Forefront Identity Manager Certificate Management Connected Data Sources
You can provision objects for Forefront Identity Manager Certificate Management (FIM CM) by provisioning requests in Forefront Identity Manager (FIM). Because provisioning contains a number of basic steps, see Provisioning Objects in the Connector Space for an overview of provisioning.
When you are deciding how to provision requests, you can choose between two options:
Use the ClmUtils helper class to assist with typical provisioning scenarios.
Write custom provisioning code to help make deterministic decisions on when to provision requests.
Provisioning Forefront Identity Manager Certificate Management Objects Examples
This section describes the topics that show you how to provision various FIM CM requests:
Framework
Because many of the steps to provision a FIM CM object are the same, the following examples show the framework, in Microsoft Visual Basic and Microsoft Visual C#, around which the example tasks are built.The following example shows you how to use a rules extension to provision a FIM CM request with the assistance of ClmUtils. This approach assumes that the business logic in CLMUtils is in line with the implementation design required by your solution.
See the more detailed and specific examples of how to provision requests without the help of ClmUtils.
Dim CLMUtils As ClmUtils
Sub Initialize() Implements IMVSynchronization.Initialize
CLMUtils = New ClmUtils(New String() {
"CertificateLifecycleManagerMA"})
End Sub 'IMVSynchronization.Initialize
Sub Provision(ByVal mventry As MVEntry)
Implements IMVSynchronization.Provision
Dim CLMMA As ConnectedMA = mventry.ConnectedMAs(
"CertificateLifecycleManager")
CLMUtils.CreateEnrollRequest(CLMMA,
New Guid(mventry("objectGUID").BinaryValue),
"Smart Card User Template")
If mventry("clmRequestFlag ").IsPresent Then
Select Case mventry("clmRequestFlag").Value.ToLower()
Case "clmdisable"
CLMUtils.CreateDisableRequest(CLMMA,
New Guid(mventry("objectGUID").BinaryValue),
"Smart Card User Template")
Case "clmretire"
CLMUtils.CreateRetireRequest(CLMMA,
New Guid(mventry("objectGUID").BinaryValue),
"Smart Card User Template")
Case "clmrob"
CLMUtils.CreateRecoverOnBehalfRequest(CLMMA,
New Guid(mventry("objectGUID").BinaryValue),
"Smart Card User Template")
Case "clmsuspend"
CLMUtils.CreateSuspendRequest(CLMMA,
New Guid(mventry("objectGUID").BinaryValue),
"Smart Card User Template")
Case "clmreinstate"
CLMUtils.CreateReinstateRequest(CLMMA,
New Guid(mventry("objectGUID").BinaryValue),
"Smart Card User Template")
End Select
End If
End Sub 'IMVSynchronization.Provision
ClmUtils CLMUtils;
void IMVSynchronization.Initialize()
{
CLMUtils = new ClmUtils(new String[] {
"CertificateLifecycleManagerMA" });
}
void IMVSynchronization.Provision(MVEntry mventry)
{
ConnectedMA CLMMA = mventry.ConnectedMAs[
"CertificateLifecycleManager"];
CLMUtils.CreateEnrollRequest(CLMMA,
new Guid(mventry["objectGUID"].BinaryValue),
"Smart Card User Template");
if (mventry["clmRequestFlag "].IsPresent)
{
switch (mventry["clmRequestFlag"].Value.ToLower())
{
case "clmdisable":
CLMUtils.CreateDisableRequest(CLMMA,
new Guid(mventry["objectGUID"].BinaryValue),
"Smart Card User Template");
break;
case "clmretire":
CLMUtils.CreateRetireRequest(CLMMA,
new Guid(mventry["objectGUID"].BinaryValue),
"Smart Card User Template");
break;
case "clmrob":
CLMUtils.CreateRecoverOnBehalfRequest(CLMMA,
new Guid(mventry["objectGUID"].BinaryValue),
"Smart Card User Template");
break;
case "clmsuspend":
CLMUtils.CreateSuspendRequest(CLMMA,
new Guid(mventry["objectGUID"].BinaryValue),
"Smart Card User Template");
break;
case "clmreinstate":
CLMUtils.CreateReinstateRequest(CLMMA,
new Guid(mventry["objectGUID"].BinaryValue),
"Smart Card User Template");
break;
}
}
}
See Also
Concepts
Using Forefront Identity Manager Synchronization Service
Provisioning Objects in the Connector Space