Dynamics Ax relies on Active Directory for user authentication. And thanx to CLR Interop, you too can use Active Directory and all it's objects and properties from within Ax. You can use AD for what it is designed for: a central storage location for application data.
But how does one get to read information from the AD? In following code snippet, I'll show you how to collect a list of all users from a specific domain, with some basic information about those users.
For this, we'll use the System.DirectoryServices namespace, an easy way of getting access to Active Directory from managed code.
In order for your code to work, don't forget to edit the networkDomain variable!
static void ReadFromAD(Args _args) { System.DirectoryServices.DirectorySearcher DirectorySearcher; System.DirectoryServices.SearchScope SearchScope; System.DirectoryServices.DirectoryEntry DirectoryEntry; System.DirectoryServices.SearchResultCollection SearchResultCollection; System.DirectoryServices.SearchResult SearchResult; System.DirectoryServices.PropertyCollection PropertyCollection; System.DirectoryServices.PropertyValueCollection PropertyValueCollection; str networkDomain="yourdomainhere.com"; str prefix = 'LDAP://'; int totalCount; int counter; str mysamaccountname; str myusername; ; try { DirectoryEntry = new System.DirectoryServices.DirectoryEntry(prefix + networkDomain); SearchScope = CLRInterop::parseClrEnum('System.DirectoryServices.SearchScope', 'Subtree'); DirectorySearcher = new System.DirectoryServices.DirectorySearcher(DirectoryEntry); DirectorySearcher.set_SearchScope(searchScope); DirectorySearcher.set_Filter(strfmt('(&(objectClass=user))')); SearchResultCollection = DirectorySearcher.FindAll(); totalCount = SearchResultCollection.get_Count(); for (counter=0; counter < totalcount; counter++) { SearchResult = SearchResultCollection.get_Item(counter); DirectoryEntry = SearchResult.GetDirectoryEntry(); if (DirectoryEntry) { PropertyCollection = DirectoryEntry.get_Properties(); if (PropertyCollection) { PropertyValueCollection = PropertyCollection.get_Item('samaccountname'); mysamaccountname=PropertyValueCollection.get_Value(); PropertyValueCollection = PropertyCollection.get_Item('name'); myusername=PropertyValueCollection.get_Value(); info(strfmt('%1 - %2',mysamaccountname,myusername)); } } } DirectorySearcher.Dispose(); SearchResultCollection.Dispose(); } catch (Exception::CLRError) { error("Error reading AD"); return; } } Ax has it's own routines
readily available to do the job as well. Let's look at the class xAxaptaUserManager and xAxaptaUserDetails.
Note: Remember you can user the field networkalias from table UserInfo to do a conversion from Ax user id to the domain user id. You can use this class for various purposes. Also for checking a password. How to validate the system password in AD from within Ax
We could get some more information from the AD regarding the user by using class xAxaptaUserDetails. How to get the user name from AD for a user
How to get the email address from AD for a user
|
No comments:
Post a Comment