RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


Fine-tune Your Active Directory Operations with .NET : Page 2

Accessing and modifying objects in Active Directory from .NET languages is a straightforward process, thanks to built-in support in the .NET framework.

Programming Active Directory with .NET
To program Active Directory with .NET, you first need to include the System.DirectoryServices.dll file in your project, and include the System.DirectoryServices namespace in your source file(s). The System.DirectoryServices namespace provides managed-code access to Active Directory by wrapping up the ADSI providers. The classes contained in this namespace include:

  • DirectoryEntry
  • PropertyCollection
  • PropertyValueCollection
  • DirectoryEntries
  • DirectorySearcher
  • SearchResultCollection
  • SearchResult
Of these classes, you'll use the DirectoryEntry class, the DirectoryEntries collection, and the DirectorySearcher classes most frequently. The DirectoryEntry class works with the objects in Active Directory—you use it to create, edit, and delete objects from the repository. The DirectoryEntries class represents a collection of DirectoryEntry instances. You use the DirectorySearcher class (as the name implies) to search objects in the ActiveDirectory using LDAP.

ADSI in turn uses LDAP to communicate to Active Directory. LDAP is preferred for accessing relatively static data from multiple locations irrespective of their platforms, and LDAP is the only system-supplied ADSI provider that supports directory searching.

The DirectorySearcher class supports complex searches, including filters. Note, however, that you can use DirectorySearcher only with the LDAP provider and not other with providers such as Novell NetWare Directory Services (NDS) or the Microsoft Internet Information Services (IIS) provider.

Connecting to Active Directory
To connect to Active Directory you bind to it using a binding string, specifying the binding path. The components of this binding string are:

  • Protocol
  • Server Name
  • Port Number
  • Distinguished Name
  • User Name
  • Password
  • Authentication Type
For example, here's a typical binding string:

In the preceding binding string, the protocol is LDAP://, the server name is the IP address, CN implies the common name (which defines an object within the directory), OU stands for Organizational Unit, and DC stands for Domain Controller.

The following code example demonstrates how to use a binding string to connect to Active Directory.

   DirectoryEntry directoryEntry = new DirectoryEntry(
Adding Objects to Active Directory
Active Directory is organized hierarchically using objects that can be categorized into one of the following categories:

  • Resources (Example: Printers, Scanners, etc)
  • Services (Example: E-Mail)
  • Users (Example: Users and Groups)
The following code snippet demonstrates adding a new "user" object to Active Directory.

   DirectoryEntry directoryEntry = new DirectoryEntry("WinNT://" + 
      Environment.MachineName + ",computer");
   DirectoryEntry de = directoryEntry.Children.Add("Joydip", "user");
   de.Invoke("SetPassword", new object[] { "jk" });
   de.Invoke("Put", new object[] { "Description", "New User" });
   DirectoryEntry dE = directoryEntry.Children.Find(
      "Guests", "group");
   if (dE != null) 
      dE.Invoke("Add", new object[] 
         de.Path.ToString() });
Searching Active Directory
The most common use of a directory is to locate resources—in other words, perform a search. The following code snippet demonstrates how to search for an object within Active Directory.

   DirectoryEntry directoryEntry= new DirectoryEntry(
   DirectorySearcher directorySearcher = new 
   directorySearcher.Filter = ("Some Filter");
   foreach(SearchResult searchResult in directorySearcher.FindAll()) 

Close Icon
Thanks for your registration, follow us on our social networks to keep up-to-date