IAdmConfigurationSetAdministratorManager
The IAdmConfigurationSetAdministratorManager interface is designed to manage Adaxes service administrators.
Inheritance: IUnknown
Methods
-
Method
-
Description
-
AddAdministrator()
-
Adds a new service administrator.
-
RemoveAdministrator()
-
Removes a service administrator.
-
IsAdministrator()
-
Checks whether a user or group is in the list of service administrators.
-
AmIAdministrator()
-
Determines whether the currently logged in user is a service administrator.
Properties
-
Property
-
Description
-
Administrators
-
Gets an array of service administrators SIDs.
Details
AddAdministrator()
Adds a new service administrator.
void AddAdministrator(Byte[] administratorSid)
Parameters
The administratorSid parameter specifies the security identifier (SID) of the new administrator. The SID must be represented as an array of bytes. You can pass a SID of a user or global/universal security group only.
Remarks
Only service administrators have the permission to use the method.
Examples
The following code sample adds the user to the list of service administrators.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") $adminDN = "CN=John Smith,CN=Users,DC=domain,DC=com" # TODO modify me # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Get the new administrator's SID $admin = $service.OpenObject("Adaxes://$adminDN", $null, $null, 0) $sidBytes = $admin.Get("objectSid") # Bind to the 'Configuration Set Settings' container $configSetSettingsPath = $service.Backend.GetConfigurationContainerPath("ConfigurationSetSettings") $configSetSettings = $service.OpenObject($configSetSettingsPath, $null, $null, 0) # Add the new service administrator $adminManager = $configSetSettings.AdministratorManager $adminManager.AddAdministrator($sidBytes) - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.Management; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { const string adminPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Get the new administrator's SID IAdmTop admin = (IAdmTop)service.OpenObject(adminPath, null, null, 0); byte[] sidBytes = (byte[])admin.Get("objectSID"); // Bind to the 'Configuration Set Settings' container string configSetSettingsPath = service.Backend.GetConfigurationContainerPath( "ConfigurationSetSettings"); IAdmConfigurationSetSettings configSetSettings = (IAdmConfigurationSetSettings)service.OpenObject( configSetSettingsPath, null, null, 0); // Add the new service administrator IAdmConfigurationSetAdministratorManager adminManager = configSetSettings.AdministratorManager; adminManager.AddAdministrator(sidBytes); } }
RemoveAdministrator()
Removes a service administrator.
void RemoveAdministrator(Byte[] administratorSid)
Parameters
The administratorSid parameter specifies the security identifier (SID) of the service administrator to remove. The SID must be represented as an array of bytes.
Remarks
- Only service administrators have the permission to use the method.
- Adaxes service account specified during service installation cannot be removed.
Examples
The following code sample removes a service administrator.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") $adminDN = "CN=John Smith,CN=Users,DC=domain,DC=com" # TODO modify me # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Get administrator SID $admin = $service.OpenObject("Adaxes://$adminDN", $null, $null, 0) $sidBytes = $admin.Get("objectSid") # Bind to the 'Configuration Set Settings' container $configSetSettingsPath = $service.Backend.GetConfigurationContainerPath("ConfigurationSetSettings") $configSetSettings = $service.OpenObject($configSetSettingsPath, $null, $null, 0) # Remove service administrator $adminManager = $configSetSettings.AdministratorManager $adminManager.RemoveAdministrator($sidBytes) - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.Management; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { const string adminPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Get administrator SID IAdmTop admin = (IAdmTop)service.OpenObject(adminPath, null, null, 0); byte[] sidBytes = (byte[])admin.Get("objectSID"); // Bind to the 'Configuration Set Settings' container string configSetSettingsPath = service.Backend.GetConfigurationContainerPath( "ConfigurationSetSettings"); IAdmConfigurationSetSettings configSetSettings = (IAdmConfigurationSetSettings)service.OpenObject( configSetSettingsPath, null, null, 0); // Remove service administrator IAdmConfigurationSetAdministratorManager adminManager = configSetSettings.AdministratorManager; adminManager.RemoveAdministrator(sidBytes); } }
IsAdministrator()
Checks whether a user or group is in the list of service administrators. When you pass a user, the method takes into account membership in groups of service administrators.
bool IsAdministrator(Byte[] administratorSid)
Parameters
The administratorSid parameter specifies the security identifier (SID) of a user/group to check. The SID must be represented as an array of bytes.
Examples
The following code sample checks whether a user is a service administrator.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") $userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" # TODO modify me # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Get user SID $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0) $sidBytes = $user.Get("objectSid") # Bind to the 'Configuration Set Settings' container $configSetSettingsPath = $service.Backend.GetConfigurationContainerPath("ConfigurationSetSettings") $configSetSettings = $service.OpenObject($configSetSettingsPath, $null, $null, 0) # Check whether the user is a service administrator $adminManager = $configSetSettings.AdministratorManager if ($adminManager.IsAdministrator($sidBytes)) { Write-Host "User IS an administrator" } else { Write-Host "User IS NOT an administrator" } - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.Management; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Get user SID IAdmTop user = (IAdmTop)service.OpenObject(userPath, null, null, 0); byte[] sidBytes = (byte[])user.Get("objectSID"); // Bind to the 'Configuration Set Settings' container string configSetSettingsPath = service.Backend.GetConfigurationContainerPath( "ConfigurationSetSettings"); IAdmConfigurationSetSettings configSetSettings = (IAdmConfigurationSetSettings)service.OpenObject( configSetSettingsPath, null, null, 0); // Check whether the user is a service administrator IAdmConfigurationSetAdministratorManager adminManager = configSetSettings.AdministratorManager; if (adminManager.IsAdministrator(sidBytes)) { Console.WriteLine("User IS an administrator"); } else { Console.WriteLine("User IS NOT an administrator"); } } }
AmIAdministrator()
Determines whether the currently logged in user is a service administrator. The method takes into account membership in groups of service administrators.
bool AmIAdministrator()
Examples
The following code sample checks whether the currently logged in user is a service administrator.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Bind to the 'Configuration Set Settings' container $configSetSettingsPath = $service.Backend.GetConfigurationContainerPath("ConfigurationSetSettings") $configSetSettings = $service.OpenObject($configSetSettingsPath, $null, $null, 0) # Check whether the user is a service administrator $adminManager = $configSetSettings.AdministratorManager if ($adminManager.AmIAdministrator()) { Write-Host "You ARE an administrator" } else { Write-Host "You ARE NOT an administrator" } - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi.Management; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the 'Configuration Set Settings' container string configSetSettingsPath = service.Backend.GetConfigurationContainerPath( "ConfigurationSetSettings"); IAdmConfigurationSetSettings configSetSettings = (IAdmConfigurationSetSettings)service.OpenObject( configSetSettingsPath, null, null, 0); // Check whether the user is a service administrator IAdmConfigurationSetAdministratorManager adminManager = configSetSettings.AdministratorManager; if (adminManager.AmIAdministrator()) { Console.WriteLine("You ARE an administrator"); } else { Console.WriteLine("You ARE NOT an administrator"); } } }
Administrators
Gets an array of service administrators SIDs. Each SID is represented as an array of bytes, and the property itself is an array of arrays of bytes.
- Type:
- Byte[][]
- Access:
- Read-only
Requirements
Minimum required version: 2009.1