Zone
Manages IBM Security zone objects (Centrify.DirectControl.API.IZone).
Syntax
public interface IZone
Discussion
For each zone you create, you must also define several zone properties. You can
also use the Zone class to manage user access rights and the actions users are
allowed to perform within a zone. For more information about creating and
working with IBM Security zones interactively using the Access Manager console, see
the Administrator’s Guide for Linux and UNIX.
Methods
The Zone class provides the following methods:
| Method | Description |
|---|---|
AddMitUser
|
Adds an MIT Kerberos realm-trusted user to this zone. |
Commit
|
Commits settings to Active Directory for the zone object. |
CreateImportPendingGroup
|
Creates a "pending import" group in the zone. |
CreateImportPendingUser
|
Creates a "pending import" user in the zone. |
Delete
|
Deletes the zone object from Active Directory. |
GetComputerByDN
|
Returns the computer profile using the distinguished name (DN) of the profile. |
GetComputers
|
Returns the list of computers in the zone. |
GetComputersContainer
|
Returns the directory entry for the Computers parent container object. |
GetDirectoryEntry
|
Returns the directory entry for the zone. |
GetDisplayName
|
Returns the display name of the zone. |
GetGroupsContainer
|
Returns the directory entry for the Groups parent container object. |
GetGroupUnixProfile
|
Returns the UNIX group profile for a specified group in the zone. |
GetGroupUnixProfileByDN
|
Returns the group profile using the distinguished name (DN) of the profile. |
GetGroupUnixProfileByName
|
Returns the UNIX group profile for a specified group name in the zone. |
GetGroupUnixProfiles
|
Returns the list of UNIX groups in the zone. |
GetImportPendingGroup
|
Returns an individual "pending import" group in the zone. |
GetImportPendingGroups
|
Returns the collection of "pending import" groups in the zone. |
GetImportPendingUser
|
Returns an individual "pending import" user in the zone. |
GetImportPendingUsers
|
Returns the collection of "pending import" users in the zone. |
GetLocalGroupsContainer
|
Returns the DirectoryEntry of the local groups container. |
GetLocalGroupUnixProfile
|
Returns the local UNIX group profile for a specified group name in the zone. |
GetLocalGroupUnixProfileByDN
|
Returns a local group profile using the distinguished name (DN) of the profile. |
GetLocalGroupUnixProfileByGid (Int32)
|
Returns the local group profile using the Group Identifier (GID). This method is exposed to the .COM interface. |
GetLocalGroupUnixProfiles
|
Returns a list of the local group profiles in the zone. |
GetLocalUsersContainer
|
Returns the directory entry of the local users container. |
GetLocalUserUnixProfile
|
Returns the local user profile using the specified user name. |
GetLocalUserUnixProfileByDN
|
Returns the local user profile specified by the distinguished name (DN) of the profile. |
GetLocalUserUnixProfileByUid (Int32)
|
Returns the local user profile using the User Identifier (UID). This method is exposed to the .COM interface |
GetLocalUserUnixProfiles
|
Returns a list of the local user profiles in the zone. |
GetUsersContainer
|
Returns the directory entry for the Users parent container object. |
GetUserUnixProfileByDN
|
Returns the user profile using the distinguished name (DN) of the profile. |
GetUserUnixProfileByName
|
Returns the UNIX user profile for a specified user name in the zone. |
GetUserUnixProfiles
|
Returns the list of UNIX users in the zone. |
GroupUnixProfileExists
|
Indicates whether a UNIX profile exists for the specified group in the zone. |
LocalGroupUnixProfileExists
|
Indicates whether a UNIX profile exists in the zone for the specified local group. |
LocalUserUnixProfileExists
|
Indicates whether a UNIX profile exists in the zone for the specified local user. |
PrecreateComputer
|
Adds a computer to the zone. |
PrecreateWindowsComputer
|
Adds a Windows computer to the zone. |
Refresh
|
Returns the data stored for the zone object from the data in the Active Directory entry. |
UserUnixProfileExists
|
Indicates whether a UNIX profile exists for the specified user in the zone. |
Properties
The Zone class provides the following properties:
| Property | Description |
|---|---|
[AdsiInterfaceadsiinterface.md) |
Gets the IADs interface of the zone object in Active Directory. |
ADsPath
|
Gets the LDAP path to the zone object. |
AgentlessAttribute
|
Gets or sets the Active Directory attribute used for storing the user’s password hash. |
AvailableShells
|
Gets or sets the list of available shells for the zone. |
Cims
|
Gets the Cims object managing the zone. |
DefaultGroup
|
Gets or sets the default group profile to use as the primary group for new users in the zone. |
DefaultHomeDirectory
|
Gets or sets the default path to the user's home directory for new users in the zone. |
DefaultShell
|
Gets or sets the default shell assigned to new users in the zone. |
DefaultValueZone
|
Gets or sets the zone to use for default zone values. |
Description
|
Gets or sets the description property for the zone. |
FullName
|
Gets the full name of the zone. |
GroupAutoProvisioningEnabled
|
Indicates whether auto-provisioning of group profiles is enabled for the zone. |
ID
|
Gets the unique identifier for the zone. |
IsHierarchical
|
Indicates whether this zone supports hierarchical zone features. |
IsReadable
|
Indicates whether the zone object's properties are readable. |
IsSFU
|
Indicates whether the zone uses the Microsoft Services for UNIX (SFU) schema extension. |
IsTruncateName
|
Determines whether the zone is a TruncateName zone. |
IsWritable
|
Indicates whether the zone object's properties are writable. |
Licenses
|
Gets or sets the license container associated with this zone. |
MasterDomainController
|
Gets or sets the name of the primary domain controller for the zone. |
MustMaintainADGroupMembership
|
Determines whether Active Directory group membership must be maintained for UNIX users in the zone. |
Name
|
Gets or sets the name of the zone. |
NextAvailableGID
|
Gets or sets the next available GID value for new groups in the zone. |
NextAvailableUID
|
Gets or sets the next available UID value for new users in the zone. |
NextGID
|
Gets or sets the next GID to be used when adding users. |
NextUID
|
Gets or sets the next UID to be used when adding users. |
NISDomain
|
Gets or sets the NIS domain associated with the zone for SFU zones. |
ReservedGID
|
Gets or sets the list of group identifiers (GIDs) that cannot be assigned in the zone. |
ReservedUID
|
Gets or sets the list of User identifiers (UIDs) that cannot be assigned in the zone. |
Schema
|
Gets the schema type of the zone object. |
SFUDomain
|
Gets or sets the Active Directory domain associated with the zone for SFU zones. |
UserAutoProvisioningEnabled
|
Indicates whether auto-provisioning of user profiles is enabled for the zone. |
Version
|
Gets the version number of the data schema. |