Active Directory Services SDK
Documentation Home
Directory Services
Active Directory
About Active Directory
Active Directory Core Concepts
Attributes
Containers and Leaves
Object Names and Identities
Naming Contexts and Directory Partitions
About Application Directory Partitions
Domain Trees
Forests
Active Directory Servers and Dynamic DNS
Active Directory Architecture
Directory System Agent
Data Model
Schema
Administration Model
Global Catalog
Active Directory Security
Object and Attribute Protection
Delegation
Inheritance
Active Directory Schema
About the Active Directory Schema
Schema Implementation
Object Identifiers
Characteristics of Object Classes
Structural, Abstract, and Auxiliary Classes
Class Inheritance in the Active Directory Schema
Object Class and Object Category
Characteristics of Attributes
Syntaxes for Active Directory Attributes
Indexed Attributes
Attributes Included in the Global Catalog
Linked Attributes
The Abstract Schema
Using Active Directory
Binding to Active Directory
Serverless Binding and RootDSE
Example Code for Getting the Distinguished Name of the Domain
Binding to the Global Catalog
Example Code for Searching a Forest
Using objectGUID to Bind to an Object
Reading an Object's objectGUID and Creating a String Representation of the GUID
Binding to Well-Known Objects Using WKGUID
Example Code for Binding to Well Known Objects
Example Code for Creating a Bindable String Representation of a GUID
Enabling Rename-Safe Binding with the otherWellKnownObjects Property
Example Code for Creating a Container Object
Authentication
Searching Active Directory
Deciding What to Find
Example Code for Searching for Users
Deciding Where to Search
Searching Domain Contents
Searching the Global Catalog
Choosing the Search Technology
Creating a Query Filter
Finding Objects by Class
Finding Objects by Name
Finding a List of Attributes To Query
Checking the Query Filter Syntax
How to Specify Comparison Values
Deciding Which Attributes to Retrieve for Each Object Found
Retrieving the objectClass Property
Binding to the Search Start Point
Specifying the Search Scope
Specifying Other Search Options
Processing the Search Results
Effects of Security on Searching
Creating Efficient Queries
Referrals
When Referrals Are Generated
Creating an External Referral
Example Code for Creating an External crossRef Object
Enumerating Domain Controllers
Creating and Deleting Active Directory Objects
Retrieving Deleted Objects
Restoring Deleted Objects
Moving Objects
Example Code for Moving an Object
Reading and Writing Attributes of Active Directory Objects
Determining Which Properties Are Non-Replicated, Constructed, Global Catalog, and Indexed
Controlling Access to Active Directory Objects
How Access Control Works in Active Directory
Controlling Access to Objects and Their Properties
Access Rights for Active Directory Objects
Security Contexts and Active Directory
How Security Affects Active Directory Operations
Access Control and Read Operations
Access Control and Write Operations
Access Control and Object Creation
Access Control and Object Deletion
APIs for Working with Security Descriptors
Using IADs to Get a Security Descriptor
Using IDirectoryObject to Get a Security Descriptor
Security Descriptor Components
Retrieving an Object's DACL
Retrieving an Object's SACL
Reading an Object's Security Descriptor
Example Code for Creating a Security Descriptor
Example Code for Enumerating the ACL of an Active Directory Object
Setting Access Rights on an Object
Example Code for Setting an ACE on a Directory Object
Setting Access Rights on the Entire Object
Example Code for Setting Read Property Rights on an Object
Setting Permissions to a Specific Property
Setting Permissions on a Group of Properties
Example Code for Setting Permissions on a Group of Properties
Setting Permissions on Child Object Operations
Example Code for Setting Permissions on Child Object Operations
How Security Descriptors are Set on New Directory Objects
Creating a Security Descriptor for a New Directory Object
Inheritance and Delegation of Administration
Access Control Inheritance
Setting Rights to Specific Types of Objects
Example Code for Setting Rights to Specific Types of Objects
Setting Rights to Specific Properties of Specific Types of Objects
Protecting Objects from the Effects of Inherited Rights
Example Code for Setting and Removing SACL and DACL Protection in the Control Property
Default Security Descriptor
Reading the defaultSecurityDescriptor for an Object Class
Example Code for Reading defaultSecurityDescriptor
Modifying the defaultSecurityDescriptor for an Object Class
Control Access Rights
Creating a Control Access Right
Example Code for Creating a controlAccessRight Object in the Extended Rights Container
Setting a Control Access Right ACE in an Object's ACL
Example Code for Setting a Control Access Right ACE
Checking a Control Access Right in an Object's ACL
Example Code for Checking a Control Access Right in an Object's ACL
Reading a Control Access Right Set in an Object's ACL
Example Code for Checking for a Control Access Right in an ACE
Using DsAddSidHistory
Controlling Object Visibility
Null DACLs and Empty DACLs
Extending the Schema
Guidelines for Binding to the Schema
Reading the Abstract Schema
Example Code for Enumerating Schema Classes, Attributes, and Syntaxes
Reading attributeSchema and classSchema Objects
Example Code for Searching for Schema Objects
What You Must Know Before Extending the Schema
Impact of Schema Changes
When to Extend the Schema
Restrictions on Schema Extension
Querying for Category 1 or 2 Schema Objects
How to Extend the Schema
Naming Attributes and Classes
Disabling Existing Classes and Attributes
Obtaining an Object Identifier
Obtaining a Root OID from an ISO Name Registration Authority
Obtaining an Object Identifier from Microsoft
Integrating Schema Extensions with the User Interface
Defining a New Attribute
Example Code for Creating an Attribute
Choosing a Syntax
Defining a New Class
Example Code for Creating a Class
Installing Schema Extensions
Documenting Schema Extensions
What the Installation Must Do
Updating the Schema Cache
Prerequisites for Installing a Schema Extension
Detecting the Schema Master
Enabling Schema Changes at the Schema Master
Recommendations for Schema Extension Applications
Example Code for Checking for Rights to Create attributeSchema and classSchema Objects
Example Code for Updating the Schema Cache
Example Code for Detecting Schema Naming Collisions
Supported Installation Mechanisms
LDIF Scripts
Comma-separated Value (CSV) Scripts
Programmatic Extension
Example Code for Extending the Schema Programmatically
Extending the User Interface for Directory Objects
About Active Directory User Interfaces
Display Specifiers
DisplaySpecifiers Container
Class and Attribute Display Names
Class Icons
Viewing Containers as Leaf Nodes
Modifying Existing User Interfaces
User Interface Extension for New Object Classes
Property Pages for Use with Display Specifiers
Implementing the Property Page COM Object
Example Code for Implementation of the Property Sheet COM Object
Registering the Property Page COM Object in a Display Specifier
Context Menus for Use with Display Specifiers
Implementing the Context Menu COM Object
Example Code for Implementation of the Context Menu COM Object
Registering the Context Menu COM Object in a Display Specifier
Registering a Static Context Menu Item
Example Code for Installing a Static Context Menu Item
Object Creation Wizards
Implementing the Object Creation Extension COM Object
Registering the Object Creation Extension
Invoking Creation Wizards from Your Application
Using Standard Dialog Boxes for Handling Active Directory Objects
Directory Object Picker
Domain Browser
Container Browser
Active Directory Users and Computers Property Sheets
Administrative Notification Handlers
Distributing User Interface Components
How Applications Should Use Display Specifiers
Debugging an Active Directory Extension
Replication and Data Integrity
Active Directory Replication Model
What is the Active Directory Replication Model?
