Export (0) Print
Expand All
Expand Minimize
5 out of 15 rated this helpful - Rate this topic

System.DirectoryServices Namespace

The System.DirectoryServices namespace provides easy access to Active Directory Domain Services from managed code. The namespace contains two component classes, DirectoryEntry and DirectorySearcher, which use the Active Directory Services Interfaces (ADSI) technology. ADSI is the set of interfaces that Microsoft provides as a flexible tool for working with a variety of network providers. ADSI gives the administrator the ability to locate and manage resources on a network with relative ease, regardless of the size of the network.

The classes in this namespace can be used with any of the Active Directory Domain Services service providers. The current providers are: Internet Information Services (IIS), Lightweight Directory Access Protocol (LDAP), Novell NetWare Directory Service (NDS), and WinNT.

ADSI is a programmatic interface for Microsoft Active Directory Domain Services that enables your applications to interact with diverse directories on a network using a single interface. Using ADSI, you can create applications that perform common tasks, such as backing up databases, accessing printers, and administering user accounts.

It is assumed that you have a general understanding of Active Directory Domain Services before using these classes. For more information on Active Directory Domain Services, see the topics Introduction to Active Directory Objects and Active Directory Technology Backgrounder, as well as the following topics in the MSDN library at http://msdn.microsoft.com/library:

Active Directory Domain Services use a tree structure. Each node in the tree contains a set of properties. Use this namespace to traverse, search, and modify the tree, and read and write to the properties of a node.

The DirectoryEntry class encapsulates a node or object in the Active Directory Domain Services hierarchy. Use this class for binding to objects, reading properties, and updating attributes. Together with helper classes, DirectoryEntry provides support for life-cycle management and navigation methods, including creating, deleting, renaming, moving a child node, and enumerating children.

Use the DirectorySearcher class to perform queries against the Active Directory Domain Services hierarchy. LDAP is the only system-supplied Active Directory Service Interfaces (ADSI) provider that supports searching.

A search of the Active Directory Domain Services hierarchy through DirectorySearcher returns instances of SearchResult, which are contained in an instance of the SearchResultCollection class.

Note: Many of the classes, methods, and properties in the System.DirectoryServices namespace use the LinkDemand code access security option. This means that the code access security demand only occurs during just-in-time compilation and that the demand is performed only on the calling assembly and not up the entire call stack. Because of this, callers should not pass objects that are created from this namespace at runtime to code that is not trusted.

