| Platform SDK: Active Directory, ADSI, and Directory Services |
Since an object's distinguished name changes if the object is renamed or moved, the distinguished name is not a reliable identifier for an object. In Active Directory, an object's objectGUID property is never changed, even if the object is renamed or moved to different places. For more information on objectGUID and identifiers, see Object Names and Identities.
You can bind to an object directly using an object's GUID. Binding with the object's GUID is only supported in Active Directory (that is, the LDAP provider). The binding string format is the following:
LDAP://servername/<GUID=XXXXX>
In this example, servername is the name of the directory server and XXXXX is the string representation of hexidecimal value of the GUID. The servername is optional. Note that this is not the string produced by StringFromGUID2 function in the COM library. Use the IADs::get_GUID method to retrieve the bindable string form of the objectGUID.
There are some IADs and IADsContainer methods that are not supported if you bind using an objectGUID. For the IADs interface, the Name, Parent, and ADsPath methods (get_Name, get_Parent, and get_ADsPath for C++ programmers) are not supported for GUID bindings. For the IADsContainer interface, the GetObject, Create, Delete, CopyHere, and MoveHere methods are not supported for GUID bindings. To use these methods after binding to an object using the objectGUID, use the IADs::Get method to retrieve the object's distinguished name (DN), and then use the DN to bind again to the object. For more more information and sample code that illustrates these limitations, see IADs Property Methods and IADsContainer.
If your application stores or caches identifiers or references to objects stored in the directory, the objectGUID is the best identifier to keep because 1) it stays the same even if the object is renamed or moved and 2) you can bind easily to the object using its GUID. In addition, if the object is renamed or moved, the objectGUID provides a single identifier that you can use to easily find and identify the object — rather than forcing you to compose a query that has conditions for all properties that would identify that object.
Dim myObject as IADs
Set myObject = GetObject("LDAP://<GUID=63560110f7e1d111a6bfaaaf842b9cfa>")
IADs *pADs; LPWSTR pszFilter = L"LDAP://dc08/<GUID=63560110f7e1d111a6bfaaaf842b9cfa>"; hr = ADsGetObject( pszFilter, IID_IADs, (void**)&pADs);