Active directory in Axapta

Introduction to Active Directory

Active Directory is a directory service used to store information about the network resources across a domain.

An Active Directory (AD) structure is a hierarchical framework of objects. The objects fall into three broad categories: resources (e.g. printers), services (e.g. e-mail) and users (accounts, or users and groups). The AD provides information on the objects, organizes the objects, controls access and sets security.

Each object represents a single entity — whether a user, a computer, a printer, or a group — and its attributes. Certain objects can also be containers of other objects. An object is uniquely identified by its name and has a set of attributes — the characteristics and information that the object can contain — defined by a schema, which also determines the kind of objects that can be stored in the AD. Active Directory is an implementation of LDAP directory services by Microsoft for use primarily in Windows environments. The main purpose of Active Directory is to provide central authentication and authorization services for Windows based computers.

Axapta 4.0 uses AD for the users. It checks for the user crendentials and the domain from the AD.

Important Classes for AD : ADObject


Here is the small example to get the user information from the AD.

Copy the job and run the job by passing valid network alias. 

static void ActiveDirectory_example(Args _args)

   AdObject adUser = new AdObject("sreenathreddy.g");// provide the network alias from the users table .
    str firstName;
    str middleName;
    str mail;

    #define.givenName                (‘givenName’)
    #define.middleName              (‘middleName’)
    #define.mail                          (‘mail’)

    if ( !adUser )
        checkFailed("Active dirtectory integration not available or OS account of the alias provided is incorrect");
    else if ( adUser.found() )
        firstName                     = adUser.getValue(#givenName);
        middleName                 = adUser.getValue(#middleName’);
        mail                             = adUser.getValue(#mail);
        print firstname;
        print middlename;
        print mail;

Another way of validating the domain/ check whether user is enabled.
This job gets the user related information only if domain is correct and user is enabled…
static void validateDomain_getDetails(Args _args)
    xAxaptauserManager um = new xAxaptauserManager();
    xAxaptaUserdetails userdetails;
       userdetails =  um.getDomainUser(‘Domain,’sreenathreddy’);
           print userdetails.getUserName(0);
           print userdetails.getUserMail(0);
           print userdetails.getUserSid(0);
How to create an active directory user:
I have done it by writing piece of code in c#.
I created a class library by name ADCreateUser and created user in AD by setting up the password through code in c#.
Here i am providing the code below of ADCreateUser.cs
Note: password is set in the code itself..please lookin to "SetPassword" code and set your password accordingly

using System;
using System.Collections.Generic;
using System.Text;
using System.DirectoryServices;
namespace ADCreateUser
public class CreateUser
public string createADUser(string _userId, string _userName, string _firstName, string _lasteName, string _emailId)
String RootDSE;
DirectorySearcher DSESearcher = new DirectorySearcher();
RootDSE = DSESearcher.SearchRoot.Path;
RootDSE = RootDSE.Insert(7, "CN=Users,");
DirectoryEntry myDE = new DirectoryEntry(RootDSE);
DirectoryEntries entries = myDE.Children;
DirectorySearcher search = new DirectorySearcher();
search.Filter = String.Format("(SAMAccountName={0})", _userId);
SearchResult result = search.FindOne();
if (result == null)
DirectoryEntry user = entries.Add("CN=" + _userId, "user");
using (user)
user.Properties["DisplayName"].Value = _userName;
if (_firstName != "")
user.Properties["GivenName"].Value = _firstName;
           if (_lasteName != "")
user.Properties["SN"].Value = _lasteName;
user.Properties["sAMAccountName"].Value = _userId;
user.Properties["userPrincipalName"].Value = _userId;
           if (_emailId != "")
user.Properties["mail"].Value = _emailId;
// User has to be saved prior to this step
user.Invoke("SetPassword", new object[] { "mypassword" });
// Create and enable a ADS_UF_NORMAL_ACCOUNT
user.Properties["userAccountControl"].Value = 0x200;
return "Ok";
return "The specified user id exists"; //User exists
catch (DirectoryServicesCOMException ex)
return ex.InnerException.Message;
catch (Exception ex)
return ex.Message;


Now all you have to do is to build the code and take the dll of the class library from Bin folder

Copy paste the dll in to Axapta client\ Bin folder


Now in the AOT->References -> Add new reference -> select the above pasted dll from the bin of Axapta client


Thats it… simple…create a small job in Axapta to invoke the ADcreateUser method

public static void createADuser(Args _args)


      ADCreateUser.CreateUser objad = new ADCreateUser.createUser();

      objad.ADcreateUser("userId","userName","firstName", "lasteName","emailId") // pass all the parameters

       info("user created in AD");


  That’s it. You are done with creating an user in AD



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: