IAdmM365Account

The IAdmM365Account interface is designed to manage properties of a Microsoft 365 account associated with a user.

Methods

Properties

  • Property

  • Description

  • AssociatedTenantDN

  • Gets the distinguished name (DN) of the Microsoft 365 tenant associated with the user.

  • M365ObjectId

  • Gets the identifier of the Microsoft 365 account associated with the user.

Details

GetMicrosoft365Properties()

Returns the properties of the Microsoft 365 account associated with the user.

IAdmM365AccountProperties GetMicrosoft365Properties()

Examples

The following code sample outputs location, sign-in status, and assigned Microsoft 365 licenses and services for the Microsoft 365 account associated with a user.

PowerShell
Import-Module Adaxes

$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

# Bind to the user.
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Get Microsoft 365 account properties.
$microsoft365Properties = $user.GetMicrosoft365Properties()

# Location and sing-in status.
Write-Host "Location:" $microsoft365Properties.Location
Write-Host "Sign-in blocked:" $microsoft365Properties.SignInBlocked

# Licenses.
$licenses = $microsoft365Properties.Licenses
Write-Host "Licenses:"
foreach ($license in $licenses)
{
    if (-not($license.Assigned))
    {
        continue
    }
    
    # License display name.
    Write-Host "`t" $license.Sku.DisplayName

    # Assigned services.
    $serviceAssignments = $license.Services
    foreach ($serviceAssignment in $serviceAssignments)
    {
        if ($serviceAssignment.Assigned)
        {
            # Service display name.
            Write-Host "`t`t" $serviceAssignment.Service.ServiceDisplayName
        }
    }
    Write-Host
}
C#
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi.Microsoft365;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";

        // Connect to the Adaxes service.
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the user.
        IAdmM365Account user = (IAdmM365Account)service.OpenObject(userPath, null, null, 0);

        // Get Microsoft 365 account properties.
        IAdmM365AccountProperties microsoft365Properties = user.GetMicrosoft365Properties();

        // Location and sign-in status.
        Console.WriteLine("Location: " + microsoft365Properties.Location);
        Console.WriteLine("Sign-in blocked: " + microsoft365Properties.SignInBlocked);

        // Licenses.
        IAdmM365License[] licenses = microsoft365Properties.Licenses;
        Console.WriteLine("Licenses:");
        foreach (IAdmM365License license in licenses)
        {
            if (!license.Assigned)
            {
                continue;
            }

            // License display name.
            Console.WriteLine("\t " + license.Sku.DisplayName);

            // Assigned services.
            IAdmM365ServiceAssignment[] serviceAssignments = license.Services;
            foreach (IAdmM365ServiceAssignment serviceAssignment in serviceAssignments)
            {
                if (serviceAssignment.Assigned)
                {
                    // Service display name.
                    Console.WriteLine("\t\t" + serviceAssignment.Service.ServiceDisplayName);
                }
            }
        }
    }
}

SetMicrosoft365Properties()

Sets the properties of the Microsoft 365 account associated with the user.

void SetMicrosoft365Properties(IAdmM365AccountProperties properties)

Parameters

  • properties – an instance of IAdmM365AccountProperties which contains the list of properties that will be modified and the new values.

Remarks

You can create an instance of the IAdmM365AccountProperties interface using the AdmM365AccountProperties class. Alternatively, you can call the GetMicrosoft365Properties method to retrieve the current Microsoft 365 properties of the user account.

Examples

The following code sample revokes all Microsoft 365 licenses and blocks user access to their Microsoft 365 account.

