IAdmTop

The IAdmTop interface represents the base interface for accessing any ADSI object defining the properties and methods common for any such object. Any ADSI object in Adaxes implements this interface.

You can use the IAdmTop interface to:

  • Obtain a snapshot (i.e. a serialized instance of any object) from the directory loading only the properties that you need and manage such properties locally via the IAdmObjectSnapshot interface.
  • Retrieve a modification log of any object.
  • Update the ADS path of an object when such a path becomes invalid.
  • Retrieve such information on an object as the list of its ancestors or a list of the groups the object is an indirect or direct member of.
  • Get the user object that was used to bind to a specific object in the directory.
  • Execute a script, custom command or scheduled task on an object.

Inheritance: IADs

Methods

  • Method

  • Description

  • GetModificationLog()

  • Returns the object modification log.

  • GetSnapshot()

  • Loads the properties specified in the properties parameter from the directory and returns a snapshot of the current object.

  • GetPropertyValue()

  • Returns the value of the given property.

  • GetPropertyValues()

  • Returns the value of the given property. Unlike the GetPropertyValue method, this method always returns property values as an array.

  • SetInfo2()

  • Persists the changes made on the object to the directory.

  • SetInfoEx()

  • Persists the changes of the specified properties to the directory.

  • SetInfoEx2()

  • Persists the changes of the specified properties to the directory.

  • UpdateAdsPath()

  • Updates the ADS path of the object if the path is invalid.

  • RunScript()

  • Runs the specified script for the object.

  • ExecuteCustomCommand()

  • Executes a custom command with the given parameters on the object.

  • ExecuteScheduledTask()

  • Runs the given scheduled task on the object.

Properties

  • Property

  • Description

  • DirectMemberOf

  • Gets an array of group GUIDs the object is a direct member of.

  • MemberOf

  • Gets an array of GUIDs of all the groups the object is a direct or indirect member of.

  • Ancestors

  • Gets an array of GUIDs of the ancestors of the object.

  • BoundAs

  • Gets the user whose credentials were used to bind to the object.

  • DirectoryType

  • Gets the directory type of the object.

  • AzureId

  • Gets the unique identifier of the object in Microsoft Entra ID.

Details

GetModificationLog()

Returns the object modification log. The log is represented by the IAdmModificationLog interface, which allows you to retrieve log entries of any changes that were performed on the current IAdmTop object.

IAdmModificationLog GetModificationLog()

Remarks

Note that log records for this object will only be available when the IAdmModificationLog::Enabled property is set to true.

Examples

The following code sample outputs all operations performed on a user account.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the target user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Get modification log
$modificationLog = $user.GetModificationLog()

# Get all log records
$log = $modificationLog.Log
$pageCount = $log.PageCount

for ($i = 0; $i -lt $pageCount; $i++)
{
    # Get the current page of log records
    $logRecords = $log.GetPage($i)

    # Output information contained in each record
    foreach ($record in $logRecords)
    {
        Write-Host "Target object name: " $record.TargetObjectName
        Write-Host "Description of operation: " $record.Description
        Write-Host "Target object type: " $record.TargetObjectType
        Write-Host "Initiator name: " $record.Initiator.Name
        Write-Host "Start time: " $record.StartTime.DateTime
        Write-Host "Completion time: " $record.CompletionTime.DateTime
        Write-Host
    }
}
C#
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.Logging;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the target user
        const string userPath = "Adaxes://CN=John Smith,DC=domain,DC=com";
        IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0);

        // Get modification log
        IAdmModificationLog modificationLog = user.GetModificationLog();

        // Get all log records
        IAdmLog log = modificationLog.Log;
        int pageCount = log.PageCount;

        for (int i = 0; i < pageCount; i++)
        {
            // Get the current page of log records
            IAdmLogRecords logRecords = log.GetPage(i);

            // Output information contained in each record
            foreach (IAdmLogRecord record in logRecords)
            {
                IAdmLogRecord record2 = (IAdmLogRecord)record;
                Console.WriteLine("Target object name: {0}", record2.TargetObjectName);
                Console.WriteLine("Description of operation: {0}", record.Description);
                Console.WriteLine("Target object type: {0}", record2.TargetObjectType);
                Console.WriteLine("Initiator name: {0}", record.Initiator.Name);
                Console.WriteLine("Start time: {0}", record.StartTime);
                Console.WriteLine("Completion time: {0}", record.CompletionTime);
                Console.WriteLine();
            }
        }
    }
}

GetSnapshot()

Loads the properties specified in the properties parameter from the directory and returns a snapshot of the current object. A snapshot is a serialized object that is not bound to the directory and contains the properties specified (provided that they exist in the directory). You can further use the retrieved IAdmObjectSnapshot interface to manage the loaded object properties locally.

