Directory Services

Article
09/24/2008

Purpose

Microsoft Active Directory Domain Services (AD DS) is a directory service that provides the foundation for distributed networks built on Windows 2000 and later domain controllers. The Active Directory Domain Service APIs provide access to the data stored in a directory.

Active Directory Lightweight Directory Services (AD LDS) is an independent mode of Active Directory Domain Services that provides dedicated directory services for applications. The conceptual and programmatic compatibility of AD LDS with Active Directory Domain Services makes AD LDS ideal for applications that require directory services, but do not require the complete infrastructure features of Active Directory Domain Services.

Active Directory Service Interfaces (ADSI) is a set of COM interfaces used to access the capabilities of directory services from different network providers in a distributed computing environment, to present a single set of directory service interfaces for managing network resources. Administrators and developers can use ADSI services to enumerate and manage the resources in a directory service, regardless of the network environment that contains the resource.

ADSI enables efficiency in common administrative tasks, such as adding new users, managing printers, and locating resources throughout a distributed computing environment.

The Microsoft Exchange Server directory can be accessed using ADSI interfaces. With the ADSI interfaces, you can use high-level tools such as Microsoft Visual Basic, Java, C, or Microsoft Visual C++ to create directory-enabled applications. With ADSI you need not be concerned about underlying differences between various directory implementations or namespaces because, in the provider-based model that ADSI supports, ADSI can serve as the interface to a number of directory services, accessing each one through its own provider.

This means that you can build applications that use a single point of access to multiple directories in the network environment, whether those directories are based on the Lightweight Directory Access Protocol (LDAP), Novell Directory Services (NDS), or the Windows NT 4.0 Security Account Manager (NTDS).

Where Applicable

Network Administrators can use directory services to automate common administrative tasks, such as adding users and groups, managing printers, and setting permissions on network resources.

Independent Software Vendors and end-user developers can use directory services to directory-enable their products and applications. Services can publish themselves in a directory, clients can use the directory to find services, and both can use the directory to find and manipulate other objects. Because Active Directory Service Interfaces are independent of the underlying directory services, directory-enabled products and applications operate successfully in multiple-network and multiple-directory environments.

Developer Audience

You can write Active Directory Domain Services, AD LDS, and ADSI client applications in many languages. For the majority of administrative tasks, ADSI defines interfaces and objects accessible from Automation-compliant languages like Visual Basic, Visual Basic Scripting Edition (VBScript), and from the more performance-oriented languages such as C and C++. A familiarity with COM programming is useful to the ADSI programmer.

Run-Time Requirements

Active Directory Domain Services runs on Windows 2000 and later domain controllers. However, you can develop and run Active Directory Domain Services client applications on a number of operating systems, such as Windows Vista, Windows XP, Windows 2000, Windows NT 4.0, Windows 98, and Windows 95. Some operating systems, such as Windows XP and Windows 2000, include built-in client components. Other operating systems, such as Windows NT 4.0, Windows 98, and Windows 95, require additional client components. These components are available from the MSDN website, which has more information about Active Directory Domain Services and ADSI, including the latest information about operating systems that support Active Directory Domain Services client applications.

AD LDS runs on Windows Server 2008, Windows Server 2003, Windows Server 2003, Enterprise Edition, or Windows Server 2003, Datacenter Edition for full operational functionality. Development for AD LDS can occur on any of these Windows Server 2003 operating systems. AD LDS also runs on Windows XP Professional, with some functional limitations, for standalone development.

In This Section

Topic	Description
Programming Guide for Active Directory Domain Services	Active Directory Domain Services Start Page.
Programming Guide for Active Directory Lightweight Directory Services	Active Directory Application Mode Start Page.
Programming Guide for Active Directory Service Interfaces	Active Directory Service Interfaces Start Page.
Programming Guide for Lightweight Directory Access Protocol	Lightweight Directory Access Protocol Start Page.
System.DirectoryServices Namespace Overview	System.DirectoryServices Start Page.
System.DirectoryServices.ActiveDirectory Namespace Overview	System.DirectoryServices.ActiveDirectory Start Page.
System.DirectoryServices.Protocols Namespace Overview	System.DirectoryServices.Protocols Start Page.
Programming Guide for Directory Services Markup Language (DSML) Services for Windows	Directory Services Markup Language (DSML) Services for Windows Start Page.
Directory Services Data Exchange (DSDE) command line utility	Directory Services Data Exchange (DSDE) Start Page.