Programming Active Directory with .NET
To program Active Directory with .NET, you first need to include the
System.DirectoryServices.dll file in your project, and include the System.DirectoryServices namespace in your source file(s). The System.DirectoryServices namespace provides managed-code access to Active Directory by wrapping up the ADSI providers. The classes contained in this namespace include:
- DirectoryEntry
- PropertyCollection
- PropertyValueCollection
- DirectoryEntries
- DirectorySearcher
- SearchResultCollection
- SearchResult
Of these classes, you'll use the DirectoryEntry class, the DirectoryEntries collection, and the DirectorySearcher classes most frequently. The DirectoryEntry class works with the objects in Active Directory—you use it to create, edit, and delete objects from the repository. The DirectoryEntries class represents a collection of DirectoryEntry instances. You use the DirectorySearcher class (as the name implies) to search objects in the ActiveDirectory using LDAP.
ADSI in turn uses LDAP to communicate to Active Directory. LDAP is preferred for accessing relatively static data from multiple locations irrespective of their platforms, and LDAP is the only system-supplied ADSI provider that supports directory searching.
The DirectorySearcher class supports complex searches, including filters. Note, however, that you can use DirectorySearcher only with the LDAP provider and not other with providers such as Novell NetWare Directory Services (NDS) or the Microsoft Internet Information Services (IIS) provider.
Connecting to Active Directory
To connect to Active Directory you
bind to it using a binding string, specifying the binding path. The components of this binding string are:
- Protocol
- Server Name
- Port Number
- Distinguished Name
- User Name
- Password
- Authentication Type
For example, here's a typical binding string:
LDAP://192.1681.49/CN=Users;OU=Software;DC=Joydip
In the preceding binding string, the protocol is
LDAP://, the server name is the IP address, CN implies the common name (which defines an object within the directory), OU stands for Organizational Unit, and DC stands for Domain Controller.
The following code example demonstrates how to use a binding string to connect to Active Directory.
DirectoryEntry directoryEntry = new DirectoryEntry(
"LDAP://192.168.1.49/CN=Users;DC=DomainName");
Adding Objects to Active Directory
Active Directory is organized hierarchically using objects that can be categorized into one of the following categories:
- Resources (Example: Printers, Scanners, etc)
- Services (Example: E-Mail)
- Users (Example: Users and Groups)
The following code snippet demonstrates adding a new "user" object to Active Directory.
DirectoryEntry directoryEntry = new DirectoryEntry("WinNT://" +
Environment.MachineName + ",computer");
DirectoryEntry de = directoryEntry.Children.Add("Joydip", "user");
de.Invoke("SetPassword", new object[] { "jk" });
de.Invoke("Put", new object[] { "Description", "New User" });
de.CommitChanges();
DirectoryEntry dE = directoryEntry.Children.Find(
"Guests", "group");
if (dE != null)
{
dE.Invoke("Add", new object[]
{
de.Path.ToString() });
}
}
Searching Active Directory
The most common use of a directory is to locate resources—in other words, perform a search. The following code snippet demonstrates how to search for an object within Active Directory.
DirectoryEntry directoryEntry= new DirectoryEntry(
"LDAP://192.168.1.49/CN=Users;DC=DomainName");
DirectorySearcher directorySearcher = new
DirectorySearcher(directoryEntry);
directorySearcher.Filter = ("Some Filter");
foreach(SearchResult searchResult in directorySearcher.FindAll())
{
Console.WriteLine(searchResult.GetDirec
toryEntry().Path);
}
Digg
del.icio.us
Newvine
furl
StumbleUpon
BlinkList
Newsvine
Magnolia
Facebook
Tailrank
Slashdot
Technorati
Google Bookmarks
Yahoo Favorites
Windows Live
Ask
Previous Page
