Partager via

Put

  • Article

The FIM Service Resource Endpoint implements the WS-Transfer: Identity Management Operations for Directory Access Extensions specification (WS-Transfer IMO) version of the Put operation (see). The default endpoint address for Put is https://Localhost:5725/ResourceManagementService/Resource.

Parameters

Action Header

Refer to the WS-Transfer IMO specification.

Reference Property Header

The Reference Property header used by the Resource Factory Endpoint can be used as a parameter for the Get operation. The same device is used as input to the Put operation to identify the object to which the Put operation is to be applied.

Type and Value Element

Put requests to the FIM Resource endpoint are required to identify the elements to be updated. Those elements must be identified in compliance with the WS-Transfer IMO specification using the Identity Attribute Type 1.0 dialect defined in the Identity Attribute Type 1.0 dialect specification.

Change Operation

As an extension to the WS-Transfer IMO specification, the add and delete operations are only supported for inserting and removing values from multi-value attributes. The replace operation is only supported for setting values on single-value attributes. Specifying the incorrect operation will result in an InvalidOperation SOAP Fault.

Return Values

Action Header

Refer to the WS-Transfer IMO specification.

Resource Transfer Header

Refer to the WS-Transfer IMO specification.

Examples

A sample invocation of the Put operation is shown in the following sample. The text in bold indicates what would be specific to the FIM extension of the WS-Transfer specification: the address of the service, the use of the <ResourceReferenceProperty> element as the reference property, the names and values for object properties, and the addition to the Identity Attribute Type 1.0 dialect for identifying objects to be removed from collections.

Sample invocation of the Put operation to add members to a Group

<s:Envelope 
  xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
  xmlns:wsa="https://schemas.xmlsoap.org/ws/2004/08/addressing" 
  xmlns:rm="https://schemas.microsoft.com/2006/11/ResourceManagement">
  xmlns:da="https://schemas.microsoft.com/2006/11/IdentityManagementService/DirectoryAccess">

   <s:Header>
      <wsa:ReplyTo>
         <wsa:Address>
            http://www.woodgrovebank.com/sender
         </wsa:Address>
      </wsa:ReplyTo>
      <wsa:To>
        http://www.woodgrovebank.com:5725/IdentityManagementService/Resource
      </wsa:To>
      <rm:ResourceReferenceProperty>03CED96B-BE01-4C18-95A5-FCD2FAA09C25</rm:ResourceReferenceProperty>
      <wsa:Action>
        https://schemas.xmlsoap.org/ws/2004/09/transfer/Put
      </wsa:Action>
      <wsa:MessageID>
        uuid:00000000-0000-0000-C000-000000000046
      </wsa:MessageID>
      <rm:ResourceManagement s:mustUnderstand=“true"/>
    </s:Header>
  <s:Body>
    <da:ModifyRequest Dialect=" https://schemas.microsoft.com/2006/11/ResourceManagement/Dialect/IdentityAttributeType-20080602">
      <da:Change Operation="add">
        <da:AttributeType>
          ExplicitMember
        </da:AttributeType>
        <da:AttributeValue>
          <rm:Member>44444444-4444-4444-4444-444444444444</rm:Member>
        </da:AttributeValue>
      </da:Change>
      <da:Change Operation="add">
        <da:AttributeType>
          ExplicitMember
        </da:AttributeType>
        <da:AttributeValue>
          <rm:Member>55555555-5555-5555-5555-555555555555</rm:Member>
        </da:AttributeValue>
      </da:Change>
    </da:ModifyRequest>
  </s:Body>
</s:Envelope>

Sample invocation of the Put operation to remove members of a Group

The following code example uses the Identity Attribute Type 1.0 dialect to identify a value to be removed.

