TrustedUserDomain object
The TrustedUserDomain object represents a trusted user domain associated with an AD RMS installation in a different Active Directory forest. A collection of trusted domains enables AD RMS to process license requests from users whose rights account certificates were issued by AD RMS installations in other forests. To import the external domains associated with another AD RMS installation, you can call the Import method on the TrustedUserDomainCollection object and specify the external server licensor certificate. You can retrieve the collection by calling the TrustedUserDomains property on the TrustPolicy object.
Members
The TrustedUserDomain object has these types of members:
Properties
The TrustedUserDomain object has these properties.
| Property | Description |
|---|---|
| CertificateExpirationTime |
Retrieves the time at which the server licensor certificate associated with the trusted domain expires. |
| DisplayName |
Retrieves a display name for the trusted domain. |
| DomainNames |
Retrieves a collection of trusted email domain names for this trusted user domain. |
| Id |
Retrieves a unique ID for the trusted domain object. |
| IsADFederationSvcTrusted |
Specifies or retrieves a Boolean value that indicates whether the federated users included in an imported user domain are trusted. |
| IsImported |
Retrieves a Boolean value that specifies whether the trusted domain has been imported from another AD RMS installation. |
| IsSecurityIdentifiersAllowed |
Specifies or retrieves a Boolean value that indicates whether the security identifiers associated with the trusted domain are also trusted. |
Examples
DIM config_manager
DIM admin_role
' *******************************************************************
' Create and initialize a ConfigurationManager object.
SUB InitObject()
CALL WScript.Echo( "Create ConfigurationManager object...")
SET config_manager = CreateObject _
("Microsoft.RightsManagementServices.Admin.ConfigurationManager")
CheckError()
CALL WScript.Echo( "Initialize...")
admin_role=config_manager.Initialize(false,"localhost",80,"","","")
CheckError()
END SUB
' *******************************************************************
' Retrieve trusted user domain information.
SUB GetTudInfo()
DIM trustPolicy
DIM tudColl
DIM Tud
DIM domainNames
DIM Index
' Retrieve the trust policy object.
SET trustPolicy = config_manager.Enterprise.TrustPolicy
CheckError()
' Retrieve the trusted user domain collection object.
SET tudColl = trustPolicy.TrustedUserDomains
CheckError()
' Import a server licensor certificate into the collection
' and retrieve a trusted user domain object.
SET Tud = tudColl.Import( "TUD_Name", _
"c:\certFile.bin", _
False)
CheckError()
IF tudColl.Count < 1 OR IsNull(Tud.Id) THEN
CALL RaiseError(-610, "Import failed.")
END IF
CALL WScript.Echo("Trusted user domain information: ");
CALL WScript.Echo("Name = " & _
Tud.DisplayName)
CALL WScript.Echo("Expiration = " & _
Tud.CertificateExpirationTime)
CALL WScript.Echo("ID = " & _
Tud.Id)
CALL WScript.Echo("ADFS trusted = " & _
Tud.IsADFederationSvcTrusted)
CALL WScript.Echo("Imported = " & _
Tud.IsImported)
CALL WScript.Echo("SIDs allowed = " & _
Tud.IsSecurityIdentifiersAllowed
CALL WScript.Echo("Trusted domain names:")
SET domainNames = Tud.DomainNames
For Index = 0 To domainNames.Count - 1
CALL WScript.Echo("Domain Name = " & domainNames.Item(Index))
Next
END SUB
' *******************************************************************
' Error checking function.
FUNCTION CheckError()
CheckError = Err.number
IF Err.number <> 0 THEN
CALL WScript.Echo( vbTab & "*****Error Number: " _
& Err.number _
& " Desc:" _
& Err.Description _
& "*****")
WScript.StdErr.Write(Err.Description)
WScript.Quit( Err.number )
END IF
END FUNCTION
' *******************************************************************
' Generate a runtime error.
SUB RaiseError(errId, desc)
CALL Err.Raise( errId, "", desc )
CheckError()
END SUB
Requirements
| Minimum supported client |
None supported |
| Minimum supported server |
Windows Server 2008 |
| Assembly |
|