DC=ntdomain,DC=microsoft,DC=com</container> 
        <class>user</class> 
        <name>cn=PreferredDCUser1</name> 
        <properties> 
          <property name='description'>PreferredDCUser1</property> 
          <property name='displayName'>PreferredDCUser1</property> 
          <property name='sAMAccountName'>PreferredDCUser1</property> 
        </properties> 
        <flagIgnoreAlreadyExistsError/> 
        <autoGenerateEmailAddresses>0</autoGenerateEmailAddresses> 
      </executeData> 
      <after source='executeData' destination='data' mode='merge'/> 
    </execute> 
  </procedure> 
</request>

Applies To

  • Hosted Messaging and Collaboration version 4.5

  • Hosted Messaging and Collaboration version 4.0

  • Hosted Messaging and Collaboration version 3.5

  • Hosted Messaging and Collaboration version 3.0

  • Windows-based Hosting version 4.5

  • Windows-based Hosting version 4.0

  • Windows-based Hosting version 3.5

  • Windows-based Hosting for Applications version 1.0