This is a simple MVExtension, written for a demonstration. It creates an account in AD, openLDAP, and a personal webspace in IIS. (For the rest of the IIS process see StaffWebsites_CSExtension.vb.)
Normally I would use MVRouter to split the provisioning for seperate MAs into different dlls.
Code
Imports Microsoft.MetadirectoryServices
Public Class MVExtensionObject
Implements IMVSynchronization
Const ADS_UF_NORMAL_ACCOUNT As Integer = &H200
Const ADS_UF_DISABLED_ACCOUNT As Integer = &H202
Const OU_NAME_AD As String = "OU=Staff,DC=frogsinc,DC=ch"
Const OU_NAME_OPENLDAP As String = "ou=People,dc=my-domain,dc=com"
Const MA_NAME_AD As String = "AD"
Const MA_NAME_OPENLDAP As String = "openLDAP"
Const MA_NAME_STAFFWEBSITES As String = "StaffWebsites"
Const INITIAL_PASSWORD As String = "Passw0rd"
Public Sub Initialize() Implements IMVSynchronization.Initialize
' TODO: Add initialization code here
End Sub
Public Sub Terminate() Implements IMVSynchronization.Terminate
' TODO: Add termination code here
End Sub
Public Sub Provision(ByVal mventry As MVEntry) Implements IMVSynchronization.Provision
Dim rdn As String
Dim ADMA As ConnectedMA
Dim StaffWebsitesMA As ConnectedMA
Dim openLDAPMA As ConnectedMA
Dim numConnectors As Integer
Dim myConnector As CSEntry
Dim csentry As CSEntry
Dim dn As ReferenceValue
' Ensure that the cn attribute is present.
If Not mventry("cn").IsPresent Then
Throw New UnexpectedDataException("cn attribute is not present.")
Exit Sub
End If
' ** AD **
' Determine the container and relative distinguished name
' of the new connector space entry.
rdn = "CN=" & mventry("cn").Value
ADMA = mventry.ConnectedMAs(MA_NAME_AD)
dn = ADMA.EscapeDNComponent(rdn).Concat(OU_NAME_AD)
numConnectors = ADMA.Connectors.Count
' If there is no connector present, create a new connector.
If 0 = numConnectors Then
csentry = ADMA.Connectors.StartNewConnector("user")
csentry.DN = dn
csentry("UnicodePwd").Values.Add(INITIAL_PASSWORD)
csentry("userAccountControl").IntegerValue = ADS_UF_NORMAL_ACCOUNT
csentry.CommitNewConnector()
ElseIf 1 = numConnectors Then
' Check if the connector has a different DN and rename if necessary.
' Get the connector.
myConnector = ADMA.Connectors.ByIndex(0)
If myConnector.DN.ToString.ToLower <> dn.ToString.ToLower Then
myConnector.DN = dn
End If
Else
Throw New UnexpectedDataException("multiple connectors:" + numConnectors.ToString)
End If
' ** openLDAP **
' Determine the container and relative distinguished name
' of the new connector space entry.
rdn = "CN=" & mventry("uid").Value
openLDAPMA = mventry.ConnectedMAs(MA_NAME_OPENLDAP)
dn = openLDAPMA.EscapeDNComponent(rdn).Concat(OU_NAME_OPENLDAP)
numConnectors = openLDAPMA.Connectors.Count
' If there is no connector present, create a new connector.
If 0 = numConnectors Then
csentry = openLDAPMA.Connectors.StartNewConnector("inetOrgPerson")
csentry.DN = dn
csentry("cn").Value = mventry("uid").Value
csentry("userPassword").Values.Add(INITIAL_PASSWORD)
csentry.CommitNewConnector()
ElseIf 1 = numConnectors Then
' Check if the connector has a different DN and rename if necessary.
' Get the connector.
myConnector = openLDAPMA.Connectors.ByIndex(0)
If myConnector.DN.ToString.ToLower <> dn.ToString.ToLower Then
myConnector.DN = dn
End If
Else
Throw New UnexpectedDataException("multiple connectors:" + numConnectors.ToString)
End If
' ** StaffWebsites **
StaffWebsitesMA = mventry.ConnectedMAs(MA_NAME_STAFFWEBSITES)
Dim csWebsite As CSEntry
numConnectors = StaffWebsitesMA.Connectors.Count
If mventry("website").Value.ToLower = "yes" AndAlso numConnectors = 0 Then
csWebsite = StaffWebsitesMA.Connectors.StartNewConnector("website")
csWebsite("alias").Value = mventry("uid").Value
csWebsite.CommitNewConnector()
ElseIf mventry("website").Value.ToLower = "no" AndAlso numConnectors = 1 Then
StaffWebsitesMA.Connectors.ByIndex(0).Deprovision()
ElseIf mventry("website").Value.ToLower = "yes" AndAlso numConnectors = 1 Then
csWebsite = StaffWebsitesMA.Connectors.ByIndex(0)
If csWebsite("alias").Value.ToLower <> mventry("uid").Value.ToLower Then
csWebsite("alias").Value = mventry("uid").Value
End If
End If
End Sub
Public Function ShouldDeleteFromMV(ByVal csentry As CSEntry, ByVal mventry As MVEntry) As Boolean Implements IMVSynchronization.ShouldDeleteFromMV
' TODO: Add MV deletion code here
Throw New EntryPointNotImplementedException()
End Function
End Class