PowerShell
Import-Module Adaxes

$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

# Bind to the user.
$user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)

# Create an instance of the AdmM365AccountProperties class.
$microsoft365Properties = New-Object "Softerra.Adaxes.Adsi.CloudServices.AdmM365AccountProperties"

# Revoke all licenses.
$microsoft365Properties.RevokeAllLicenses = $true

# Set sign-in status to Blocked.
$microsoft365Properties.SignInBlocked = $true

# Commit changes.
$user.SetMicrosoft365Properties($microsoft365Properties)
$user.SetInfo()
C#
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Adsi.CloudServices;
using Softerra.Adaxes.Interop.Adsi.Microsoft365;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";

        // Connect to the Adaxes service.
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to the user.
        IAdmM365Account user = (IAdmM365Account)service.OpenObject(userPath, null, null, 0);

        // Create an instance of the AdmM365AccountProperties class.
        AdmM365AccountProperties microsoft365Properties = new AdmM365AccountProperties();

        // Revoke all licenses.
        microsoft365Properties.RevokeAllLicenses = true;

        // Set sign-in status to Blocked.
        microsoft365Properties.SignInBlocked = true;

        // Commit changes
        user.SetMicrosoft365Properties(microsoft365Properties);
        IAdmTop user2 = (IAdmTop)user;
        user2.SetInfo();
    }
}

ValidateServices()

Returns a value indicating whether the given Microsoft 365 services can be enabled when the specified Microsoft 365 license is assigned to a user.

bool ValidateServices(string skuPartNumber, 
                      IAdmM365Service[] services, 
                      out string warning)

Parameters

  • skuPartNumber – the name of the Microsoft 365 license (e.g. ENTERPRISEPACK).
  • services – an array of Microsoft 365 services to check.
  • warning – an output (OUT) parameter that returns an error message if the method returns false. If the method returns true, the parameter is null.

Return value

The method returns true if all specified services can be assigned without assigning any other services.

The method returns false if the specified services require other services that are not set in the services parameter. For example, the Office Online service cannot be assigned without the SharePoint Online service.

RevokeM365SignInSessions()

Forcefully signs the user out of all Microsoft 365 sessions across all devices.

void RevokeM365SignInSessions()

Examples

The following code sample signs several users out of their Microsoft 365 accounts.

PowerShell
Import-Module Adaxes

$userDNs = @(
    "CN=John Smith,CN=Users,DC=domain,DC=com",
    "CN=Jane Doe,CN=Users,DC=domain,DC=com",
    "CN=Mark Higgins,CN=Users,DC=domain,DC=com",
    "CN=Clare Bateman,CN=Users,DC=domain,DC=com"
)

# Connect to the Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly("localhost")

# Bind to each user and sign the out.
foreach ($userDN in $userDNs)
{
    $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0)
    $user.RevokeM365SignInSessions()
}
C#
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.Microsoft365;

class Program
{
    static void Main(string[] args)
    {
        string[] userDNs = new string[]
        {
            "CN=John Smith,CN=Users,DC=domain,DC=com",
            "CN=Jane Doe,CN=Users,DC=domain,DC=com",
            "CN=Mark Higgins,CN=Users,DC=domain,DC=com",
            "CN=Clare Bateman,CN=Users,DC=domain,DC=com"
        };

        // Connect to the Adaxes service.
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly("localhost");

        // Bind to each user and revoke their sign-in sessions.
        foreach (string dn in userDNs)
        {
            string userPath = "Adaxes://" + dn;
            IAdmM365Account user = (IAdmM365Account)service.OpenObject(userPath, null, null, 0);
            user.RevokeM365SignInSessions();
        }
    }
}

AssociatedTenantDN

Gets the distinguished name (DN) of the Microsoft 365 tenant associated with the user.

  • Type:
  • string
  • Access:
  • Read-only

M365ObjectId

Gets the identifier of the Microsoft 365 account associated with the user.

  • Type:
  • Guid
  • Access:
  • Read-only

Remarks

The property returns an empty GUID when:

  • The user has no Microsoft 365 account.
  • The user is outside of a Microsoft 365 tenant's scope in Adaxes.
  • It is not possible to match the user account with a Microsoft 365 account by their identifiers.

Requirements

Minimum required version: 2025.1

See also

© Softerra 2022. All rights reserved.
Send feedback