IAdmTop
The IAdmTop interface represents the base interface for accessing any ADSI object defining the properties and methods common for any such object. Any ADSI object in Adaxes implements this interface.
You can use the IAdmTop interface to:
- Obtain a snapshot (i.e. a serialized instance of any object) from the directory loading only the properties that you need and manage such properties locally via the IAdmObjectSnapshot interface.
- Retrieve a modification log of any object.
- Update the ADS path of an object when such a path becomes invalid.
- Retrieve such information on an object as the list of its ancestors or a list of the groups the object is an indirect or direct member of.
- Get the user object that was used to bind to a specific object in the directory.
- Execute a script, custom command or scheduled task on an object.
Inheritance: IADs
Methods
-
Method
-
Description
-
GetModificationLog()
-
Returns the object modification log.
-
GetSnapshot()
-
Loads the properties specified in the properties parameter from the directory and returns a snapshot of the current object.
-
GetPropertyValue()
-
Returns the value of the given property.
-
GetPropertyValues()
-
Returns the value of the given property. Unlike the
GetPropertyValuemethod, this method always returns property values as an array. -
SetInfo2()
-
Persists the changes made on the object to the directory.
-
SetInfoEx()
-
Persists the changes of the specified properties to the directory.
-
SetInfoEx2()
-
Persists the changes of the specified properties to the directory.
-
UpdateAdsPath()
-
Updates the ADS path of the object if the path is invalid.
-
RunScript()
-
Runs the specified script for the object.
-
ExecuteCustomCommand()
-
Executes a custom command with the given parameters on the object.
-
ExecuteScheduledTask()
-
Runs the given scheduled task on the object.
Properties
-
Property
-
Description
-
DirectMemberOf
-
Gets an array of group GUIDs the object is a direct member of.
-
MemberOf
-
Gets an array of GUIDs of all the groups the object is a direct or indirect member of.
-
Ancestors
-
Gets an array of GUIDs of the ancestors of the object.
-
BoundAs
-
Gets the user whose credentials were used to bind to the object.
-
DirectoryType
-
Gets the directory type of the object.
-
AzureId
-
Gets the unique identifier of the object in Azure AD.
Details
GetModificationLog()
Returns the object modification log. The log is represented by the IAdmModificationLog interface, which allows you to retrieve log entries of any changes that were performed on the current IAdmTop object.
IAdmModificationLog GetModificationLog()
Remarks
Note that log records for this object will only be available when the IAdmModificationLog::Enabled property is set to true.
Examples
The following code sample outputs all operations performed on a user account.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") $service = $ns.GetServiceDirectly("localhost") # Bind to the target user $userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0) # Get modification log $modificationLog = $user.GetModificationLog() # Get all log records $log = $modificationLog.Log $pageCount = $log.PageCount for ($i = 0; $i -lt $pageCount; $i++) { # Get the current page of log records $logRecords = $log.GetPage($i) # Output information contained in each record foreach ($record in $logRecords) { Write-Host "Target object name: " $record.TargetObjectName Write-Host "Description of operation: " $record.Description Write-Host "Target object type: " $record.TargetObjectType Write-Host "Initiator name: " $record.Initiator.Name Write-Host "Start time: " $record.StartTime.DateTime Write-Host "Completion time: " $record.CompletionTime.DateTime Write-Host } } - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.Logging; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the target user const string userPath = "Adaxes://CN=John Smith,DC=domain,DC=com"; IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0); // Get modification log IAdmModificationLog modificationLog = user.GetModificationLog(); // Get all log records IAdmLog log = modificationLog.Log; int pageCount = log.PageCount; for (int i = 0; i < pageCount; i++) { // Get the current page of log records IAdmLogRecords logRecords = log.GetPage(i); // Output information contained in each record foreach (IAdmLogRecord record in logRecords) { IAdmLogRecord record2 = (IAdmLogRecord)record; Console.WriteLine("Target object name: {0}", record2.TargetObjectName); Console.WriteLine("Description of operation: {0}", record.Description); Console.WriteLine("Target object type: {0}", record2.TargetObjectType); Console.WriteLine("Initiator name: {0}", record.Initiator.Name); Console.WriteLine("Start time: {0}", record.StartTime); Console.WriteLine("Completion time: {0}", record.CompletionTime); Console.WriteLine(); } } } }
GetSnapshot()
Loads the properties specified in the properties parameter from the directory and returns a snapshot of the current object. A snapshot is a serialized object that is not bound to the directory and contains the properties specified (provided that they exist in the directory). You can further use the retrieved IAdmObjectSnapshot interface to manage the loaded object properties locally.
