C# (CSharp) SsoPortTypeClient.CreateLocalSolutionUserAsync Exemples

Exemple #1

        /// <summary>
        /// Creates Solution User in the SSO local domain (default domain is vsphere.local)
        /// This operation requires administrator privileges for SSO
        /// </summary>
        /// <param name="authorizationUsername">User with administrator privileges</param>
        /// <param name="authorizationPassword">Password for the authorizationUsername</param>
        /// <param name="userName">Requested solution user username</param>
        /// <param name="certificate">Certificate fo the solution user. This will be the signing certificate which will be used by the solution user to authorize SSO operations (e.g. acquire HoK SAML token from STS service)</param>
        /// <param name="description">Description of the solution user.</param>
        /// <returns>PrincipalId in format "username@domainname"</returns>
        public string CreateLocalSolutionUser(
            string authorizationUsername,
            SecureString authorizationPassword,
            string userName,
            X509Certificate2 certificate,
            string description)
        {
            // Create Authorization Invocation Context
            var authorizedInvocationContext =
                CreateAuthorizedInvocationContext(
                    authorizationUsername,
                    authorizationPassword);

            // Invoke SSO Admin CreateLocalSolutionUser operation
            var ssoPrincipalId = authorizedInvocationContext.
                                 InvokeOperation(() =>
                                                 _ssoAdminClient.CreateLocalSolutionUserAsync(
                                                     new ManagedObjectReference {
                type  = "SsoAdminPrincipalManagementService",
                Value = "principalManagementService"
            },
                                                     userName,
                                                     new SsoAdminSolutionDetails {
                certificate = Convert.ToBase64String(certificate.RawData),
                description = description
            })).Result;

            // Add User to ActAsUsers Group
            var addToActAsUsersGroupResult = authorizedInvocationContext.
                                             InvokeOperation(() =>
                                                             _ssoAdminClient.AddUsersToLocalGroupAsync(
                                                                 new ManagedObjectReference {
                type  = "SsoAdminPrincipalManagementService",
                Value = "principalManagementService"
            },
                                                                 new[] { ssoPrincipalId },
                                                                 "ActAsUsers")).Result;

            if (!addToActAsUsersGroupResult.returnval.FirstOrDefault())
            {
                throw new Exception("Solution User Not Successfully Added to ActAsUsers group");
            }

            return($"{ssoPrincipalId.name}@{ssoPrincipalId.domain}");
        }