Use the CreateUser procedure of the Managed Active Directory namespace to create an account for a user. The CreateUser procedure creates a new user within a specified organization according to the policy name you provide in the <policyName> element.
This procedure expects to be called with impersonate="1". The procedure impersonates the caller.
<request>
<procedure>
<execute namespace="Managed Active Directory" procedure="CreateUser">
<executeData>
<container>LDAP://OU=Reseller1,OU=Hosting,DC=contoso,DC=com</container>
<userPrincipalName>upnMyUser1</userPrincipalName>
<sAMAccountName>Accntname</sAMAccountName>
<policyName>reseller</policyName>
<displayName>Joe Smith</displayName>
<givenName>Joe</givenName>
<middleName>John</middleName>
<sn>Smith</sn>
<initials>JS</initials>
<description>User description</description>
<properties>
<property name="otherHomePhone">
<value>425-555-1212</value>
<value>206-555-1212</value>
</property>
</properties>
<preferredDomainController>myPrimaryDC.contoso.com
</preferredDomainController>
</executeData>
<after source="executeData" destination="data" sourcePath="user" />
</execute>
</procedure>
</request>
The following input is valid for this request:
Use the <container> element to specify the Lightweight Directory Access Protocol (LDAP) path of the container in which you want to create the user. The container must correspond to the value entered the <policyName> element unless the policyName value is default.
Important
<container>LDAP://LDAP path of the container</container>
Use the <userPrincipalName> element to specify the universal principal name of the user you want to create.
<userPrincipalName>universal principal name of the user</userPrincipalName>
By using the <policyName> element, you can specify the policy name appropriate for the type of user you want to create. This information is optional. If you do not include this element, the request uses the default value.
Possible types for this name are:
<policyName>default|hosting|reseller|customer</policyName>
By using the <sAMAccountName> element, you can specify the Security Accounts Manager (SAM) account name for the user.
This information is optional.
<sAMAccountName>SAM account name for the user</sAMAccountName>
In the <givenName> element, the <sn> element, the <middleName> element, and <initials> element, you can specify the user's first name, surname, middle name, and initials.
This information is optional.
<givenName>user's first name</givenName>
<middleName>user's middle name</middleName>
<sn>user's last name</sn>
<initials>user's initials</initials>
By using the <displayName> element, you can specify the name you want to display for the user.
This information is optional.
<displayName>Name to display for this user</displayName>
By using the <description> element, you can specify a description for the user. You can include the user’s title and position in the description.
This information is optional.
<description>description for the user</description>
By using the <properties> element, you can add any valid Active Directory properties for user that you want to store with the user account, such as phone numbers and account numbers.
This information is optional.
<properties>property element</properties>
<properties></properties>By using the <preferredDomainController> element, you can specify the domain controller that you want to use for this request. Using a single preferred domain controller eliminates replication delays that arise between multiple controllers.
This information is optional.
<preferredDomainController>your domain controller</preferredDomainController>
This procedure returns the <user> tag containing the user object created and the membership and security policies supplied. Each object created has its LDAP path in a path attribute.
<response>
<data>
<user path="LDAP://cn=upnMyUser1,OU=Reseller1,OU=Hosting,DC=contoso,DC=com"
name="upnMyUser1" samName="upnMyUser1"></user>
</data>
</response>
Important