Active Directory: People Picker Browse Display UI

Switch View :
Classic
Lightweight
ScriptFree
4.2 Active Directory: People Picker Browse Display UI

This example describes the requests made when a search for a valid AD User is made from the EUC machine by entering a search string which matches a User's display name and that User is added to the current Site.

Cc717308._rfc_ms-wsso7(en-us,PROT.10).gif

Figure 7: People Picker Browse Display UI Part 1

Cc717308._rfc_ms-wsso8(en-us,PROT.10).gif

Figure 8: People Picker Browse Display UI Part 2

Cc717308._rfc_ms-wsso9(en-us,PROT.10).gif

Figure 9: People Picker Browse Display UI Part 3

This scenario is initiated from the "Select People and Groups – Web page Dialog." A user enters a search string in the "Find" text field and then clicks the search icon. For the sake of simplicity, it is assumed that the user has Add privileges for the current Site Group.

The following conversation happens involving the EUC, WFE, BEDS and DC:

  1. The EUC first sends a request to the WFE to search for the desired User display name.
  2. The WFE sends an LDAP Global Catalog Search Request to the DC asking for any match in the whole subtree for user or group objects with attributes that contain the search string (a wildcard search version of the User display name) in one of the following attributes:

    • User objects: 'name', 'displayName', 'cn', 'sn', 'SamAccountName', 'mail', SMTP or sip 'proxyAddresses' attributes.
    • Group objects: 'name', 'displayName', 'cn', or 'SamAccountName' attributes.
  3. The DC responds with an LDAP Global Catalog Search Response containing both user and group objects which match the search string.
  4. The WFE initializes information about the Site and its Users. It does this by calling the proc_GetTpWebMetadataAndListMetadata Stored Procedure using TDS.
  5. The BEDS returns five Result Sets:

    • Web URL Result Set, which returns the Store-Relative URL of the root of the Site.
    • Domain Group Cache Versions Result Set, which returns information about the version numbers associated with the Domain Group map cache for this Site.
    • Domain Group Cache WFE Update Result Set, which returns information to be used in recomputing the Domain Group map cache for the Site.
    • Site Metadata Result Set, which returns specialized Site Metadata.
    • Event Receivers Result Set, which returns information about the Event Receivers defined for the Site.
  6. The WFE continues collecting information on the Site's user list by calling the proc_GetListMetadataAndEventReceivers Stored Procedure.
  7. The BEDS returns the following four Result Sets:

    • The List Metadata Result Set, which returns the permissions associated with the user information List.
    • The NULL List Permissions Result Set, which indicates that unique permissions do not exist for the List.
    • The List Event Receivers Result Set, which is empty because there are no Event Receivers defined for this List.
    • The List Web Parts Result Set, which contains information about the List view pages.
  8. The WFE creates a Dynamic SQL query that searches for the submitted search string in the user information list, looking for a match in the display name, account name or e-mail address columns.
  9. The BEDS returns one empty Dynamic SQL Result Set, indicating that a match was not found.
  10. The WFE displays the display name received from the DC as a candidate for selection.
  11. The end user clicks "Add," then "OK." The EUC closes the dialog and redirects to the user information list web page.
  12. The WFE negotiates authentication with the DC and then sends an LDAP search request to the DC for an object having an SID attribute equal to the value obtained from the DC earlier.
  13. The DC sends an LDAP Search Result containing the attributes of the AD User object.
  14. The WFE again initializes by gathering information on the Site. It does this by calling the proc_GetTpWebMetadataAndListMetadata Stored Procedure.
  15. The BEDS returns five Result Sets:

    • The Web URL Result Set, which contains the Store-Relative URL of the root of the Site.
    • The Domain Group Cache Versions Result Set, which contains information about the version numbers associated with the Domain Group map cache for this Site.
    • The Domain Group Cache WFE Update Result Set, which contains information to be used in recomputing the Domain Group map cache for the Site.
    • The Site Metadata Result Set, which contains Site Metadata.
    • The Event Receivers Result Set, which contains information about the Event Receivers defined for the Site.
  16. The WFE sends a request to the BEDS to find Principals that may have login name, display name or e-mail information matching the account name returned from the DC. It does so by calling the proc_SecResolvePrincipal Stored Procedure.
  17. A return code is returned, but no Result Sets are returned, indicating that no matches are found.
  18. The WFE renders the name as resolved.
  19. The end user clicks "OK" on the "Add Users" page, sending a request to the WFE to add the user to the Site and Site Group.
  20. The WFE negotiates authentication with the DC, and then sends an LDAP search request to the DC for an object having an SID attribute equal to the value obtained from the DC earlier.
  21. The DC sends an LDAP Search Result containing the attributes of the AD User object.
  22. The WFE initializes again by calling the proc_GetTpWebMetadataAndListMetadata Stored Procedure.
  23. The BEDS returns the following fourteen Result Sets.

