XML Component Architecture

In Microsoft Provisioning System (MPS), the success of provisioning tasks depends on a predefined interaction among various XML components in MPS. The architecture of these components is illustrated in the following figure. The interactions required to implement a typical provisioning task are described thereafter.

Figure: XML component architecture for provisioning task implementation

In the preceding figure, the XML request can be generated by the ASP.NET Web Service or a custom application. The XML request calls the CreateUser procedure of the Managed Active Directory Namespace. When the request is passed into MPS, the Provisioning Engine parses and expands the request.

During this process, the Provisioning Engine queries the Configuration database and maps the high-level CreateUser procedure of the Managed Active Directory Namespace to the CreateObject procedure of the Active Directory Provider Namespace. These procedures must work together to implement the request to add a user to Active Directory.

When the Provisioning Engine queries the Configuration database, it also identifies the additional steps necessary to carry out the CreateUser procedure, which includes creating a user account, setting the password, and adding the user to the appropriate security groups. The Provisioning Engine then calls all these procedures to service the request.

The namespaces shown in the preceding figure cannot communicate directly with the Active Directory API, but must interact with the Active Directory Provider instead. Therefore, the request to create an object in Active Directory, in this case a user, executes through the CreateUser procedure of the Managed Active Directory (non-Provider) Namespace. The CreateUser procedure then calls the CreateObject procedure of Active Directory Provider Namespace, which communicates directly with the Active Directory Provider. The Active Directory Provider contains the programmatic logic to call the Active Directory API, which performs the core functionality of adding the object to Active Directory.