Using Active Directory

This section provides guidelines and recommended practices for writing applications that use or publish information in Active Directory™.

The primary and recommended application programming interface (API) for Active Directory is Active Directory Service Interfaces (ADSI).

Note  Active Directory in Microsoft® Windows® 2000 is a directory service that is compliant with Lightweight Directory Access Protocol (LDAP) 3.0. LDAP is defined by RFC 2251 and others. Programmatic access to the directory using the LDAP API is also supported. This means you can write directory-enabled applications using the LDAP API. Microsoft provides an enhanced LDAP API for C/C++ programmers. Active Directory also supports other LDAP API implementations.

If you have existing applications that use an implementation of the LDAP API, you can continue to use that API to access Active Directory. However, ADSI also provides a uniform, object-oriented directory access model to multiple directories. In addition to Windows 2000, ADSI supports directory access to Novell NetWare Directory Services (NDS), NetWare 3.11, and Microsoft® Windows NT® 4.0.

The ADSI programming model also allows other vendors to add support for other directories. These vendors can create new providers that expose their own namespace. The namespace can represent a directory service or anything else that the vendor wants. To implement a provider, you must follow some guidelines and implement a subset of ADSI COM interfaces depending on the degree of support that you want to expose. For information on implementing providers, see Implementing ADSI Providers. ADSI also provides a way for vendors to extend the ADSI interface using the ADSI extension mechanism. The vendors extend ADSI COM classes with their own methods and interfaces.