  Class Description
Public class ActiveDirectoryAccessRule The ActiveDirectoryAccessRule class is used to represent an access control entry (ACE) in the discretionary access control list (DACL) of an Active Directory Domain Services object.
Public class ActiveDirectoryAuditRule The ActiveDirectoryAuditRule is used to set an access control entry (ACE) on a system access control list (SACL). The ActiveDirectoryAccessRule contains the trustee, which is represented as an IdentityReference object. It also contains information about the access control type, access mask, and other properties such as inheritance flags. This rule is set on an ActiveDirectorySecurity object. After the ActiveDirectorySecurity is committed to the directory store, it will modify the security descriptor object according to the rules that are set on ActiveDirectoryAuditRule.
Public class ActiveDirectorySecurity Uses the object security layer of the managed ACL library to wrap access control functionality for directory objects.
Public class CreateChildAccessRule The CreateChildAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to create child objects.
Public class DeleteChildAccessRule The DeleteChildAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to delete child objects.
Public class DeleteTreeAccessRule The DeleteTreeAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to delete all child objects, regardless of the permissions that the child objects have.
Public class DirectoryEntries Contains a collection of DirectoryEntry objects.
Public class DirectoryEntry The DirectoryEntry class encapsulates a node or object in the Active Directory Domain Services hierarchy.
Public class DirectoryEntryConfiguration The DirectoryEntryConfiguration class provides a direct way to specify and obtain provider-specific options for manipulating a directory object. Typically, the options apply to search operations of the underlying directory store. The supported options are provider-specific.
Public class DirectorySearcher Performs queries against Active Directory Domain Services.
Public class DirectoryServicesCOMException Contains extended error information about an error that occurred when the Invoke method is called.
Public class DirectoryServicesPermission The DirectoryServicesPermission class allows you to control code access security permissions for System.DirectoryServices.
Public class DirectoryServicesPermissionAttribute Allows declarative System.DirectoryServices permission checks.
Public class DirectoryServicesPermissionEntry The DirectoryServicesPermissionEntry class defines the smallest unit of a code access security permission set for System.DirectoryServices.
Public class DirectoryServicesPermissionEntryCollection Contains a strongly-typed collection of DirectoryServicesPermissionEntry objects.
Public class DirectorySynchronization Specifies how to synchronize a directory within a domain.
Public class DirectoryVirtualListView The DirectoryVirtualListView class specifies how to conduct a virtual list view search. A virtual list view search enables users to view search results as address-book style virtual list views. It is specifically designed for very large result sets. Search data is retrieved in contiguous subsets of a sorted directory search.
Public class DirectoryVirtualListViewContext Specifies how to construct directory virtual list view response.
Public class DSDescriptionAttribute Supports the .NET Framework infrastructure and is not intended to be used directly from code.
Public class ExtendedRightAccessRule Represents a specific type of access rule that is used to allow or deny an Active Directory object an extended right. Extended rights are special operations that are not covered by the standard set of access rights. An example of an extended right is Send-As, which gives a user the right to send e-mail for another user. For a list of possible extended rights, see the topic Extended Rights in the MSDN Library at http://msdn.microsoft.com/library. For more information about extended rights, see the topic Control Access Rights, also in the MSDN Library.
Public class ListChildrenAccessRule The ListChildrenAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to list child objects.
Public class PropertyAccessRule The PropertyAccessRule class represents a specific type of access rule that is used to allow or deny access to an Active Directory Domain Services property.
Public class PropertyCollection The PropertyCollection class contains the properties of a DirectoryEntry.
Public class PropertySetAccessRule The PropertySetAccessRule class represents a specific type of access rule that is used to allow or deny access to an Active Directory Domain Services property set. For a list of property sets that are defined for Active Directory Domain Services, see the topic Property Sets in the MSDN Library at http://msdn.microsoft.com/library.
Public class PropertyValueCollection Contains the values of a DirectoryEntry property.
Public class ResultPropertyCollection Contains the properties of a SearchResult instance.
Public class ResultPropertyValueCollection Contains the values of a SearchResult property.
Public class SchemaNameCollection Contains a list of the schema names that the SchemaFilter property of a DirectoryEntries object can use.
Public class SearchResult The SearchResult class encapsulates a node in the Active Directory Domain Services hierarchy that is returned during a search through DirectorySearcher.
Public class SearchResultCollection The SearchResultCollection class contains the SearchResult instances that the Active Directory hierarchy returned during a DirectorySearcher query.
Public class SortOption Specifies how to sort the results of a search.
  Enumeration Description
Public enumeration ActiveDirectoryRights The ActiveDirectoryRights enumeration specifies the access rights that are assigned to an Active Directory Domain Services object.
Public enumeration ActiveDirectorySecurityInheritance The ActiveDirectorySecurityInheritance enumeration specifies if, and how, ACE information is applied to an object and its descendents.
Public enumeration AuthenticationTypes The AuthenticationTypes enumeration specifies the types of authentication used in System.DirectoryServices. This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.
Public enumeration DereferenceAlias The DereferenceAlias enumeration specifies how aliases are resolved. This enumeration provides values for the DirectorySearcher.DerefAlias property.
Public enumeration DirectoryServicesPermissionAccess The DirectoryServicesPermissionAccess enumeration defines access levels that are used by System.DirectoryServices permission classes. This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.
Public enumeration DirectorySynchronizationOptions Contains flags that determine how directories within a domain will be synchronized. These options can be set for the DirectorySynchronization.Option property.
Public enumeration ExtendedDN The ExtendedDN enumeration specifies the format in which to return the extended distinguished name. This enumeration is used with the DirectorySearcher.ExtendedDN property.
Public enumeration PasswordEncodingMethod Specifies whether SSL is used when you set or change a password. This enumeration is used with the DirectoryEntryConfiguration.PasswordEncoding property.
Public enumeration PropertyAccess The PropertyAccess enumeration is used with the PropertyAccessRule and PropertySetAccessRule classes to indicate the type of access that is applied to an Active Directory property or property set.
Public enumeration ReferralChasingOption The ReferralChasingOption enumeration specifies if and how referral chasing is pursued.
Public enumeration SearchScope Specifies the possible scopes for a directory search that is performed using the DirectorySearcher object.
Public enumeration SecurityMasks Specifies the available options for examining security information of a directory object. This enumeration is used with the DirectorySearcher.SecurityMasks and DirectoryEntryConfiguration.SecurityMasks properties.
Public enumeration SortDirection The SortDirection enumeration specifies how to sort the results of an Active Directory Domain Services query.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.