FPCUserMapping object
Applies to: desktop apps only
The FPCUserMapping object represents the user mapping that is used to map VPN clients connecting with a Forefront TMG computer using a non-Windows authentication method (RADIUS authentication) to mirrored Active Directory accounts in the Windows namespace. The Domain property of the FPCUserMapping object specifies a domain name that Forefront TMG can combine with a user name in the user mapping process when the user name supplied does not contain a domain name. As a result, access rules that specify user sets containing Windows users and groups are also applied to non-Windows authenticated users that do not use Windows.
When RADIUS authentication with the Challenge Handshake Authentication Protocol (CHAP), the Microsoft Challenge Handshake Authentication Protocol version 1 (MS-CHAP), the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2), or any type of the Extensible Authentication Protocol (EAP) is used, the domain specified in the user mapping is used to match the VPN client to a mirrored Active Directory account if the user mapping is enabled. When the Password Authentication Protocol (PAP) or the Shiva Password Authentication Protocol (SPAP) is used, the domain name is always ignored, the VPN client can be matched to an Active Directory account in the local domain if the Forefront TMG computer belongs to a domain or to a local user account on the Forefront TMG computer if the Forefront TMG computer belongs to a workgroup.
The user mapping can be used only when the Forefront TMG computer belongs to a domain. It should not be enabled in a workgroup environment if CHAP, MS-CHAP, MS-CHAP v2, or EAP is enabled.
The FPCUserMapping object can be accessed through the RADIUSUserMapping property of the FPCVpnConfiguration object.
.png "Ff826810.bkbutton(en-us,VS.85).png")
Click here to see the Forefront TMG object hierarchy.
Members
The FPCUserMapping object has these types of members:
- Methods
- Properties
Methods
The FPCUserMapping object has these methods.
| Method | Description |
|---|---|
| Refresh | Reads the values of all of the object's properties from persistent storage, discarding any changes that have not been saved. |
| Save | Writes the current values of all of the object's properties to persistent storage. |
Properties
The FPCUserMapping object has these properties.
| Property | Access type | Description |
|---|---|---|
| Read/write | Gets or sets the domain name that Forefront TMG can combine with a user name in the user mapping process when the user name supplied does not contain a domain name. |
|
| Read/write | Gets or sets a Boolean value that indicates whether the user mapping is enabled. |
Interfaces for C++ Programming
This object implements the IFPCUserMapping interface.
Requirements
Minimum supported client |
Windows Vista, None supported |
Minimum supported server |
Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only) |
Version |
Forefront Threat Management Gateway (TMG) 2010 |
IDL |
Msfpccom.idl |
See also
Build date: 7/12/2010