Why Active Directory Uses This Replication Model
A Programmer's Model of Active Directory Replication
Active Directory Replication Behavior
Impact on Directory-Enabled Applications
Detecting and Avoiding Replication Latency
What Can You Know, and When Can You Know It?
Temporal Locality
Out-of-Band Signaling
Effective Date and Time
Checksums and Object Counts
Consistency GUIDs
Versioning and Fallback Strategies
Managing Users
Users in Active Directory
Security Principals
What is a User?
Example Code for Binding to the User's Container
User Object Attributes
User Naming Attributes
User Security Attributes
User Address Book Attributes
Creating a User
Example Code for Creating a User
Enumerating Users
Querying for Users
Example Code for Using the Global Catalog to Find Users in a Forest
Managing Users on Member Servers and Windows 2000 Professional
Enumerating Users on Member Servers and Windows 2000 Professional
Example Code for Enumerating Users on a Member Server or Windows 2000 Professional
Creating Users on Member Servers and Windows 2000 Professional
Example Code for Creating Users on a Member Server or Windows 2000 Professional
Deleting Users on Member Servers and Windows 2000 Professional
Example Code for Deleting Users on a Member Server or Windows 2000 Professional
Values for countryCode and c
Managing Groups
Groups in Active Directory
Types of Groups
How Security Groups are Used in Access Control
Where Groups Can Be Created
Scope of Groups
Group Scope and the Global Catalog
Effects of Universal Groups on the Global Catalog
What Type of Group to Use
Group Objects
Groups on Mixed-Mode and Native-Mode Domains
Detecting the Operation Mode of a Domain
Example Code for Determining the Operation Mode
Creating Groups in a Domain
Example Code for Creating a Group
Adding Members to Groups in a Domain
Example Code for Adding a Member to a Group
Removing Members from Groups in a Domain
Example Code for Removing a Member from a Group
Nesting a Group in Another Group
Nesting in Native Mode
Nesting in Mixed Mode
Common Errors
Determining a User's or Group's Membership in a Group
Example Code for Checking for Membership in a Group
Enumerating Groups
Enumerating Groups in a Domain
Enumerating Groups by Scope or Type in a Domain
Example Code for Building a Query String to Search for Groups by Type/Scope
Enumerating Members in a Group
Example Code for Displaying Members of a Group
Enumerating Groups That Contain Many Members
Using IADs::GetInfoEx for Range Retrieval
Using ADO for Range Retrieval
ADO SQL Dialect
ADO LDAP Dialect
Example Code for Using Ranging to Retrieve Members of a Group
Using IDirectorySearch and IDirectoryObject for Range Retrieval
Example Code for Ranging with IDirectoryObject
Example Code for Ranging with IDirectorySearch
Querying for Groups in a Domain
Example Code for Searching for Groups in a Domain
Changing a Group's Scope or Type
Example Code for Changing the Scope of a Group
Getting the Domain Account-Style Name of a Group
Groups on Member Servers and Windows 2000 Professional
Enumerating Groups on Member Servers and Windows 2000 Professional
Example Code for Enumerating Groups
Creating Machine Local Groups on Member Servers and Windows 2000 Professional
Example Code for Creating a Group on a Member Server or Windows NT Workstation/Windows 2000 Professional
Deleting Groups on Member Servers and Windows 2000 Professional
Example Code for Deleting a Group on a Member Server or Windows NT Workstation/Windows 2000 Professional
Adding Domain Objects to Machine Local Groups on Member Servers and Windows 2000 Professional
Example Code for Adding a Domain Object to a Machine Local Group
What Application and Service Developers Need to Know About Groups
Tracking Changes
Overview of Change Tracking Techniques
Change Notifications in Active Directory
Example Code for Receiving Change Notifications
Polling for Changes Using the DirSync Control
Example Code Using ADS_SEARCHPREF_DIRSYNC
Polling for Changes Using USNChanged
Example Code to Retrieve Changes Using USNChanged
Service Publication
About Service Publication
Security Issues for Service Publication
Connection Points
Publishing with Service Connection Points
Where to Create a Service Connection Point
Publishing Under a Computer Object
Publishing in a Domain System Container
Service Connection Points for Replicated, Host-based, and Database Services
Service Connection Point Properties
Creating and Maintaining a Service Connection Point
Creating a Service Connection Point
Updating a Service Connection Point
How Clients Find and Use a Service Connection Point
Publishing with the RPC Name Service (RpcNs)
Publishing with Windows Sockets Registration and Resolution
Example Code for Installing an RnR Service Class
Example Code for Implementing a Winsock Service with an RnR Publication
Example Code for Publishing the RnR Connection Point
Example Code for Removing the RnR Connection Point
Example Code for Locating a Service Using an RnR Query
Publishing COM+ Services
Service Logon Accounts
About Service Logon Accounts
Guidelines for Selecting a Service Logon Account
Local User Accounts
Domain User Accounts
The LocalSystem Account
Setting up a Service's User Account
Installing a Service on a Host Computer
Granting Logon as Service Right on the Host Computer
Testing Whether Running on a Domain Controller
Granting Access Rights to the Service Logon Account
Enabling Service Account to Access SCP Properties
Logon Account Maintenance Tasks
