Previous in Contents Next in Contents

Class BrokConfig

Programmatic Identifier

MemAdmin.BrokConfig.1

CLSID

c78fa6e6-c4ac-11d0-bbda-00c04fb615e5

COM Class Name

BrokConfig

Type Library Name

brokcfg 1.0 Type Library

Type Library Location

c:\Microsoft Site Server\bin\P&M\brokcfg.dll

Threading Model

“Both”

This COM class defines an object that users can use to examine the configuration of a particular Membership Authentication Service instance.  Additionally, administrators can use the object to configure instances.

If the object is created directly, then properties exposed through the interface become “read-only.” Additionally, methods that perform configuration updates are disabled.  Administrators must use the special ObjCreator COM class (ObjCreator.ObjCreator.1) to create an instance of this class using the CreateObjAuth method to render it “read-write”.  Once the object has been created using this method, the calling process or thread must have administrative privileges.  If not, attempts to alter object properties and invoke methods that update the service instance configuration will return the E_ACCESSDENIED HRESULT value.

Interfaces

The BrokConfig COM class exposes the dual custom COM interface IBrokConfig.  The methods and properties are accessible through the COM interface IBrokConfig, or through the dispinterface IBrokConfig. As discussed above, properties and methods exposed through this interface that can alter the configuration of the respective Membership Authentication service instance are rendered “read-only” if the object is created directly. If the ObjCreator COM class is used to create the object using the CreateObjAuth method, and the calling process or thread has Windows NT administrative privileges, the methods and properties are rendered “read-write.”

Interface IBrokConfig

Methods

CheckAcct

This method verifies that the calling process or thread has Windows NT administrative privileges.

IDL Definition 

HRESULT CheckAcct(BSTR bszDomain, BSTR bszName, BSTR bszPassword);

Parameters

bszDomain

The domain of the account.

bszName

The name of the account.

bszPassword

The password of the account.

Return Value

a standard HRESULT value.

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
call BrokConfig.CheckAcct("domain","username","password")

LoadDefaults

The LoadDefaults method resets the configuration information for the specified Membership server instance with default settings.  The changes only affect the information stored in the object.  To commit the changes, invoke SetConfig.

IDL Definition

HRESULT LoadDefaults ( LONG lvirtserverID ) ;

Parameters

lvirtserverID

The Membership Authentication server instance ID.

Return Values

A standard HRESULT value.

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetInfo 1
BrokConfig.LoadDefaults 1  'reset the server to default settings
BronConfig.SetConfig

GetConfig

The GetConfig method initializes the object with configuration settings for the specified Membership server instance.

IDL Definition

HRESULT GetConfig ( LONG lvirtserverID ) ;

Parameters

lvirtserverID

The Membership Authentication server instance ID.

Return Values

A standard HRESULT value.

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1

SetConfig

The SetConfig method commits the changes to the configuration settings for the current Membership Authentication server instance as they are defined in the running object.  The current instance is defined by the last call to GetConfig.

IDL Definition

HRESULT SetConfig() ;

Return Values

A standard HRESULT value

Remarks

Call SetConfig to persist the changes made to the configuration of the current Membership Authentication service instance as defined within the running BrokConfig object.

This method will return E_ACCESSDENIED if the object was not created with the ObjCreator COM object.  If it was, the value is returned if the calling process or thread does not have Windows NT administrative privileges.

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth ("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
'  change config for instance(code ommited)
BrokConfig.SetConfig

Properties

lVirtServId

The lVirtServId property is the Membership Authentication server instance identifier. This property is always read-only and is specified using the GetConfig method.

Type

LONG

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
'  do some things with this instance
'  echo instance
WScript.Echo "Server Instance " & BrokConfig.lVirtServId

bLocal

The bLocal property specifies whether the LDAP server hosting the directory service for this instance of the Membership Authentication server is local. Set bLocal to FALSE to specify the name of the server and the TCP/IP port.  This property defaults to FALSE.

Type

BOOL

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
BrokConfig.bLocal = FALSE
' go on to configure

bszServerName

The bszHostName property specifies the host name of the remote machine on which the LDAP service instance is running that hosts the directory information for this Membership Authentication service instance. This property is used only if bLocal is set to FALSE.  Any valid DNS name can be used here.  This property defaults to "localhost".

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
BrokConfig.bLocal=0
BrokConfig.bszServerName="localhost"

lPort

The lPort property specifies the port number the LDAP service instance is listening on. This property is used to bind the TCP/IP socket with the LDAP server instance if bSecure is FALSE and bLocal is false.  This property defaults to 389.

Type

LONG

Example

BrokConfig.lPort = 1002

bSecure

The bSecure property specifies whether the Membership Authentication service instance should bind a TCP/IP socket with the remote LDAP server instance using the Secure Sockets Layer (SSL) protocol. Set to TRUE to enable the SSL.  If TRUE, the lSecurePort value will be used as the port value for LDAP service instance when binding the socket.  This property is used only if bLocal is set to FALSE.

Type

BOOL

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bSecure = TRUE
BrokConfig.lSecurePort=443
BrokConfig.SetConfig

lSecurePort

The lSecurePort property specifies the port number of the LDAP service instance that is running with the Secure Sockets Layer (SSL) protocol enabled. This property is used in conjunction with the bszServerName property when binding the TCP/IP socket between the Membership Authentication service instance and the remote LDAP server instance. The lSecurePort port number is used if bSecure is set to TRUE and bLocal is set to FALSE.

Type

LONG

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
BrokConfig.bSecure=1
BrokConfig.lSecurePort = 443
BrokConfig.SetConfig

lTimeLimit

The lTimeLimit property specifies how long, in seconds, the Membership Authentication service instance will wait for search results from the LDAP service instance to be returned.

Type

LONG

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
BrokConfig.lTimeLimit = 60 ‘ seconds
BrokConfig.SetConfig

lSizeLimit

The lSizeLimit property specifies, in bytes, the maximum result set size for a search query that will be accepted from the LDAP service instance.

Type

LONG

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
BrokConfig.lSizeLimit = 2048 ' 2 KB max result set size
'  …
BrokConfig.SetConfig

bszBaseDN

The bszBaseDN property specifies the base Distinguished Name (DN) for the Membership directory service. This is an X.500 name in ascending order. (e.g. "o=RealmName ")  This DN is used when requesting data from a particular realm in a  LDAP directory service instance.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
BrokConfig.bszBaseDN="o=Microsoft"
BrokConfig.SetConfig

lCacheTimeout

The lCacheTimeout property specifies how long user properties will remain in the Membership Authentication service instance without a retrieval request before being purged. This property is in units of seconds. Note that this timeout period resets after each request for the user's properties by an instance of the UserObjects object.

Type

LONG

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") 
BrokConfig.GetConfig 1
BrokConfig.lCacheTimeout = 120 
BrokConfig.SetConfig

bszGroupPrefix

The bszGroupPrefix property is a string “attached” to the beginning of all Membership specific group names when mapping these groups to Windows NT groups.  In order to avoid name clashes, it is a good idea to relate the prefix to the Membership Authentication service instance identifier.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszGroupPrefix = "MemInstGrp1"
BrokConfig.SetConfig

bCreateGroups

The bCreateGroups property is a true/false flag specifying whether the Membership Authentication service instance should attempt to create Windows NT groups that do not exist when mapping Membership groups to Windows NT groups. Set bCreateGroups to TRUE to have the Membership service instance create groups.  For further information about mapping Membership groups to Windows NT Groups, see the P&M Operations Guide.

