Microsoft MVP Logo

What the hell is YAUOTCMSUDAPI? Yet Another Use Of The MCMS Undocumented API.

While catching up on some of my RSS subscriptions, I noticed I was considerably backloged in the GotDotNet: Samples feed. While catching up, one same caught my eye: MCMS Security API for .NET. Oh boy, that looks like yet another project that uses the COM object… a quick look at the sample description sure implies it:

This is a class library in C# that provides easy access from .NET applications to the MCMS COM Security API. It can be used in Windows or ASP.NET applications running on the MCMS Server…

After nabbing the ZIP of the code sample, I took a look around... yup, confirmed.  There are Interop's of all the COM objects and you can even see his usage within the security.cs file.

Arg! When will people learn? First, it amazes me that a MCMS developer exists who’s been either in the CMS newsgroup or on GotDotNet and seen all Stefan’s examples and STILL people go into the database or work with the MCMS COM objects.

Let’s review class… better yet, go read Stefan’s 3–part series: Documented / Undocumented API - Why Should I care?.  Then, go read Spence’s $.02 (or are those Euros?) on it: Undocumented Interfaces (part 1 & part 2)

Now, for the specific case the GDN sample above addresses, there are workarounds. For example, add only AD groups to the MCMS security constructs. Then you can use the built-in .NET Framework classes to interact with the AD groups.

Please… please for the sake of your sanity, just stay out of the database and don’t muck with the COM objects or anything undocumented.  Just play with PAPI.

Comments powered by Disqus