Note
Access to this page requires authorization. You can trysigning in orchanging directories.
Access to this page requires authorization. You can trychanging directories.
System.DirectoryServices Namespace
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Provides easy access to Active Directory Domain Services from managed code. The namespace contains two component classes,DirectoryEntry andDirectorySearcher, which use the Active Directory Services Interfaces (ADSI) technology. ADSI is the set of interfaces that Microsoft provides as a flexible tool for working with a variety of network providers. ADSI gives the administrator the ability to locate and manage resources on a network with relative ease, regardless of the size of the network.
Classes
| Name | Description |
|---|---|
| ActiveDirectoryAccessRule | TheActiveDirectoryAccessRule class is used to represent an access control entry (ACE) in the discretionary access control list (DACL) of an Active Directory Domain Services object. |
| ActiveDirectoryAuditRule | TheActiveDirectoryAuditRule is used to set an access control entry (ACE) on a system access control list (SACL). TheActiveDirectoryAccessRule contains the trustee, which is represented as anIdentityReference object. It also contains information about the access control type, access mask, and other properties such as inheritance flags. This rule is set on anActiveDirectorySecurity object. After theActiveDirectorySecurity is committed to the directory store, it will modify the security descriptor object according to the rules that are set onActiveDirectoryAuditRule. |
| ActiveDirectorySecurity | Uses the object security layer of the managed ACL library to wrap access control functionality for directory objects. |
| CreateChildAccessRule | TheCreateChildAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to create child objects. |
| DeleteChildAccessRule | TheDeleteChildAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to delete child objects. |
| DeleteTreeAccessRule | TheDeleteTreeAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to delete all child objects, regardless of the permissions that the child objects have. |
| DirectoryEntries | Contains a collection ofDirectoryEntry objects. |
| DirectoryEntry | TheDirectoryEntry class encapsulates a node or object in the Active Directory Domain Services hierarchy. |
| DirectoryEntryConfiguration | TheDirectoryEntryConfiguration class provides a direct way to specify and obtain provider-specific options for manipulating a directory object. Typically, the options apply to search operations of the underlying directory store. The supported options are provider-specific. |
| DirectorySearcher | Performs queries against Active Directory Domain Services. |
| DirectoryServicesCOMException | Contains extended error information about an error that occurred when theInvoke(String, Object[]) method is called. |
| DirectoryServicesPermission | TheDirectoryServicesPermission class allows you to control code access security permissions forSystem.DirectoryServices. |
| DirectoryServicesPermissionAttribute | Allows declarativeSystem.DirectoryServices permission checks. |
| DirectoryServicesPermissionEntry | TheDirectoryServicesPermissionEntry class defines the smallest unit of a code access security permission set forSystem.DirectoryServices. |
| DirectoryServicesPermissionEntryCollection | Contains a strongly-typed collection ofDirectoryServicesPermissionEntry objects. |
| DirectorySynchronization | Specifies how to synchronize a directory within a domain. |
| DirectoryVirtualListView | TheDirectoryVirtualListView class specifies how to conduct a virtual list view search. A virtual list view search enables users to view search results as address-book style virtual list views. It is specifically designed for very large result sets. Search data is retrieved in contiguous subsets of a sorted directory search. |
| DirectoryVirtualListViewContext | Specifies how to construct directory virtual list view response. |
| DSDescriptionAttribute | Supports the .NET Framework infrastructure and is not intended to be used directly from code. |
| ExtendedRightAccessRule | Represents a specific type of access rule that is used to allow or deny an Active Directory object an extended right. Extended rights are special operations that are not covered by the standard set of access rights. An example of an extended right isSend-As, which gives a user the right to send email for another user. For a list of possible extended rights, see theExtended Rights article. For more information about extended rights, see theControl Access Rights. |
| ListChildrenAccessRule | TheListChildrenAccessRule class represents a specific type of access rule that is used to allow or deny an Active Directory Domain Services object the right to list child objects. |
| PropertyAccessRule | ThePropertyAccessRule class represents a specific type of access rule that is used to allow or deny access to an Active Directory Domain Services property. |
| PropertyCollection | ThePropertyCollection class contains the properties of aDirectoryEntry. |
| PropertySetAccessRule | ThePropertySetAccessRule class represents a specific type of access rule that is used to allow or deny access to an Active Directory Domain Services property set. For a list of property sets that are defined for Active Directory Domain Services, see theProperty Sets article. |
