AuthenticationTypes Enumeration

.NET Framework Class Library

The AuthenticationTypes enumeration specifies the types of authentication used in System.DirectoryServices. This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.

This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.

Namespace:  System.DirectoryServices
Assembly:  System.DirectoryServices (in System.DirectoryServices.dll)

 Syntax

Visual Basic (Declaration)

<FlagsAttribute> _
Public Enumeration AuthenticationTypes

Visual Basic (Usage)

Dim instance As AuthenticationTypes

C#

[FlagsAttribute]
public enum AuthenticationTypes

Visual C++

[FlagsAttribute]
public enum class AuthenticationTypes

JScript

public enum AuthenticationTypes

 Members

	Member name	Description
	None	Equates to zero, which means to use basic authentication (simple bind) in the LDAP provider.
	Secure	Requests secure authentication. When this flag is set, the WinNT provider uses NTLM to authenticate the client. Active Directory Domain Services uses Kerberos, and possibly NTLM, to authenticate the client. When the user name and password are a null reference (Nothing in Visual Basic), ADSI binds to the object using the security context of the calling thread, which is either the security context of the user account under which the application is running or of the client user account that the calling thread is impersonating.
	Encryption	Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit.
	SecureSocketsLayer	Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit. Active Directory Domain Services requires the Certificate Server be installed to support Secure Sockets Layer (SSL) encryption.
	ReadonlyServer	For a WinNT provider, ADSI tries to connect to a domain controller. For Active Directory Domain Services, this flag indicates that a writable server is not required for a serverless binding.
	Anonymous	No authentication is performed.
	FastBind	Specifies that ADSI will not attempt to query the Active Directory Domain Services objectClass property. Therefore, only the base interfaces that are supported by all ADSI objects will be exposed. Other interfaces that the object supports will not be available. A user can use this option to boost the performance in a series of object manipulations that involve only methods of the base interfaces. However, ADSI does not verify if any of the request objects actually exist on the server. For more information, see the topic "Fast Binding Option for Batch Write/Modify Operations" in the MSDN Library at http://msdn.microsoft.com/library. For more information about the objectClass property, see the "Object-Class" topic in the MSDN Library at http://msdn.microsoft.com/library.
	Signing	Verifies data integrity to ensure that the data received is the same as the data sent. The Secure flag must also be set to use signing.
	Sealing	Encrypts data using Kerberos. The Secure flag must also be set to use sealing.
	Delegation	Enables Active Directory Services Interface (ADSI) to delegate the user's security context, which is necessary for moving objects across domains.
	ServerBind	If your ADsPath includes a server name, specify this flag when using the LDAP provider. Do not use this flag for paths that include a domain name or for serverless paths. Specifying a server name without also specifying this flag results in unnecessary network traffic.

 Remarks

The Secure flag can be used in combination with other flags such as ReadonlyServer, FastBind.

Serverless binding refers to a process in which a client attempts to bind to an Active Directory Domain Services object without explicitly specifying an Active Directory Domain Services server in the binding string, for example:

LDAP://CN=jsmith,DC=fabrikam,DC=Com

This is possible because the Lightweight Directory Access Protocol (LDAP) provider relies on the locator services of Windows 2000 to find the best domain controller (DC) for the client. However, the client must have an account on the Active Directory Domain Services domain controller to take advantage of the serverless binding feature, and the domain controller that is used by a serverless bind will always be located in the default domain (the domain associated with the current security context of the thread that's doing the binding).

Note:
None of these options are supported by the Novell Netware Directory Service (NDS) system provider.

 Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

 Version Information

.NET Framework

Supported in: 3.5, 3.0, 2.0, 1.1, 1.0

 See Also

Reference

System.DirectoryServices Namespace

DirectoryEntry

DirectorySearcher

SearchResult

System.DirectoryServices