Changing the Password on a Service's User Account
Enumerating the Replicas of a Service
Converting Domain Account Name Formats
Mutual Authentication Using Kerberos
About Mutual Authentication Using Kerberos
Security Providers
Integrity and Privacy
Limitations of Mutual Authentication with Kerberos
Service Principal Names
Name Formats for Unique SPNs
How a Service Composes its SPNs
How a Service Registers its SPNs
How Clients Compose a Service's SPN
Mutual Authentication in a Windows Sockets Service with an SCP
How a Client Authenticates an SCP-based Windows Sockets Service
Composing and Registering SPNs for an SCP-based Windows Sockets Service
Composing the SPNs for a Service with an SCP
Registering the SPNs for a Service
How a Windows Sockets Service Authenticates a Client
Mutual Authentication in RPC Applications
Composing SPNs for an RpcNs Service
Mutual Authentication in Windows Sockets Applications
Backing Up and Restoring Active Directory
Considerations for Active Directory Services Backup
Backing Up Active Directory
Restoring Active Directory
Storing Dynamic Data
Dynamic Objects
Creating Dynamic Objects
Refreshing a Dynamic Object
Configuration of TTL Limits
Dynamic Auxiliary Classes
Dynamically Linked Auxiliary Classes
Statically Linked Auxiliary Classes
Determining the Classes Associated With an Object Instance
Adding an Auxiliary Class to an Object Instance
Application Directory Partitions
Application Directory Partition Replication
Application Directory Partition Security
Creating an Application Directory Partition
Example Code for Creating an Application Directory Partition
Example Code for Locating the Partitions Container
Deleting an Application Directory Partition
Example Code for Deleting an Application Directory Partition
Enumerating Application Directory Partitions in a Forest
Locating an Application Directory Partition Host Server
Example Code for Locating an Application Directory Partition Host Server
Adding or Deleting an Application Directory Partition Replica
Enumerating Replicas of an Application Directory Partition
Modifying Application Directory Partition Configuration
Active Directory Reference
Active Directory Constants
GUIDs of User Interface Elements
Messages Communicated through User Interfaces
CQPM_CLEARFORM
CQPM_ENABLE
CQPM_GETPARAMETERS
CQPM_HANDLERSPECIFIC
CQPM_HELP
CQPM_INITIALIZE
CQPM_PERSIST
CQPM_RELEASE
CQPM_SETDEFAULTPARAMETERS
CFSTR_DS_DISPLAY_SPEC_OPTIONS
CFSTR_DS_PARENTHWND
CFSTR_DS_PROPSHEETCONFIG
CFSTR_DSOBJECTNAMES
CFSTR_DSOP_DS_SELECTION_LIST
CFSTR_DSPROPERTYPAGEINFO
CFSTR_DSQUERYPARAMS
CFSTR_DSQUERYSCOPE
BFT Constants
Active Directory Structures
Active Directory Admin Structures
DSA_NEWOBJ_DISPINFO
Active Directory Display Structures
CQFORM
CQPAGE
DSA_SEC_PAGE_INFO
DSA_SEC_PAGE_INFO_WIN2K
DOMAINDESC
DOMAINTREE
DSBITEM
DSBROWSEINFO
DSCLASSCREATIONINFO
DSCOLUMN
DSDISPLAYSPECOPTIONS
DSOBJECT
DSOBJECTNAMES
DSPROPERTYPAGEINFO
DSQUERYCLASSLIST
DSQUERYINITPARAMS
DSQUERYPARAMS
OPENQUERYWINDOW
PROPSHEETCFG
Active Directory MMC Property Page Structures
ADSPROPERROR
ADSPROPINITPARAMS
Domain Controller and Replication Management Structures
DS_DOMAIN_CONTROLLER_INFO_1
DS_DOMAIN_CONTROLLER_INFO_2
DS_NAME_RESULT
DS_NAME_RESULT_ITEM
DS_REPL_ATTR_META_DATA
DS_REPL_ATTR_META_DATA_2
DS_REPL_ATTR_META_DATA_BLOB
DS_REPL_ATTR_VALUE_META_DATA
DS_REPL_ATTR_VALUE_META_DATA_2
DS_REPL_CURSOR
DS_REPL_CURSOR_2
DS_REPL_CURSOR_3
DS_REPL_CURSOR_BLOB
DS_REPL_CURSORS
DS_REPL_CURSORS_2
DS_REPL_CURSORS_3
DS_REPL_KCC_DSA_FAILURE
DS_REPL_KCC_DSA_FAILURES
DS_REPL_KCC_DSA_FAILUREW_BLOB
DS_REPL_NEIGHBOR
DS_REPL_NEIGHBORW_BLOB
DS_REPL_NEIGHBORS
DS_REPL_OBJ_META_DATA
DS_REPL_OBJ_META_DATA_2
DS_REPL_OP
DS_REPL_OPW_BLOB
DS_REPL_PENDING_OPS
DS_REPL_QUEUE_STATISTICSW
DS_REPL_QUEUE_STATISTICSW_BLOB
DS_REPL_VALUE_META_DATA
DS_REPL_VALUE_META_DATA_2
DS_REPL_VALUE_META_DATA_BLOB
DS_REPSYNCALL_ERRINFO
DS_REPSYNCALL_SYNC
DS_REPSYNCALL_UPDATE
DS_SCHEMA_GUID_MAP
DS_SITE_COST_INFO
SCHEDULE
SCHEDULE_HEADER
Directory Service Structures
DOMAIN_CONTROLLER_INFO
DS_DOMAIN_TRUSTS
DSROLE_OPERATION_STATE_INFO
DSROLE_PRIMARY_DOMAIN_INFO_BASIC
DSROLE_UPGRADE_STATUS_INFO
Directory Backup Structures
EDB_RSTMAP
Object Picker Dialog Box Structures
DS_SELECTION
DS_SELECTION_LIST
DSOP_FILTER_FLAGS
DSOP_INIT_INFO
DSOP_SCOPE_INIT_INFO
DSOP_UPLEVEL_FILTER_FLAGS
Active Directory Enumerations
DS_MANGLE_FOR
DS_NAME_ERROR
DS_NAME_FLAGS
DS_NAME_FORMAT
DS_REPL_INFO_TYPE
DS_REPL_OP_TYPE
DS_REPSYNCALL_ERROR
DS_REPSYNCALL_EVENT
DS_SPN_NAME_TYPE
DS_SPN_WRITE_OP
DSROLE_MACHINE_ROLE
DSROLE_OPERATION_STATE
DSROLE_PRIMARY_DOMAIN_INFO_LEVEL
DSROLE_SERVER_STATE
Active Directory Functions
Active Directory Display Functions
BFFCallBack
CQAddFormsProc
CQAddPagesProc
CQPageProc
DsBrowseForContainer
DSEnumAttributesCallback
DsGetFriendlyClassName
DsGetIcon
Active Directory MMC Property Page Functions
ADsPropCheckIfWritable
ADsPropCreateNotifyObj
ADsPropGetInitInfo
ADsPropSendErrorMessage
ADsPropSetHwnd
ADsPropSetHwndWithTitle
ADsPropShowErrorDialog
Domain Controller and Replication Management Functions
DsAddSidHistory
DsBind
DsBindingSetTimeout
DsBindToISTG
DsBindWithCred
DsBindWithSpn
DsClientMakeSpnForTargetServer
DsCrackNames
DsCrackSpn
DsCrackUnquotedMangledRdn
DsFreeDomainControllerInfo
DsFreeNameResult
DsFreePasswordCredentials
DsFreeSchemaGuidMap
DsFreeSpnArray
DsGetDomainControllerInfo
DsGetRdnW
DsGetSpn
DsInheritSecurityIdentity
DsIsMangledDn
DsIsMangledRdnValue
DsListDomainsInSite
DsListInfoForServer
