Active directory programming with .NET

When programming with Active Directory you can use several technologies. Microsoft has created 4 namespaces for directory services programming in managed code:

  • System.DirectoryServices: a simple managed interop layer over Active Directory Service Interfaces (ADSI) COM component. This namespace provides simple programming access to LDAP directories, such as Active Directory and any type of LDAP Server (ex: open LDAP Server). While the programming model is reasonably powerful, there’s no strongly typed objects, you’re responsible for a lot of things
  • System.DirectoryServices.ActiveDirectory: introduced in .NET Framework 2.0, it is a wealth of new classes for strongly typed management of directory infrastructure-level components, such as servers, domains, forests, schema, and replication
  • System.DirectoryServices.Protocolsintroduced in .NET Framework 2.0, provides raw access to underlying LDAP-based directories, such as Active Directory and Active Directory Lightweight Directory Services (AD LDS). This skips ADSI, so you get better performance, but it’s a lot harder to use.
  • System.DirectoryServices.AccountManagement: it is built on System.DirectoryServices and was introduced with .NET 3.5. This namespace is only for Active Directory or AD LDS. It works against User, Group, and Computer objects and they are strongly typed objects.
Microsoft Directory Services Programming Architecture

Microsoft Directory Services Programming Architecture