IAdmObjectSnapshot GetSnapshot(string[] properties)

Parameters

The properties parameter contains an array of string entries representing the names of the properties that will be loaded.


GetPropertyValue()

Returns the value of the given property. For a multi-valued property, the method returns an array containing values of the property. If the property is empty, the method returns null.

object GetPropertyValue(string propertyName)

Parameters

The propertyName parameter specifies the name of the property as defined in your directory schema.

Remarks

You can also use method GetPropertyValues to retrieve property values. The GetPropertyValues method returns property values as an array, regardless of whether the property is single-valued or multi-valued.


GetPropertyValues()

Returns the value of the given property. Unlike the GetPropertyValue method, this method always returns property values as an array. For a single-valued property, the method returns an array of a single element. If the property is empty, the method returns null.

object[] GetPropertyValues(string propertyName)

Parameters

The propertyName parameter specifies the name of the property as defined in your directory schema.


SetInfo2()

Persists the changes made on the object to the directory. This method allows any value references specified in the object properties to be resolved.

void SetInfo2(ADM_SETINFOPARAMS_ENUM resolveValueRef)

Parameters

The resolveValueRef parameter determines whether value references must be resolved on the server side prior to saving changes to the directory. When set to ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES, all value references contained in object properties are resolved. Otherwise, when set to ADM_SETINFOPARAMS_NONE, value references will not be resolved.

Examples

The following code sample sets the description of a user to the value of the Job Title property.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Update the description
$user.Put("description", "%title%")

# Save changes
$user.SetInfo2("ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES")
C#
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the user
        const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";
        IADs user = (IADs) service.OpenObject(userPath, null, null, 0);

        // Update the description
        user.Put("description", "%title%");

        // Save changes
        IAdmTop user2 = (IAdmTop) user;
        user2.SetInfo2(ADM_SETINFOPARAMS_ENUM.ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES);
    }
}

SetInfoEx()

Persists the changes of the specified properties to the directory.

void SetInfoEx(string[] properties)

Parameters

The properties parameter contains an array of string entries listing the property names to persist.


SetInfoEx2()

Persists the changes of the specified properties to the directory. This method allows any value references specified in the object properties to be resolved.

void SetInfoEx2(string[] properties, ADM_SETINFOPARAMS_ENUM resolveValueRef)

Parameters

  • properties - An array of string entries listing the property names to persist.
  • resolveValueRef - Determines whether value references must be resolved on the server side prior to saving changes to the directory. When set to ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES, all value references contained in object properties are resolved. Otherwise, when set to ADM_SETINFOPARAMS_NONE, value references will not be resolved.

UpdateAdsPath()

Updates the ADS path of the object if the path is invalid. An ADS path becomes invalid when an object is renamed or moved, for example.

void UpdateAdsPath()

Examples

The following code sample moves a user to another organizational unit and outputs the updated ADS path.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the target organizational unit
$targetOUDN = "OU=TargetOU,DC=domain,DC=com"
$targetOU = $service.OpenObject("Adaxes://$targetOUDN",`
    $null, $null, 0)

# Bind to the user
$userDN = "CN=John Smith,OU=SourceOU,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN",`
    $null, $null, 0)

# Move the user to the organizational unit
$targetOU.MoveHere($user.AdsPath, $null) | Out-Null

# ADS path of the user before update
Write-Host "Old user AdsPath: " $user.AdsPath

# Update ADS path
$user.UpdateAdsPath()

# Resulting ADS path
Write-Host "New user AdsPath: " $user.AdsPath
C#
using System;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the target organizational unit
        const string targetOUPath = "Adaxes://CN=TargetOU,DC=domain,DC=com";
        IADsContainer targetOU = (IADsContainer) service.OpenObject(
            targetOUPath, null, null, 0);

        // Bind to the user
        const string userDN = "CN=John Smith,OU=SourceOU,DC=domain,DC=com";
        IAdmTop user = (IAdmTop) service.OpenObject("Adaxes://" + userDN, null, null, 0);

        // Move the user to the organizational unit
        targetOU.MoveHere(user.ADsPath, null);

        // ADS path of the user before update
        Console.WriteLine("Old user AdsPath: {0}", user.ADsPath);

        // Update ADS path
        user.UpdateAdsPath();

        // Resulting ADS path
        Console.WriteLine("New user AdsPath: {0}", user.ADsPath);
    }
}

RunScript()

Runs the specified script for the object. The text of the script can contain value references. Before executing a script, Adaxes will replace value references with corresponding property values of the directory object on which the script is executed.

void RunScript(ADM_SCRIPTTYPE_ENUM scriptType,
               string scriptText,
               string scriptDescription,
               string username,
               string password)

Parameters

  • scriptType - Controls whether the text specified in the scriptText parameter is a text of a PowerShell script (when set to ADM_SCRIPTTYPE_POWERSHELL) or a command line that should be executed (when set to ADM_SCRIPTTYPE_PROGRAM).
  • scriptText - Contains either the text of a PowerShell script to execute, or a command line to be run, depending on the value of the scriptType parameter.
  • scriptDescription - Contains a description of the script passed by the scriptText parameter.
  • username - Specifies the username of the user whose credentials will be used to launch the script. Pass null to use the username of the currently logged on user.
  • password - Specifies the password to the account specified in the username parameter. Pass null if you want to use the credentials of the currently logged on user.

Examples

The following code sample runs a script to export specific properties of a user to a CSV file.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Script for CSV export
$scriptBlock = {
    $htable = @{FirstName="%firstname%";LastName="%lastname%";Department="%department%";}
    $userObj = New-Object PSObject -Property $htable

    $userObj | Export-Csv "C:\New users\%username%.csv" -NoTypeInformation
}

# Run the script for the user
$user.RunScript("ADM_SCRIPTTYPE_POWERSHELL", $scriptBlock.ToString(), "Export to CSV", $null, $null)
C#
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
    // Connect to the Adaxes service
    AdmNamespace ns = new AdmNamespace();
    IAdmService service = ns.GetServiceDirectly("localhost");

    // Bind to the user
    const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";
    IAdmTop user = (IAdmTop)service.OpenObject(userPath, null, null, 0);

    // Script for CSV export
    const string scriptBlock = @"
    $htable = @{FirstName=""%firstname%"";LastName=""%lastname%"";Department=""%department%"";}
    $userObj = New-Object PSObject -Property $htable

    $userObj | Export-Csv ""C:\New users\%username%.csv"" -NoTypeInformation";

    // Run the script for the user
    user.RunScript(ADM_SCRIPTTYPE_ENUM.ADM_SCRIPTTYPE_POWERSHELL, scriptBlock, "Export to CSV", null, null);
    }
}

ExecuteCustomCommand()

Executes a custom command with the given parameters on the object.

void ExecuteCustomCommand(string customCommandId, IAdmCustomCommandArguments arguments)

Parameters

  • customCommandId - Specifies the unique identifier of the custom command to be executed. To get the identifier, use the IAdmCustomCommand::CommandID property.
  • arguments - Specifies arguments for custom command execution. To create an instance of custom command arguments, use the IAdmCustomCommand::CreateArguments method.

Examples

The following code sample executes a custom command with specified arguments on all users in an Organization Unit.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

# Bind to the custom command
$commandDN = "CN=My Command,CN=Custom Commands,CN=Configuration Objects,"+
    "CN=Adaxes Configuration,CN=Adaxes"
$command = $service.OpenObject("Adaxes://$commandDN", $null, $null, 0)

# Specify arguments for command execution
$commandArguments = $command.CreateArguments()
$commandArguments.SetParameterValue("MyParameter", "MyValue")

# Bind to the organizational unit
$containerDN = "OU=My OU,DC=domain,DC=com"
$container = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0)

