Introduction to Active Directory
Active Directory is a
directory service used to store information about the network resources across a
domain.
An
Active Directory (AD) structure is a hierarchical framework of
objects. The objects fall into three broad categories: resources (e.g.
printers), services (e.g.
e-mail) and users (accounts, or users and groups). The AD provides information on the objects, organizes the objects, controls access and sets security.
Each object represents a single entity — whether a user, a computer, a printer, or a group — and its attributes. Certain objects can also be containers of other objects. An object is uniquely identified by its name and has a set of attributes — the characteristics and information that the object can contain — defined by a schema, which also determines the kind of objects that can be stored in the AD. Active Directory is an implementation of
LDAP directory services by
Microsoft for use primarily in
Windows environments. The main purpose of Active Directory is to provide central authentication and authorization services for Windows based computers.
Axapta 4.0 uses AD for the users. It checks for the user crendentials and the domain from the AD.
Important Classes for AD :
ADObject
xAxaptauserManager
xAxaptaUserdetails
Here is the small example to get the user information from the AD.
Copy the job and run the job by passing valid network alias.
static void ActiveDirectory_example(Args _args)
{
AdObject adUser = new AdObject("sreenathreddy.g");// provide the network alias from the users table .
str firstName;
str middleName;
str mail;
#define.givenName (‘givenName’)
#define.middleName (‘middleName’)
#define.mail (‘mail’)
;
if ( !adUser )
{
checkFailed("Active dirtectory integration not available or OS account of the alias provided is incorrect");
}
else if ( adUser.found() )
{
firstName = adUser.getValue(#givenName);
middleName = adUser.getValue(#middleName’);
mail = adUser.getValue(#mail);
print firstname;
print middlename;
print mail;
pause;
}
}
Another way of validating the domain/ check whether user is enabled.
This job gets the user related information only if domain is correct and user is enabled…
static void validateDomain_getDetails(Args _args)
{
xAxaptauserManager um = new xAxaptauserManager();
xAxaptaUserdetails userdetails;
;
if(um.validateDomain(‘Domain’))
{
userdetails = um.getDomainUser(‘Domain,’sreenathreddy’);
if(userdetails.isUserEnabled(0))
{
print userdetails.getUserName(0);
print userdetails.getUserMail(0);
print userdetails.getUserSid(0);
pause;
}
}
}
How to create an active directory user:
I have done it by writing piece of code in c#.
I created a class library by name ADCreateUser and created user in AD by setting up the password through code in c#.
Here i am providing the code below of ADCreateUser.cs
Note: password is set in the code itself..please lookin to "SetPassword" code and set your password accordingly
using System;
using System.Collections.Generic;
using System.Text;
using System.DirectoryServices;
namespace ADCreateUser
{
public class CreateUser
{
public string createADUser(string _userId, string _userName, string _firstName, string _lasteName, string _emailId)
{
try
{
String RootDSE;
DirectorySearcher DSESearcher = new DirectorySearcher();
RootDSE = DSESearcher.SearchRoot.Path;
RootDSE = RootDSE.Insert(7, "CN=Users,");
DirectoryEntry myDE = new DirectoryEntry(RootDSE);
DirectoryEntries entries = myDE.Children;
DirectorySearcher search = new DirectorySearcher();
search.Filter = String.Format("(SAMAccountName={0})", _userId);
SearchResult result = search.FindOne();
if (result == null)
{
DirectoryEntry user = entries.Add("CN=" + _userId, "user");
using (user)
{
user.Properties["DisplayName"].Value = _userName;
if (_firstName != "")
{
user.Properties["GivenName"].Value = _firstName;
}
if (_lasteName != "")
{
user.Properties["SN"].Value = _lasteName;
}
user.Properties["sAMAccountName"].Value = _userId;
user.Properties["userPrincipalName"].Value = _userId;
if (_emailId != "")
user.Properties["mail"].Value = _emailId;
user.CommitChanges();
// User has to be saved prior to this step
user.Invoke("SetPassword", new object[] { "mypassword" });
// Create and enable a ADS_UF_NORMAL_ACCOUNT
user.Properties["userAccountControl"].Value = 0×200;
user.CommitChanges();
return "Ok";
}
}
else
return "The specified user id exists"; //User exists
}
catch (DirectoryServicesCOMException ex)
{
return ex.InnerException.Message;
}
catch (Exception ex)
{
return ex.Message;
}
}
Now all you have to do is to build the code and take the dll of the class library from Bin folder
Copy paste the dll in to Axapta client\ Bin folder
Now in the AOT->References -> Add new reference -> select the above pasted dll from the bin of Axapta client
Thats it… simple…create a small job in Axapta to invoke the ADcreateUser method
public static void createADuser(Args _args)
{
ADCreateUser.CreateUser objad = new ADCreateUser.createUser();
objad.ADcreateUser("userId","userName","firstName", "lasteName","emailId") // pass all the parameters
info("user created in AD");
}