Udostępnij za pośrednictwem


Forefront Identity Manager Certificate Management Connected Data Sources

You can provision objects for Forefront Identity Manager Certificate Management (FIM CM) by provisioning requests in Forefront Identity Manager (FIM). Because provisioning contains a number of basic steps, see Provisioning Objects in the Connector Space for an overview of provisioning.

When you are deciding how to provision requests, you can choose between two options:

  • Use the ClmUtils helper class to assist with typical provisioning scenarios.

  • Write custom provisioning code to help make deterministic decisions on when to provision requests.

Provisioning Forefront Identity Manager Certificate Management Objects Examples

This section describes the topics that show you how to provision various FIM CM requests:

Example Purpose

How to: Provision a FIM Certificate Management Recover Request

Shows you how to provision a recover request.

How to: Provision a FIM Certificate Management Online Update Request

Shows you how to provision an online update request.

How to: Provision a FIM Certificate Management Enroll Request

Shows you how to provision an enroll request.

How to: Provision a FIM Certificate Management Disable Request

Shows you how to provision a disable request.

How to: Provision a FIM Certificate Management Suspend Request

Shows you how to provision a suspend request.

How to: Provision a FIM Certificate Management Reinstate Request

Shows you how to provision a reinstate request.

How to: Provision a FIM Certificate Management Recover on Behalf Request

Shows you how to provision a Recover on Behalf request.

How to: Provision a FIM Certificate Management Retire Request

Shows you how to provision a retire request.

How to: Provision a FIM Certificate Management Duplicate Request

Shows you how to provision a duplicate request.

How to: Provision a FIM Certificate Management Temporary Card Disable Request

Shows you how to provision a disable request for a temporary card.

How to: Provision a FIM Certificate Management Temporary Card Retire Request

Shows you how to provision a retire request for a temporary card.

How to: Provision a FIM Certificate Management Linked Temporary Card Request

Shows you how to provision a Temporary Card request for a temporary card that is linked to an existing profile.

How to: Provision a FIM Certificate Management Unlinked Temporary Card Request

Shows you how to provision a Temporary Card request for a temporary card that is not linked to an existing profile.

How to: Use FIM Certificate Management to Determine Connected Profiles and Requests

Shows you how to use the ClmUtils class to determine the connected profiles and requests.

Framework

Because many of the steps to provision a FIM CM object are the same, the following examples show the framework, in Microsoft Visual Basic and Microsoft Visual C#, around which the example tasks are built.The following example shows you how to use a rules extension to provision a FIM CM request with the assistance of ClmUtils. This approach assumes that the business logic in CLMUtils is in line with the implementation design required by your solution.

See the more detailed and specific examples of how to provision requests without the help of ClmUtils.

Dim CLMUtils As ClmUtils

Sub Initialize()  Implements IMVSynchronization.Initialize
    CLMUtils = New ClmUtils(New String() {
        "CertificateLifecycleManagerMA"})
End Sub 'IMVSynchronization.Initialize

Sub Provision(ByVal mventry As MVEntry)
    Implements IMVSynchronization.Provision

    Dim CLMMA As ConnectedMA = mventry.ConnectedMAs(
        "CertificateLifecycleManager")
    
    CLMUtils.CreateEnrollRequest(CLMMA,
        New Guid(mventry("objectGUID").BinaryValue),
        "Smart Card User Template")

    If mventry("clmRequestFlag ").IsPresent Then
        Select Case mventry("clmRequestFlag").Value.ToLower()
            Case "clmdisable"
                CLMUtils.CreateDisableRequest(CLMMA,
                    New Guid(mventry("objectGUID").BinaryValue),
                    "Smart Card User Template")
            
            Case "clmretire"
                CLMUtils.CreateRetireRequest(CLMMA,
                    New Guid(mventry("objectGUID").BinaryValue),
                    "Smart Card User Template")
            
            Case "clmrob"
                CLMUtils.CreateRecoverOnBehalfRequest(CLMMA,
                    New Guid(mventry("objectGUID").BinaryValue),
                    "Smart Card User Template")
            
            Case "clmsuspend"
                CLMUtils.CreateSuspendRequest(CLMMA,
                    New Guid(mventry("objectGUID").BinaryValue),
                    "Smart Card User Template")
            
            Case "clmreinstate"
                CLMUtils.CreateReinstateRequest(CLMMA,
                    New Guid(mventry("objectGUID").BinaryValue),
                    "Smart Card User Template")
        End Select
    End If

End Sub 'IMVSynchronization.Provision
ClmUtils CLMUtils;

void IMVSynchronization.Initialize()
{
    CLMUtils = new ClmUtils(new String[] {
        "CertificateLifecycleManagerMA" });
}

void IMVSynchronization.Provision(MVEntry mventry)
{
    ConnectedMA CLMMA = mventry.ConnectedMAs[
        "CertificateLifecycleManager"];

    CLMUtils.CreateEnrollRequest(CLMMA,
        new Guid(mventry["objectGUID"].BinaryValue),
        "Smart Card User Template");
    if (mventry["clmRequestFlag "].IsPresent)
    {
        switch (mventry["clmRequestFlag"].Value.ToLower())
        {
            case "clmdisable":
                CLMUtils.CreateDisableRequest(CLMMA,
                    new Guid(mventry["objectGUID"].BinaryValue),
                    "Smart Card User Template");
                break;

            case "clmretire":
                CLMUtils.CreateRetireRequest(CLMMA,
                    new Guid(mventry["objectGUID"].BinaryValue),
                    "Smart Card User Template");
                break;

            case "clmrob":
                CLMUtils.CreateRecoverOnBehalfRequest(CLMMA,
                    new Guid(mventry["objectGUID"].BinaryValue),
                    "Smart Card User Template");
                break;
            
            case "clmsuspend":
                CLMUtils.CreateSuspendRequest(CLMMA,
                    new Guid(mventry["objectGUID"].BinaryValue),
                    "Smart Card User Template");
                break;

            case "clmreinstate":
                CLMUtils.CreateReinstateRequest(CLMMA,
                    new Guid(mventry["objectGUID"].BinaryValue),
                    "Smart Card User Template");
                break;
        }
    }
}

See Also

Concepts

Using Forefront Identity Manager Synchronization Service
Provisioning Objects in the Connector Space