Skip to content

IAdmConfigurationSetAdministratorManager

The IAdmConfigurationSetAdministratorManager interface is designed to manage Adaxes service administrators.

Inheritance: The IAdmConfigurationSetAdministratorManager interface inherits from the IUnknown interface.

Methods

Properties

Details

AddAdministrator()

Adds a new service administrator.

void AddAdministrator(Byte[] administratorSid)

Parameters

The administratorSid parameter specifies the security identifier (SID) of the new administrator. The SID must be represented as an array of bytes. You can pass a SID of a user or global/universal security group only.

Remarks

Only service administrators have the permission to use the method.

Examples

The following code sample adds the user to the list of service administrators.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$adminDN = "CN=John Smith,CN=Users,DC=domain,DC=com" # TODO modify me

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Get the new administrator's SID
$admin = $admService.OpenObject("Adaxes://$adminDN", $NULL, $NULL, 0)
$sidBytes = $admin.Get("objectSid")

# Bind to the 'Configuration Set Settings' container
$configSetSettingsPath = $admService.Backend.GetConfigurationContainerPath("ConfigurationSetSettings")
$configSetSettings = $admService.OpenObject($configSetSettingsPath, $NULL, $NULL, 0)

# Add the new service administrator
$adminManager = $configSetSettings.AdministratorManager
$adminManager.AddAdministrator($sidBytes)
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.Management;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        const String adminPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";

        // Connect to the Adaxes service
        AdmNamespace adsNS = new AdmNamespace();
        IAdmService admService = adsNS.GetServiceDirectly("localhost");

        // Get the new administrator's SID
        IAdmTop admin = (IAdmTop)admService.OpenObject(adminPath, null, null, 0);
        byte[] sidBytes = (byte[])admin.Get("objectSID");

        // Bind to the 'Configuration Set Settings' container
        String configSetSettingsPath = admService.Backend.GetConfigurationContainerPath(
            "ConfigurationSetSettings");
        IAdmConfigurationSetSettings configSetSettings =
            (IAdmConfigurationSetSettings)admService.OpenObject(
            configSetSettingsPath, null, null, 0);

        // Add the new service administrator
        IAdmConfigurationSetAdministratorManager adminManager =
            configSetSettings.AdministratorManager;
        adminManager.AddAdministrator(sidBytes);
    }
}

RemoveAdministrator()

Removes a service administrator.

void RemoveAdministrator(Byte[] administratorSid)

Parameters

The administratorSid parameter specifies the security identifier (SID) of the service administrator to remove. The SID must be represented as an array of bytes.

Remarks

  • Only service administrators have the permission to use the method.
  • Adaxes service account specified during service installation cannot be removed.

Examples

The following code sample removes a service administrator.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$adminDN = "CN=John Smith,CN=Users,DC=domain,DC=com" # TODO modify me

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Get administrator SID
$admin = $admService.OpenObject("Adaxes://$adminDN", $NULL, $NULL, 0)
$sidBytes = $admin.Get("objectSid")

# Bind to the 'Configuration Set Settings' container
$configSetSettingsPath = $admService.Backend.GetConfigurationContainerPath("ConfigurationSetSettings")
$configSetSettings = $admService.OpenObject($configSetSettingsPath, $NULL, $NULL, 0)

# Remove service administrator 
$adminManager = $configSetSettings.AdministratorManager
$adminManager.RemoveAdministrator($sidBytes)
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.Management;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        const String adminPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";

        // Connect to the Adaxes service
        AdmNamespace adsNS = new AdmNamespace();
        IAdmService admService = adsNS.GetServiceDirectly("localhost");

        // Get administrator SID
        IAdmTop admin = (IAdmTop)admService.OpenObject(adminPath, null, null, 0);
        byte[] sidBytes = (byte[])admin.Get("objectSID");

        // Bind to the 'Configuration Set Settings' container
        String configSetSettingsPath = admService.Backend.GetConfigurationContainerPath(
            "ConfigurationSetSettings");
        IAdmConfigurationSetSettings configSetSettings =
            (IAdmConfigurationSetSettings)admService.OpenObject(
            configSetSettingsPath, null, null, 0);

        // Remove service administrator
        IAdmConfigurationSetAdministratorManager adminManager =
            configSetSettings.AdministratorManager;
        adminManager.RemoveAdministrator(sidBytes);
    }
}

IsAdministrator()

Checks whether a user or group is in the list of service administrators. When you pass a user, the method takes into account membership in groups of service administrators.

