Active directory in Axapta

 
Introduction to Active Directory
 

Active Directory is a directory service used to store information about the network resources across a domain.

An Active Directory (AD) structure is a hierarchical framework of objects. The objects fall into three broad categories: resources (e.g. printers), services (e.g. e-mail) and users (accounts, or users and groups). The AD provides information on the objects, organizes the objects, controls access and sets security.

Each object represents a single entity — whether a user, a computer, a printer, or a group — and its attributes. Certain objects can also be containers of other objects. An object is uniquely identified by its name and has a set of attributes — the characteristics and information that the object can contain — defined by a schema, which also determines the kind of objects that can be stored in the AD. Active Directory is an implementation of LDAP directory services by Microsoft for use primarily in Windows environments. The main purpose of Active Directory is to provide central authentication and authorization services for Windows based computers.

Axapta 4.0 uses AD for the users. It checks for the user crendentials and the domain from the AD.

Important Classes for AD : ADObject

                                            xAxaptauserManager
                                            xAxaptaUserdetails

Here is the small example to get the user information from the AD.

Copy the job and run the job by passing valid network alias. 

static void ActiveDirectory_example(Args _args)
{

   AdObject adUser = new AdObject("sreenathreddy.g");// provide the network alias from the users table .
    str firstName;
    str middleName;
    str mail;

    #define.givenName                (‘givenName’)
    #define.middleName              (‘middleName’)
    #define.mail                          (‘mail’)
    ;

    if ( !adUser )
    {
        checkFailed("Active dirtectory integration not available or OS account of the alias provided is incorrect");
    }
    else if ( adUser.found() )
    {
        firstName                     = adUser.getValue(#givenName);
        middleName                 = adUser.getValue(#middleName’);
        mail                             = adUser.getValue(#mail);
        print firstname;
        print middlename;
        print mail;
        pause;
   }

             }
Another way of validating the domain/ check whether user is enabled.
This job gets the user related information only if domain is correct and user is enabled…
static void validateDomain_getDetails(Args _args)
{
    xAxaptauserManager um = new xAxaptauserManager();
    xAxaptaUserdetails userdetails;
    ;
    if(um.validateDomain(‘Domain’))
    {
       userdetails =  um.getDomainUser(‘Domain,’sreenathreddy’);
       if(userdetails.isUserEnabled(0))
       {
           print userdetails.getUserName(0);
           print userdetails.getUserMail(0);
           print userdetails.getUserSid(0);
 
           pause;
       }
 
    }
}
How to create an active directory user:
 
I have done it by writing piece of code in c#.
I created a class library by name ADCreateUser and created user in AD by setting up the password through code in c#.
Here i am providing the code below of ADCreateUser.cs
Note: password is set in the code itself..please lookin to "SetPassword" code and set your password accordingly
 

using System;
using System.Collections.Generic;
using System.Text;
using System.DirectoryServices;
namespace ADCreateUser
{
public class CreateUser
{
public string createADUser(string _userId, string _userName, string _firstName, string _lasteName, string _emailId)
{
try
{
String RootDSE;
DirectorySearcher DSESearcher = new DirectorySearcher();
RootDSE = DSESearcher.SearchRoot.Path;
RootDSE = RootDSE.Insert(7, "CN=Users,");
DirectoryEntry myDE = new DirectoryEntry(RootDSE);
DirectoryEntries entries = myDE.Children;
DirectorySearcher search = new DirectorySearcher();
search.Filter = String.Format("(SAMAccountName={0})", _userId);
SearchResult result = search.FindOne();
if (result == null)
{
DirectoryEntry user = entries.Add("CN=" + _userId, "user");
using (user)
{
user.Properties["DisplayName"].Value = _userName;
if (_firstName != "")
{
user.Properties["GivenName"].Value = _firstName;
}
           if (_lasteName != "")
{
user.Properties["SN"].Value = _lasteName;
}
user.Properties["sAMAccountName"].Value = _userId;
user.Properties["userPrincipalName"].Value = _userId;
           if (_emailId != "")
user.Properties["mail"].Value = _emailId;
user.CommitChanges();
// User has to be saved prior to this step
user.Invoke("SetPassword", new object[] { "mypassword" });
// Create and enable a ADS_UF_NORMAL_ACCOUNT
user.Properties["userAccountControl"].Value = 0x200;
user.CommitChanges();
return "Ok";
}
}
else
return "The specified user id exists"; //User exists
}
catch (DirectoryServicesCOMException ex)
{
return ex.InnerException.Message;
}
catch (Exception ex)
{
return ex.Message;
}
}

 

Now all you have to do is to build the code and take the dll of the class library from Bin folder

Copy paste the dll in to Axapta client\ Bin folder

 

Now in the AOT->References -> Add new reference -> select the above pasted dll from the bin of Axapta client

 

Thats it… simple…create a small job in Axapta to invoke the ADcreateUser method

public static void createADuser(Args _args)

{

      ADCreateUser.CreateUser objad = new ADCreateUser.createUser();

      objad.ADcreateUser("userId","userName","firstName", "lasteName","emailId") // pass all the parameters

       info("user created in AD");

}

  That’s it. You are done with creating an user in AD

  

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: