The .NET Developer's Guide to Directory Services Programming / Edition 1

The .NET Developer's Guide to Directory Services Programming / Edition 1

2.7 4
by Joe Kaplan, Ryan Dunn

ISBN-10: 0321350170

ISBN-13: 9780321350176

Pub. Date: 05/22/2006

Publisher: Addison-Wesley

“If you have any interest in writing .NET programs using Active Directory or ADAM, this is the book you want to read.”
—Joe Richards, Microsoft MVP, directory services

Identity and Access Management are rapidly gaining importance as key areas of practice in the IT industry, and directory services provide

…  See more details below


“If you have any interest in writing .NET programs using Active Directory or ADAM, this is the book you want to read.”
—Joe Richards, Microsoft MVP, directory services

Identity and Access Management are rapidly gaining importance as key areas of practice in the IT industry, and directory services provide the fundamental building blocks that enable them. For enterprise developers struggling to build directory-enabled .NET applications, The .NET Developer’s Guide to Directory Services Programming will come as a welcome aid.

Microsoft MVPs Joe Kaplan and Ryan Dunn have written a practical introduction to programming directory services, using both versions 1.1 and 2.0 of the .NET Framework. The extensive examples in the book are in C#; a companion Web site includes both C# and Visual Basic source code and examples.

Readers will

  • Learn to create, rename, update, and delete objects in Active Directory and ADAM
  • Learn to bind to and search directories effectively and efficiently
  • Learn to read and write attributes of all types in the directory
  • Learn to use directory services within ASP.NET applications
  • Get concrete examples of common programming tasks such as managing Active Directory and ADAM users and groups, and performing authentication

Experienced .NET developers—those building enterprise applications or simply interested in learning about directory services—will find that The .NET Developer’s Guide to Directory Services Programming unravels the complexities and helps them to avoid the common pitfalls that developers face.

Read More

Product Details

Publication date:
Microsoft .NET Development Series
Edition description:
New Edition
Product dimensions:
7.00(w) x 9.00(h) x 1.10(d)

Table of Contents

Listings xv

Tables xix

Foreword xxi

Preface xxiii

Acknowledgments xxix

About the Authors xxxi

Part I: Fundamentals 1

Chapter 1: Introduction to LDAP and Active Directory 3

A Brief History of Directory Services 3

Definition of LDAP 4

Definition of Active Directory 5

Definition of ADAM 7

LDAP Basics 11

Chapter 2: Introduction to .NET Directory Services Programming 27

.NET Directory Services Programming Landscape 27

Native Directory Services Programming Landscape 29

System.DirectoryServices Overview 32

System.DirectoryServices.ActiveDirectory Overview 40

System.DirectoryServices.Protocols Overview 43

Selecting the Right Technology 49

Chapter 3: Binding and CRUD Operations with DirectoryEntry 53

Property and Method Overview 54

Binding to the Directory 62

Directory CRUD Operations 98

Chapter 4: Searching with the DirectorySearcher 109

LDAP Searching Overview 109

DirectorySearcher Overview 111

The Basics of Searching 115

Building LDAP Filters 118

Controlling the Content of Search Results 136

Executing the Query and Enumerating Results 139

Returning Many Results with Paged Searches 143

Sorting Search Results 146

Chapter 5: Advanced LDAP Searches 149

Administrative Limits Governing Active Directory and ADAM 150

Understanding Searching Timeouts 152

Optimizing Search Performance 154

Searching the Global Catalog 158

Chasing Referrals 161

Virtual List View Searches 162

Searching for Deleted Objects 169

Directory Synchronization Queries 171

Using Attribute Scope Query 178

Extended DN Queries 181

Reading Security Descriptors with Security Masks 183

Asynchronous Searches 185

Chapter 6: Reading and Writing LDAP Attributes 193

Basics of Reading Attribute Values 193

Collection Class Usage 195

Understanding the ADSI Property Cache 199

LDAP Data Types in .NET 200

ADSI Schema Mapping Mechanism 206

.NET Attribute Value Conversion 213

Standard Data Types 214

Binary Data Conversion 215

COM Interop Data Types 216

Syntactic versus Semantic Conversion 229

Dealing with Attributes with Many Values 230

Basics of Writing Attribute Values 234

Writing COM Interop Types 241

Chapter 7: Active Directory and ADAM Schema 247

Schema Extension Best Practices 247

Choosing an Object Class 251

Choosing Attribute Syntaxes 253

Modeling One-to-Many and Many-to-Many Relationships 256

Search Flags and Indexing 261

Techniques for Extending the Schema 264

Discovering Schema Information at Runtime 266

Chapter 8: Security in Directory Services Programming 273

Binding and Delegation 274

Directory Object Permissions in Active Directory and ADAM 300

Code Access Security 315

Chapter 9: Introduction to the ActiveDirectory Namespace 325

Working with the DirectoryContext Class 326

Locating Domain Controllers 332

Understanding the Active Directory RPC APIs 339

Useful Shortcuts for Developers 339

Part II: Practical Applications 345

Chapter 10: User Management 347

Finding Users 347

Creating Users 351

Managing User Account Features 353

Managing Passwords for Active Directory Users 376

Managing Passwords for ADAM Users 386

Determining User Group Membership in Active Directory and ADAM 389

Chapter 11: Group Management 397

Creating Groups in Active Directory and ADAM 397

Manipulating Group Membership 400

Expanding Group Membership 403

Primary Group Membership 409

Foreign Security Principals 413

Chapter 12: Authentication 417

Authentication Using SDS 418

Authentication Using SDS.P 424

Authentication Using SSPI 428

Discovering the Cause of Authentication Failures 431

Part III: Appendixes 433

Appendix A: Three Approaches to COM Interop with ADSI 435

The Standard Method 435

The Reflection Method 437

Handcrafted COM Interop Declarations 439

Appendix B: LDAP Tools for Programmers 443

LDP 443

ADSI Edit 445

Active Directory Users and Computers 445


ADFind/ADMod 447

BeaverTail LDAP Browser 447

Softerra LDAP Browser 448

Appendix C: Troubleshooting and Help 449

Error 0x8007203A: “The server is not operational.” 449

Error 0x8007052E: “Login Failure: unknown user name or bad password.” 450

Error 0x80072020: “An operations error occurred.” 450

Error 0x80072030: “There is no such object on the server.” 451

Error 0x8007202F: “A constraint violation occurred.” 451

Error 0x80072035: “The server is unwilling to process the request.” 452

Error 0x80070005: “General access denied error.” 452

InvalidOperationException from DirectorySearcher 452

Getting Help 453

Index 455

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network


Most Helpful Customer Reviews

See all customer reviews >

The .NET Developer's Guide to Directory Services Programming 2.8 out of 5 based on 0 ratings. 4 reviews.
Anonymous More than 1 year ago
I don't know what the first anonymous user is smoking - but the examples are rockstar quality. Just try to find .NET samples anywhere on the internet and they are written by these guys or come directly from the book. The authors supply 3 sets of examples, C#, VB.NET, and C# with NUnit tests meant to help you bootstrap the process of running the examples. If you can't figure out NUnit, you probably shouldn't be using Visual Studio anyway.
Anonymous More than 1 year ago
Guest More than 1 year ago
Did not find the examples very useful. There was little documentation on how to setup the nunit test facility that is a requisite for the samples. Also, the samples are ADSI-specific only and did not think the book was well written.
Guest More than 1 year ago
Active Directory is an important offering by Microsoft, primarily for use within its .NET Framework. What Kaplan and Dunn suggest here is that the programmer-level documentation for Active Directory being furnished by Microsoft is somewhat awkward to use and understand. So this book is offered. The context is how to code LDAP in the namespace of System.DirectoryServices. The code examples are from both .NET 1.1 and .NET 2.0. Though the reader should probably migrate to 2.0 anyway, as this is significantly improved over 1.1. Also, the examples are given in C#. If you are an experienced VB coder, you should still be able to easily follow the C# logic. The code examples are brief enough to enable that, and C# is a very clean language, notationally. Part 2 of the book is probably the key section for most readers. You might be trying to integrate a corporate-wide directory with other applications. Perhaps to authorise those applications, depending on a valid user, as given by Active Directory, say. So Part 2 delves heavily into user and group management. For the latter, its definition and populating it with users is shown to be straightforward. From which you can build higher level logic.