IAdmObjectSnapshot GetSnapshot(string[] properties)
Parameters
The properties parameter contains an array of string entries representing the names of the properties that will be loaded.
GetPropertyValue()
Returns the value of the given property. For a multi-valued property, the method returns an array containing values of the property. If the property is empty, the method returns null.
object GetPropertyValue(string propertyName)
Parameters
The propertyName parameter specifies the name of the property as defined in the directory schema.
Remarks
You can also use method GetPropertyValues to retrieve property values. The GetPropertyValues method returns property values as an array, regardless of whether the property is single-valued or multi-valued.
GetPropertyValues()
Returns the value of the given property. Unlike the GetPropertyValue method, this method always returns property values as an array. For a single-valued property, the method returns an array of a single element. If the property is empty, the method returns null.
object[] GetPropertyValues(string propertyName)
Parameters
The propertyName parameter specifies the name of the property as defined in the directory schema.
SetInfo2()
Persists the changes made on the object to the directory. This method allows any value references specified in the object properties to be resolved.
void SetInfo2(ADM_SETINFOPARAMS_ENUM resolveValueRef)
Parameters
The resolveValueRef parameter determines whether value references must be resolved on the server side prior to saving changes to the directory. When set to ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES, all value references contained in object properties are resolved. Otherwise, when set to ADM_SETINFOPARAMS_NONE, value references will not be resolved.
Examples
The following code sample sets the description of a user to the value of the Job Title property.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") $service = $ns.GetServiceDirectly("localhost") # Bind to the user $userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0) # Update the description $user.Put("description", "%title%") # Save changes $user.SetInfo2("ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES") - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the user const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; IADs user = (IADs) service.OpenObject(userPath, null, null, 0); // Update the description user.Put("description", "%title%"); // Save changes IAdmTop user2 = (IAdmTop) user; user2.SetInfo2(ADM_SETINFOPARAMS_ENUM.ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES); } }
SetInfoEx()
Persists the changes of the specified properties to the directory.
void SetInfoEx(string[] properties)
Parameters
The properties parameter contains an array of string entries listing the property names to persist.
SetInfoEx2()
Persists the changes of the specified properties to the directory. This method allows any value references specified in the object properties to be resolved.
void SetInfoEx2(string[] properties, ADM_SETINFOPARAMS_ENUM resolveValueRef)
Parameters
- properties - An array of string entries listing the property names to persist.
- resolveValueRef - Determines whether value references must be resolved on the server side prior to saving changes to the directory. When set to
ADM_SETINFOPARAMS_RESOLVEVALUEREFERENCES, all value references contained in object properties are resolved. Otherwise, when set toADM_SETINFOPARAMS_NONE, value references will not be resolved.
UpdateAdsPath()
Updates the ADS path of the object if the path is invalid. An ADS path becomes invalid when an object is renamed or moved, for example.
void UpdateAdsPath()
Examples
The following code sample moves a user to another Organizational Unit and outputs the updated ADS path.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") $service = $ns.GetServiceDirectly("localhost") # Bind to the target Organizational Unit $targetOUDN = "OU=TargetOU,DC=domain,DC=com" $targetOU = $service.OpenObject("Adaxes://$targetOUDN",` $null, $null, 0) # Bind to the user $userDN = "CN=John Smith,OU=SourceOU,DC=domain,DC=com" $user = $service.OpenObject("Adaxes://$userDN",` $null, $null, 0) # Move the user to the Organizational Unit $targetOU.MoveHere($user.AdsPath, $null) | Out-Null # ADS path of the user before update Write-Host "Old user AdsPath: " $user.AdsPath # Update ADS path $user.UpdateAdsPath() # Resulting ADS path Write-Host "New user AdsPath: " $user.AdsPath - C#
-
using System; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the target Organizational Unit const string targetOUPath = "Adaxes://CN=TargetOU,DC=domain,DC=com"; IADsContainer targetOU = (IADsContainer) service.OpenObject( targetOUPath, null, null, 0); // Bind to the user const string userDN = "CN=John Smith,OU=SourceOU,DC=domain,DC=com"; IAdmTop user = (IAdmTop) service.OpenObject("Adaxes://" + userDN, null, null, 0); // Move the user to the Organizational Unit targetOU.MoveHere(user.ADsPath, null); // ADS path of the user before update Console.WriteLine("Old user AdsPath: {0}", user.ADsPath); // Update ADS path user.UpdateAdsPath(); // Resulting ADS path Console.WriteLine("New user AdsPath: {0}", user.ADsPath); } }
RunScript()
Runs the specified script for the object. The text of the script can contain value references. Before executing a script, Adaxes will replace value references with corresponding property values of the directory object on which the script is executed.
