Managing users and groups using the web service API

To programmatically manage users, groups, and domains using the Directory Manager Service API (web service), perform the following tasks:

  1. Include project files.

  2. Create a DirectoryManagerService client.

    Create a DirectoryManagerServiceService object by using your proxy class’ constructor.

  3. Invoke the appropriate user or group operations.

    To find a user or group, invoke one of the DirectoryManagerServiceService object’s methods for finding principals (since a principal can be a user or a group). In the example below, the findPrincipalsWithFilter method is called using a search filter (a PrincipalSearchFilter object). When using a PrincipalSearchFilter object, local principals are only returned if the isLocal property is set to true. This behavior is different than what would occur with the Java API.

    Note: If the maximum number of results is not specified in the search filter (through the PrincipalSearchFilter.resultsMax field), a maximum of 1000 results will be returned. This is different behavior than what occurs using the Java API, in which 10 results is the default maximum. Also, the search methods such as findGroupMembers will not yield any results unless the maximum number of results is specified in the search filter (for example, through the GroupMembershipSearchFilter.resultsMax field). This applies to all search filters that inherit from the GenericSearchFilter class. For more information, see LiveCycle API Reference.

    Since the return value in this case is an object[] containing Principal objects, iterate through the result and cast the Principal objects to either User or Group objects.

    Using the resultant User or Group object (which both inherit from the Principal interface), retrieve the information you need in your workflows. For example, the domain name and canonical name values, in combination, uniquely identify a principal. These are retrieved by invoking the Principal object’s domainName and canonicalName fields, respectively.

    To delete a local user, invoke the DirectoryManagerServiceService object’s deleteLocalUser method and pass the user’s identifier.

    To delete a local group, invoke the DirectoryManagerServiceService object’s deleteLocalGroup method and pass the group’s identifier.

// Ethnio survey code removed