ExclusionPolicy object

The ExclusionPolicy object manages AD RMS server exclusion policies. Exclusion policies deny new certificate and license requests made by compromised principals. They do not, however, revoke the principal. Administrators can use this object to exclude applications, legacy operating systems, user accounts, and legacy lockbox versions. You can retrieve this object by calling the ExclusionPolicy property on the Enterprise object.

Members

The ExclusionPolicy object has these types of members:

Properties

The ExclusionPolicy object has these properties.

PropertyDescription

Applications

Retrieves a collection of excluded applications.

DisableLegacyWindowsVersions

Specifies or returns a Boolean value that indicates whether computers running legacy operating systems are excluded. AD RMS support begins with Windows 2000.

Important  This property may be altered or unavailable in subsequent versions of the operating system. See the DisableLegacyWindowsVersions property page for further information about which operating systems support this property.
 

Lockbox

Retrieves the minimum lockbox version that must be installed before a use license can be granted.

UserAccounts

Retrieves a collection of excluded user accounts.

 

Examples



DIM admin_role
DIM config_manager
DIM exclusionPolicy
DIM excludedAppColl
DIM lockbox
DIM excludedUserColl

  ' Create a Configuration Manager.
  CALL WScript.Echo( "Create ConfigurationManager object...")
  SET config_manager = CreateObject _
    ("Microsoft.RightsManagementServices.Admin.ConfigurationManager")      
  CheckError()

  CALL WScript.Echo( "Initialize...")
  admin_role=config_manager.Initialize(false,"localhost",80,"","","")
  CheckError()
    
   ' Retrieve the ExclusionPolicy object.
  SET exclusionPolicy = config_manager.Enterprise.ExclusionPolicy
  CheckError()

  ' Retrieve the collection of excluded applications.
  Set excludedAppColl = exclusionPolicy.Applications
  CheckError()

  ' Retrieve the ExcludedLockbox object.
  SET lockbox = exclusionPolicy.Lockbox
  CheckError()

  ' Retrieve the ExcludedUSerAccountCollection object.
  SET excludedUserColl = exclusionPolicy.UserAccounts
  CheckError()

' *******************************************************************
' Error checking function.

FUNCTION CheckError()
  CheckError = Err.number
  IF Err.number <> 0 THEN
    CALL WScript.Echo( vbTab & "*****Error Number: " _
                       & Err.number _
                       & " Desc:" _
                       & Err.Description _
                       & "*****")
    WScript.StdErr.Write(Err.Description)
    WScript.Quit( Err.number )
  END IF
END FUNCTION




Requirements

Minimum supported client

None supported

Minimum supported server

Windows Server 2008

Assembly

Microsoft.RightsManagementServices.Admin.dll

See also

Active Directory Rights Management Services Scripting API Reference

 

 

Show: