Directory Services

Overview of Change Tracking Techniques

There are several ways that change tracking mechanisms can differ:

Use the following techniques to track changes in Active Directory:

The change notification control is designed for applications or services that require reasonably prompt notification of infrequent changes. An example is a service or program that stores configuration data in Active Directory® and must be notified promptly when a change occurs. Be aware that there are limitations of the notification control.

The DirSync and USNChanged search techniques are designed for applications that maintain consistency between data in Active Directory® and corresponding data in some other storage. These techniques are used by applications that periodically poll for changes. The DirSync technique is based on an LDAP server control that you can use through ADSI or LDAP APIs. The disadvantages of the DirSync control are that it can only be used by a highly privileged account, such as a domain administrator. The following is a list of limitations of DirSync control:

The USNChanged technique does not have these limitations, although it is somewhat more complicated to use than DirSync.