PassportUserDomain

[This documentation is preliminary and is subject to change.]

The PassportUserDomain object can be used to represent Windows Live user domains in the trust policy of an enterprise. You can enable Windows Live domains, retrieve information about them, and identify excluded users. Call the PassportUserDomain property on the TrustPolicy object to retrieve this object.

Note  You must specify proxy server settings by using the ProxySettings object before enabling a Windows Live domain.

Methods

The PassportUserDomain object does not define any methods.

Properties

The PassportUserDomain object has the following properties.

Property Description
CertificateExpirationTime Retrieves the date and time at which the Windows Live certificate expires.
CertificationName Retrieves the common name of the Windows Live certification service.
Enabled Specifies and retrieves a Boolean value that can be used to enable Windows Live user domains.
ExcludedUsers Retrieves a collection of excluded Windows Live identities.
Id Retrieves a unique integer ID for the PassportUserDomain object.

Example Code [VBScript]

DIM config_manager
DIM admin_role

' *******************************************************************
' Create and initialize a ConfigurationManager object.

SUB InitObject()

  CALL WScript.Echo( "Create ConfigurationManager object...")
  SET config_manager = CreateObject _
    ("Microsoft.RightsManagementServices.Admin.ConfigurationManager")      
  CheckError()
    
  CALL WScript.Echo( "Initialize...")
  admin_role=config_manager.Initialize(false,"localhost",80,"","","")
  CheckError()

END SUB

' *******************************************************************
' Retrieve Windows Live user domain information.

SUB GetPassportInfo()

  DIM trustPolicy
  DIM passportDomain

  ' Retrieve the trust policy object. 
  SET trustPolicy = config_manager.Enterprise.TrustPolicy
  CheckError()

  ' Retrieve the Windows Live user domain object.
  SET passportDomain = trustPolicy.PassportUserDomain
  CheckError()

  ' Enable Windows Live user domains.
  passportDomain.Enabled = TRUE
  CheckError()

  IF IsNull(passportDomain.Id) OR LEN(passportDomain.Id) = 0 THEN
    CALL RaiseError(-601, "Enable Passport user domain failed.")
  END IF
  CALL WScript.Echo("PassportUserDomain.Enabled: Id = " _
                    & passportDomain.Id _
                    & " Certification Name = " _
                    & passportDomain.CertificationName _
                    & " Certificate Expiration = " _
                    & passportDomain.CertificateExpirationTime)

  ' Add excluded users to the domain.
  passportDomain.ExcludedUsers.Clear()
  passportDomain.ExcludedUsers.Add("passport1@example.com")
  passportDomain.ExcludedUsers.Add("passport2@example.com")
  passportDomain.ExcludedUsers.Update()
  CheckError()
  CALL WScript.Echo("PassportUserDomain: excluded count=" & _
                    passportDomain.ExcludedUsers.Count)
 
END SUB

' *******************************************************************
' Error checking function.

FUNCTION CheckError()
  CheckError = Err.number
  IF Err.number <> 0 THEN
    CALL WScript.Echo( vbTab & "*****Error Number: " _
                       & Err.number _
                       & " Desc:" _
                       & Err.Description _
                       & "*****")
    WScript.StdErr.Write(Err.Description)
    WScript.Quit( Err.number )
  END IF
END FUNCTION

' *******************************************************************
' Generate a runtime error.

SUB RaiseError(errId, desc)
  CALL Err.Raise( errId, "", desc )
  CheckError()
END SUB

Requirements

Product Requires Windows Server "Longhorn".
Library

Use Microsoft.RightsManagementServices.Admin.dll registered as a custom type library.

See Also

Active Directory Rights Management Services Scripting API