Provisioning Schema::execute

Element that encapsulates one execution step of a provisioning procedure. This element is part of the provisioning schema of Microsoft® Provisioning Framework (MPF).


catch, procedure, try


after (minOccurs="0" maxOccurs="*")
before (minOccurs="0" maxOccurs="*")
executeData (minOccurs="0" maxOccurs="1")
forEach (minOccurs="0" maxOccurs="*")
repeat (minOccurs="0" maxOccurs="*")
when (minOccurs="0" maxOccurs="*")


Optional. Enumeration that indicates whether to use impersonation for the procedure call. Impersonation is the ability of a procedure to execute using the credentials specified in the security context of another user account or (if there are no credentials) the calling user's identity. The default user account for MPF processing is MPFServiceAcct, which has only a limited range of security privileges. However, when MPF is configured to support impersonation, MPF can use any procedures available to the calling user or to a user whose credentials are defined in the configuration database.
  • 0 (default): MPF executes calls based on the impersonate value inherited from the calling procedure.
  • 1: Impersonation is enabled. MPF executes calls based on the credentials in the security context or the calling user's credentials. 
  • 2: Impersonation is disabled. MPF executes calls using the identity under which the provisioning engine is running. By default, this identity is MPFServiceAcct.
Required. Namespace that implements the procedure.
Required. Name of the procedure.
Optional. Enumeration that specifies whether the provisioning engine encrypts rollback data in the transaction log.
  • 0 (default): MPF executes calls based on the sensitive value inherited from the calling procedure.
  • 1: MPF encrypts data, starting with the current level and carrying over to all subsequent substeps, until an explicit value "2" is encountered.
  • 2: MPF does not encrypt data. A "2" setting at any level of the tree carries over to subsequent substeps, until it is overridden by a "1."
Optional. Enumeration that specifies whether MPF passes the security context authentication node to the called procedure. This attribute allows the procedure writer to control access to authentication credentials from the called procedure.
  • 0 (default): MPF executes calls based on the trusted value inherited from the calling procedure. 
  • 1: MPF passes the authentication node to the called procedure.
  • 2: MPF does not pass the authentication node to the called procedure.


  <execute namespace="HTTP and SOAP Provider" procedure="SoapRequestWithNoRollback"/>

See also

Customization, Kerberos Delegation, Procedure Examples, XML Schema for Procedures

Up Top of Page
© 1999-2002 Microsoft Corporation. All rights reserved.