Microsoft Identity Integration Server 2003 Developer Reference |
This topic contains code examples that search the connector space for a specified connector space object. You can use these examples to check that a specified connector space object exists in the connector space.
These examples use the query feature of the MIIS_CSObject class. This class supports the following queries:
To use these queries, you must be logged on as a member of the
MIISPasswordSet security group or the MIISBrowse security group. If
you attempt to run a query as a member of another security group,
the following error message will display: Provider is not
capable of the attempted operation
.
In Microsoft Identity Integration Server 2003 Service Pack 1, you can use the query feature to search the connector space for a connector space object with a specified management agent GUID and distinguished name by using the query feature of the MIIS_CSObject class. For management agents that do not have a distinguished name for objects, such as database or nonhierarchical file-based management agents, you can search by anchor attribute because MIIS treats anchor attributes as a distinguished name.
If the distinguished name contains a backslash (\) or straight quotation marks("), the WMI query requires these characters to be escaped. To escape the backslash character, precede this character with another backslash character.
For example, if the distinguished name of the connector space
object is CN=billing\Jeff
, then the query should be
CN=billing\\Jeff
.
To escape quotation mark characters, precede these characters with another set of quotation marks.
For example, if the distinguished name of the connector space
object is CN="Jeff Smith"
, then the query should be
CN=""Jeff Smith""
The following VBScript example searches the connector space for a connector space object with a specified management agent GUID and distinguished name. The script combines the GUID of the management agent with the distinguished name and then creates a query that will be used in the WMI query. If the script finds a connector space object, the properties of that object are shown.
Option Explicit On Error Resume Next Const PktPrivacy = 6 ' Authentication level Dim Service ' Service object Dim ManagementAgent ' Management agent object Dim MaGuid ' Management agent GUID Dim CsObject ' Connector space object Dim CsObjects ' Collection of connector space objects Dim WMIQuery ' WMI Query string Dim DN ' Distinguished name string ' Create the service object. Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer") If Err.number <> 0 then Call ErrorHandler("Could not connect to computer.") End If WScript.Echo("Successfully created service object.") ' Get the Active Directory management agent object. Set ManagementAgent = Service.Get("MIIS_ManagementAgent.Name='Active Directory MA'") If Err.number <> 0 then Call ErrorHandler("ERROR: Unable to locate management agent") End If ' Get the GUID of the management agent. MaGuid = ManagementAgent.GUID ' This is the distinguished name of the connector space object. ' Note that the distinguished name contains a backslash character that ' must be escaped. DN= "CN=JeffSmith\\billing,DC=microsoft,DC=com" ' Create the WMI Query string. WMIQuery = "Select * from MIIS_CSObject where MaGuid = '" & MaGuid & "' and DN = '" & DN & "'" ' Search for the connector space objects with the specified management ' agent GUID and distinguished name. Set CsObjects = Service.ExecQuery(WMIQuery) If Err.number <> 0 then Call ErrorHandler("Could not create CSObjects collection.") End If If CsObjects.Count = 0 Then If Err.number<>0 or IsNull(CsObjects) then ErrorHandler("Error: No CsObject matched DN.") Else WScript.Echo "No CsObject matched DN." WScript.Quit(2989) End If End If ' Display the connector space object properties. WScript.Echo vbCrLf & "Successfully location CSObject..." WScript.Echo vbCrLf & "CSObject Attributes:" For Each CsObject IN CsObjects WScript.Echo " Guid: " & CSObject.Guid WScript.Echo " Dn: " & CSObject.Dn WScript.Echo " ObjectType: " & CSObject.ObjectType WScript.Echo " UserPrincipalName: " & CSObject.UserPrincipalName WScript.Echo " Domain: " & CSObject.Domain WScript.Echo " Account: " & CSObject.Account WScript.Echo vbCrLF & " UnappliedExport" WScript.Echo " " & CSObject.UnappliedExportHologram WScript.Echo " EscrowedExport: " & CSObject.EscrowedExportHologram WScript.Echo " UnconfirmedExport: " & CSObject.UnconfirmedExportHologram WScript.Echo " PendingImport: " & CSObject.PendingImportHologram WScript.Echo " Hologram: " & CSObject.Hologram WScript.Echo " MvGuid: " & CSObject.MvGuid WScript.Echo " MaGuid: " & CSObject.MaGuid WScript.Echo " MaName: " & CSObject.MaName WScript.Echo " PartitionGuid: " & CSObject.PartitionGuid WScript.Echo " PartitionName: " & CSObject.PartitionName WScript.Echo " PartitionDisplayName: " & CSObject.PartitionDisplayName WScript.Echo " PasswordChangeHistory: " & CSObject.PasswordChangeHistory Next ' Error handling subroutine. Sub ErrorHandler( errorText ) WScript.Echo(vbcrlf & errorText) WScript.Echo("Error number: " & Err.number) WScript.Echo("Error Description: " & Err.Description) WScript.Quit(2989) End Sub
You can search for connector space objects that are imported from an Active Directory, GALSync, or Windows NT 4 management agent by using the domain and account name of the object in the query.
