Active Directory Web Services Overview

Active Directory Web Services (ADWS) is a new windows service introduced in Windows 2008 R2 that enables remote management of any local directory service instance using WS-* protocols.

ADWS supports the following web service protocols: 

• WS-Transfer
• IMDA (WS-Transfer Extensions for Identity Management Operations for Directory Access)
• WS-Enumeration Directory Services Protocol Extensions which are a set of extensions for WS-Enumeration.
• Custom Actions
• LDAP Generic Control Extension: Proprietary extension to WS-Transfer and WS-Enumeration which provides a mechanism for passing in LDAP controls a part of the request.

The data model used by AD Webservice is described here.

AD Webservice is automatically installed along with ADDS or ADLDS role, and is configured to run automatically when the directory instance is promoted. The Active Directory Module for Windows Powershell uses AD Webservice to manage and administer Active Directory. Also, since the new Active Directory Administrative Center (ADAC) is implemented on top of AD PowerShell, it also uses AD Webservice to manage the directory server.  This client server model is depicted in the following diagram:

As shown in the above diagram a single instance of ADWS manages all directory service instances running on the server. This includes Domain Controller, Global Catalog, Snapshot browser instances and ADLDS instances. AD Webservice is implemented using WCF and listens on the registered TCP port 9389. The service runs as a Local System with restricted privileges.

Stay tuned for more information on AD Webservice.

Cheers,
Manas Singh

Comments

• Anonymous
  April 07, 2009
  Active Directory Web Services (ADWS) is a new windows service introduced in Windows 2008 R2 that enables
• Anonymous
  July 27, 2009
  How can we interact With ADWS using C# Development?
• Anonymous
  June 15, 2010
  I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I'll be subscribing to your feed and I hope you post again soon.
• Anonymous
  July 02, 2010
  I'm running Windows Server 2008 Enterprise on my AD server.I do not see ADWS as a windows service.  How can I get this installed?
• Anonymous
  August 08, 2010
  I am really grateful to have the information from this blog.I liked the blog as it has been written,the information  i got from here.
• Anonymous
  August 09, 2010
  @JawharThe ADWS protocol is documented at msdn.microsoft.com/.../dd303965(PROT.13).aspx@BillADWS is released with Windows Server 2008 R2. For the downlevel OS, see the following blog post:blogs.msdn.com/.../active-directory-management-gateway-service-released-to-web-manage-your-windows-2003-2008-dcs-using-ad-powershell.aspx
• Anonymous
  September 29, 2010
  Is there any way to access ADWS via http? I'm just starting to learn wcf and still have no idea how to interact with ADWS using C# after reading through the protocol from the link above.It would be great if there was an example about using ADWS in a Windows console or form app.ThanksDavid
• Anonymous
  November 29, 2011
  Hi,Many of the developers looking into ADWS to interact with AD usiing C#|VB but there is no article available.Can you guide us in this direction. As far as I understand this ADWS model, I think currently programers can only interact  with it using AD PowerShell snapin. But ADWS should be exposed via a Url, but I cannot find what is the URL of ADWS if I want to consume it.Regards,
• Anonymous
  November 30, 2011
  Unfortunately after 2 hours of searching, I could not find a way to get .wsdl file for AD Web Services. I think it is not exposed as a web service, because I have seen people using it with TCP protocol, not with HTTP. Look at here:msdn.microsoft.com/.../dd303811(v=PROT.13).aspxI think he would have to consume ADWS this way, as mentioned in above link.Two sections examples are included in above link.These are the ADWS connection points in this case for both sections"AccountManagement:net.tcp://ADServer:9389/ActiveDirectoryWebServices/Windows/AccountManagementTopologyManagementnet.tcp://ADServer:9389/ActiveDirectoryWebServices/Windows/ TopologyManagementRegards,Laeeq Qazi
• Anonymous
  April 15, 2012
  dereisduif1621.nl,  very nice web :)
• Anonymous
  September 11, 2013
  can ADWS be added to a server running   SBS 2003?Is there an work around?
• Anonymous
  October 29, 2013
  Hi Guys,Seems like ADWS cannot consume over http right? BTW. If have to implement it over the TCP protocol, any body got some example to do that over C# or another language?Thanks in advance.
• Anonymous
  December 09, 2013
  Hi John!you charged me   $59.00 11/07/13 and I'd like you to tell me what it was for and if it was performed?   thanks  you for  your time and trouble !                                                                     Best Regards Karey Tonnesen
• Anonymous
  December 09, 2013
  I tried to call you, but the waiting time was to long, so I had to find another way to contact you for my questions John!  I'm not sure how your advertising system works, so perhaps you can explain it to me?                                                     Best Regards Karey                                              
• Anonymous
  April 09, 2015
  Hello M. Ali,Could you change "Windows 2008 R2 " to "Windows Server 2008 R2"?