Type

BOOL

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bCreateGroups = TRUE
BrokConfig.SetConfig

bszDomain

The bszDomain property specifies an optional Windows NT domain to use when mapping Membership groups to Windows NT groups.  If bszDomain is defined, then associated Windows NT groups that map to Membership Directory groups are assumed to reside in this domain.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszDomain = "SomeDomain"
BrokConfig.SetConfig

bszDsName

The bszDsName is the full distinguished name (DN) of the user account the Membership Authentication service instance will use to authenticate itself to the Membership LDAP service instance. This is an X.500 name.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszDsName = “cn=MBSBRKR2_MACHINENAME,ou=members,o=RealmName"
' using LDAP
BrokConfig.SetConfig

bszDsPwd

This write-only property is the password presented when the Membership Authentication service instance authenticates itself to its hosting LDAP directory service instance.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszDsPwd = "thepassword"
BrokConfig.SetConfig

bszProxyName

The bszProxyName property specifies the Membership Authentication service instance’s Windows NT impersonation account.  This property is used when the Membership service instance is used for Authentication services.  See the P&M Operations Guide for more information.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszProxyName = "MemProxyUser2"
BrokConfig.SetConfig

bszProxyPwd

The bszProxyPwd property specifies the password that accompanies the Windows NT account username specified by the bszProxyName property.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszProxyPwd = "somepassword"
BrokConfig.SetConfig

bszProxyDomain

The bszProxyDomain property specifies an optional Windows NT domain for the bszProxyName proxy account. 

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszProxyDomain = "somedomain"
BrokConfig.SetConfig

bUseTrackCookie

This property specifies whether the Membership Authentication service instance should issue tracking cookies with HTTP request responses. Set this property to TRUE to issue tracking cookies. This property defaults to FALSE.

Type

BOOL

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bUseTrackCookie = TRUE
BrokConfig.SetConfig

lPwdCookieTimeout

This property specifies how long the authentication cookies issued to clients by the server instance remain valid before a new login is required.  These cookie values are used in conjunction with the HTML Forms Authentication mode for the Membership service.  The timeout is in minutes since the last received client request.  This property appears in the MMC property page for the Membership Authentication service instance under the P&M snap-in as the HTML Forms Authentication Session Timeout.

Type

LONG

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.lPwdCookieTimeout = 5  ‘ 5 minutes HTML Forms
                                  ‘ session timeout
BrokConfig.SetConfig

bEnabled

The bEnabled property is a boolean flag specifying whether this instance of a Membership Authentication server will provide authentication services using the Membership directory database. Set to FALSE to disable authentication. This property defaults to TRUE.

Type

BOOL

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bEnabled = FALSE
BrokConfig.SetConfig

bszComment

The bszComment property specifies a name to associate with this instance of a Membership Authentication service instance.  For example, this name appears as the instance name in the Microsoft Management Console under the P&M snap-in.  It is good practice to specify the type of authentication the server supports, if any, in this name.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszComment = "Intranet Membership Instance #1 (NT Authentication)"
BrokConfig.SetConfig

bPwdCookiePersist

This property defines whether the Membership Authentication service instance should persist authentication cookies that are used if the HTML Forms Authentication method is selected for the service instance. This property defaults to TRUE.

Type

BOOL

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bPwdCookiePersist = TRUE
BrokConfig.SetConfig

bszRealm

The bszRealm property optionally specifies the directory service realm to associate with this instance of the Membership Authentication service instance.  For example, “o=MyRealm”

Type

BSTR

lTokenCacheTimeout

This property specifies how long a Membership Authentication service instance that is configured to handle authentication will cache the security tokens issued on behalf of clients.  This property is in units of minutes.

Type

LONG

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.lTokenCacheTimeout = 12 ' 12 minutes before new token 'generated
BrokConfig.SetConfig

bszTokenCreatorDll

This property specifies the dynamic link library that a Membership Authentication  service instance configured to handle authentication will use to generate security tokens for clients.

Type

BSTR

Example

Set ObjCreator = CreateObject("ObjCreator.ObjCreator.1")
Set BrokConfig = ObjCreator.CreateObjAuth("MemAdmin.BrokConfig.1") BrokConfig.GetConfig 1
BrokConfig.bszTokenCreatorDll = "c:\mydlls\tokencreator.dll"
BrokConfig.SetConfig
© 1997-2000 Microsoft Corporation. All rights reserved.