The Active Directory Services Interface (ADSI) is one of Microsoft's initiatives to impose a consistent component object layer on top of a number of disparate underlying services. We'll meet another one, Active Data Objects (ADO), when we look into Microsoft Transaction Server (MTS) later on. The name of the game is to extract whatever is common, whilst isolating the differences, so as to enable application writers to develop software that, with minimal tweaking, can be made to work on all the different varieties of underlying service.
The problem is that there are a number of conflicting alternatives to use for a directory service. More importantly, from the client's point of view, there are conflicting alternatives to use for a directory namespace structure and the associated access protocol. There is a standard client access protocol emerging called LDAP (which we will look at in greater detail later), but there are plenty of legacies to cope with in the meantime. Without Active Directory, any programs that used a directory would have to be implemented differently for each type of namespace structure, and changed every time a new namespace was added. Some of those implementations, moreover, would involve some pretty hideous network-specific API calls.
Let's take a look at how Active Directory reconciles the differences between all these alternatives, and offers the client a consistent, well-defined programming interface.
There are two sides to ADSI: clients and providers. Each directory service that is to be supported must have its own provider, which essentially acts as a gateway between the directory service's view of the world and that of Active Directory. If you want to develop a provider, there is an API (structured as a set of COM interfaces) to assist you in doing so. An ADSI client is a COM client like any other. ADSI includes a set of dual interface COM objects that allow you to use automation to access Active Directory. If performance is an issue, some providers also support a pure, vtable-based set of COM objects for directory searching.
The Active Directory structure looks something like this:
Let's start off by looking at the automation-compatible version of ADSI.