Zone

Manages Centrify zone objects (Centrify.DirectControl.API.IZone).

Syntax

public interface IZone

Discussion

For each zone you create, you must also define several zone properties. You can also use the Zone class to manage user access rights and the actions users are allowed to perform within a zone. For more information about creating and working with Centrify zones interactively using the Access Manager console, see the Administrator’s Guide for Linux and UNIX.

Methods

The Zone class provides the following methods:

This method Does this

AddMitUser

Adds an MIT Kerberos realm-trusted user to this zone.

Commit

Commits settings to Active Directory for the zone object.

CreateImportPendingGroup

Creates a “pending import” group in the zone.

CreateImportPendingUser

Creates a “pending import” user in the zone.

Delete

Deletes the zone object from Active Directory.

GetComputerByDN

Returns the computer profile using the distinguished name (DN) of the profile.

GetComputers

Returns the list of computers in the zone.

GetComputersContainer

Returns the directory entry for the Computers parent container object.

GetDirectoryEntry

Returns the directory entry for the zone.

GetDisplayName

Returns the display name of the zone.

GetGroupsContainer

Returns the directory entry for the Groups parent container object.

GetGroupUnixProfile

Returns the UNIX group profile for a specified group in the zone.

GetGroupUnixProfileByDN

Returns the group profile using the distinguished name (DN) of the profile.

GetGroupUnixProfileByName

Returns the UNIX group profile for a specified group name in the zone.

GetGroupUnixProfiles

Returns the list of UNIX groups in the zone.

GetImportPendingGroup

Returns an individual “pending import” group in the zone.

GetImportPendingGroups

Returns the collection of “pending import” groups in the zone.

GetImportPendingUser

Returns an individual “pending import” user in the zone.

GetImportPendingUsers

Returns the collection of “pending import” users in the zone.

GetLocalGroupsContainer

Returns the DirectoryEntry of the local groups container.

GetLocalGroupUnixProfile

Returns the local UNIX group profile for a specified group name in the zone.

GetLocalGroupUnixProfileByDN

Returns a local group profile using the distinguished name (DN) of the profile.

GetLocalGroupUnixProfileByGid (Int32)

Returns the local group profile using the Group Identifier (GID). This method is exposed to the .COM interface.

GetLocalGroupUnixProfiles

Returns a list of the local group profiles in the zone.

GetLocalUsersContainer

Returns the directory entry of the local users container.

GetLocalUserUnixProfile

Returns the local user profile using the specified user name.

GetLocalUserUnixProfileByDN

Returns the local user profile specified by the distinguished name (DN) of the profile.

GetLocalUserUnixProfileByUid (Int32)

Returns the local user profile using the User Identifier (UID). This method is exposed to the .COM interface

GetLocalUserUnixProfiles

Returns a list of the local user profiles in the zone.

GetUsersContainer

Returns the directory entry for the Users parent container object.

GetUserUnixProfileByDN

Returns the user profile using the distinguished name (DN) of the profile.

GetUserUnixProfileByName

Returns the UNIX user profile for a specified user name in the zone.

GetUserUnixProfiles

Returns the list of UNIX users in the zone.

GroupUnixProfileExists

Indicates whether a UNIX profile exists for the specified group in the zone.

LocalGroupUnixProfileExists

Indicates whether a UNIX profile exists in the zone for the specified local group.

LocalUserUnixProfileExists

Indicates whether a UNIX profile exists in the zone for the specified local user.

PrecreateComputer

Adds a computer to the zone.

PrecreateWindowsComputer

Adds a Windows computer to the zone.

Refresh

Returns the data stored for the zone object from the data in the Active Directory entry.

UserUnixProfileExists

Indicates whether a UNIX profile exists for the specified user in the zone.

Properties

The Zone class provides the following properties:

This property Does this

AdsiInterface

Gets the IADs interface of the zone object in Active Directory.

ADsPath

Gets the LDAP path to the zone object.

AgentlessAttribute

Gets or sets the Active Directory attribute used for storing the user’s password hash.

AvailableShells

Gets or sets the list of available shells for the zone.

Cims

Gets the Cims object managing the zone.

DefaultGroup

Gets or sets the default group profile to use as the primary group for new users in the zone.

DefaultHomeDirectory

Gets or sets the default path to the user's home directory for new users in the zone.

DefaultShell

Gets or sets the default shell assigned to new users in the zone.

DefaultValueZone

Gets or sets the zone to use for default zone values.

Description

Gets or sets the description property for the zone.

FullName

Gets the full name of the zone.

GroupAutoProvisioningEnabled

Indicates whether auto-provisioning of group profiles is enabled for the zone.

ID

Gets the unique identifier for the zone.

IsHierarchical

Indicates whether this zone supports hierarchical zone features.

IsReadable

Indicates whether the zone object’s properties are readable.

IsSFU

Indicates whether the zone uses the Microsoft Services for UNIX (SFU) schema extension.

IsTruncateName

Determines whether the zone is a TruncateName zone.

IsWritable

Indicates whether the zone object’s properties are writable.

Licenses

Gets or sets the license container associated with this zone.

MasterDomainController

Gets or sets the name of the primary domain controller for the zone.

MustMaintainADGroupMembership

Determines whether Active Directory group membership must be maintained for UNIX users in the zone.

Name

Gets or sets the name of the zone.

NextAvailableGID

Gets or sets the next available GID value for new groups in the zone.

NextAvailableUID

Gets or sets the next available UID value for new users in the zone.

NextGID

Gets or sets the next GID to be used when adding users.

NextUID

Gets or sets the next UID to be used when adding users.

NISDomain

Gets or sets the NIS domain associated with the zone for SFU zones.

ReservedGID

Gets or sets the list of group identifiers (GIDs) that cannot be assigned in the zone.

ReservedUID

Gets or sets the list of User identifiers (UIDs) that cannot be assigned in the zone.

Schema

Gets the schema type of the zone object.

SFUDomain

Gets or sets the Active Directory domain associated with the zone for SFU zones.

UserAutoProvisioningEnabled

Indicates whether auto-provisioning of user profiles is enabled for the zone.

Version

Gets the version number of the data schema.