You can use the SetExecuteAs procedure of the MPF Config namespace to configure one or more procedures of a specific namespace to run under specific credentials in Microsoft Provisioning Framework (MPF). Only credentials previously defined in MPF (using Provisioning Manager) are available for implementation using this procedure. To determine which credentials are available, use the GetCredentials procedure. No rollback support is provided for this procedure.
This procedure expects to be called with impersonate="1". The procedure impersonates the caller.
<request> <procedure> <execute namespace="MPF Config" procedure="SetExecuteAs" impersonate="1"> <executeData> <namespace>Managed Hosting</namespace> <username>MPSPrivilegedAcct</username> <procedure>GetOrgType</procedure> </executeData> <after source="executeData" sourcePath="procedures" destination="data" /> <after source="executeData" sourcePath="credential" destination="data" ifNull="ignore" /> </execute> </procedure> </request>
The following input is valid for this request:
Use the <namespace> element to specify which namespace contains one or more procedures to be configured to use the specified credentials.
By using the <username> element, you can specify the sAMAccountName of the user credentials with which MPF invokes this procedure. To be valid, the name must be one of the credentials previously configured in MPF (using Provisioning Manager) as available for use. This option does not exist for read-only namespaces, such as the Error Provider namespace.
This information is optional. You are not required to include this element in the request. Omitting <username> from this procedure causes the Execute as option to be removed from the procedure.
<username>sAMAccountName of the credential to be used</username>
By using the <procedure> element, you can specify one or more procedures of the namespace that are to be modified to use the specified credentials.
This information is optional. You are not required to include this element in the request. If <procedure> is omitted, all of the procedures in the namespace are configured to use the specified credentials.
<procedure>name of the procedure that should use the credential </procedure>
This procedure returns information showing the procedures modified to use the specified credentials, as well as user credentials (including the domain and name of the user) under which the specified procedure is to run.
<response> <data> <procedures> <procedure name="GetOrgType" access="public" type="read" runAsCredentialID="1" /> </procedures> <credential domain="contoso01" username="MPSPrivilegedAcct" user="contoso01\MPSPrivilegedAcct" id="1" /> </data> </response>