ContextOptions Enumeration


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Specifies the options that are used for binding to the server. The application can set multiple options that are linked with a bitwise OR operation.

This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.

Namespace:   System.DirectoryServices.AccountManagement
Assembly:  System.DirectoryServices.AccountManagement (in System.DirectoryServices.AccountManagement.dll)

public enum ContextOptions

Member nameDescription

The client is authenticated by using either Kerberos or NTLM. When the user name and password are not provided, the Account Management API binds to the object by using the security context of the calling thread, which is either the security context of the user account under which the application is running or of the client user account that the calling thread represents.


The data is encrypted by using Kerberos.


The channel is encrypted by using the Secure Sockets Layer (SSL). Active Directory requires that the Certificate Services be installed to support SSL.


Specify this flag when you use the domain context type if the application is binding to a specific server name.


The integrity of the data is verified. This flag can only be used with the Negotiate context option and is not available with the simple bind option.


The client is authenticated by using the Basic authentication.

When the context options are not specified by the application, the Account Management API uses the following combination of options:

  • ContextOptions.Negotiate | ContextOptions.Signing | ContextOptions.Sealing

.NET Framework
Available since 3.5

System.DirectoryServices.AccountManagement Namespace Overview

Return to top