DsListRoles
DsListServersForDomainInSite
DsListServersInSite
DsListSites
DsMakePasswordCredentials
DsMakeSpn
DsMapSchemaGuids
DsQuerySitesByCost
DsQuerySitesFree
DsQuoteRdnValue
DsRemoveDsDomain
DsRemoveDsServer
DsReplicaAdd
DsReplicaConsistencyCheck
DsReplicaDel
DsReplicaFreeInfo
DsReplicaGetInfo
DsReplicaGetInfo2
DsReplicaModify
DsReplicaSync
DsReplicaSyncAll
DsReplicaUpdateRefs
DsReplicaVerifyObjects
DsServerRegisterSpn
DsUnBind
DsUnquoteRdnValue
DsWriteAccountSpn
SyncUpdateProc
Directory Service Functions
DsAddressToSiteNames
DsAddressToSiteNamesEx
DsDeregisterDnsHostRecords
DsEnumerateDomainTrusts
DsGetDcClose
DsGetDcName
DsGetDcNext
DsGetDcOpen
DsGetDcSiteCoverage
DsGetForestTrustInformationW
DsGetSiteName
DsMergeForestTrustInformationW
DsRoleFreeMemory
DsRoleGetPrimaryDomainInformation
DsValidateSubnetName
Directory Backup Functions
DsBackupClose
DsBackupEnd
DsBackupFree
DsBackupGetBackupLogs
DsBackupGetDatabaseNames
DsBackupOpenFile
DsBackupPrepare
DsBackupRead
DsBackupTruncateLogs
DsIsNTDSOnline
DsRestoreEnd
DsRestoreGetDatabaseLocations
DsRestorePrepare
DsRestoreRegister
DsRestoreRegisterComplete
DsSetAuthIdentity
DsSetCurrentBackupLog
Active Directory Interfaces
Active Directory Admin Interfaces
IDsAdminCreateObj
IDsAdminCreateObj::CreateModal
IDsAdminCreateObj::Initialize
IDsAdminNewObj
IDsAdminNewObj::GetPageCounts
IDsAdminNewObj::SetButtons
IDsAdminNewObjPrimarySite
IDsAdminNewObjPrimarySite::Commit
IDsAdminNewObjPrimarySite::CreateNew
IDsAdminNewObjExt
IDsAdminNewObjExt::AddPages
IDsAdminNewObjExt::GetSummaryInfo
IDsAdminNewObjExt::Initialize
IDsAdminNewObjExt::OnError
IDsAdminNewObjExt::SetObject
IDsAdminNewObjExt::WriteData
IDsAdminNotifyHandler
IDsAdminNotifyHandler::Begin
IDsAdminNotifyHandler::End
IDsAdminNotifyHandler::Initialize
IDsAdminNotifyHandler::Notify
Active Directory Display Interfaces
ICommonQuery
ICommonQuery::OpenQueryWindow
IDsBrowseDomainTree
IDsBrowseDomainTree::BrowseTo
IDsBrowseDomainTree::FlushCachedDomains
IDsBrowseDomainTree::FreeDomains
IDsBrowseDomainTree::GetDomains
IDsBrowseDomainTree::SetComputer
IDsDisplaySpecifier
IDsDisplaySpecifier::EnumClassAttributes
IDsDisplaySpecifier::GetAttributeADsType
IDsDisplaySpecifier::GetClassCreationInfo
IDsDisplaySpecifier::GetDisplaySpecifier
IDsDisplaySpecifier::GetFriendlyAttributeName
IDsDisplaySpecifier::GetFriendlyClassName
IDsDisplaySpecifier::GetIcon
IDsDisplaySpecifier::GetIconLocation
IDsDisplaySpecifier::IsClassContainer
IDsDisplaySpecifier::SetLanguageID
IDsDisplaySpecifier::SetServer
IPersistQuery
IPersistQuery::Clear
IPersistQuery::ReadInt
IPersistQuery::ReadString
IPersistQuery::ReadStruct
IPersistQuery::WriteInt
IPersistQuery::WriteString
IPersistQuery::WriteStruct
IQueryForm
IQueryForm::AddForms
IQueryForm::AddPages
IQueryForm::Initialize
Object Picker Dialog Box Interfaces
IDsObjectPicker
IDsObjectPicker::Initialize
IDsObjectPicker::InvokeDialog
Active Directory Messages
WM_ADSPROP_NOTIFY_APPLY
WM_ADSPROP_NOTIFY_CHANGE
WM_ADSPROP_NOTIFY_ERROR
WM_ADSPROP_NOTIFY_EXIT
WM_ADSPROP_NOTIFY_FOREGROUND
WM_ADSPROP_NOTIFY_PAGEHWND
WM_ADSPROP_NOTIFY_PAGEINIT
WM_ADSPROP_NOTIFY_SETFOCUS
WM_ADSPROP_SHEET_CREATE
WM_DSA_SHEET_CLOSE_NOTIFY
WM_DSA_SHEET_CREATE_NOTIFY
Active Directory Return Values
Success
Active Directory Backup Errors
Active Directory System Errors
Directory Manager Errors
Active Directory Logging and Recovery Errors
Active Directory User Interface Mappings
Mappings for the Active Directory Users and Computers Snap-in
Computer Object User Interface Mapping
Domain Object User Interface Mapping
Group Object User Interface Mapping
Object Property Sheet
Organizational Unit User Interface Mapping
Printer Object User Interface Mapping
Shared Folder Object User Interface Mapping
User Object User Interface Mapping
Active Directory Application Mode
Legal Information
About Active Directory Application Mode
What Is Active Directory Application Mode?
Why Use Active Directory Application Mode?
ADAM Schema
Using Active Directory Application Mode
ADAM Quick-Start Tutorial
Binding to an ADAM Instance
Searching ADAM
Getting a List of Specified ADAM Objects
Enumerating ADAM Users and Groups
Creating and Deleting ADAM Objects
Creating an ADAM Organizational Unit
Creating inetOrgPerson Objects in ADAM
Creating Contact Objects in ADAM
Deleting an ADAM Organizational Unit
Extending the ADAM Schema
Adding ADAM User Classes
Adding an ADAM Contact Class
Managing ADAM Users
Creating an ADAM User
Setting an ADAM User Password
Deleting an ADAM User
Managing ADAM Groups
Creating an ADAM Group
Adding an ADAM User to an ADAM Group
Removing an ADAM User from an ADAM Group
Deleting an ADAM Group
Backing Up and Restoring ADAM
Backing Up an ADAM Instance
Restoring an ADAM Instance
Using Application Directory Partitions in ADAM
Creating an ADAM Application Directory Partition
Deleting an ADAM Application Directory Partition
Active Directory Application Mode Reference
Active Directory Programming Element Differences
ADSI Programming Element Differences
LDAP Programming Element Differences
System.DirectoryServices Programming Element Differences
Active Directory Service Interfaces
Active Directory Service Interfaces Quick-start Tutorials
Setting Up Your Development Environment
Getting Started with Scripting for ADSI
Getting Started with ASP for ADSI
Setting Up Visual Basic 6.0 for ADSI Development
Setting Up Visual C++ 6.0 for ADSI Development
Accessing Active Directory Using Visual Basic
So What Is Active Directory?
