The Managed Active Directory namespace builds upon the Active Directory Provider namespace and the Preferred DC Active Directory namespaces that are included with Microsoft Provisioning System (MPF). The Managed Active Directory namespace implements aggregate business logic for Active Directory using the procedures described in this topic.
The Managed Active Directory namespace implements the following procedures.
| Procedure | Description |
|---|---|
| BlockDaclInheritance_ | Blocks an object from inheriting the discretionary access control list (DACL) of the parent. |
| ChangeUserPassword | Changes the password of a user. |
| CreateContact | Creates a contact. |
| CreateGroup | Creates a group. |
| CreateGroup_ | Creates an Active Directory group object. |
| CreateOrganization | Creates an organization. |
| CreateOrganization_ | Is a private helper. |
| CreateSamObject_ | Creates an Active Directory user or group object with a unique SamAccountName. |
| CreateUser | Creates a user account. |
| CreateUser_ | Creates an Active Directory user object. |
| DeleteContact | Deletes a contact. |
| DeleteGroup | Deletes an Active Directory group. |
| DeleteOrganization | Deletes an organization. |
| DeleteUser | Deletes a user account. |
| DisableUser | Disables a user account. |
| DistributeGroupMemberships | Redistributes group memberships after ExpandWin2KCapacity. |
| EnableUser | Enables a user account. |
| ExpandWin2KCapacity | Implements group nesting to circumvent Windows 2000 Server limit of 5000 members per group. |
| ExpandWin2KCapacity_ | Private helper for ExpandWin2KCapacity. |
| GetForeignOwnerOrg | Returns the hosting organizational unit of a reseller or a customer. |
| GetOtherWellKnownObject | Returns a value of the otherWellKnownObjects property on the target object. |
| GetPolicy | Returns policy information for creation of provisioned objects. |
| GetThisOrganizationRoot | Returns the root organizational unit for an object. |
| GetWin2KCapacityExpansion | Returns the expansion multiplier over Windows 2000 Server limit of 5000 members per group. |
| GetWin2KCapacityExpansion_ | Returns the expansion multiplier over Windows 2000 Server limit of 5000 members per group. |
| GetWin2KCapacityPending | Returns the group containers that require membership redistribution. |
| GetWin2KCapacityPending_ | Returns the group containers that require membership redistribution. |
| GroupAdd | Adds an object as a member of a group. |
| GroupRemove | Removes an object from a group. |
| GroupTypeTranslation_ | Translates text group descriptions to a group type property. |
| GUIDtoLDAP_ | Translates an object globally unique identifier (GUID) to a Lightweight Directory Access Protocol (LDAP) path. |
| LDAPtoGUID_ | Translates an LDAP path into a GUID object. |
| LookupWellKnownGuid_ | Maps friendly names to global unique identifiers (GUIDs). |
| ModifyContact | Modifies a contact. |
| ModifyGroup | Modifies a group. |
| ModifyOrganization | Modifies an organizational unit. |
| ModifyUser | Modifies a user, but cannot enable or disable a user. |
| MoveObject | Moves an object to a container. |
| MungeSamAccountName | Generates various versions of a SamAccountName. |
| NullProc | An empty procedure for testing procedures. |
| RemoveAllAuthenticatedUsersACEs_ | Removes all Authenticated Users access control entries (ACEs) from the DACL of an object. |
| RemoveAuthenticatedUsersACE_ | Removes the ACE from the DACL of an object. |
| RenameContact | Renames a contact object. |
| RenameGroup | Rename the group object. |
| RenameOrganization | Rename the organizational object. |
| RenameUser | Rename the user object. |
| ReportGroupMembership_ | Reports membership in Windows 2000 expansion groups. Not for large organizations. |
| ReportGroupMembership__ | Private helper for ReportGroupMembership_. |
| RethrowError | Rethrows an error if the code parameter does not match the error code. |
| SetGroupMemberships_ | Sets group memberships for all the groups in a policy tree. |
| SetOrganizationWellKnownObject_ | Creates an organization helper that sets wellKnownObjects. |
| SetOtherWellKnownObjects_ | Sets a single value of the otherWellKnownObjects property on the target object. |
| SetSecurity_ | Sets security for a node in a policy tree. |
| SetUserPassword | Sets a user password. |
| TestOrgCreatorPermissions_ | Tests whether the caller has privileges to create child organizations. |
| TestPermissions_ | Checks for permissions by attempting to read the DACL from a particular group. |
| TestReadDACL_ | Checks for permissions by attempting to read the DACL from an object. Returns success or failure. |
| TransferGroupMembership_ | Private helper for DistributeGroupMemberships. |
| TryCreateSamObject | Creates an Active Directory user or group object with a trial SamAccountName. |
For more information on this namespace and its procedures, including how to use XML to submit requests directly to Microsoft Provisioning Framework (MPF), see Working with the Managed Active Directory namespace by using XML. For information on Active Directory Provider and the Active Directory Provider namespace, see Active Directory Provider. The Microsoft Provisioning Framework Software Development Kit (SDK) contains additional resources to help you implement namespaces and providers. For more information on the SDK and how to use it, see Microsoft Provisioning Framework SDK.