Active Directory 开发(转http://www.cnblogs.com/springyangwc/archive/2012/02/07/2340987.html)

Coordinator
Feb 8, 2012 at 8:35 AM

概要

活动目录(Active Directory)是面向Windows Standard Server、Windows Enterprise Server以及 Windows Datacenter Server的目录服务。(Active Directory不能运行在Windows Web Server上,但是可以通过它对运行Windows Web Server的计算机进行管理。)Active Directory存储了有关网络对象的信息,并且让管理员和用户能够轻松地查找和使用这些信息。Active Directory使用了一种结构化的数据存储方式,并以此作为基础对目录信息进行合乎逻辑的分层组织。

Microsoft Active Directory 服务是Windows 平台的核心组件,它为用户管理网络环境各个组成要素的标识和关系提供了一种有力的手段。

功能

活动目录(Active Directory)主要提供以下功能:

①基础网络服务:包括DNS、WINS、DHCP、证书服务等。

②服务器及客户端计算机管理:管理服务器及客户端计算机账户,所有服务器及客户端计算机加入域管理并实施组策略。

③用户服务:管理用户域账户、用户信息、企业通讯录(与电子邮件系统集成)、用户组管理、用户身份认证、用户授权管理等,按省实施组管理策略。

④资源管理:管理打印机、文件共享服务等网络资源。

⑤桌面配置:系统管理员可以集中的配置各种桌面配置策略,如:界面功能的限制、应用程序执行特征限制、网络连接限制、安全配置限制等。

⑥应用系统支撑:支持财务、人事、电子邮件、企业信息门户、办公自动化、补丁管理、防病毒系统等各种应用系统。

LDAP

  LDAP是轻量目录访问协议,英文全称是Lightweight Directory Access Protocol。
  LDAP是基于X.500标准的。
  LDAP 仅通过使用原始 X.500目录存取协议 (DAP) 的功能子集而减少了所需的系统资源消耗。
  与X.500不同,LDAP支持TCP/IP,这对访问Internet是必须的。
  LDAP和关系数据库是两种不同层次的概念,后者是存贮方式(同一层次如网格数据库,对象数据库),前者是存贮模式和访问协议。
  LDAP是一个比关系数据库抽象层次更高的存贮概念,与关系数据库的查询语言SQL属同一级别。

 

开发功能

先看看System.DirectoryServices的代码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
namespace System.DirectoryServices
{
    [DSDescription("DirectoryEntryDesc")]
    [TypeConverter(typeof (DirectoryEntryConverter))]
    [SecurityPermission(SecurityAction.Assert, Flags = SecurityPermissionFlag.UnmanagedCode)]
    [EnvironmentPermission(SecurityAction.Assert, Unrestricted = true)]
    [DirectoryServicesPermission(SecurityAction.LinkDemand, Unrestricted = true)]
    public class DirectoryEntry : Component
    {
        [DirectoryServicesPermission(SecurityAction.Demand, Unrestricted = true)]
        public DirectoryEntry();
  
        [DirectoryServicesPermission(SecurityAction.Demand, Unrestricted = true)]
        public DirectoryEntry(string path);
  
        [DirectoryServicesPermission(SecurityAction.Demand, Unrestricted = true)]
        public DirectoryEntry(string path, string username, string password);
  
        [DirectoryServicesPermission(SecurityAction.Demand, Unrestricted = true)]
        public DirectoryEntry(string path, string username, string password, AuthenticationTypes authenticationType);
  
        [DirectoryServicesPermission(SecurityAction.Demand, Unrestricted = true)]
        public DirectoryEntry(object adsObject);
  
        [DefaultValue(AuthenticationTypes.Secure)]
        [DSDescription("DSAuthenticationType")]
        public AuthenticationTypes AuthenticationType { get; set; }
  
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        [DSDescription("DSChildren")]
        [Browsable(false)]
        public DirectoryEntries Children { get; }
  
        [DSDescription("DSGuid")]
        [Browsable(false)]
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        public Guid Guid { get; }
  
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        [Browsable(false)]
        [DSDescription("DSObjectSecurity")]
        public ActiveDirectorySecurity ObjectSecurity { get; set; }
  
        [DSDescription("DSName")]
        [Browsable(false)]
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        public string Name { get; }
  
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        [DSDescription("DSNativeGuid")]
        [Browsable(false)]
        public string NativeGuid { get; }
  
        [DSDescription("DSNativeObject")]
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        [Browsable(false)]
        public object NativeObject { get; }
  
        [DSDescription("DSParent")]
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        [Browsable(false)]
        public DirectoryEntry Parent { get; }
  
        [DefaultValue(null)]
        [Browsable(false)]
        [DSDescription("DSPassword")]
        public string Password { set; }
  
        [SettingsBindable(true)]
        [DefaultValue("")]
        [TypeConverter("System.Diagnostics.Design.StringValueConverter, System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")]
        [DSDescription("DSPath")]
        public string Path { get; set; }
  
        [DSDescription("DSProperties")]
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        [Browsable(false)]
        public PropertyCollection Properties { get; }
  
        [DSDescription("DSSchemaClassName")]
        [Browsable(false)]
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        public string SchemaClassName { get; }
  
        [Browsable(false)]
        [DSDescription("DSSchemaEntry")]
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        public DirectoryEntry SchemaEntry { get; }
  
        [DefaultValue(true)]
        [DSDescription("DSUsePropertyCache")]
        public bool UsePropertyCache { get; set; }
  
        [DSDescription("DSUsername")]
        [DefaultValue(null)]
        [Browsable(false)]
        [TypeConverter("System.Diagnostics.Design.StringValueConverter, System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")]
        public string Username { get; set; }
  
        [DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)]
        [ComVisible(false)]
        [DSDescription("DSOptions")]
        [Browsable(false)]
        public DirectoryEntryConfiguration Options { get; }
  
        public void Close();
        public void CommitChanges();
        public DirectoryEntry CopyTo(DirectoryEntry newParent);
        public DirectoryEntry CopyTo(DirectoryEntry newParent, string newName);
        public void DeleteTree();
        protected override void Dispose(bool disposing);
        public static bool Exists(string path);
        public object Invoke(string methodName, params object[] args);
  
        [ComVisible(false)]
        public object InvokeGet(string propertyName);
  
        [ComVisible(false)]
        public void InvokeSet(string propertyName, params object[] args);
  
        public void MoveTo(DirectoryEntry newParent);
        public void MoveTo(DirectoryEntry newParent, string newName);
        public void RefreshCache();
        public void RefreshCache(string[] propertyNames);
        public void Rename(string newName);
    }
}

 

在Active Directory中搜索