Directory Services Markup Language (DSML) Services for Windows provides applications with the capability to use XML documents to read from and write to Lightweight Directory Access Protocol (LDAP) directories, such as Active Directory. DSML Services for Windows converts XML elements and attributes into LDAP commands that can both make changes to a directory and retrieve data from a directory through the use of XML documents. These XML to LDAP, and LDAP to XML conversions are based on, and in compliance with, the DSML V2 specification, a standard approved by the Organization for the Advancement of Structural Information Standards (OASIS) and supported by many directory services vendors.
DSML Services for Windows extends the features of Active Directory®. Because DSML Services for Windows uses open standards such as HTTP, XML, and SOAP, a greater level of interoperability with Active Directory is possible than with current directory service APIs. The use of open standards provides a number of key benefits for IT administrators and independent software vendors (ISVs), that now have even more open-standard choices for accessing Active Directory.
DSML Services for Windows supports DSML V2. DSML V2 is a standard approved by OASIS. By supporting the DSML V2 specification, you will achieve greater interoperability with other directory services vendors that support this standard.
One advantage of using DSML Services for Windows is that XML documents can interact with existing LDAP directories without making changes to the directories: for example, without converting them to XML documents or schemas. Another advantage of DSML Services for Windows is that the tools that you use to develop XML-based applications can also be used to enable these applications to access LDAP directories.
DSML Services for Windows includes the following features:
The SOAP listener component intercepts DSML V2 requests and returns corresponding DSML V2 responses.
The service performs equivalent LDAP operations such as addRequest, modifyRequest, and searchRequest. It also supports advanced operations such as LDAP controls and extended requests.
While DSML was designed around, and based on the request/response protocol, DSML Services for Windows allows users to keep the state between requests by specifying the session ID in the SOAP header. This is useful for some LDAP control operations that span multiple requests, such as a page-size control operation.
The service supports all IIS security configurations, including integrated Windows authentication, basic authentication, basic authentication over secure sockets layer (SSL), and digest authentication.
This component manages incoming requests and promotes scalability.
There is support for many different configuration options that optimize the performance of DSML Services for Windows.
DSML Services for Windows can be used for a variety purposes. The following list describes common scenarios for using DSML Services for Windows:
The need for the use of directories in Web services is growing rapidly. Additionally, XML is becoming the default language for use with Web services. DSML Services for Windows provides the critical link between XML documents and LDAP directories and because of this, will become a critical service for many applications that seek to provide or use Web services.
Data-enabled cell phones or PDAs that must access directory data may not contain an LDAP client, but might be able to use DSML Services for Windows to access the directory over the Internet.
Certain firewalls cannot pass LDAP traffic because they cannot audit it, but these same firewalls can pass XML.In such cases, applications can use DSML Services for Windows to communicate across a firewall.