# Execute the custom command for all users in the organizational unit
$container.Filter = @("user")

foreach ($user in $container)
{
    $user.ExecuteCustomCommand($command.CommandID, $commandArguments)
}
C#
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;
using Softerra.Adaxes.Interop.Adsi.CustomCommands;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the custom command
        const string commandPath = "Adaxes://CN=My Command,CN=Custom Commands," +
            "CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes";
        IAdmCustomCommand command = (IAdmCustomCommand)service.OpenObject(
            commandPath, null, null, 0);

        // Specify arguments for command execution
        IAdmCustomCommandArguments commandArguments = command.CreateArguments();
        commandArguments.SetParameterValue("MyParameter", "MyValue");

        // Bind to the organizational unit
        const string containerPath = "Adaxes://OU=My OU,DC=domain,DC=com";
        IADsContainer container = (IADsContainer)service.OpenObject(
            containerPath, null, null, 0);

        // Execute the custom command for all users in the organizational unit
        container.Filter = new object[] { "user" };

        foreach (IAdmTop user in container)
        {
            user.ExecuteCustomCommand(command.CommandID, commandArguments);
        }
    }
}

ExecuteScheduledTask()

Runs the given scheduled task on the object.

void ExecuteScheduledTask(string scheduledTaskId)

Parameters

The scheduledTaskId parameter specifies the unique identifier of the scheduled task to run. To get the identifier, use the IAdmScheduledTask::TaskID property.

Examples

The following code sample runs a scheduled task on all users in an Organization Unit.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

# Bind to the scheduled task
$taskDN = "CN=My Task,CN=Scheduled Tasks,CN=Configuration Objects,"+
    "CN=Adaxes Configuration,CN=Adaxes"
$task = $service.OpenObject("Adaxes://$taskDN", $null, $null, 0)

# Bind to the organizational unit
$containerDN = "OU=My OU,DC=domain,DC=com"
$container = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0)

# Run the scheduled task for all users in the organizational unit
$container.Filter = @("user")

foreach ($user in $container)
{
    $user.ExecuteScheduledTask($task.TaskID)
}
C#
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;
using Softerra.Adaxes.Interop.Adsi.ScheduledTasks;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the scheduled task
        const string taskPath = "Adaxes://CN=My Task,CN=Scheduled Tasks," +
                                "CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes";
        IAdmScheduledTask task = (IAdmScheduledTask)service.OpenObject(
            taskPath, null, null, 0);

        // Bind to the organizational unit
        const string containerPath = "Adaxes://OU=My OU,DC=domain,DC=com";
        IADsContainer container = (IADsContainer)service.OpenObject(
            containerPath, null, null, 0);

        // Run the scheduled task for all users in the organizational unit
        container.Filter = new object[] { "user" };

        foreach (IAdmTop user in container)
        {
            user.ExecuteScheduledTask(task.TaskID);
        }
    }
}

DirectMemberOf

Gets an array of group GUIDs the object is a direct member of. Each GUID is stored in the form of an array of byte (Byte[]), and the parameter itself is an array of arrays of byte (Byte[][]).

  • Type:
  • Object
  • Access:
  • Read-only

Examples

The following code sample outputs all groups a user is a direct member of.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the target user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Get GUIDs of all groups the user is a direct member of
$groupGuidsBytes = $user.DirectMemberOf

Write-Host "Group names:"
foreach ($groupGuidBytes in $groupGuidsBytes)
{
    # Bind to the group
    $guid = [Guid]$groupGuidBytes
    $guidPath = "Adaxes://<Guid=$guid>"
    $group = $service.OpenObject($guidPath, $null, $null, 0)

    # Get the group name
    Write-Host "`t" $group.Get("name")
}
C#
using System;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the target user
        const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";
        IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0);

        // Get GUIDs of all groups the user is a direct member of
        object[] groupGuidsBytes = (object[]) user.DirectMemberOf;

        Console.WriteLine("Group names:");
        foreach (Byte[] groupGuidBytes in groupGuidsBytes)
        {
            // Bind to the group
            string guid = new Guid(groupGuidBytes).ToString("B");
            string guidPath = string.Format("Adaxes://<GUID={0}>", guid);
            IADs group = (IADs) service.OpenObject(guidPath, null, null, 0);

            // Output the group name
            Console.WriteLine("\t{0}", group.Get("name"));
        }
    }
}

MemberOf

Gets an array of GUIDs of all the groups the object is a direct or indirect member of. Each GUID is stored in the form of an array of byte (Byte[]), and the parameter itself is an array of arrays of byte (Byte[][]).