void RunScript(ADM_SCRIPTTYPE_ENUM scriptType,
string scriptText,
string scriptDescription,
string username,
string password)
Parameters
- scriptType - Controls whether the text specified in the scriptText parameter is a text of a PowerShell script (when set to
ADM_SCRIPTTYPE_POWERSHELL) or a command line that should be executed (when set toADM_SCRIPTTYPE_PROGRAM). - scriptText - Contains either the text of a PowerShell script to execute, or a command line to be run, depending on the value of the scriptType parameter.
- scriptDescription - Contains a description of the script passed by the scriptText parameter.
- username - Specifies the username of the user whose credentials will be used to launch the script. Pass
nullto use the username of the currently logged on user. - password - Specifies the password to the account specified in the username parameter. Pass
nullif you want to use the credentials of the currently logged on user.
Examples
The following code sample runs a script to export specific properties of a user to a CSV file.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") $service = $ns.GetServiceDirectly("localhost") # Bind to the user $userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0) # Script for CSV export $scriptBlock = { $htable = @{FirstName="%firstname%";LastName="%lastname%";Department="%department%";} $userObj = New-Object PSObject -Property $htable $userObj | Export-Csv "C:\New users\%username%.csv" -NoTypeInformation } # Run the script for the user $user.RunScript("ADM_SCRIPTTYPE_POWERSHELL", $scriptBlock.ToString(), "Export to CSV", $null, $null) - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the user const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; IAdmTop user = (IAdmTop)service.OpenObject(userPath, null, null, 0); // Script for CSV export const string scriptBlock = @" $htable = @{FirstName=""%firstname%"";LastName=""%lastname%"";Department=""%department%"";} $userObj = New-Object PSObject -Property $htable $userObj | Export-Csv ""C:\New users\%username%.csv"" -NoTypeInformation"; // Run the script for the user user.RunScript(ADM_SCRIPTTYPE_ENUM.ADM_SCRIPTTYPE_POWERSHELL, scriptBlock, "Export to CSV", null, null); } }
ExecuteCustomCommand()
Executes a custom command with the given parameters on the object.
void ExecuteCustomCommand(string customCommandId, IAdmCustomCommandArguments arguments)
Parameters
- customCommandId - Specifies the unique identifier of the custom command to be executed. To get the identifier, use the IAdmCustomCommand::CommandID property.
- arguments - Specifies arguments for custom command execution. To create an instance of custom command arguments, use the IAdmCustomCommand::CreateArguments method.
Examples
The following code sample executes a custom command with specified arguments on all users in an Organization Unit.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Bind to the custom command $commandDN = "CN=My Command,CN=Custom Commands,CN=Configuration Objects,"+ "CN=Adaxes Configuration,CN=Adaxes" $command = $service.OpenObject("Adaxes://$commandDN", $null, $null, 0) # Specify arguments for command execution $commandArguments = $command.CreateArguments() $commandArguments.SetParameterValue("MyParameter", "MyValue") # Bind to the Organizational Unit $containerDN = "OU=My OU,DC=domain,DC=com" $container = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0) # Execute the custom command for all users in the Organizational Unit $container.Filter = @("user") foreach ($user in $container) { $user.ExecuteCustomCommand($command.CommandID, $commandArguments) } - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; using Softerra.Adaxes.Interop.Adsi.CustomCommands; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the custom command const string commandPath = "Adaxes://CN=My Command,CN=Custom Commands," + "CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes"; IAdmCustomCommand command = (IAdmCustomCommand)service.OpenObject( commandPath, null, null, 0); // Specify arguments for command execution IAdmCustomCommandArguments commandArguments = command.CreateArguments(); commandArguments.SetParameterValue("MyParameter", "MyValue"); // Bind to the Organizational Unit const string containerPath = "Adaxes://OU=My OU,DC=domain,DC=com"; IADsContainer container = (IADsContainer)service.OpenObject( containerPath, null, null, 0); // Execute the custom command for all users in the Organizational Unit container.Filter = new object[] { "user" }; foreach (IAdmTop user in container) { user.ExecuteCustomCommand(command.CommandID, commandArguments); } } }
ExecuteScheduledTask()
Runs the given scheduled task on the object.