The query specifies the account name and the fully qualified domain name of the connector space object. For each connector space object found with the specified name and domain, a counter is incremented and the name of the management agent that imported that object is displayed. If the connector space does not contain any objects with the specified name and domain, the script returns a message that the object was not found.
The following VBScript example searches the connector space for a connector space object with a specified domain and account name. The script gets the GUID of the management agent and then creates a query string along with the distinguished name that will be used in the WMI query. If the script finds a connector space object, the properties of that object are displayed.
Option Explicit On Error Resume Next Const PktPrivacy = 6 ' Authentication level Dim Service ' Service object Dim CsObjects ' Collection of connector space objects Dim CsObject ' Connector space object Dim MAObjects ' Collection of management agent objects Dim MAObject ' Management agent object Dim ObjCount ' Counter object Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer") Dim SAMName ' sAMAccount name of the object SAMName = "JeffSmith" Dim DomainName ' Domain name used in the search DomainName = "fabrikam.com" Dim Query Query = "Select * from MIIS_CSObject where FullyQualifiedDomain = '" Query = Query & DomainName & "' and account = '" & SAMName & "'" Set CsObjects = Service.ExecQuery (Query) ObjCount = 0 For Each CsObject in Csobjects ObjCount = ObjCount + 1 Query = "Select * from MIIS_ManagementAgent where guid='"& CSObject.MaGuid &"'" Set MAObjects = Service.ExecQuery(Query) For Each MAObject in MAObjects Wscript.Echo "Imported from the " & MAObject.Name & " management agent." Next Next If ObjCount = 0 then WScript.Echo "The object with the name " & SAMName & " was not found." End If Sub ErrorHandler (ErrorMessage) WScript.Echo ErrorMessage WScript.Quit(1) End Sub
When you would like to know which connector space objects are connected to a metaverse object, you can search for connector space objects that have the same GUID as the metaverse object.
The following VBScript example searches the connector space for a connector space object with a specified metaverse object GUID. The script creates a query string that uses the specified metaverse object GUID that will be used in the WMI query. If the script finds a connector space object, the properties of that object are shown.
You can search for connector space objects that are imported using the Active Directory or GALSync management agent with a specified domain and user principal name.
The following VBScript example searches the connector space for a connector space object with a specified domain and user principal name. The script creates a query string that uses the specified domain and user principal name that will be used in the WMI query. If the script finds a connector space object, the properties of that object are displayed.
