The Personalization and Management (P&M) feature is a set of core services that provide authentication and data storage for application server users. The two primary services are:
The success of any application that uses the P&M services depends on the correct configuration of these two core services.
To make configuration consistent and easy, the P&M feature provides a set of COM/Automation COM classes that divide administrative access into logical components. This division separates the presentation of information to administrators and users from the actual objects that are used to perform the configuration. With this model, creating custom administrative front ends and scripts is simple. The programmer can also be confident that all the options available for the service are provided only through the object.
Both the Microsoft® Management Console (MMC) and the Web administration tool rely on instances of these COM classes for configuring the system, and therefore can be thought of simply as clients of the COM classes. A fast way to learn how to program with the P&M administrative objects is to examine the various MMC property pages and find the associated properties and methods on the COM objects that are used to access this information.
For access to the Membership Directory Service, the P&M system relies heavily on a set of COM interface specifications called the Active Directory Service Interfaces (ADSI). These interfaces provide a generic front end to any directory service that provides an ADSI implementation. Just as ActiveX® Data Objects (ADO) provide a consistent interface to Open Database Connectivity (ODBC)-compliant databases, so ADSI provides a consistent interface to directory services. Using ADSI-implemented COM objects, information can be fetched and stored and the underlying schemas representing the data can be modified all with the same interfaces, and thus with the same methods and properties. The implementation details of each provider must be considered to effectively use the objects, but in most cases they work identically.
The primary ADSI implementation used with P&M is the LDAP ADSI implementation (also called the LDAP namespace). When working with the Membership Directory Service, the LDAP namespace provider provides the connectivity for all communication between services and processes and the actual LDAP server.
P&M provides authentication services that can be coupled with Microsoft® Internet Information Server (IIS) version 4.0. You simply configure the Membership Authentication Service instance to provide authentication service, and define which Security Support Providers (SSP) to use. A complete description of the available packages can be found in the product documentation. Briefly, they are as follows:
The Membership Authentication Service is not restricted to working with Internet Information Server. A sample accompanies this SDK that demonstrates using either the DPA or the Clear Text/Basic security support packages available to authenticate users with information that resides in the Membership Directory Service.
The various services that build on top of the P&M system are covered in great detail in the product documentation. For the purposes of this SDK, it is assumed that readers have familiarized themselves with the product, and have worked with the samples and tools that accompany it.