void ExecuteScheduledTask(string scheduledTaskId)
Parameters
The scheduledTaskId parameter specifies the unique identifier of the scheduled task to run. To get the identifier, use the IAdmScheduledTask::TaskID property.
Examples
The following code sample runs a scheduled task on all users in an Organization Unit.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace" $service = $ns.GetServiceDirectly("localhost") # Bind to the scheduled task $taskDN = "CN=My Task,CN=Scheduled Tasks,CN=Configuration Objects,"+ "CN=Adaxes Configuration,CN=Adaxes" $task = $service.OpenObject("Adaxes://$taskDN", $null, $null, 0) # Bind to the Organizational Unit $containerDN = "OU=My OU,DC=domain,DC=com" $container = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0) # Run the scheduled task for all users in the Organizational Unit $container.Filter = @("user") foreach ($user in $container) { $user.ExecuteScheduledTask($task.TaskID) } - C#
-
using System; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; using Softerra.Adaxes.Interop.Adsi.ScheduledTasks; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the scheduled task const string taskPath = "Adaxes://CN=My Task,CN=Scheduled Tasks," + "CN=Configuration Objects,CN=Adaxes Configuration,CN=Adaxes"; IAdmScheduledTask task = (IAdmScheduledTask)service.OpenObject( taskPath, null, null, 0); // Bind to the Organizational Unit const string containerPath = "Adaxes://OU=My OU,DC=domain,DC=com"; IADsContainer container = (IADsContainer)service.OpenObject( containerPath, null, null, 0); // Run the scheduled task for all users in the Organizational Unit container.Filter = new object[] { "user" }; foreach (IAdmTop user in container) { user.ExecuteScheduledTask(task.TaskID); } } }
DirectMemberOf
Gets an array of group GUIDs the object is a direct member of. Each GUID is stored in the form of an array of byte (Byte[]), and the parameter itself is an array of arrays of byte (Byte[][]).
- Type:
- Object
- Access:
- Read-only
Examples
The following code sample outputs all groups a user is a direct member of.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") $service = $ns.GetServiceDirectly("localhost") # Bind to the target user $userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0) # Get GUIDs of all groups the user is a direct member of $groupGuidsBytes = $user.DirectMemberOf Write-Host "Group names:" foreach ($groupGuidBytes in $groupGuidsBytes) { # Bind to the group $guid = [Guid]$groupGuidBytes $guidPath = "Adaxes://<Guid=$guid>" $group = $service.OpenObject($guidPath, $null, $null, 0) # Get the group name Write-Host "`t" $group.Get("name") } - C#
-
using System; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the target user const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0); // Get GUIDs of all groups the user is a direct member of object[] groupGuidsBytes = (object[]) user.DirectMemberOf; Console.WriteLine("Group names:"); foreach (Byte[] groupGuidBytes in groupGuidsBytes) { // Bind to the group string guid = new Guid(groupGuidBytes).ToString("B"); string guidPath = string.Format("Adaxes://<GUID={0}>", guid); IADs group = (IADs) service.OpenObject(guidPath, null, null, 0); // Output the group name Console.WriteLine("\t{0}", group.Get("name")); } } }
MemberOf
Gets an array of GUIDs of all the groups the object is a direct or indirect member of. Each GUID is stored in the form of an array of byte (Byte[]), and the parameter itself is an array of arrays of byte (Byte[][]).
- Type:
- Object
- Access:
- Read-only
Examples
The following code sample outputs all groups a user is a member of (including direct and indirect membership).
