Windows-based Hosting::CreateCustomerOrganization
The CreateCustomerOrganization procedure creates a customer organization.
Note
This procedure calls the Managed Active Directory Provider::CreateOrganization function, which creates an organization name based on the <name> parameter. The CreateOrganization function requires that the first 9 characters of the name be unique; if they are not, then it will generate errors in the MPS server's event log, and attempt to create a unique name based on the first 9 characters of the <name> parameter. You can avoid this by specifying a unique, 9 character name for the new organization.
Arguments
The CreateCustomerOrganization procedure has the following input parameters.
| Input Argument | Description |
|---|---|
<name> |
The name of the organization. |
<container> |
A valid Lightweight Directory Access Protocol (LDAP) path of the OU where the new user will be created. For example LDAP://OU=Reseller1,OU=Hosting,DC=fabrikam,DC=Com. |
<preferredDomainController> |
The name of the preferred domain controller. |
<description> |
A description of the customer organization. |
<properties> |
Any valid Active Directory properties for object class. |
Output Arguments
The CreateCustomerOrganization procedure returns the <org> tag containing the objects created and the membership and security policies supplied. Each object created has its LDAP path in a "path" attribute.
Remarks
Security
The CreateCustomerOrganization procedure has the following security requirements:
The caller is impersonated.
The caller is tested for OrgCreator permissions.
Policy Information
The CreateCustomerOrganization procedure retrieves policy information using the GetPolicy procedure of the Managed Active Directory Namespace.
Process Steps
The following steps occur when creating a customer organization with the CreateCustomerOrganization procedure of the Managed Windows-based Hosting Namespace:
Create a customer organization.
Create the organization in Active Directory by calling Managed Active Directory Provider::CreateOrganization.
Apply the creation, membership, and security policies defined in the GetPolicy procedure of the Managed Active Directory Namespace.
Add the organization to the Customer Service Plans database.
Sample Code
Example XML Request
The following is an example of an XML request for the CreateCustomerOrganization procedure of the Managed Windows-based Hosting Namespace:
<request>
<procedure>
<execute namespace="Managed Active Directory"
procedure="CreateCustomerOrganization" impersonate="1">
<executeData>
<name>Reseller1</name>
<description>The reseller of much stuff
@raven.com</description>
<properties></properties>
<preferredDomainController>myPrimaryDC.raven.com
</preferredDomainController>
</executeData>
<after source="executeData" destination="data" sourcePath="org" />
</execute>
</procedure>
</request>
Example XML Response
The following is an example of an XML response from the CreateCustomerOrganization procedure of the Managed Windows-based Hosting Namespace:
<response>
<data>
<org path="LDAP://ou=Reseller1,ou=Hosting,dc=raven,dc=com"
name="Reseller1">
<orgs>
<org path="LDAP://ou=Services,ou=Reseller1,ou=Hosting,
dc=raven,dc=com" name="Services">
<groups>
<group path="LDAP://cn=Admins@Reseller1,ou=Services,
ou=Reseller1,ou=Hosting,dc=raven,dc=com"
name="Admins@Reseller1" samName="A@Reseller1"></group>
<group path="LDAP://cn=CSRAdmins@Reseller1,ou=Services,
ou=Reseller1,ou=Hosting,dc=raven,dc=com"
name="CSRAdmins@Reseller1" samName="CA@Reseller1"></group>
<group path="LDAP://cn=AllCustomers@Reseller1,ou=Services,
ou=Reseller1,ou=Hosting,dc=raven,dc=com"
name="AllCustomers@Reseller1" samName="AC@Reseller1">
</group>
<group path="LDAP://cn=AllUsers@Reseller1,ou=Services,
ou=Reseller1,ou=Hosting,dc=raven,dc=com"
name="AllUsers@Reseller1" samName="AU@Reseller1">
<memberOfGroup name="LDAP://cn=AllUsersGroups,ou=Services,
ou=Hosting,dc=raven,dc=com"></memberOfGroup>
</group>
</groups>
</org>
</orgs>
<dacl>
<ace>
<permission>ADS_RIGHT_DS_LIST_OBJECT</permission>
<trustee>LDAP://cn=AllUsers@Reseller1,ou=Services,
ou=Reseller1,ou=Hosting,dc=raven,dc=com</trustee>
<trusteeType>TRUSTEE_IS_GROUP</trusteeType>
<trusteeForm>TRUSTEE_IS_SID</trusteeForm>
<mode>GRANT_ACCESS</mode>
</ace>
<ace>
<permission>ADS_RIGHT_ACTRL_DS_LIST</permission>
<permission>ADS_RIGHT_DS_READ_PROP</permission>
<permission>ADS_RIGHT_READ_CONTROL</permission>
<inheritance>SUB_CONTAINERS_AND_OBJECTS_INHERIT
</inheritance>
<trustee>LDAP://cn=AllUsers@Reseller1,ou=Services,
ou=Reseller1,ou=Hosting,dc=raven,dc=com</trustee>
<trusteeType>TRUSTEE_IS_GROUP</trusteeType>
<trusteeForm>TRUSTEE_IS_SID</trusteeForm>
<mode>GRANT_ACCESS</mode>
</ace>
<ace>
<permission>ADS_RIGHT_DS_LIST_OBJECT</permission>
<trustee>LDAP://cn=AllCustomers@Reseller1,
ou=Services,ou=Reseller1,ou=Hosting,
dc=raven,dc=com</trustee>
<trusteeType>TRUSTEE_IS_GROUP</trusteeType>
<trusteeForm>TRUSTEE_IS_SID</trusteeForm>
<mode>GRANT_ACCESS</mode>
</ace>
<ace>
<permission>ADS_RIGHT_DS_WRITE_PROP</permission>
<permission>ADS_RIGHT_WRITE_DAC</permission>
<permission>ADS_RIGHT_DS_CONTROL_ACCESS</permission>
<permission>ADS_RIGHT_DS_CREATE_CHILD</permission>
<inheritance>SUB_CONTAINERS_AND_OBJECTS_INHERIT
</inheritance>
<trustee>LDAP://cn=Admins@Reseller1,ou=Services,
ou=Reseller1,ou=Hosting,dc=raven,dc=com</trustee>
<trusteeType>TRUSTEE_IS_GROUP</trusteeType>
<trusteeForm>TRUSTEE_IS_SID</trusteeForm>
<mode>GRANT_ACCESS</mode>
</ace>
</dacl>
</org>
</data>
</response>
Applies To
Managed Windows-based Hosting Namespace API for:
Hosted Messaging and Collaboration version 3.5
Hosted Messaging and Collaboration version 3.0
Windows-based Hosting version 4.5
Windows-based Hosting version 4.0
Windows-based Hosting version 3.5
Windows-based Hosting for Applications version 1.0