Option Explicit On Error Resume Next Const PktPrivacy = 6 ' Authentication level Dim Service ' Service object Dim ManagementAgent ' Management agent object Dim CsObject ' Connector space object Dim CsObjects ' Collection of connector space objects Dim WMIQuery ' WMI Query string ' Create the service object Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer") If Err.number <> 0 then Call ErrorHandler("Could not connect to computer.") End If WScript.Echo("Successfully created service object.") WMIQuery = "Select * from MIIS_CSObject where Domain = 'Fabrikam' And UserPrincipalName = 'JeffSmith'" ' Search for the connector space objects with the specified management ' agent GUID and distinguished name. Set CsObjects = Service.ExecQuery(WMIQuery) If Err.number <> 0 then Call ErrorHandler("Could not create CSObjects collection.") End If If CsObjects.Count = 0 Then If Err.number<>0 or IsNull(CsObjects) then ErrorHandler("Error: No CsObject with matching MA GUID or DN.") Else WScript.Echo "No CsObject with matching MA GUID or DN." WScript.Quit(2989) End If End If ' Display the connector space object properties. WScript.Echo vbCrLf & "Successfully located CSObject..." WScript.Echo vbCrLf & "CSObject Attributes:" For Each CsObject IN CsObjects WScript.Echo " Guid: " & CSObject.Guid WScript.Echo " Dn: " & CSObject.Dn WScript.Echo " ObjectType: " & CSObject.ObjectType WScript.Echo " UserPrincipalName: " & CSObject.UserPrincipalName WScript.Echo " Domain: " & CSObject.Domain WScript.Echo " Account: " & CSObject.Account WScript.Echo " MvGuid: " & CSObject.MvGuid WScript.Echo " MaGuid: " & CSObject.MaGuid WScript.Echo " MaName: " & CSObject.MaName WScript.Echo " PartitionGuid: " & CSObject.PartitionGuid WScript.Echo " PartitionName: " & CSObject.PartitionName WScript.Echo " PartitionDisplayName: " & CSObject.PartitionDisplayName WScript.Echo " PasswordChangeHistory: " & CSObject.PasswordChangeHistory Next ' Error handling subroutine. Sub ErrorHandler( errorText ) WScript.Echo(vbcrlf & errorText) WScript.Echo("Error number: " & Err.number) WScript.Echo("Error Description: " & Err.Description) WScript.Quit(2989) End Sub
You can also use the GUID of a connector space object to search the connector space for it.
The following VBScript example searches the connector space for a connector space object with a specified GUID. The script creates a query using the specified GUID that will be used in the WMI query. If the script finds a connector space object with the specified GUID, the properties of that connector space object are shown.
Option Explicit On Error Resume Next Const PktPrivacy = 6 ' Authentication level Dim Service ' Service object Dim ManagementAgent ' Management agent object Dim CsGuid ' Connector space object GUID Dim CsObject ' Connector space object Dim CsObjects ' Collection of connector space objects Dim WMIQuery ' WMI Query string ' Create the service object. Set Service = GetObject("winmgmts:{authenticationLevel=PktPrivacy}!root\MicrosoftIdentityIntegrationServer") If Err.number <> 0 then Call ErrorHandler("Could not connect to computer.") End If WScript.Echo("Successfully created service object.") ' Create the WMI Query string CsGUID = "{A67B447A-3788-419C-98B0-14B1D3CEE638}" WMIQuery = "Select * from MIIS_CSObject where GUID = '" & CsGUID & "'" ' Search for the connector space objects with the specified management ' agent GUID and distinguished name. Set CsObjects = Service.ExecQuery(WMIQuery) If Err.number <> 0 then Call ErrorHandler("Could not create CSObjects collection.") End If If CsObjects.Count = 0 Then If Err.number<>0 or IsNull(CsObjects) then ErrorHandler("Error: No CsObject with a matching GUID.") Else WScript.Echo "No CsObject with a matching GUID." WScript.Quit(2989) End If End If ' Display the connector space object properties. WScript.Echo vbCrLf & "Successfully located CSObject..." WScript.Echo vbCrLf & "CSObject Attributes:" For Each CsObject IN CsObjects WScript.Echo " Guid: " & CSObject.Guid WScript.Echo " Dn: " & CSObject.Dn WScript.Echo " ObjectType: " & CSObject.ObjectType WScript.Echo " UserPrincipalName: " & CSObject.UserPrincipalName WScript.Echo " Domain: " & CSObject.Domain WScript.Echo " Account: " & CSObject.Account WScript.Echo " MvGuid: " & CSObject.MvGuid WScript.Echo " MaGuid: " & CSObject.MaGuid WScript.Echo " MaName: " & CSObject.MaName WScript.Echo " PartitionGuid: " & CSObject.PartitionGuid WScript.Echo " PartitionName: " & CSObject.PartitionName WScript.Echo " PartitionDisplayName: " & CSObject.PartitionDisplayName WScript.Echo " PasswordChangeHistory: " & CSObject.PasswordChangeHistory Next ' Error handling subroutine. Sub ErrorHandler( errorText ) WScript.Echo(vbcrlf & errorText) WScript.Echo("Error number: " & Err.number) WScript.Echo("Error Description: " & Err.Description) WScript.Quit(2989) End Sub