IAdmAzureManagedDomain

The IAdmAzureManagedDomain interface represents a Microsoft Entra domain managed by Adaxes.

Inheritance: IAdmManagedDomain

Methods

  • Method

  • Description

  • ValidateServiceAccount()

  • Checks whether an app registration can be used to manage the Microsoft Entra domain.

  • Register()

  • Registers a Microsoft Entra domain in Adaxes or changes the app credentials if the domain is already managed.

  • GetDefaultLocation()

  • Returns the distinguished name of the organizational unit where objects are placed by default.

  • SetDefaultLocation()

  • Sets the the organizational unit where objects will be placed by default.

Properties

Details

ValidateServiceAccount()

Checks whether an app registration can be used to manage the Microsoft Entra domain. If the app registration can be used, but it doesn't have the required permissions, the method throws the DirectoryComException exception with error code ERROR_NO_SUCH_PRIVILEGE.

void ValidateServiceAccount(string tenantId,
                            string applicationId,
                            string secret,
                            AzureNationalCloud nationalCloud)

Parameters

  • tenantId – the identifier of the Microsoft Entra tenant.
  • applicationId – the identifier of the app registration.
  • secret – the client secret of the app registration.
  • nationalCloud – the Microsoft Entra national cloud.

Register()

Registers a Microsoft Entra domain in Adaxes or changes the app credentials if the domain is already managed.

void Register(string tenantId,
              string applicationId,
              string secret,
              AzureNationalCloud nationalCloud)

Parameters

  • tenantId – the identifier of the Microsoft Entra tenant.
  • applicationId – the identifier of the app registration.
  • secret – the client secret of the app registration.
  • nationalCloud – the Microsoft Entra national cloud.

Examples

The following code sample registers an Entra domain in Adaxes.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$tenantId = "9f6ad6f6-0f7c-4a8c-9f71-879bbcb6d235"
$applicationId = "0db3e0b9-6d5e-41a3-9b52-daf859129da2"
$secret = "1xYsgT7!qW94bLz@J8d#MnvP2kXeCuR0sFgUoAH3tZpLViEY6Q"
$nationalCloud = "Default"

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

# Bind to the 'Managed Domains' container.
$managedDomainsPath = $service.Backend.GetConfigurationContainerPath("ManagedDomains")
$managedDomainsContainer = $service.OpenObject($managedDomainsPath, $null, $null, 0)

# Create a new managed domain.
$initialName = $managedDomainsContainer.GetAzureInitialDomainName(
    $tenantId, $applicationId, $secret, $nationalCloud)
$managedDomain = $managedDomainsContainer.Create("adm-ManagedDomain", "DC=$initialName")

# Provide logon information.
$managedDomain.Register($tenantId, $applicationId, $secret, $nationalCloud)
C#
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        const string tenantId = "9f6ad6f6-0f7c-4a8c-9f71-879bbcb6d235";
        const string applicationId = "0db3e0b9-6d5e-41a3-9b52-daf859129da2";
        const string secret = "1xYsgT7!qW94bLz@J8d#MnvP2kXeCuR0sFgUoAH3tZpLViEY6Q";
        AzureNationalCloud nationalCloud = AzureNationalCloud.Default;

        // Connect to the Adaxes service.
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the 'Managed Domains' container.
        string managedDomainsPath = service.Backend.GetConfigurationContainerPath("ManagedDomains");
        IAdmManagedDomainContainer managedDomainsContainer =
            (IAdmManagedDomainContainer)service.OpenObject(managedDomainsPath, null, null, 0);

        // Create a new managed domain.
        string initialName = managedDomainsContainer.GetAzureInitialDomainName(
            tenantId, applicationId, secret, nationalCloud);
        IADsContainer container = (IADsContainer)managedDomainsContainer;
        IAdmAzureManagedDomain managedDomain = (IAdmAzureManagedDomain)container.Create(
            "adm-ManagedDomain", $"DC={initialName}");

        // Provide logon information.
        managedDomain.Register(tenantId, applicationId, secret, nationalCloud);
    }
}

GetDefaultLocation()

Returns the distinguished name (DN) of the organizational unit where objects are placed by default.

string GetDefaultLocation(string objectType)

Parameters

  • objectType – the type of objects for which to return the organizational unit DN. Allowed values are users, groups and resources.

SetDefaultLocation()

Sets the the organizational unit where objects will be placed by default.

void SetDefaultLocation(string objectType, string containerDN)

Parameters

  • objectType – the type of objects for which to set the organizational unit DN. Allowed values are users, groups and resources.
  • containerDN – the DN of the organizational unit. For details on how to get the DN of a directory object, see Get the DN of a directory object.

Remarks

To save the changes to the directory, call IADs::SetInfo after calling SetDefaultLocation.

TenantId

Gets the identifier of the Microsoft Entra tenant.

  • Type:
  • Guid
  • Access:
  • Read-only

TenantName

Gets the name of the Microsoft Entra tenant.

  • Type:
  • string
  • Access:
  • Read-only

NationalCloud

Gets the Microsoft Entra national cloud.

SyncDataIntervalSec

Gets or sets the interval (in seconds) for how frequently to check whether the Microsoft Entra ID cache needs to be updated.

  • Type:
  • int
  • Access:
  • Read/Write

SyncedObjectManagementOptions

Gets or sets the IAdmDomainSyncedObjectManagementOptions interface used to manage options for displaying objects synchronized with Active Directory.

SyncOwnerServiceDnsHostName

Gets or sets the DNS host name of the Adaxes service that will fulfil the synchronization owner role. In other words, this service instance will be responsible for synchronizing objects from Entra ID to AD LDS.

  • Type:
  • string
  • Access:
  • Read/Write

SyncOwnerServicePermanent

Gets or sets a value that indicates whether the synchronization owner will be reassigned if the original owner goes down.

  • Type:
  • bool
  • Access:
  • Read/Write

Remarks

If set to true, the current owner will never be reassigned, and there may be interruptions in synchronization should the owner go down.

LastSyncTime

Gets the timestamp when the last check for updates of Microsoft Entra resources was performed.

  • Type:
  • IADsLargeInteger
  • Access:
  • Read-only

LastSyncUpdateTime

Gets the time when the Microsoft Entra ID cache was last updated.

  • Type:
  • IADsLargeInteger
  • Access:
  • Read-only

Requirements

Minimum required version: 2023

See also

© Softerra 2022. All rights reserved.
Send feedback