  • Type:
  • Object
  • Access:
  • Read-only

Examples

The following code sample outputs all groups a user is a member of (including direct and indirect membership).

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the target user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Get GUIDs of all groups the user is a member of (via direct and indirect membership)
$groupGuidsBytes = $user.MemberOf

Write-Host "Group names:"
foreach ($groupGuidBytes in $groupGuidsBytes)
{
    # Bind to the group
    $guid = [Guid]$groupGuidBytes
    $guidPath = "Adaxes://<Guid=$guid>"
    $group = $service.OpenObject($guidPath, $null, $null, 0)

    # Output the group name
    Write-Host "`t" $group.Get("name")
}
C#
using System;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the target user
        const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";
        IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0);

        // Get GUIDs of all groups the user is a member of (via direct and indirect membership)
        object[] groupGuidsBytes = (object[]) user.MemberOf;

        Console.WriteLine("Group names:");
        foreach (Byte[] groupGuidBytes in groupGuidsBytes)
        {
            // Bind to the group
            string guid = new Guid(groupGuidBytes).ToString("B");
            string guidPath = string.Format("Adaxes://<GUID={0}>", guid);
            IADs group = (IADs) service.OpenObject(guidPath, null, null, 0);

            // Output the group name
            Console.WriteLine("\t{0}", group.Get("name"));
        }
    }
}

Ancestors

Gets an array of GUIDs of the ancestors of the object. The GUIDs are ordered in the array in such a manner that the GUID of the first parent object is the first element and the GUID of the top ancestor is the last one. Each GUID is stored in the form of an array of byte (Byte[]), and the parameter itself is an array of arrays of byte (Byte[][]).

  • Type:
  • Object
  • Access:
  • Read-only

Examples

The following code sample checks whether a user is a descendant of a specific organizational unit.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the user
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Bind to the organizational unit
$containerDN = "OU=New York,DC=domain,DC=com"
$container = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0)

# Get the GUID and the name of the organizational unit
$containerName = $container.Get("name")
$containerGuid = [Guid]$container.Get("objectGuid")

foreach ($ancestorGuid in $user.Ancestors)
{
    if ([Guid]$ancestorGuid -ne $containerGuid)
    {
        continue
    }

    Write-Host "User is a descendant of '$containerName'"
    return
}

Write-Host "User is not a descendant of '$containerName'"
C#
using System;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;
class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the user
        const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";
        IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0);

        // Get GUIDs of all ancestors of the user
        object[] ancestorGuidsByte = (object[]) user.Ancestors;

        // Bind to the organizational unit
        const string containerPath = "Adaxes://OU=New York,DC=domain,DC=com";
        IADs container = (IADs) service.OpenObject(containerPath, null, null, 0);

        // Get the GUID and the name of the organizational unit
        string containerName = (string) container.Get("name");
        byte[] containerGuidBytes = (byte[]) container.Get("objectGuid");
        Guid containerGuid = new Guid(containerGuidBytes);

        foreach (byte[] ancestorGuidBytes in ancestorGuidsByte)
        {
            Guid ancestorGuid = new Guid(ancestorGuidBytes);
            if (ancestorGuid != containerGuid)
            {
                continue;
            }

            Console.WriteLine("User is a descendant of '{0}'", containerName);
            return;
        }

        Console.WriteLine("User is not a descendant of '{0}'", containerName);
    }
}

BoundAs

Gets the user whose credentials were used to bind to the object.

  • Type:
  • IADs
  • Access:
  • Read-only

DirectoryType

Gets the directory type of the object.


AzureId

Gets the unique identifier of the object in Microsoft Entra ID. For an Active Directory object, the property gets the identifier in the Microsoft 365 tenant the object is associated with.

  • Type:
  • string
  • Access:
  • Read-only

Remarks

For Active Directory objects not associated with any Microsoft 365 tenant, the property is null.

Examples

The following code sample outputs display names of the Microsoft Entra groups a user is a member of.

$userId = $user.AzureId

$groups = Get-MgUserMemberOf -UserId $userId
foreach ($group in $groups)
{
    Write-Host $group.AdditionalProperties.displayName
}

Requirements

Minimum required version: 2023

See also