Server Activity Diagram

The server activity diagram for this scenario is illustrated in the following figure. In this scenario the client application connects to a directory server in the Active Directory System and communicates with it using the LDAP protocol. The activity diagram shows the activities the server performs as it transitions from an initial state to the state of a successful deletion of the user.

The server activities are as follows:

  1. Upon receiving an LDAP bind request ([RFC2251] section 4.2, Bind Operation) from the Client Application, the Directory Server interacts with the Windows Authentication Services which authenticates the Administrator using the supplied credentials ([MS-AUTHSO] section 4, Interactive Domain Logon Task).

  2. The server receives a request from the client application to search for an account’s distinguished name. The request contains the account name of the account. The server locates the DN of the account object and returns this information to the client application. If the request is rejected by the server the operation will be terminated with an appropriate error.

  3. The server receives a request to delete the account with the specified DN. The directory server validates that the user has the necessary access to perform the operation. If the Administrator does not have the necessary access to perform the operation, the Directory Server rejects the LDAP delete request.

  4. The server deletes the account.


Figure 31: Server activity diagram for deleting a user account