[This is preliminary documentation and subject to change.]
The Third Party "API" in a Lightweight Directory Access Protocol (LDAP) interface for accessing policy-based admission information stored in the Windows NT Active Directory. Its definition requires a quick treatment of the process of gaining such information.
The Admission Control Service (ACS) is the GQOS component that provides a policy-based means of regulating and managing network resources associated with 802 (shared media) LANs (the ACS service encompasses SBM functionality within its base service). The means by which network resources are regulated is through permission and admission policies; the ACS interfaces indirectly with LPMs in order to gain approval or rejection of a node's requested network resources. LPMs can be considered the go-betweens for ACS admission policy queries and the user's policy store (presumably some sort of authentication/policy store, perhaps a centralized database of enterprise-wide authentication information). In the default LPM that ships with Windows NT 5.0, the LPM is implemented through a DLL called MSIDPE.DLL, which provides a policy interface to Windows NT's centralized database of enterprise-wide information, the Active Directory. Thus, in the ACS component model, policy information is provided through MSIDPE.DLL, or as it is referred to throughout this documentation, the LPM component. ACS policy decisions, regarding access to network device resources, are realized through the LPM component's access to Windows NT Active Directory policy stores.
In order for Active Directory policy information to be made available to other network devices–devices such as routers, WAN interfaces, or switches that might be interested in regulating resource admission based on the Active Directory's configurable policy information–a programmatic interface to policy information stores in the Windows NT Active Directory was necessary. The interface that exposes Windows NT Active Directory policy information is accessible through LDAP, and is called the Third Party API.