Scenario: The Fabrikam Corporation
Connecting to Active Directory
Binding to Active Directory Objects
Creating an Organizational Unit
Moving Existing Users to the Organizational Unit
Creating New Users in the Organizational Unit
Adding Users to a Group
Creating a New Group
Enumerating Objects
Searching for Objects
Reorganization
Joining Heterogeneous Data
Creating and Executing a View
Creating a Heterogeneous Join between SQL Server and Active Directory
Advanced Topics
RootDSE
Delegating Organizational Units
Extending ADSI
Mapping ADSI Visual Basic Code to C++ Code
Active Directory Service Interfaces Scripting Tutorial
What You Should Know Before Reading This Tutorial
Basic ADSI
Binding
Getting and Setting Properties
Containers and Children
High-Level Objects
ADS Namespaces Container
Domains
Other High-Level Objects
Users and Groups
Groups
Listing Groups
Creating Groups
Removing Groups
Users
Listing Users
Creating Local Users
Removing Users
Modifying User Properties
Associating Users With Groups
Errors and Error Trapping
How to Trap ADSI Errors
Common Errors
About Active Directory Service Interfaces
Multiple Directory Services
Who Will Use Active Directory Service Interfaces?
Directory Services Today
Benefits of Using Active Directory Service Interfaces
Active Directory Service Interfaces Architecture
Active Directory Service Interfaces Objects
Namespaces
Active Directory Service Interfaces Provider
ADSI Schema Model
Programming Language Support
Using Active Directory Service Interfaces
Binding to an ADSI Object
Binding String
Binding Types Specific to Active Directory
Binding Issues for Mixed Environments
Binding Programmatically Using an ADSI Interface
Using ADSI Functions to Bind Directly to an Object
Binding With GetObject and ADsGetObject
Binding With ADsOpenObject and IADsOpenDSObject::OpenDSObject
Binding With Encryption
Using an ActiveX Data Object to Bind to ADSI Providers
Connection Caching
Binding to Child Objects
Binding to an Object's Parent
Fast Binding Option for Batch Write/Modify Operations
Choosing an Interface for Binding
Creating and Deleting Objects
Accessing and Manipulating Data with ADSI
ADSI Properties and Attributes
The ADSI Property Cache
Single vs. Multiple Value Attributes
Active Directory Operational Attributes
The IADs and IDirectoryObject Interfaces
Using the IADs Interfaces
Using the IDirectoryObject Interface
Accessing Attributes with ADSI
The Get Method
The GetEx Method
The GetInfo Method
Optimization Using GetInfoEx
Example Code for Reading a Constructed Attribute
Accessing Attributes With the IDirectoryObject Interface
Example Code for Reading Attributes
Modifying Attributes with ADSI
The Put Method
The PutEx Method
The SetInfo Method
Modifying Attributes with the IDirectoryObject Interface
Accessing the Property Cache Directly with the IADsProperty Interfaces
Example Code for Using IADsProperty Interfaces to Access the Property Cache
ADSI Attribute Syntax
Mapping Active Directory Syntax to ADSI Syntax
Mapping NDS Syntax to ADSI Syntax
Using the ADSI Schema
Collections and Groups
Enumerating ADSI Objects
Enumeration
Enumeration Helper Functions
Searching Active Directory
Scope of Query
Depth of Query
Performance and Handling Large Result Sets
What Makes a Fast Query?
Indexing
ObjectCategory vs. ObjectClass
Referrals
Assembling Query Strings
Retrieving Large Result Sets
Search Attributes Only
Search Size Limit
Search Time Limit
Search Time Out
Asynchronous Searches
Processing a Result Set
Caching the Result (Client Side)
Sorting
Search Filter Syntax
Dialect
SQL Dialect
LDAP Dialect
Query Interfaces
Searching With the IDirectorySearch Interface
Specifying Other Search Options with IDirectorySearch
Using the SetSearchPreference Method
Synchronous and Asynchronous Searches with IDirectorySearch
Paging with IDirectorySearch
Result Caching with IDirectorySearch
Performing an Attribute Scope Query
Sorting the Search Results with IDirectorySearch
Referral Chasing with IDirectorySearch
Size Limit with IDirectorySearch
Server Time Limit with IDirectorySearch
Client Time Limit with IDirectorySearch
Returning Only Attribute Names with IDirectorySearch
Example Code for Searching for Attributes
How to Search Using VLV
Getting the Server VLV Response
Steps to Setting up a VLV Search
Example Code for Using a VLV Search
Example Code for Using IDirectorySearch
Searching with ActiveX Data Objects (ADO)
Modifying an ADSI Object from ADO
Searching with OLE DB
Code Walkthrough: Using OLE DB to Access Active Directory
Sample Code Output
Searching Binary Data
Distributed Query
ADSI Security Model
Authentication
Authentication Issues for ADSI with ASP
Retrieving, Setting, or Modifying Security Descriptors on File Systems, File Shares, and Registry Keys
ADSI Extensions
ADSI Extension Architecture
Early Binding Support
Getting ADSI Interfaces From Your Extension
ADSI Extension Type Libraries
ADSI and Extensions
Late Binding Support
IADsExtension Interface
IADsExtension Usage
Supporting Dual or Dispatch Interfaces
Late Binding: What's Happening Under the Hood?
Revisiting COM Aggregation Rules with ADSI Extensions
What Does a Client See?
Resolution of Multiple Aggregation Components Supporting the Same Interface
Late Binding vs. Vtable Access in the ADSI Extension Model
Resolution of Function/Property Name Conflicts in Automation in Extensions
Example Code for Resolving Function Name Conflicts