Boolean IsAdministrator(Byte[] administratorSid)

Parameters

The administratorSid parameter specifies the security identifier (SID) of a user/group to check. The SID must be represented as an array of bytes.

Examples

The following code sample checks whether a user is a service administrator.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com" # TODO modify me

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Get user SID
$user = $admService.OpenObject("Adaxes://$userDN", $NULL, $NULL, 0)
$sidBytes = $user.Get("objectSid")

# Bind to the 'Configuration Set Settings' container
$configSetSettingsPath = $admService.Backend.GetConfigurationContainerPath("ConfigurationSetSettings")
$configSetSettings = $admService.OpenObject($configSetSettingsPath, $NULL, $NULL, 0)

# Check whether the user is a service administrator
$adminManager = $configSetSettings.AdministratorManager
if ($adminManager.IsAdministrator($sidBytes))
{
    Write-Host "User IS an administrator"
}
else
{
    Write-Host "User IS NOT an administrator"
}
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.Management;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        const String userPath = "Adaxes://CN=John Smith,CN=Users,DC=domain,DC=com";

        // Connect to the Adaxes service
        AdmNamespace adsNS = new AdmNamespace();
        IAdmService admService = adsNS.GetServiceDirectly("localhost");

        // Get user SID
        IAdmTop user = (IAdmTop)admService.OpenObject(userPath, null, null, 0);
        byte[] sidBytes = (byte[])user.Get("objectSID");

        // Bind to the 'Configuration Set Settings' container
        String configSetSettingsPath = admService.Backend.GetConfigurationContainerPath(
            "ConfigurationSetSettings");
        IAdmConfigurationSetSettings configSetSettings = 
            (IAdmConfigurationSetSettings)admService.OpenObject(
            configSetSettingsPath, null, null, 0);

        // Check whether the user is a service administrator
        IAdmConfigurationSetAdministratorManager adminManager =
            configSetSettings.AdministratorManager;
        if (adminManager.IsAdministrator(sidBytes))
        {
            Console.WriteLine("User IS an administrator");
        }
        else
        {
            Console.WriteLine("User IS NOT an administrator");
        }
    }
}

AmIAdministrator()

Determines whether the currently logged in user is a service administrator. The method takes into account membership in groups of service administrators.

Boolean AmIAdministrator()

Examples

The following code sample checks whether the currently logged in user is a service administrator.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the 'Configuration Set Settings' container
$configSetSettingsPath = $admService.Backend.GetConfigurationContainerPath("ConfigurationSetSettings")
$configSetSettings = $admService.OpenObject($configSetSettingsPath, $NULL, $NULL, 0)

# Check whether the user is a service administrator
$adminManager = $configSetSettings.AdministratorManager
if ($adminManager.AmIAdministrator())
{
    Write-Host "You ARE an administrator"
}
else
{
    Write-Host "You ARE NOT an administrator"
}
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi.Management;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main(string[] args)
    {
        // Connect to the Adaxes service
        AdmNamespace adsNS = new AdmNamespace();
        IAdmService admService = adsNS.GetServiceDirectly("localhost");

        // Bind to the 'Configuration Set Settings' container
        String configSetSettingsPath = admService.Backend.GetConfigurationContainerPath(
            "ConfigurationSetSettings");
        IAdmConfigurationSetSettings configSetSettings =
            (IAdmConfigurationSetSettings)admService.OpenObject(
            configSetSettingsPath, null, null, 0);

        // Check whether the user is a service administrator
        IAdmConfigurationSetAdministratorManager adminManager =
            configSetSettings.AdministratorManager;
        if (adminManager.AmIAdministrator())
        {
            Console.WriteLine("You ARE an administrator");
        }
        else
        {
            Console.WriteLine("You ARE NOT an administrator");
        }
    }
}

Administrators

Gets an array of service administrators SIDs. Each SID is represented as an array of bytes, and the property itself is an array of arrays of bytes.

  • Type:
  • Byte[][]
  • Access:
  • Read-only

Requirements

Minimum required version: 2009.1

See also