|
adTempus API
|
   |
IScheduler::GetSecurityEntities Method
|
adTempus API
|
|
Gets a list of security entities (users or groups) from the server.
HRESULT GetSecurityEntities(BSTR targetComputer, long entityTypes, long startIndex, long maxRecords, long * nextIndex, [out,retval] ISecEntities** entities);
GetSecurityEntities(String targetComputer, long entityTypes, long startIndex, long maxRecords, ref long nextIndex, [out,retval] ISecEntities* entities);
Sub GetSecurityEntities(targetComputer As String, entityTypes As long, startIndex As long, maxRecords As long, ByRef nextIndex As long, entities As [out,retval] ISecEntities*)
|
Parameters |
Description |
|
[in]BSTR targetComputer |
The name of the computer to retrieve the account list from, or an empty string to query the adTempus server (but see Remarks if you need to list domain accounts). |
|
[in] long entityTypes |
The types of entities you want to retrieve. Can be any combination of SecEntityType.setUser and SecEntityType.setUser. Other values of SecEntityType are invalid and will be ignored. |
|
[in] long startIndex |
The starting index. Specify 0 to start at the first record, or pass the nextIndex value returned by the previous call to this method. |
|
[in] long maxRecords |
The maximum number of records to return. |
|
[out] long * nextIndex |
The index that should be used as the startIndex on the next call, to retrieve the next batch of records. |
|
[out,retval] ISecEntities** entities |
On return, a collection of security entities of the requested type(s). |
GetSecurityEntities gets a list of Windows users or groups, for use in interfaces that allow the user to edit security settings.
GetSecurityEntities allows you to limit the number of entities returned in each call to the server. It is strongly recommended that you use this feature and not attempt to return the complete list at once. In a domain with a large number of users or groups, trying to retrieve too many records will essentially lock up the adTempus service while it tries to process the request.
A better approach is to avoid listing entities entirely. The adTempus Console uses the same approach as the Windows security editor--the user enters a name, and the Console uses LookupAccount to resolve the name.
When you call GetSecurityEntities repeatedly, use the nextIndex value from the previous call as the startIndex value for the new call. Do not assume that indexes will be continuous. That is, on return, nextIndex may not equal startIndex+maxRecords.
If you want to list accounts for a domain, the targetComputer must contain the name of the computer that is the domain controller. This can be obtained through IScheduler.DomainController.
|
adTempus API Reference version 3.0.0.0, revised 10/30/2008
|