More on the Resolution of Automation Conflicts: Same Function Name but Different Parameters
Using ADSI with Exchange
Using ADSI with NDS Providers
Using ADSI with NWCOMPAT Providers
Setting Up Gateway and Client Services for NetWare 3.x
NWCOMPAT Example Code
ADSI Utility Interfaces
IADsDeleteOps Interface
IADsObjectOptions Interface
IADsPathname Interface
IADsNameTranslate Interface
Programming ADSI with Java/COM
Implementing Active Directory Service Interfaces Providers
Provider Minimum Requirements
Core Implementation
Optional Implementation
Custom Properties
Dual Interfaces
Provider Overview
ADSI Component Interaction
Schema Interfaces
Schema Extensions
Enumerating Container Objects
Provider Registry Information
Support for Queries
Implementation Issues for ADSI Providers
ADSI Example Provider Component
Installing the Example Provider Component
Directory Definition
Schema Management
Binding to an Active Directory Object
Enumerator Objects
Code Overview
Code Details
CCLSOBJ.CPP
CDISPMGR.CPP
CENUMNS.CPP
CENUMSCH.CPP
CENUMOBJ.CPP
CENUMVAR.CPP
CGENOBJ.CPP
CORE.CPP
CNAMCF.CPP
CNAMESP.CPP
COMMON.CPP
CPRPOBJ.CPP
CPROPS.CPP
CPROV.CPP
CPROVCF.CPP
CSCHOBJ.CPP
GETOBJ.CPP
GLOBALS.CPP
GUID.CPP
LIBMAIN.CPP
MEMORY.CPP
OBJECT.CPP
PROPERTY.CPP
PARSE.CPP
PACK.CPP
REGDSAPI.CPP
STDFACT.CPP
Active Directory Service Interfaces Reference
ADSI Data Types and Constants
ADSI Simple Data Types
ADSI Attribute Modification Types
ADSI Constants
ADSI Structures
ADS_ATTR_DEF
ADS_ATTR_INFO
ADS_BACKLINK
ADS_CASEIGNORE_LIST
ADS_CLASS_DEF
ADS_DN_WITH_BINARY
ADS_DN_WITH_STRING
ADS_EMAIL
ADS_FAXNUMBER
ADS_HOLD
ADS_NETADDRESS
ADS_NT_SECURITY_DESCRIPTOR
ADS_OBJECT_INFO
ADS_OCTET_LIST
ADS_OCTET_STRING
ADS_PATH
ADS_POSTALADDRESS
ADS_PROV_SPECIFIC
ADS_REPLICAPOINTER
ADS_SEARCH_COLUMN
ADS_SEARCHPREF_INFO
ADS_SORTKEY
ADS_TIMESTAMP
ADS_TYPEDNAME
ADSVALUE
ADS_VLV
ADSI Enumerations
ADS_ACEFLAG_ENUM
ADS_ACETYPE_ENUM
ADS_AUTHENTICATION_ENUM
ADS_CHASE_REFERRALS_ENUM
ADS_DEREFENUM
ADS_DISPLAY_ENUM
ADS_ESCAPE_MODE_ENUM
ADS_FLAGTYPE_ENUM
ADS_FORMAT_ENUM
ADS_GROUP_TYPE_ENUM
ADS_NAME_INITTYPE_ENUM
ADS_NAME_TYPE_ENUM
ADS_OPTION_ENUM
ADS_PASSWORD_ENCODING_ENUM
ADS_PATHTYPE_ENUM
ADS_PREFERENCES_ENUM
ADS_PROPERTY_OPERATION_ENUM
ADS_RIGHTS_ENUM
ADS_SCOPEENUM
ADS_SD_CONTROL_ENUM
ADS_SD_FORMAT_ENUM
ADS_SD_REVISION_ENUM
ADS_SEARCHPREF_ENUM
ADS_SECURITY_INFO_ENUM
ADS_SETTYPE_ENUM
ADS_STATUSENUM
ADS_SYSTEMFLAG_ENUM
ADS_USER_FLAG_ENUM
ADSI_DIALECT_ENUM
ADSTYPEENUM
ADSI Functions
ADsBuildEnumerator
ADsBuildVarArrayInt
ADsBuildVarArrayStr
ADsEncodeBinaryData
ADsEnumerateNext
ADsFreeEnumerator
ADsGetLastError
ADsGetObject
ADsOpenObject
ADsSetLastError
AllocADsMem
AllocADsStr
BinarySDToSecurityDescriptor
FreeADsMem
FreeADsStr
ReallocADsMem
ReallocADsStr
SecurityDescriptorToBinarySD
Obsolete ADSI Functions
ADSI Interfaces
Alphabetical Listing of ADSI Interfaces
Interface Property Methods
Interface Implementation of System Providers
ADSI Objects and Interfaces
ADSI Object Model for LDAP Providers
ADSI Object Model for WinNT Providers
Core Interfaces
IADs
IADs Property Methods
IADs::Get
IADs::GetEx
IADs::GetInfo
IADs::GetInfoEx
IADs::Put
IADs::PutEx
IADs::SetInfo
IADsContainer
IADsContainer Property Methods
IADsContainer::CopyHere
IADsContainer::Create
IADsContainer::Delete
IADsContainer::get__NewEnum
IADsContainer::GetObject
IADsContainer::MoveHere
IADsNamespaces
IADsNamespaces Property Methods
IADsOpenDSObject
IADsOpenDSObject::OpenDSObject
Schema Interfaces
IADsClass
IADsClass Property Methods
IADsClass::Qualifiers
IADsProperty
IADsProperty Property Methods
IADsProperty::Qualifiers
IADsSyntax
IADsSyntax Property Methods
Property Cache Interfaces
IADsPropertyEntry
IADsPropertyEntry Property Methods
IADsPropertyList
IADsPropertyList Property Methods
IADsPropertyList::GetPropertyItem
IADsPropertyList::Item
IADsPropertyList::Next
IADsPropertyList::PurgePropertyList
IADsPropertyList::PutPropertyItem
IADsPropertyList::Reset
IADsPropertyList::ResetPropertyItem
IADsPropertyList::Skip
IADsPropertyValue
IADsPropertyValue Property Methods
IADsPropertyValue::Clear
IADsPropertyValue2
IADsPropertyValue2::GetObjectProperty
IADsPropertyValue2::PutObjectProperty
Persistent Object Interfaces
IADsCollection
IADsCollection::Add
IADsCollection::get__NewEnum
IADsCollection::GetObject
IADsCollection::Remove
IADsComputer
IADsComputer Property Methods
IADsDomain
IADsDomain Property Methods
IADsFileService
IADsFileService Property Methods
IADsFileShare
IADsFileShare Property Methods
IADsGroup
IADsGroup Property Methods
IADsGroup::Add
IADsGroup::IsMember
IADsGroup::Members
IADsGroup::Remove
IADsLocality
IADsLocality Property Methods
IADsMembers
IADsMembers Property Methods
IADsMembers::get__NewEnum
IADsO
IADsO Property Methods
IADsOU
IADsOU Property Methods
IADsPrintJob
IADsPrintJob Property Methods
IADsPrintQueue
IADsPrintQueue Property Methods
IADsService
IADsService Property Methods
IADsUser
IADsUser Property Methods
IADsUser::ChangePassword
IADsUser::Groups
IADsUser::SetPassword
Dynamic Object Interfaces
IADsComputerOperations
IADsComputerOperations::Shutdown
IADsComputerOperations::Status
IADsFileServiceOperations
IADsFileServiceOperations::Resources
IADsFileServiceOperations::Sessions
IADsPrintJobOperations
IADsPrintJobOperations Property Methods
IADsPrintJobOperations::Pause
IADsPrintJobOperations::Resume
IADsPrintQueueOperations
IADsPrintQueueOperations Property Methods
IADsPrintQueueOperations::Pause
