28.3 Overview of System.DirectoryServices

The System.DirectoryServices namespace contains several classes, many of which were built on top of ADSI. If you are already familiar with ADSI, the learning curve for the System.DirectoryServices classes should be pretty minimal. Table 28-1 contains the base classes contained within the System.DirectoryServices namespace.

Table 28-1. System.DirectoryServices classes

Class name



Contains the children (child entries) of an entry in Active Directory.


Encapsulates a node or object in the Active Directory hierarchy.


Performs queries against Active Directory.


Allows control of code access security permissions for System.DirectoryServices.


Allows declarative System.DirectoryServices permission checks.


Defines the smallest unit of a code access security permission set for System.DirectoryServices.


Contains a strongly typed collection of DirectoryServicesPermissionEntry objects.


Contains the properties of a DirectoryEntry.


Contains the values of a DirectoryEntry property.


Contains the properties of a SearchResult instance.


Contains the values of a SearchResult property.


Contains a list of the schema names that the SchemaFilter property of a DirectoryEntries object can use.


Encapsulates a node in the Active Directory hierarchy that is returned during a search through DirectorySearcher.


Contains the SearchResult instances that the Active Directory hierarchy returned during a DirectorySearcher query.


Specifies how to sort the results of a search.

The list of classes in Table 28-1 was taken from the Microsoft Developer Network (http://msdn.microsoft.com). For more information on System.DirectoryServices and the .NET Framework, check out the .NET web site: http://msdn.microsoft.com/netframework/.

The two main classes within System.DirectoryServices are DirectoryEntry and DirectorySearcher. The DirectoryEntry class represents an object in Active Directory. You can create new objects and manage existing ones with DirectoryEntry. The DirectorySearcher class is the primary interface for searching Active Directory. It is an easy-to-use interface that contains properties for all the typical options you need to set when performing LDAP-based queries. We will be touching on some of the other classes as we go along, but these two are the main ones to become familiar with.

    Part II: Designing an Active Directory Infrastructure
    Part III: Scripting Active Directory with ADSI, ADO, and WMI