    • The Web URL Result Set, which contains the URL of the Site.
    • The Domain Group Cache Versions Result Set, which contains information about the version numbers associated with the Domain Group map cache for this Site.
    • The Domain Group Cache WFE Update Result Set, which contains binary data needed to refresh the Domain Group map cache.
    • The Site Metadata Result Set, which contains Site Metadata.
    • The Event Receivers Result Set, which contains information about the Event Receivers defined for this Site.
    • The Site Category Result Set, which contains the categories of this Site.
    • The Site Metainfo Result Set, which contains the Metadict of the Site.
    • The Site Feature List Result Set, which contains the List of default Feature identifiers of this Site Collection.
    • The Site Feature List Result Set, which contains the List of Feature identifiers of this Site.
    • And Empty Result Set, which is a Placeholder set.
    • The List Metadata Result Set, which contains the Metadata associated with the specified Document List.
    • The NULL List Permissions Result Set, which indicates that there are no special permissions set on the User information list.
    • Event Receivers Result Set, which contains information about the Event Receivers defined for the Document List.
    • The List Web Parts Result Set, which contains information about the List view pages defined for the user information List.
  24. The WFE sends a request to resolve the selected user names. It does so by calling the proc_SecResolvePrincipal Stored Procedure.
  25. A Return Code is returned, but no Result Sets are returned, indicating that the user was not found.
  26. The WFE creates a Dynamic SQL query which selects information from the Sec_SiteGroupsView.
  27. The BEDS Returns a Dynamic SQL Result Set with all Site Group Membership Levels signifying the owner of all groups.
  28. The WFE builds a Dynamic Query to determine if the current user has permission to add a user to the group. It does this by calling the proc_SecGetUsersPermissionsOnGroup Stored Procedure.
  29. The BEDS returns one Dynamic SQL Result Set, which contains one record for the current group, indicating that the current user does not directly have permission to add a user to the group, and is not the owner of the group.
  30. The WFE requests the site map by calling the proc_getSiteMapById Stored Procedure.
  31. The BEDS returns the Site Map Result Set.
  32. The WFE builds a Dynamic Transactional SQL Query to add the User to the Site Collection. The following actions happen:

    • The transaction begins.
    • An attempt to add a user to the UserInfo table is performed by calling the proc_SecAddUser Stored Procedure.
    • If adding the user succeeded, then an attempt to add a person List Item to the user information List is performed. It does so by calling the proc_SecAddListItem stored procedure.
    • If either adding the User to the Site Collection or adding the List Item to the user information List failed, then the transaction is rolled back; otherwise, the transaction is committed.
  33. One result is returned from the BEDS, containing the Return Code and information about the added User.
  34. The WFE constructs a Dynamic SQL query, selecting full User information about the added User.
  35. The BEDs returns a dynamic Result Set with the requested information.
  36. The WFE requests the BEDS to add the User to the current Site Group. It does so by calling the proc_SecAddUserToSiteGroup Stored Procedure.
  37. A Return Code is returned, but no Result Sets are returned.
  38. The WFE negotiates authentication with the DC, and then sends an LDAP search request to the DC for an object having an SID attribute equal to the value obtained earlier from the DC.
  39. The DC sends an LDAP Search Result containing the attributes of the AD User object.
  40. The WFE again initializes its information about the Site. It does this by calling the proc_GetTpWebMetadataAndListMetadata Stored Procedure.
  41. The BEDS returns the following fourteen Result Sets.

    • Web URL Result Set, which returns the URL of the root of the Site.
    • Domain Group Cache Versions Result Set, which returns information about the version numbers associated with the Domain Group map cache for this Site.
    • Domain Group Cache WFE Update Result Set, which returns binary data needed to refresh the Domain Group map cache.
    • Site Metadata Result Set, which returns specialized Site Metadata.
    • Event Receivers Result Set, which returns information about the Event Receivers defined for this Site.
    • Site Category Result Set, which returns the Categories of the Site.
    • Site Metainfo Result Set, which returns the Metadict of the Site.
    • Site Feature List Result Set, which returns the List of default Feature identifiers of this Site Collection.
    • Site Feature List Result Set, which returns the List of Feature identifiers of this Site.
    • Empty Result Set, which is a placeholder set.
    • List Metadata Result Set, which returns the Metadata associated with the specified Document List.
    • NULL List Permissions Result Set, which is a placeholder set.
    • Event Receivers Result Set, which returns information about the Event Receivers defined for the Document List.
    • List Web Parts Result Set, which returns information about the List Web Parts defined for this Document List.
  42. The WFE creates a Dynamic SQL query that selects information from the Sec_SiteGroupsView view.
  43. The BEDS Returns a Dynamic SQL Result Set with all Site Group Membership Levels, signifying the owner of all groups.
  44. The WFE builds a Dynamic SQL Query to obtain updated information about the Site Group to which the User was added.
  45. The BEDS returns one Dynamic SQL Result Set containing information about the Site Group.
  46. The WFE builds a Dynamic Query to determine if the current user has permission to add a user to the group. It does this by calling the proc_SecGetUsersPermissionsOnGroup Stored Procedure.
  47. The BEDS returns one Dynamic SQL Result Set, which contains one record for the current group, indicating that the current User does not directly have permission to add a user to the group and is not the owner of the group.
  48. The WFE builds a Dynamic SQL Query to obtain more User information for the Site Group to which the User has been added.
  49. The BEDS returns one Dynamic SQL Result Set of information about the newly added User.
  50. Control is passed back to the EUC.