IADsPrintQueueOperations::PrintJobs
IADsPrintQueueOperations::Purge
IADsPrintQueueOperations::Resume
IADsResource
IADsResource Property Methods
IADsServiceOperations
IADsServiceOperations Property Methods
IADsServiceOperations::Continue
IADsServiceOperations::Pause
IADsServiceOperations::SetPassword
IADsServiceOperations::Start
IADsServiceOperations::Stop
IADsSession
IADsSession Property Methods
Security Interfaces
IADsAccessControlEntry
IADsAccessControlEntry Property Methods
IADsAccessControlList
IADsAccessControlList Property Methods
IADsAccessControlList::AddAce
IADsAccessControlList::CopyAccessList
IADsAccessControlList::RemoveAce
IADsAccessControlList::get__NewEnum
IADsSecurityDescriptor
IADsSecurityDescriptor Property Methods
IADsSecurityDescriptor::CopySecurityDescriptor
IADsSecurityUtility
IADsSecurityUtility Property Methods
IADsSecurityUtility::ConvertSecurityDescriptor
IADsSecurityUtility::GetSecurityDescriptor
IADsSecurityUtility::SetSecurityDescriptor
Non-Automation Interfaces
IDirectoryObject
IDirectoryObject::CreateDSObject
IDirectoryObject::DeleteDSObject
IDirectoryObject::GetObjectAttributes
IDirectoryObject::GetObjectInformation
IDirectoryObject::SetObjectAttributes
IDirectorySchemaMgmt
IDirectorySchemaMgmt::EnumClasses
IDirectorySearch
IDirectorySearch::AbandonSearch
IDirectorySearch::CloseSearchHandle
IDirectorySearch::ExecuteSearch
IDirectorySearch::FreeColumn
IDirectorySearch::GetColumn
IDirectorySearch::GetFirstRow
IDirectorySearch::GetNextColumnName
IDirectorySearch::GetNextRow
IDirectorySearch::GetPreviousRow
IDirectorySearch::SetSearchPreference
Extension Interfaces
IADsExtension
IADsExtension::Operate
IADsExtension::PrivateGetIDsOfNames
IADsExtension::PrivateInvoke
Utility Interfaces
IADsADSystemInfo
IADsADSystemInfo Property Methods
IADsADSystemInfo::GetAnyDCName
IADsADSystemInfo::GetDCSiteName
IADsADSystemInfo::GetTrees
IADsADSystemInfo::RefreshSchemaCache
IADsDeleteOps
IADsDeleteOps::DeleteObject
IADsNameTranslate
IADsNameTranslate Property Methods
IADsNameTranslate::Get
IADsNameTranslate::GetEx
IADsNameTranslate::Init
IADsNameTranslate::InitEx
IADsNameTranslate::Set
IADsNameTranslate::SetEx
IADsObjectOptions
IADsObjectOptions::GetOption
IADsObjectOptions::SetOption
IADsPathname
IADsPathname Property Methods
IADsPathname::AddLeafElement
IADsPathname::CopyPath
IADsPathname::GetElement
IADsPathname::GetEscapedElement
IADsPathname::GetNumElements
IADsPathname::RemoveLeafElement
IADsPathname::Retrieve
IADsPathname::Set
IADsPathname::SetDisplayType
IADsWinNTSystemInfo
IADsWinNTSystemInfo Property Methods
Data Type Interfaces
IADsAcl
IADsAcl Property Methods
IADsAcl::CopyAcl
IADsBackLink
IADsBackLink Property Methods
IADsCaseIgnoreList
IADsCaseIgnoreList Property Methods
IADsDNWithBinary
IADsDNWithBinary Property Methods
IADsDNWithString
IADsDNWithString Property Methods
IADsEmail
IADsEmail Property Methods
IADsFaxNumber
IADsFaxNumber Property Methods
IADsHold
IADsHold Property Methods
IADsLargeInteger
IADsLargeInteger Property Methods
IADsNetAddress
IADsNetAddress Property Methods
IADsOctetList
IADsOctetList Property Methods
IADsPath
IADsPath Property Methods
IADsPostalAddress
IADsPostalAddress Property Methods
IADsReplicaPointer
IADsReplicaPointer Property Methods
IADsTimestamp
IADsTimestamp Property Methods
IADsTypedName
IADsTypedName Property Methods
ADSI Service Providers
ADSI LDAP Provider
LDAP ADsPath
Data Type Mapping between Active Directory and LDAP
Mapping LDAP Types to ADSTYPEs
Mapping between Friendly String Syntaxes and LDAP Types
Mapping between Syntax Object Identifiers and LDAP Types
ADSI Objects of LDAP
LDAP Syntax Object
LDAP User Object
Mapping between IADsUser Properties and Active Directory Properties
User Creation with the ADSI LDAP Provider
Setting and Changing User Passwords with the LDAP Provider
Examples of User Management in Active Directory
Account Disabled
Account Expiration
Account Lockout
Password Never Expires
User Cannot Change Password (LDAP Provider)
Reading User Cannot Change Password (LDAP Provider)
Modifying User Cannot Change Password (LDAP Provider)
User Must Change Password at Next Logon
ADSI WinNT Provider
WinNT ADsPath
ADSI Objects of WinNT
WinNT Schema
WinNT Object Class Hierarchy
WinNT Schema's Mandatory and Optional Properties
WinNT User Object
Unsupported IADsUser Property Methods
WinNT Custom User Properties
WinNT User Account Management Examples
Account Disabled
Account Expiration
Account Lockout
Object SID
Password Never Expires
Primary Group ID
User Cannot Change Password (WinNT Provider)
Reading User Cannot Change Password (WinNT Provider)
Modifying User Cannot Change Password (WinNT Provider)
User Must Change Password at Next Logon
ADSI NDS Provider
NDS ADsPath
ADSI Objects of NDS
ADSI NWCOMPAT Provider
NWCOMPAT ADsPath
ADSI Objects of NWCOMPAT
ADSI Router
ADSI Objects Implemented in the Router Layer
Provider Support of ADSI Interfaces
ADSI Error Codes
Generic COM Error Codes
Generic ADSI Error Codes
Win32 Error Codes for ADSI
Win32 Error Codes
Win32 Error Codes for ADSI 2.0
LDAP Error Codes for ADSI
ADSI Extended Error Messages
Code Example for Working with ADSI Error Messages
Lightweight Directory Access Protocol
About Lightweight Directory Access Protocol
Differences between LDAP 2 and LDAP 3
New Run-time Features for Microsoft Windows 2000
What is LDAP?
The LDAP Directory Service Model
What is a Directory Service?
