Assigning a Role

• Assign the UserCreationManager Role to a trustee

Private Sub AssignRole()
On Error GoTo errHandler
'Gets the role container and then obtains the role to be assigned
Dim objRoleContainer As IRoleContainer
Set objRoleContainer = g_objNameSpace.GetRoleContainer
'Gets the "UserCreationManager" role from the role container
Dim objRoleToAssign As Role
Set objRoleToAssign = objRoleContainer.GetRolesOnNames("UserCreationManager")
'IRoleBasedSD: Interface RoleBased Security Descriptor
'Interface for making any Active directory related operations
'using role objects. OR Role assignement/unassignement operations using AD Objects
Dim objRoleBasedSD As IRoleBasedSD
Set objRoleBasedSD = g_objNameSpace.GetRoleBasedSD("LDAP://172.23.0.241/OU=DhirenTest,OU=TestHierarchy,DC=drc,DC=DR,DC=com")
'RoleBasedACL: RoleBased Access Control List of the AD object
'Has to be obtained from the objRoleBasedSD of the object
Dim objRoleBasedACL As RoleBasedACL
Set objRoleBasedACL = objRoleBasedSD.RoleBasedACL
'RoleBasedACL contains a list of RoleBasedACE
'RoleBasedACE: RoleBased Access Control Entry
'Creates a new RoleBasedACE
 Dim objRoleBasedACE As RoleBasedACE
 Set objRoleBasedACE = New RoleBasedACE 
'Sets RoleBasedACE properties, i.e. The Role to be assigned/unassigned,
'in this case to be assigned
objRoleBasedACE.Role = objRoleToAssign 
'RoleBasedACE has a property called Trustee, which specifies which trustee is the role to be given to
'The Object ofcource will be specified by the objRoleBasedSD of the object
'So set the trustee path
Dim objTrustee As Trustee
Set objTrustee = New Trustee
objTrustee.Path ="LDAP://172.23.0.241/CN=Nokia,CN=Users,DC=drc,DC=DR,DC=com" 'or "LDAP://172.23.0.241/CN=Nokia,CN=Users,DC=drc,DC=DR,DC=com"
'Sets RoleBasedACE properties, i.e. The Trustee object
objRoleBasedACE.Trustee = objTrustee
objRoleBasedACE.InheritanceOrAuditFlags = inheritanceFlag.kInheritanceFlagSubtree
'Now Add the RoleBasedACE to the RoleBasedACL of the Role.
objRoleBasedACL.AddACE objRoleBasedACE
'Sets the RoleBasedACL of the RoleBasedSD
objRoleBasedSD.RoleBasedACL = objRoleBasedACL
'Save/Stamp/Persist the data to the disk. Errors in case, if any
'like trustee not found, Access denied etc will come here
objRoleBasedSD.Persist
Exit Sub
errHandler:
MsgBox "Error Assigning the UserCreationManager Role" & " Error no: " & Err.Number & " ErrorDescription: " & Err.Description
End Sub

See Also

• Pre-requisites Before Scripting for Delegation

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at webmaster@systemmanager.forsenergy.ru to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.