| PropertyValueCollection | Contains the values of aDirectoryEntry property. |
| ResultPropertyCollection | Contains the properties of aSearchResult instance. |
| ResultPropertyValueCollection | Contains the values of aSearchResult property. |
| SchemaNameCollection | Contains a list of the schema names that theSchemaFilter property of aDirectoryEntries object can use. |
| SearchResult | TheSearchResult class encapsulates a node in the Active Directory Domain Services hierarchy that is returned during a search throughDirectorySearcher. |
| SearchResultCollection | TheSearchResultCollection class contains theSearchResult instances that the Active Directory hierarchy returned during aDirectorySearcher query. |
| SearchWaitHandler | A class that deals with search wait handling. |
| SortOption | Specifies how to sort the results of a search. |
Enums
| Name | Description |
|---|---|
| ActiveDirectoryRights | TheActiveDirectoryRights enumeration specifies the access rights that are assigned to an Active Directory Domain Services object. |
| ActiveDirectorySecurityInheritance | TheActiveDirectorySecurityInheritance enumeration specifies if, and how, ACE information is applied to an object and its descendents. |
| AuthenticationTypes | TheAuthenticationTypes enumeration specifies the types of authentication used inSystem.DirectoryServices. This enumeration has aFlagsAttribute attribute that allows a bitwise combination of its member values. |
| DereferenceAlias | TheDereferenceAlias enumeration specifies how aliases are resolved. This enumeration provides values for theDerefAlias property. |
| DirectoryServicesPermissionAccess | TheDirectoryServicesPermissionAccess enumeration defines access levels that are used bySystem.DirectoryServices permission classes. This enumeration has aFlagsAttribute attribute that allows a bitwise combination of its member values. |
| DirectorySynchronizationOptions | Contains flags that determine how directories within a domain will be synchronized. These options can be set for theOption property. |
| ExtendedDN | TheExtendedDN enumeration specifies the format in which to return the extended distinguished name. This enumeration is used with theExtendedDN property. |
| PasswordEncodingMethod | Specifies whether SSL is used when you set or change a password. This enumeration is used with thePasswordEncoding property. |
| PropertyAccess | ThePropertyAccess enumeration is used with thePropertyAccessRule andPropertySetAccessRule classes to indicate the type of access that is applied to an Active Directory property or property set. |
| ReferralChasingOption | TheReferralChasingOption enumeration specifies if and how referral chasing is pursued. |
| SearchScope | Specifies the possible scopes for a directory search that is performed using theDirectorySearcher object. |
| SecurityMasks | Specifies the available options for examining security information of a directory object. This enumeration is used with theSecurityMasks andSecurityMasks properties. |
| SortDirection | TheSortDirection enumeration specifies how to sort the results of an Active Directory Domain Services query. |
Remarks
The classes in this namespace can be used with any of the Active Directory Domain Services service providers. The current providers are: Internet Information Services (IIS), Lightweight Directory Access Protocol (LDAP), Novell NetWare Directory Service (NDS), and WinNT.
ADSI is a programmatic interface for Microsoft Active Directory Domain Services that enables your applications to interact with diverse directories on a network using a single interface. Using ADSI, you can create applications that perform common tasks, such as backing up databases, accessing printers, and administering user accounts.
It is assumed that you have a general understanding of Active Directory Domain Services before using these classes. For more information on Active Directory Domain Services, see the following topics:
Active Directory Domain Services use a tree structure. Each node in the tree contains a set of properties. Use this namespace to traverse, search, and modify the tree, and read and write to the properties of a node.
TheDirectoryEntry class encapsulates a node or object in the Active Directory Domain Services hierarchy. Use this class for binding to objects, reading properties, and updating attributes. Together with helper classes,DirectoryEntry provides support for life-cycle management and navigation methods, including creating, deleting, renaming, moving a child node, and enumerating children.
Use theDirectorySearcher class to perform queries against the Active Directory Domain Services hierarchy. LDAP is the only system-supplied Active Directory Service Interfaces (ADSI) provider that supports searching.
A search of the Active Directory Domain Services hierarchy throughDirectorySearcher returns instances ofSearchResult, which are contained in an instance of theSearchResultCollection class.
Feedback
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?
In this article
Was this page helpful?
Want to try using Ask Learn to clarify or guide you through this topic?
[8]ページ先頭