Account Class
Manages Account objects.
Syntax
class Account
Properties of the Account class
The Account class provides the following properties:
| Property | Description |
|---|---|
| IsSystemAccount property | Gets a value indicating whether the account is a Windows system account. |
| IsWindowsAccount property | Gets a value indicating whether the account is a Windows domain account. |
| UserName property | Gets the user name of the account. |
Description of the Account class
The accounts used for auditing include the management database account, audit store database account, and collector accounts. This class provides properties to retrieve information about an account.
See also
IsSystemAccount Property
Gets a value indicating whether the account is a Windows system account.
Syntax
bool IsSystemAccount{get;}
Return Value
Returns true if the account is a Windows system account; otherwise, false.
Discussion of the IsSystemAccount Property
When you attach a new database to the audit store, you must set the database to allow access by the management database account. Before you call the AddAuditServerAccount method, you should check to see if the management database account is a Windows system account because if it is, the Account.UserName property is not a Windows domain account name and therefore cannot be passed directly to the AddAuditServerAccount method.
Example
The following code sample first checks to make sure the management database account is not a system account. If it is not a system account, the sample calls the AddAuditServerAccount method. If the management database is a system account, the sample returns an error message.
...
' Grant permission to management database to access the audit store database
SET objAuditServers = objInstallation.AuditServers
FOR EACH objAuditServer IN objAuditServers
SET objAuditServerAccount = objAuditServer.OutgoingAccount
IF NOT objAuditServerAccount.IsSystemAccount THEN
objAuditStoreDatabase.AddAuditServerAccount objAuditServerAccount.UserName, & _
objAuditServerAccount.IsWindowsAccount
wscript.echo "Added management database account '" &
objAuditServerAccount.UserName & "'."
ELSE
wscript.echo "Cannot add account for management database '" &
objAuditServer.Name & _
& "' because the account '" & objAuditServerAccount.UserName & _
& "' is a system account."
wscript.echo "NOTE: Please add allowed incoming management database for '" & _
& objAuditServer.Name & _
& "' to the new audit store database in Audit Manager."
END IF
See also
IsWindowsAccount Property
Gets a value indicating whether the account is a Windows domain account.
Syntax
bool IsWindowsAccount {get;}
Return Value
Returns true if the account is a Windows domain account; false if the account is an SQL Server login account.
Discussion
The management database-to-audit store database connection and the collector-to-audit store connection can use either Windows authentication or SQL Server authentication.
Example
The following code sample illustrates using this property as an input parameter to the AddAuditServerAccount method:
...
'Add management database accounts for those management databases running in
' system account; e.g. NT Authority/Network Service
'
DIM strAuditServerAccount
DIM isAuditServerWindowsAccount
isAuditServerWindowsAccount = true
strAuditServerAccount = "DOMAIN\MACHINE$"
objAuditStoreDatabase.AddAuditServerAccount strAuditServerAccount, & _
isAuditServerWindowsAccount
wscript.echo "Added management database account '" & strAuditServerAccount &
"'."
See also
UserName Property
Gets the user name of the account.
Syntax
string UserName {get;}
Return Value
Returns the user name of the account.
Discussion
If the account is a Windows account, the user name is the Windows domain account name. If the account is an SQL Server login account, the user name is the SQL Server account name.
Example
The following code sample illustrates using this property as an input parameter to the AddCollectorAccount method:
...
' Copy Collector accounts from current active audit store database
SET objCollectorAccounts = objActiveDatabase.CollectorAccounts
FOR EACH objCollectorAccount IN objCollectorAccounts
objAuditStoreDatabase.AddCollectorAccount objCollectorAccount.UserName
wscript.echo "Added Collector account '" & objCollectorAccount.UserName & "'."
