Managed Active Directory Namespace API

This document provides the details of the Application Programming Interface (API) for the Managed Active Directory Namespace included with the Microsoft® Provisioning System (MPS) in the Microsoft Hosted Solutions. Contained herein are descriptions of the procedures of this namespace along with method input parameters and return values. In addition, example Extensible Markup Language (XML) requests are provided along with typical XML responses that the provisioning system returns after a request is submitted to MPS and tasks are completed.

Developers should use this API document as a reference when creating XML requests that initiate the provisioning of Managed Active Directory services or as a basis for review of the Managed Active Directory named procedures that are implemented in the Web Service.

The Managed Active Directory Namespace builds upon the Active Directory Provider Namespace and the Preferred DC Active Directory Namespaces that are included with Microsoft Provisioning System (MPF). The Managed Active Directory Namespace implements aggregate business logic for Active Directory using the procedures described in this topic.


Although Active Directory is not case sensitive for elements such as the Lightweight Directory Access Protocol (LDAP) path, XML is case sensitive. To ensure that the procedure executes appropriately, specify all tags, elements, and data using uppercase and lowercase letters exactly as shown in the XML examples. For additional guidelines on how to use XML, see the Microsoft Web site.

Public Methods
Public Method Description
Managed Active Directory::ChangeUserPassword Changes a user's password.
Managed Active Directory::CreateContact Creates a contact.
Managed Active Directory::CreateGroup Creates a group in Active Directory.
Managed Active Directory::CreateOrganization Creates an organization.
Managed Active Directory::CreateUser Creates a user.
Managed Active Directory::DeleteContact Deletes a contact.
Managed Active Directory::DeleteGroup Deletes a group.
Managed Active Directory::DeleteOrganization Deletes an organization.
Managed Active Directory::DeleteUser Deletes a user.
Managed Active Directory::DisableUser Disables a user.
Managed Active Directory::DistributeGroupMemberships Redistributes the group membership for the next group pending.
Managed Active Directory::EnableUser Enables a user.
Managed Active Directory::ExpandWin2KCapacity Implements group nesting to circumvent the Windows 2000 Server limitation of 5000 members per group.
Managed Active Directory::GetForeignOwnerOrg Returns a reseller's hosting organization or a customer's reseller.
Managed Active Directory::GetPolicy Obtains the permissions and other policy elements for an object.
Managed Active Directory::GetThisOrganizationRoot Returns the owning organization of the supplied object.
Managed Active Directory::GetWin2KCapacityExpansion Returns the current group capacity expansion multiplier for a given organization and capacity type.
Managed Active Directory::GetWin2KCapacityPending Returns the groups whose memberships need to be redistributed after a call to ExpandWin2KCapacity.
Managed Active Directory::GroupAdd Adds a member to a group in Active Directory.
Managed Active Directory::GroupRemove Removes a member from a group in Active Directory.
Managed Active Directory::ModifyContact Changes properties of a contact.
Managed Active Directory::ModifyGroup Modifies a group in Active Directory.
Managed Active Directory::ModifyOrganization Changes properties of an organization.
Managed Active Directory::ModifyUser Modifies a user's account.
Managed Active Directory::MoveObject Moves an object from one location to another.
Managed Active Directory::RenameContact Renames a contact.
Managed Active Directory::RenameGroup Renames a group in Active Directory.
Managed Active Directory::RenameOrganization Renames an organization.
Managed Active Directory::RenameUser Renames a user's account.
Managed Active Directory::SetUserPassword Sets a user's password.
 Applies To