Directory Services

Choosing the Search Technology

You can use the following technologies to search Active Directory:

IDirectorySearch ADSI provides the IDirectorySearch interface to query Active Directory (as well as other directory services such as NDS) using LDAP. IDirectorySearch is a COM interface that returns richly typed data, such as Integer, Octet String, String, Security Descriptor, UTC-Time, Large Integer, or Boolean. For more information about how to use IDirectorySearch, see Searching With the IDirectorySearch Interface.
OLE DB OLE DB is a set of COM interfaces that provide applications with uniform access to data stored in diverse information sources, regardless of location or type. ADSI also provides an OLE DB provider for ADSI that enables applications to use OLE DB to access Active Directory. The ADSI OLE DB provider uses the IDirectorySearch interfaces to submit queries to Active Directory and to collect the results.
ADO and other OLE DB-based data access technologies The ADSI OLE DB provider enables any data-access technology based on OLE DB (such as ADO) to search Active Directory.
LDAP API Microsoft® Windows® 2000 domain controllers are directory servers that are compliant with LDAP version 3. The LDAP API is a C-style function library. Applications can use the LDAP API to search Active Directory.

Which one do you choose?

For Microsoft® Visual Basic® and Visual Basic Scripting Edition (VBScript), ADO is recommended.

For C/C++, you can choose any of the technologies.

If your application extensively uses ADSI, it may be simpler to use IDirectorySearch. If you use IDirectoryObject to manage objects in Active Directory, use IDirectorySearch to make handling the properties returned from the search easier. IDirectorySearch uses the same ADSVALUE structures as IDirectoryObject to represent properties. In addition, IDirectorySearch is exposed on almost all ADSI COM objects. If you have a pointer to an ADSI COM object, you can simply call QueryInterface to get an IDirectorySearch pointer that you can use to perform a search starting at the directory object represented by the ADSI COM object.

If your application already uses OLE DB, ADO or LDAP API, you can continue to use those technologies to search Active Directory as well.

If your application needs to join data from Active Directory and a SQL Server 7 database, use OLE DB. By using OLE DB, your application can perform distributed queries that reference Active Directory and tables and rowsets from one or more Microsoft SQL Server 7 databases.