Share via

Windows-based Hosting::CreateUser

  • Article

This procedure creates a new user within a specified organization according to the policy name passed in as <policyName>. The possible values of this tag are hosting, reseller, customer, and default. The default policy creates only the requested organization. The exact behaviors of these policies are defined in the procedure GetPolicy in the Managed Active Directory namespace.

sAMAccountName behavior

When creating a user, it is necessary to also ensure that the new user's sAMAccountName is unique within the domain. If it is not, creation will fail. Therefore, when creating or renaming a user or group, the sAMAccountName will be similar to the input name (or Universal principal name), except that illegal sAMAccountName characters are removed, and '@' characters are replaced with '_'. If the sAMAccountName collides with an existing sAMAccountName, then a random string of digits will be appended to the sAMAccountName to ensure uniqueness.

The algorithm for generating a sAMAccountName from the seed name (Universal Principal Name for a user, or cn if the object is a group), is as follows:

  • Remove all of the following illegal characters from the seed name: "/\[]:|<>+=;?,*

  • Trim the seed name to a maximum of 20 characters

  • If the last character is a '.', replace it with '_'

  • Attempt to create the object with the trial sAMAccountName

  • If there is a sAMAccountName collision in step 4, generate 3 trial names by limiting the seed name to 17 characters, then appending a random 3-digit number to each. Generate 2 additional trial names by limiting the seed name to 15 characters, then appending a 5-digit random number to each. Attempt to create the object using each of these 5 trial names in turn.

Arguments

Input Arguments Description

<container>

A valid Lightweight Directory Access Protocol (LDAP) path of the OU where the new user will be created. For example LDAP://OU=alpineskihouse,OU=Reseller1,OU=Hosting,DC=fabrikam,DC=Com.

<userPrincipalName>:

the User principal name of the user. Typically this would be <user>@<SMTPDomain> to enable UPN login to e-mail account with the user's e-mail address.

<newPassword>

The password for the new user.

<preferredDomainController>

<sendCredentials>

<policyName>

Policy name (defaults to "default")

<sAMAccountName>

SAM account name

<giveName>

Given name, surname, middle name, initials

<sn>

Sur or last name.

<initials>

Initials.

<displayName>

Display name.

<description>

Description.

<propertiesXMLString>

Any valid AD properties for object class user.

<isAdmin>

Include this element to 1 if you wish the new user to be an administrator of the organization. Do not include if you do not want the user to have administrative privileges.

Remarks

Method Syntax

 
public string   CreateUser( 
                                        string container, 
                                        string userPrincipalName, 
                                        string newPassword, 
                                        string preferredDomainController, 
                                        string policyName, 
                                        string sAMAccountName, 
                                        string givenName, 
                                        string sn, 
                                        string initials, 
                                        string displayName, 
                                        string description, 
                                        string propertiesXMLString, 
                                        string isAdmin, 
                                        bool sendCredentials)

Sample Code

Example XML Request

No example XML request.

Example XML Response

 
<response> 
  <data> 
    <container>LDAP://OU=WingTipToys,OU=consolidatedmessenger,OU=Hosting,DC=fabrikam,DC=Com</container> 
    <userPrincipalName>tester@WingTipToys.com</userPrincipalName> 
    <preferredDomainController>AD01-wh.fabrikam.com</preferredDomainController> 
    <properties /> 
    <policyName>customer</policyName> 
    <user path="LDAP://cn=tester@WingTipToys.com,OU=WingTipToys,OU=consolidatedmessenger,OU=Hosting,DC=fabrikam,DC=Com" name="tester@WingTipToys.com"> 
      <memberOfGroup name="LDAP://cn=AllUsers@WingTipToys,cn=_Private,OU=WingTipToys,OU=consolidatedmessenger,OU=Hosting,DC=fabrikam,DC=com"> 
      </memberOfGroup> 
    </user> 
  </data> 
</response>

Typical C# Usage

 
//Get user name and password.                            
        string userName = this.Request.ServerVariables.Get("AUTH_USER"); 
        string pass = this.Request.ServerVariables.Get("AUTH_PASSWORD"); 
 
        //Set credentials.       
        objWS.PreAuthenticate = true; 
        objWS.Credentials = new NetworkCredential(userName,pass); 
        lblMsg.InnerHtml = mpsResponseHeaderLabel; 
 
        //Display response. 
        this.mpsResponse.DocumentSource = ""; 
response = objWS.CreateUser(container, userPrincipalName, policyName, sAMAccountName, givenName, displayName, description, properties, isAdmin, preferredDomainController, true); 
 
        // set the response XML to match the return from MPF 
        responseXml.LoadXml(response); 
        this.mpsResponse.Document = responseXml;

Applies To

Managed Windows-based Hosting Web Service for:

  • Hosted Messaging and Collaboration version 3.5

  • Hosted Messaging and Collaboration version 3.0

  • Windows-based Hosting version 4.5

  • Windows-based Hosting version 4.0

  • Windows-based Hosting version 3.5

  • Windows-based Hosting for Applications version 1.0

See also

Tasks

Windows-based Hosting::DeleteUser