TrustedUserDomain

TrustedUserDomain object

The TrustedUserDomain object represents a trusted user domain associated with an AD RMS installation in a different Active Directory forest. A collection of trusted domains enables AD RMS to process license requests from users whose rights account certificates were issued by AD RMS installations in other forests. To import the external domains associated with another AD RMS installation, you can call the Import method on the TrustedUserDomainCollection object and specify the external server licensor certificate. You can retrieve the collection by calling the TrustedUserDomains property on the TrustPolicy object.

Members

The TrustedUserDomain object has these types of members:

Properties

The TrustedUserDomain object has these properties.

PropertyDescription

CertificateExpirationTime

Retrieves the time at which the server licensor certificate associated with the trusted domain expires.

DisplayName

Retrieves a display name for the trusted domain.

DomainNames

Retrieves a collection of trusted email domain names for this trusted user domain.

Id

Retrieves a unique ID for the trusted domain object.

IsADFederationSvcTrusted

Specifies or retrieves a Boolean value that indicates whether the federated users included in an imported user domain are trusted.

IsImported

Retrieves a Boolean value that specifies whether the trusted domain has been imported from another AD RMS installation.

IsSecurityIdentifiersAllowed

Specifies or retrieves a Boolean value that indicates whether the security identifiers associated with the trusted domain are also trusted.

 

Examples



DIM config_manager
DIM admin_role

' *******************************************************************
' Create and initialize a ConfigurationManager object.

SUB InitObject()

  CALL WScript.Echo( "Create ConfigurationManager object...")
  SET config_manager = CreateObject _
    ("Microsoft.RightsManagementServices.Admin.ConfigurationManager")      
  CheckError()
    
  CALL WScript.Echo( "Initialize...")
  admin_role=config_manager.Initialize(false,"localhost",80,"","","")
  CheckError()

END SUB

' *******************************************************************
' Retrieve trusted user domain information.

SUB GetTudInfo()

  DIM trustPolicy
  DIM tudColl
  DIM Tud
  DIM domainNames
  DIM Index

  ' Retrieve the trust policy object.
  SET trustPolicy = config_manager.Enterprise.TrustPolicy
  CheckError()

  ' Retrieve the trusted user domain collection object.
  SET tudColl = trustPolicy.TrustedUserDomains
  CheckError()

  ' Import a server licensor certificate into the collection
  ' and retrieve a trusted user domain object.
  SET Tud = tudColl.Import( "TUD_Name", _
                            "c:\certFile.bin", _
                            False)
  CheckError()

  IF tudColl.Count < 1 OR IsNull(Tud.Id) THEN
    CALL RaiseError(-610, "Import failed.")
  END IF

  CALL WScript.Echo("Trusted user domain information: ");
  CALL WScript.Echo("Name = " & _
                    Tud.DisplayName)
  CALL WScript.Echo("Expiration = " & _
                    Tud.CertificateExpirationTime)
  CALL WScript.Echo("ID = " & _
                    Tud.Id)
  CALL WScript.Echo("ADFS trusted = " & _
                    Tud.IsADFederationSvcTrusted)
  CALL WScript.Echo("Imported = " & _
                    Tud.IsImported)
  CALL WScript.Echo("SIDs allowed = " & _
                    Tud.IsSecurityIdentifiersAllowed
  CALL WScript.Echo("Trusted domain names:")

  SET domainNames = Tud.DomainNames
  For Index = 0 To domainNames.Count - 1
    CALL WScript.Echo("Domain Name = " & domainNames.Item(Index))
  Next

END SUB

' *******************************************************************
' Error checking function.

FUNCTION CheckError()
  CheckError = Err.number
  IF Err.number <> 0 THEN
    CALL WScript.Echo( vbTab & "*****Error Number: " _
                       & Err.number _
                       & " Desc:" _
                       & Err.Description _
                       & "*****")
    WScript.StdErr.Write(Err.Description)
    WScript.Quit( Err.number )
  END IF
END FUNCTION

' *******************************************************************
' Generate a runtime error.

SUB RaiseError(errId, desc)
  CALL Err.Raise( errId, "", desc )
  CheckError()
END SUB


Requirements

Minimum supported client

None supported

Minimum supported server

Windows Server 2008

Assembly

Microsoft.RightsManagementServices.Admin.dll

See also

Active Directory Rights Management Services Scripting API Reference

 

 

Show:
© 2016 Microsoft