Adding members to a group through code- [Resolved]

Jun 2, 2010 at 5:12 PM

I need some help regarding FIM web service. I have written some code to add a given person object in a given group. For this, I’m using latest FIM WS Client (latest changeset). Below is code that I’ve written to accomplish the task, 

This code works;

  1. Get group object from given group display name
  2. Get person object from given person mail alias
  3. Add person object ID to Group’ Explicit Member list

       public static void AddUserToGroup(string groupDisplayName, string userAlias)
       {

           DefaultClient client = new DefaultClient();

           RmGroup group = null;

           String filter = String.Format("/Group[{0} = '{1}']", RmResource.AttributeNames.DisplayName.Name, groupDisplayName);

           foreach (RmResource resource in client.Enumerate(filter))

           {

               group = resource as RmGroup;

               break;

          }

           String personXPath = String.Format("/Person[{0} = '{1}']", RmPerson.AttributeNames.MailNickname, userAlias);

           RmResource person = null;

           foreach (RmResource resource in client.Enumerate(personXPath))

           {

              person = resource;

               break;

           }

           client.RefreshSchema();

           using (RmResourceChanges transaction = new RmResourceChanges(group))

           {

               try

               {

                   transaction.BeginChanges();

                   group.ExplicitMember.Add(person.ObjectID);

                   transaction.AcceptChanges();

                   client.Put(transaction);

               }

               catch (System.ServiceModel.FaultException<Microsoft.ResourceManagement.Client.Faults.AuthorizationRequiredFault> authZfault)

               {

                   Console.ForegroundColor = ConsoleColor.Red;

                   Console.WriteLine(authZfault.ToString());

               }

               catch (System.ServiceModel.FaultException otherFault)

               {

                   Console.ForegroundColor = ConsoleColor.Red;

                   Console.WriteLine(otherFault.ToString());

               }

               finally

               {

                   Console.ForegroundColor = ConsoleColor.White;

               }

           }

           Console.Read();

       } 

I’m facing a strange problem. I’m able to enumerate group and person but I’m not able to write back my changes using Client.Put. I get a fault exception which says “Endpoint not able to dispatch request”

It would be very helpful if anyone can provide me pointers regarding how to fix/ debug this issue.

Developer
Jun 2, 2010 at 5:43 PM

Hi,

Are you sure the account that is being used by the cleint has the rights necessary to edit this group?

I would check the request log in the FIM server. What is the status of the request?

I would guess that you do not have rights to make this change. Make sure there is an MPR that grants rights.

 

-Jeremy

Jun 2, 2010 at 6:06 PM

Thanks for your reply.

I'm not providing any custom credential to client. I'm using my own windows cred to run this application. I'm able to browse + create new group + add member to group from FIM portal.

By request log do you mean My Requests screen in FIM UI? I'm not able to see these requests there. Is there anywhere else where I can check for these logs?

How can I check my rights?

I'm very new to FIM and I'm not aware of MPRs.

Developer
Jun 2, 2010 at 6:25 PM

If you do not see the request in the My Requests screen then that is a good indication that the account is not correct.

I would check the sample projects to see how to specify a user credential for the client.

I would also go through the Search Requests area to see all of the requests so you can check the status of the failed requests and verify the requestor.

-Jeremy

Coordinator
Jun 3, 2010 at 6:58 AM
Edited Jun 3, 2010 at 6:59 AM

Hi, I think that the problem is that you are calling AcceptChanges before Put.
Try instead

{code}
client.Put(transaction);
transaction.AcceptChanges();
{code}

Hope this helps,

Paolo

Jun 3, 2010 at 8:18 AM

Thanks for your comments.

 

I'll try to make all these changes and check. Meanwhile, I'm facing another weird problem.

Since today morning, I'm not able to run FIM Resource Manager Service. Whenever I start it, it automatically shuts down and I see below mentioned error in event log. All this eas running perfect yesterday.

 

Service cannot be started. Microsoft.ResourceManagement.ResourceManagementException: Database is not compatible with this binary.

 

at Microsoft.ResourceManagement.Service.Application.Start()

 

 

 

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Coordinator
Jun 3, 2010 at 8:50 AM

I've never seen that error... try posting on the forum, maybe.

Jun 4, 2010 at 5:25 AM

Error: Database is not compatible with binary was due to some FIM upgrade on our server. This is working fine.

Adding members is also working fine after doing ...

{code}
client.Put(transaction);
transaction.AcceptChanges();
{code}

Can I also Remove members from a group in same way?

transaction.BeginChanges();

group.ExplicitMember.Remove(person.ObjectID);
client.Put(transaction);
transaction.AcceptChanges(); 

What is the difference between client.Put(transaction) & transaction.AcceptChanges()?

Thanks for you assistance. :-)

Coordinator
Jun 4, 2010 at 8:19 AM

Yes, you should be able to remove users from a group in the same way.

I added an example on the Default Client documentation page that should clarify a little the role of the RmResourceChanges object.

Cheers,
Paolo

Jun 5, 2010 at 3:46 AM

Everything is working fine now. I'm able to add user to a group and remove user from a group.

Let me know, if posting my code will be of any benefit to the community.

Thanks you all for great support.

Jan 2, 2014 at 11:54 AM
Hi,

I am trying to remove a user from group.but i am not able to do it.
but adding a user to group is working fine.
             transaction.BeginChanges();

            group.ExplicitMember.Remove(person.ObjectID);
            client.Put(transaction);----throws an exception -endpoint could not dispatch the request.
            transaction.AcceptChanges();
but
for add code block it works fine:-
transaction.BeginChanges();
            group.ExplicitMember.Add(person.ObjectID);

            client.Put(transaction);
            transaction.AcceptChanges();
I have tried all possible solution mentioned above.
Any help on this or any one can share the code if required.
Jan 2, 2014 at 11:55 AM
could you post the code block for removing a user from a group
Coordinator
Jan 6, 2014 at 7:33 AM
Hi Shaktinp,
Are you sure that the group's ExplicitMember property contains the member's objectID when you do the Remove operation?
Otherwise no changes will be detected.
Cheers,
Paolo
Jan 7, 2014 at 4:32 AM
Hi Paolo,

I have resolved the issue.Thanks for the help.

Regards
Shakti