Directory Entries
Accessing Directory Information
LDAP and ADSI
Using Lightweight Directory Access Protocol
Establishing an LDAP Session
Initializing a Session
Using ldap_init
Using ldap_sslinit
Using cldap_open
Setting Session Options
Connecting to the Server
Binding to an LDAP Server
Using ldap_simple_bind_s
Using ldap_bind_s
Using ldap_bind
Using Concurrent Binding
Using Start-Stop TLS Encryption
Example Code for Establishing a Session Without Encryption
Example Code for Establishing a Session over SSL
Distinguished Names
Modifying a Directory Entry
Example Code for Adding a New Directory Entry
Searching a Directory
Searching Using Range Retrieval
Processing Search Results
Paging Search Results
Sorting Search Results
Searching with the LDAP VLV Control
Steps for Using LDAP VLV
Example Code for Using LDAP VLV
Managing Memory
Closing a Connection
Synchronous vs. Asynchronous Calls
Understanding Return Values
Using Controls
Example Code for Displaying Extended Controls Support
Extended Operations
Compiling and Linking
Lightweight Directory Access Protocol Reference
Data Structures
berval
BerElement
LDAP
LDAPAPIFeatureInfo
LDAPAPIInfo
LDAPControl
LDAPMessage
LDAPMod
LDAP_REFERRAL_CALLBACK
LDAPSearch
LDAPSortKey
LDAP_TIMEVAL
LDAPVLVInfo
Extended Controls
LDAP_PAGED_RESULT_OID_STRING
LDAP_SERVER_ASQ_OID
LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID
LDAP_SERVER_DIRSYNC_OID
LDAP_SERVER_DOMAIN_SCOPE_OID
LDAP_SERVER_EXTENDED_DN_OID
LDAP_SERVER_LAZY_COMMIT_OID
LDAP_SERVER_NOTIFICATION_OID
LDAP_SERVER_PERMISSIVE_MODIFY_OID
LDAP_SERVER_RESP_SORT_OID
LDAP_SERVER_SD_FLAGS_OID
LDAP_SERVER_SEARCH_OPTIONS_OID
LDAP_SERVER_SHOW_DELETED_OID
LDAP_SERVER_SORT_OID
LDAP_SERVER_TREE_DELETE_OID
LDAP_SERVER_VERIFY_NAME_OID
LDAP_CONTROL_VLVREQUEST
LDAP_CONTROL_VLVRESPONSE
Extended Requests and Supported Capabilities
LDAP_CAP_ACTIVE_DIRECTORY_LDAP_INTEG_OID
LDAP_SERVER_FAST_BIND_OID
LDAP_TTL_EXTENDED_OP_OID
Functions
ber_alloc_t
ber_bvdup
ber_bvecfree
ber_bvfree
ber_first_element
ber_flatten
ber_free
ber_init
ber_next_element
ber_peek_tag
ber_printf
ber_scanf
ber_skip_tag
cldap_open
ldap_abandon
ldap_add_ext_s
ldap_add_ext
ldap_add_s
ldap_add
ldap_bind_s
ldap_bind
ldap_check_filter
ldap_close_extended_op
ldap_compare_ext_s
ldap_compare_ext
ldap_compare_s
ldap_compare
ldap_conn_from_msg
ldap_connect
ldap_control_free
ldap_controls_free
ldap_count_entries
ldap_count_references
ldap_count_values_len
ldap_count_values
ldap_create_page_control
ldap_create_sort_control
ldap_create_vlv_control
ldap_delete_ext_s
ldap_delete_ext
ldap_delete_s
ldap_delete
ldap_dn2ufn
ldap_encode_sort_control
ldap_err2string
ldap_escape_filter_element
ldap_explode_dn
ldap_extended_operation_s
ldap_extended_operation
ldap_first_attribute
ldap_first_entry
ldap_first_reference
ldap_free_controls
ldap_get_dn
ldap_get_next_page_s
ldap_get_next_page
ldap_get_option
ldap_get_paged_count
ldap_get_values_len
ldap_get_values
ldap_init
ldap_memfree
ldap_modify_ext_s
ldap_modify_ext
ldap_modify_s
ldap_modify
ldap_modrdn_s
ldap_modrdn
ldap_modrdn2_s
ldap_modrdn2
ldap_msgfree
ldap_next_attribute
ldap_next_entry
ldap_next_reference
ldap_open
ldap_parse_extended_result
ldap_parse_page_control
ldap_parse_reference
ldap_parse_result
ldap_parse_sort_control
ldap_parse_vlv_control
ldap_perror
ldap_rename_ext_s
ldap_rename_ext
ldap_result
ldap_result2error
ldap_sasl_bind_s
ldap_sasl_bind
ldap_search_abandon_page
ldap_search_ext_s
ldap_search_ext
ldap_search_init_page
ldap_search_s
ldap_search_st
ldap_search
ldap_set_option
ldap_simple_bind_s
ldap_simple_bind
ldap_sslinit
ldap_start_tls_s
ldap_stop_tls_s
ldap_ufn2dn
ldap_unbind_s
ldap_unbind
ldap_value_free_len
ldap_value_free
LdapGetLastError
LdapMapErrorToWin32
LdapUnicodeToUTF8
LdapUTF8ToUnicode
QUERYCLIENTCERT
VERIFYSERVERCERT
Session Options
Return Values
System.DirectoryServices
About System.DirectoryServices
Introduction to Directory Services
Benefits of Using System.DirectoryServices
Using System.DirectoryServices
Quick List for C# Code Examples
Quick List for Visual Basic .NET Code Examples
Getting Started
Setting Up Your Development Environment
A Simple System.DirectoryServices Application
Binding to Directory Objects
Directory Objects
Binding Strings
Binding Using GUID
Getting an Object's Identity
Navigating the Directory
Navigating to the Child Object
Navigating to the Parent Object
Enumerating Child Objects
Create, Delete, Rename and Move Objects
Adding Directory Objects
Deleting Directory Objects
Deleting a Sub-Tree of Objects
Renaming an Object
Moving Directory Objects
Directory Object Properties
Reading Properties on Directory Objects
Setting Properties on Directory Objects
Properties with Multiple Values
Reading Properties with Multiple Values
Setting Properties with Multiple Values
The Property Cache
Property Cache Management
Property Types
Boolean Property Type
DateTime Property
DN with Binary Property Type
Large Integer Property Type
Octet String (SID) Property Type
Security Descriptor Property Type
String Property Type
Constructed Properties
Searching the Directory
DirectorySearcher Example
Getting Search Results
Setting the Search Scope
Setting Search Filters
Additional Search Options
Advanced Programming Topics
Invoking ADSI
List of ADSI Interfaces to Invoke
Invoking ADSI Properties
Invoking ADSI Methods
Using COM Interop to Access ADSI
System Administration Tasks
Group Management
Creating Groups
Adding Users to a Group
Removing Users from a Group
Enumerating Users in a Group
Enumerating Members in a Large Group
Searching for Groups
Deleting Groups
User Management
Creating Users
Enabling and Disabling the User Account
Setting a User Account Expiration
Managing User Passwords
Setting User Account Flags
Setting Properties Displayed on Property Pages
Enumerating User Memberships
DSML Services For Windows
Legal Information
About DSML Services for Windows
DSML Services for Windows Architecture
DSML Services for Windows and LDAP
DSML Services for Windows Standard Binding Methods
SOAP Request and Response Binding
DSML Services for Windows Session Support
DSML SOAP Session Support
Session Support Example
Session Characteristics
LDAP Controls and Session Support
Using DSML Services for Windows
Transmitting and Receiving SOAP-DSML Messages
Performing Basic Operations
Reading a Directory Object
Adding a Directory Object
Modifying Attributes on Directory Objects
Renaming a Directory Object
Searching a Directory
Moving a Directory Object
Deleting a Directory Object
Performing Batch Operations
Specifying Search Filters
Performing Advanced Operations
Deleting an Entire Directory Subtree
Sending LDAP Controls
Running DSML Services for Windows in a Production Environment
Running DSML Services for Windows on the Internet
Running DSML Services for Windows on an Intranet
Troubleshooting DSML Services for Windows
Installing and Configuring DSML Services for Windows
System Requirements
Installing DSML Services for Windows
Configuring DSML Services for Windows
Configuring DSML Services for Windows Manually
Configuration File Schema
DSML Services for Windows Reference
Frequently Asked Questions
Glossary
Directory Services Data Exchange
About DSDE
DSDE Architecture
Using DSDE
Exporting Active Directory Objects
Using Alternate Credentials
Exporting Active Directory Objects Through DSML Services for Windows
Exporting LDAP Directory Objects
Importing Directory Objects to Active Directory
Getting Help
Installing DSDE
DSDE Reference
Glossary
A
B
C
D
E
F
G
I
L
M
N
O
P
Q
R
S
T
U
X
Documentation Home