externalGetUserSmartCards
Retrieves all the smart cards for the specified user. The returned information can be used in other management operations on the smart card, such as revoking or retiring a smart card. This procedure is part of the Forefront Identity Manager Certificate Management (FIM CM) SQL API.
externalGetUserSmartCards
(
@user_nt4name nvarchar(80)
)
Parameters
| Parameter | Description |
|---|---|
@user_nt4name |
[in] The domain or username of the user for which the smart cards are retrieved. The username is in the Windows NT 4.0 format. |
Return Value
Zero if the procedure succeeds, otherwise one of the following error codes.
| Value | Meaning |
|---|---|
-1 |
The cause of the error is unknown. |
-2 |
The attempt to create the request failed. |
-3 |
The data is not valid. |
-4 |
The attempt to submit the request failed. |
externalGetUserSmartCards returns a result set that contains the following data:
| Field | Type | Description |
|---|---|---|
sc_uuid |
UniqueIdentifier |
The unique identifier assigned to this smart card. A single smart card will have a new unique identifier assigned every time that it is assigned to a user in the database. |
sc_manufacturer_id |
Varchar |
The smart card manufacturer's identifier. |
sc_serial_number |
Varchar |
The smart card's specific unique identifier. This is either the smart card's serial number when using Public Key Cryptography Standard #11 (PKCS11) middleware cards, or the smart card CardID for Microsoft Base Cryptographic Service Provider cards. |
sc_status |
SmallInt |
The FIM CM status for this smart card. |
sc_flags |
Int |
The FIM CM flags associated with this smart card. |
The following table describes the smart card status.
| Status | Description |
|---|---|
New (0) |
The smart card or profile is not fully operational. This is the initial status. |
Assigned (1) |
The smart card has been assigned to a specific user. |
Active (2) |
The smart card or profile is operational. |
Disabled (3) |
All certificates that is contained in the smart card or profile have been revoked. Some management operations are not allowed if a smart card is in the disabled status. |
Suspended (4) |
All certificates that are contained by the smart card or profile have been put on hold. |
Retired (5) |
All certificates that are contained in the smart card or profile have been revoked. Only the "Recover on Behalf" operation is allowed. |
The following table describes the smart card flags.
| Flag | Description |
|---|---|
Primary (0x00000001) |
Indicates that the smart card or profile is a primary smart card or profile. |
Duplicate (0x00000002) |
A copy of a primary profile or smart card that shares the archived certificates with the primary smart card. |
Reused (0x00000004) |
The smart card is being reused. |
Temporary (0x00000008) |
The smart card is temporary. |
KeyEscrow (0x00010000) |
The product of the Recover on Behalf operation. |
Superseded (0x01000000) |
The smart card or profile has been replaced or renewed by another smart card or profile. |
Example
The following code example shows how to retrieve all smart cards for the specified user.
DECLARE @RC int
DECLARE @user_nt4name nvarchar(80)
-- Set parameter values
SET @user_nt4name = N'clm-test\subscriber01'
EXEC @RC = [CLM].[dbo].[externalGetUserSmartCards]
@user_nt4name
PRINT @RC
Requirements
Microsoft SQL ServerĀ® 2005 Service Pack 1 or SQL Server 2000 Service Pack 4