DSML C# Help

With the namespace System. DirectoryServices . Protocols, you can access Active Directory through DSML (Directory Services Markup Language). DSML is a standard defined by the OASIS group  that allows you to access directory services through a Web service.

To make Active Directory available through DSML, you must have at least Windows Server 2003 R2 or you must install DSML Services for Windows.

Figure 46-12 shows a configuration scenario with DSML. A system that offers DSML services accesses Active Directory via LDAP. On the client system, the DSML classes from the namespace System. DirectoryServices. Protocols are used to make SOAP requests to the DSML service.

Figure 46-12

Figure 46-12

Classes In System.DirectoryServices.Protocols

The following table shows the major classes in the System. DirectoryServices. Protocols namespace.

Searching for Active Directory Objects with DSML

This section looks at an example of how a search for directory services objects can be performed. As you can see in the code that follows, first a DsrnlSoapHttpConnection object is instantiated that defines the connection to the DSML service. The connection is defined with the class DsrnlDirectoryldentifier that contains an Uri object. Optionally, the user credentials can be set with the connection:

The search filter can be defined with an LDAP string or by using an XML document contained in the XmlDocument class:

After the search is defined with the SearchRequest object, the search is sent to the Web service by calling the-method SendRequest. SendRequest is a method of the DsmlSoapHttpConnection class. SendRequest returns a SearchResponse object where the returned objects can be read.

Instead of invoking the synchronous SendRequest method, the DsmlSoapHttpConnection class also offers the asynchronous methods BeginSendRequest and EndSendRequest that conform to the asynchronous .NET pattern.

The asynchronous pattern is explained in Chapter 19, “Threading and Synchronization.”

SearchResponse searchResponse =

The returned Active Directory objects can be read within the SearchResponse. SearchResponse Entries contains a collection of all entries that are wrapped with the type SearchResultEntry. The SearchResultEntry class has the At tributes property that contains all attributes. Each attribute can be read with help of the DirectoryAttribute class.

In the code example, the distinguished name of each object is written to the console. Next, the attribute values for the organizational unit (OU) are accessed, and the name of the organizational unit is written to the console. After this, all values of the DirectoryAttribute objects are written to the console:

Adding, modifying, and deleting objects can be done similarly to searching objects. Depending on the action you want to perform, you can use the corresponding classes.

Posted on November 2, 2015 in Directory Services

Share the Story

Back to Top
Share This