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") $service = $ns.GetServiceDirectly("localhost") # Bind to the target user $userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0) # Get GUIDs of all groups the user is a member of (via direct and indirect membership) $groupGuidsBytes = $user.MemberOf Write-Host "Group names:" foreach ($groupGuidBytes in $groupGuidsBytes) { # Bind to the group $guid = [Guid]$groupGuidBytes $guidPath = "Adaxes://<Guid=$guid>" $group = $service.OpenObject($guidPath, $null, $null, 0) # Output the group name Write-Host "`t" $group.Get("name") } - C#
-
using System; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the target user const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0); // Get GUIDs of all groups the user is a member of (via direct and indirect membership) object[] groupGuidsBytes = (object[]) user.MemberOf; Console.WriteLine("Group names:"); foreach (Byte[] groupGuidBytes in groupGuidsBytes) { // Bind to the group string guid = new Guid(groupGuidBytes).ToString("B"); string guidPath = string.Format("Adaxes://<GUID={0}>", guid); IADs group = (IADs) service.OpenObject(guidPath, null, null, 0); // Output the group name Console.WriteLine("\t{0}", group.Get("name")); } } }
Ancestors
Gets an array of GUIDs of the ancestors of the object. The GUIDs are ordered in the array in such a manner that the GUID of the first parent object is the first element and the GUID of the top ancestor is the last one. Each GUID is stored in the form of an array of byte (Byte[]), and the parameter itself is an array of arrays of byte (Byte[][]).
- Type:
- Object
- Access:
- Read-only
Examples
The following code sample checks whether a user is a descendant of a specific Organizational Unit.
- PowerShell
-
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi") # Connect to the Adaxes service $ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") $service = $ns.GetServiceDirectly("localhost") # Bind to the user $userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" $user = $service.OpenObject("Adaxes://$userDN", $null, $null, 0) # Bind to the Organizational Unit $containerDN = "OU=New York,DC=domain,DC=com" $container = $service.OpenObject("Adaxes://$containerDN", $null, $null, 0) # Get the GUID and the name of the Organizational Unit $containerName = $container.Get("name") $containerGuid = [Guid]$container.Get("objectGuid") foreach ($ancestorGuid in $user.Ancestors) { if ([Guid]$ancestorGuid -ne $containerGuid) { continue } Write-Host "User is a descendant of '$containerName'" return } Write-Host "User is not a descendant of '$containerName'" - C#
-
using System; using Softerra.Adaxes.Interop.Adsi; using Softerra.Adaxes.Adsi; using Softerra.Adaxes.Interop.Adsi.PersistentObjects; class Program { static void Main(string[] args) { // Connect to the Adaxes service AdmNamespace ns = new AdmNamespace(); IAdmService service = ns.GetServiceDirectly("localhost"); // Bind to the user const string userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com"; IAdmTop user = (IAdmTop) service.OpenObject(userPath, null, null, 0); // Get GUIDs of all ancestors of the user object[] ancestorGuidsByte = (object[]) user.Ancestors; // Bind to the Organizational Unit const string containerPath = "Adaxes://OU=New York,DC=domain,DC=com"; IADs container = (IADs) service.OpenObject(containerPath, null, null, 0); // Get the GUID and the name of the Organizational Unit string containerName = (string) container.Get("name"); byte[] containerGuidBytes = (byte[]) container.Get("objectGuid"); Guid containerGuid = new Guid(containerGuidBytes); foreach (byte[] ancestorGuidBytes in ancestorGuidsByte) { Guid ancestorGuid = new Guid(ancestorGuidBytes); if (ancestorGuid != containerGuid) { continue; } Console.WriteLine("User is a descendant of '{0}'", containerName); return; } Console.WriteLine("User is not a descendant of '{0}'", containerName); } }
BoundAs
Gets the user whose credentials were used to bind to the object.
- Type:
- IADs
- Access:
- Read-only
DirectoryType
Gets the directory type of the object.
- Type:
- DirectoryType
- Access:
- Read-only
AzureId
Gets the unique identifier of the object in Azure AD. For an on-premises AD object, the property gets the identifier in the Microsoft 365 tenant the object is associated with.
- Type:
- string
- Access:
- Read-only
Remarks
For on-premises AD objects not associated with any Microsoft 365 tenant, the property is null.
Examples
The following code sample outputs display names of the Azure AD groups a user is a member of.
$userId = $user.AzureId
$groups = Get-MgUserMemberOf -UserId $userId
foreach ($group in $groups)
{
Write-Host $group.AdditionalProperties.displayName
}
Requirements
Minimum required version: 2023