<s:Envelope 
  xmlns:s="http://www.w3.org/2003/05/soap-envelope" 
  xmlns:wsa="https://schemas.xmlsoap.org/ws/2004/08/addressing" 
  xmlns:rm="https://schemas.microsoft.com/2006/11/ResourceManagement">
  xmlns:da="https://schemas.microsoft.com/2006/11/IdentityManagementService/DirectoryAccess">
  <s:Header>
    <wsa:ReplyTo>
      <wsa:Address>
        http://www.woodgrovebank.com/sender
      </wsa:Address>
    </wsa:ReplyTo>
    <wsa:To>
      http://www.woodgrovebank.com:5725/IdentityManagementService/Resource
    </wsa:To>
    <rm:ResourceReferenceProperty>03CED96B-BE01-4C18-95A5-FCD2FAA09C25</rm:ResourceReferenceProperty>
    <wsa:Action>
      https://schemas.xmlsoap.org/ws/2004/09/transfer/Put
    </wsa:Action>
    <wsa:MessageID>
      uuid:00000000-0000-0000-C000-000000000046
    </wsa:MessageID>
    <rm:ResourceManagement s:mustUnderstand=“true"/>
  </s:Header>
  <s:Body>
    <da:ModifyRequest Dialect="https://schemas.microsoft.com/2006/11/ResourceManagement/Dialect/IdentityAttributeType-20080602">
      <da:Change Operation="delete">
        <da:AttributeType>
          ExplicitMember
        </da:AttributeType>
        <da:AttributeValue>
44444444-4444-4444-4444-444444444444
        </da:AttributeValue>
      </da:Change>
      <da:Change Operation="delete">
        <da:AttributeType>
          ExplicitMember
        </da:AttributeType>
        <da:AttributeValue>
55555555-5555-5555-5555-555555555555
        </da:AttributeValue>
      </da:Change>
    </da:ModifyRequest>
  </s:Body>
</s:Envelope>

Sample invocation of the Put operation to update the display name of an ma-data object

The following code example uses the Identity Attribute Type 1.0 dialect to replace single-value attributes. The DisplayName of an ma-data resource is replaced with the value "AD Management Agent".

<s:Envelope  
   xmlns:s="http://www.w3.org/2003/05/soap-envelope"  
      xmlns:wsa="http://www.w3.org/2005/08/addressing" 
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
      xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
xmlns:da="https://schemas.microsoft.com/2006/11/IdentityManagement/DirectoryAccess"      
xmlns:rm="https://schemas.microsoft.com/2006/11/ResourceManagement"> 
  <s:Header> 
    <wsa:Action> 
      https://schemas.xmlsoap.org/ws/2004/09/transfer/Put 
    </wsa:Action> 
    <da:IdentityManagementOperation s:mustUnderstand="1" /> 
    <rm:ResourceReferenceProperty> 
      urn:uuid:fa14aafd-d74b-4833-bd94-94c96ee1b278 
    </rm:ResourceReferenceProperty> 
    <wsa:MessageID> 
      urn:uuid:5fb63904-b05a-408d-8a4a-4d2f9332568e 
    </wsa:MessageID> 
    <wsa:ReplyTo> 
      <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address> 
    </wsa:ReplyTo> 
    <wsa:To> 
      http://www.fabrikam.com:5725/IdentityManagementService/Resource 
    </wsa:To> 
  </s:Header> 
  <s:Body> 
    <da:ModifyRequest Dialect=" 
https://schemas.microsoft.com/2006/11/ResourceManagement/Dialect/IdentityAttributeType-
20080602"> 
      <da:Change Operation="replace"> 
        <da:AttributeType>DisplayName</da:AttributeType> 
        <da:AttributeValue> 
          <rm:DisplayName>AD Management Agent</rm:DisplayName> 
        </da:AttributeValue> 
      </da:Change> 
    </da:ModifyRequest> 
  </s:Body> 
</s:Envelope>

Remarks

The Alternate Endpoint implements a Put operation similar to that of the Resource endpoint.

See Also

Concepts

Resource Endpoint
Alternate Endpoint