This topic illustrates how to use the Forefront Identity Manager Certificate Management (FIM CM) Provision API to create an enrollment request. It shows the usage of data collection in the request creation that is commonly used in certificate and smart card management policies. Once the request is created, it will follow the workflow that has been defined in the enroll policy of the profile template under which it was created.

When using this code, remember to keep in mind the guidelines on whether or not you need to use .NET Remoting. See .NET Framework Remoting in the Provision API for more information

Sample: Enrollment Request

In this example, step 1 shows you how to retrieve all Profile Templates that the user has access to read, and then iterate through them to find the profile template with a given common name (in this case, “ab-smartcard”).

Step 2 provides code that can find a specific profile template based on a given Guid (in this case we hard-code the GUID for the profile with the cnab-smartcard” in the code).

Finally, in step 3, the user can input a target user’s GUID, and we create an enrollment request for that user with the “ab-smartcard” profile template. We supply sample data collection information that is configured in our enrollment policy of the selected profile template. This data is added using the DataCollection class.

C#  Copy Code
using System.IO;
using System.Runtime.Remoting;
using System.Runtime.Remoting.Channels;
using System.Net;
using System.Collections.ObjectModel;
using System;

using Microsoft.Clm.Shared;
using Microsoft.Clm.Shared.Certificates;
using Microsoft.Clm.Shared.ProfileTemplates;
using Microsoft.Clm.Shared.Requests;
using Microsoft.Clm.Shared.Smartcards;
using Microsoft.Clm.Provision;

namespace Contoso.Clm.Test
	class CreateEnrollmentTestClass
		private static void Output(string prefix, ReadOnlyCollection<Microsoft.Clm.Shared.Smartcards.SmartcardProfileTemplate> list)
			foreach (Microsoft.Clm.Shared.Smartcards.Smartcard smartcard in list)
				Output(prefix, smartcard);

		private static void Output(string prefix, Microsoft.Clm.Shared.Smartcards.Smartcard smartcard)
			string outputLine = string.Format(System.Globalization.CultureInfo.CurrentCulture,
				"{0}{1} [{2}]", prefix, smartcard.Uuid, smartcard.AssignedUserUuid);

		public static void CreateEnrollmentTest()
			Guid profileTemplateUuid = Guid.Empty;
			string secondLinePrefix = "	";

			Console.WriteLine(" -=-=-=-=- Part 1 -=-=-=-=- [Initiate Enroll]");

			Console.WriteLine("Step 1 - Find all profile templates");
			ReadOnlyCollection<ProfileTemplate> list = FindOperations.FindAllProfileTemplates();
			Output(secondLinePrefix, list);

			foreach (ProfileTemplate profileTemplate in list)
				if (profileTemplate.CommonName.Equals("ab-smartcard", StringComparison.CurrentCultureIgnoreCase))
					profileTemplateUuid = profileTemplate.Uuid;

			Console.WriteLine("Step 2a - Get hard coded profile template [ab-smartcard]");
			string sUuid = "9fbb183c-3e6f-4542-9d1e-4827688d49a9";
			Guid uuid = new Guid(sUuid);
			ProfileTemplate p = FindOperations.GetProfileTemplate(uuid);

			if ( p == NULL null)
				Console.WriteLine(“Could not find a Profile Template for uuid {0}”,
				// Caller should deal with error checking, etc.

			Console.WriteLine("Step 3 - Initiate Enroll [ab-smartcard]");
			Console.Write("Input TargetUserUuid:");
			string input = Console.ReadLine();

			if (!string.IsNullOrEmpty(input))
				Guid userTarget = new Guid(input);
				List<Microsoft.Clm.Shared.Requests.DataCollectionItem> dataCollectionList = new List<Microsoft.Clm.Shared.Requests.DataCollectionItem>();
				dataCollectionList.Add(new Microsoft.Clm.Shared.Requests.DataCollectionItem("abc", "My Value"));
				Microsoft.Clm.Shared.Requests.DataCollection dataCollection = new Microsoft.Clm.Shared.Requests.DataCollection(dataCollectionList);
				Microsoft.Clm.Shared.Requests.Request enrollRequest = RequestOperations.InitiateEnroll(profileTemplateUuidabSmartcardProfileTemplate.Uuid, dataCollection,
					userTarget, "My comment", 101);

				Console.WriteLine("Enroll request uuid: {0}", enrollRequest.Uuid);

See Also