Windows-based Hosting::CreateUser
This procedure creates a new user within a specified organization according to the policy name passed in as <policyName>. The possible values of this tag are hosting, reseller, customer, and default. The default policy creates only the requested organization. The exact behaviors of these policies are defined in the procedure GetPolicy in the Managed Active Directory namespace.
sAMAccountName behavior
When creating a user, it is necessary to also ensure that the new user's sAMAccountName is unique within the domain. If it is not, creation will fail. Therefore, when creating or renaming a user or group, the sAMAccountName will be similar to the input name (or Universal principal name), except that illegal sAMAccountName characters are removed, and '@' characters are replaced with '_'. If the sAMAccountName collides with an existing sAMAccountName, then a random string of digits will be appended to the sAMAccountName to ensure uniqueness.
The algorithm for generating a sAMAccountName from the seed name (Universal Principal Name for a user, or cn if the object is a group), is as follows:
Remove all of the following illegal characters from the seed name: "/\[]:|<>+=;?,*
Trim the seed name to a maximum of 20 characters
If the last character is a '.', replace it with '_'
Attempt to create the object with the trial sAMAccountName
If there is a sAMAccountName collision in step 4, generate 3 trial names by limiting the seed name to 17 characters, then appending a random 3-digit number to each. Generate 2 additional trial names by limiting the seed name to 15 characters, then appending a 5-digit random number to each. Attempt to create the object using each of these 5 trial names in turn.
Arguments
Input Arguments | Description |
---|---|
<container> |
A valid Lightweight Directory Access Protocol (LDAP) path of the OU where the new user will be created. For example LDAP://OU=alpineskihouse,OU=Reseller1,OU=Hosting,DC=fabrikam,DC=Com. |
<userPrincipalName>: |
the User principal name of the user. Typically this would be <user>@<SMTPDomain> to enable UPN login to e-mail account with the user's e-mail address. |
<newPassword> |
The password for the new user. |
<preferredDomainController> |
|
<sendCredentials> |
|
<policyName> |
Policy name (defaults to "default") |
<sAMAccountName> |
SAM account name |
<giveName> |
Given name, surname, middle name, initials |
<sn> |
Sur or last name. |
<initials> |
Initials. |
<displayName> |
Display name. |
<description> |
Description. |
<propertiesXMLString> |
Any valid AD properties for object class user. |
<isAdmin> |
Include this element to 1 if you wish the new user to be an administrator of the organization. Do not include if you do not want the user to have administrative privileges. |
Remarks
Method Syntax
public string CreateUser(
string container,
string userPrincipalName,
string newPassword,
string preferredDomainController,
string policyName,
string sAMAccountName,
string givenName,
string sn,
string initials,
string displayName,
string description,
string propertiesXMLString,
string isAdmin,
bool sendCredentials)
Sample Code
Example XML Request
No example XML request.
Example XML Response
<response>
<data>
<container>LDAP://OU=WingTipToys,OU=consolidatedmessenger,OU=Hosting,DC=fabrikam,DC=Com</container>
<userPrincipalName>tester@WingTipToys.com</userPrincipalName>
<preferredDomainController>AD01-wh.fabrikam.com</preferredDomainController>
<properties />
<policyName>customer</policyName>
<user path="LDAP://cn=tester@WingTipToys.com,OU=WingTipToys,OU=consolidatedmessenger,OU=Hosting,DC=fabrikam,DC=Com" name="tester@WingTipToys.com">
<memberOfGroup name="LDAP://cn=AllUsers@WingTipToys,cn=_Private,OU=WingTipToys,OU=consolidatedmessenger,OU=Hosting,DC=fabrikam,DC=com">
</memberOfGroup>
</user>
</data>
</response>
Typical C# Usage
//Get user name and password.
string userName = this.Request.ServerVariables.Get("AUTH_USER");
string pass = this.Request.ServerVariables.Get("AUTH_PASSWORD");
//Set credentials.
objWS.PreAuthenticate = true;
objWS.Credentials = new NetworkCredential(userName,pass);
lblMsg.InnerHtml = mpsResponseHeaderLabel;
//Display response.
this.mpsResponse.DocumentSource = "";
response = objWS.CreateUser(container, userPrincipalName, policyName, sAMAccountName, givenName, displayName, description, properties, isAdmin, preferredDomainController, true);
// set the response XML to match the return from MPF
responseXml.LoadXml(response);
this.mpsResponse.Document = responseXml;
Applies To
Managed Windows-based Hosting Web Service for:
Hosted Messaging and Collaboration version 3.5
Hosted Messaging and Collaboration version 3.0
Windows-based Hosting version 4.5
Windows-based Hosting version 4.0
Windows-based Hosting version 3.5
Windows-based Hosting for Applications version 1.0