Programming Books C Java PHP Python Learn more Browse Programming Books
The .NET Develper's Guide to Directory Services Programming and over one million other books are available for Amazon Kindle. Learn more
  • List Price: $64.99
  • Save: $12.70 (20%)
In Stock.
Ships from and sold by
Gift-wrap available.
Used: Good | Details
Sold by Dana Park
Condition: Used: Good
Comment: Pages are smooth and clear, with minimal folds or creases. Faint smudging on book edges. Minor page curl. Free of any markings or labels. Minor to moderate surface and edge wear to cover includes rubbing to edges. *** Ships from Amazon! Thanks!
Access codes and supplements are not guaranteed with used items.
Trade in your item
Get a $3.57
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

The .NET Developer's Guide to Directory Services Programming Paperback – May 18, 2006

ISBN-13: 978-0321350176 ISBN-10: 0321350170 Edition: 1st

Buy New
Price: $52.29
21 New from $43.95 21 Used from $20.99
Amazon Price New from Used from
"Please retry"
"Please retry"
$43.95 $20.99

Frequently Bought Together

The .NET Developer's Guide to Directory Services Programming + Unlock AD DS using C#.NET: Develop the Key to Unlocking Active Directory and Unleash Its Full Potential
Price for both: $99.03

Buy the selected items together


Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now

Product Details

  • Paperback: 512 pages
  • Publisher: Addison-Wesley Professional; 1 edition (May 18, 2006)
  • Language: English
  • ISBN-10: 0321350170
  • ISBN-13: 978-0321350176
  • Product Dimensions: 9.2 x 7 x 1.1 inches
  • Shipping Weight: 2.1 pounds (View shipping rates and policies)
  • Average Customer Review: 4.6 out of 5 stars  See all reviews (20 customer reviews)
  • Amazon Best Sellers Rank: #467,318 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Joe Kaplan works in Accenture’s internal IT organization, building enterprise applications using the .NET Framework. He specializes in directory services programming, for which he has been recognized as a Microsoft MVP. An industry veteran of more than thirteen years, he also thrives on working with the development community and solving real-world problems.

Ryan Dunn of Avanade is a .NET developer and architect with experience in a wide range of industries and technologies. He has consulted on a number of projects to integrate clients’ applications with Active Directory and ADAM. Ryan is a Microsoft MVP for ASP.NET, though he currently focuses primarily on directory services. Ryan can be reached on the Web in the ASP.NET forums or through his blog at

Excerpt. © Reprinted by permission. All rights reserved.

We wrote this book with the vision that it would be the definitive guide for helping developers leverage directory services from Active Directory and Active Directory/Application Mode (ADAM) in their .NET applications. Even though version 1.0 of the .NET Framework shipped in 2001 with a namespace called System.DirectoryServices (SDS) for doing this kind of work, the resources available to developers using these technologies have lagged behind. This is the book that we fervently wished we had back when we were first developing software for Active Directory. It was an idea that took a little while to come to fruition: Perhaps a bit of our back story will help to frame our perspective.

Ryan was working at a very large professional services firm that was selling off its consulting services capabilities. As part of the separation, a new IT infrastructure needed to be created. It fell to Ryan to figure out how to automate HR data feeds to provision Active Directory accounts and how to manage all of it with only a skeleton crew and a few custom apps. This was in the .NET version 1.0 beta 2 timeframe and .NET seemed promising.

Separately, but in an eerily similar vein, Joe was working in the IT organization of a large professional services firm that was contemplating a massive email system migration from a popular groupware platform to Microsoft’s Exchange 2000 Server. Exchange works on top of Active Directory, and Joe was asked to help out on the integration project between Active Directory and the groupware system’s directory.

Both projects required a heavy dose of directory services magic to tie the systems together and migrate from the competing platforms. The applications were not simple scripts, but complex systems and web applications requiring a more in-depth approach. But as we began to wade into the code, we noticed there were quite a few rough edges to be sorted out. Exactly how do we make the Lightweight Directory Access Protocol (LDAP) code work correctly in ASP.NET? What were all of those flags used for? How do we make these objects behave the way we expect? How do we extend the schema to accommodate our own custom business logic?

Naturally, we went to the web-based message boards and newsgroups seeking advice, but found very little. Some people had some of the answers if we translated their logic from scripts or C++ programs, but more people were asking than answering. With hard work and sometimes-fortuitous chance, we eventually pieced it together, but it was far more difficult than it needed to be.

Flash forward to 2006: The .NET Framework has matured significantly, with a milestone 2.0 release, and so has the .NET development community. Books and resources abound for just about every topic you could imagine. However, directory services programming still remains obscure and confusing.

This lack of guidance is somewhat ironic given that the enterprise directory continues to gain prominence in the organization. It is no longer just the province of a team of administrators writing scripts. It has become a key source of data for many full-scale applications, with some even building complex identity life cycle management processes on top of it.

We stuck around the message boards, and over the last several years, we worked actively in the online development community to help developers of all stripes solve their directory services development problems. We know from our work in the community that there tends to be a lot of confusion on how best to leverage what became of Active Directory Service Interfaces (ADSI) in the new managed model of System.DirectoryServices.

We took the most common problems that developers wrestle with in this space and tried to address them in turn. By the time you finish reading this book, we hope that your directory services programming will be much more effective than before.

Our approach for this book tends to be very pragmatic. We focus heavily on code samples showing how to do things the right way, sometimes at the expense of brevity. However, we do not hesitate to dig under the covers and provide answers for how things really work. We start with the basic skills that every directory services developer should understand and build a solid foundation. We then layer on more advanced topics and scenarios that we have run into firsthand and that we know from our work in the community that developers still struggle with. When we are done, you should have all the tools needed to tackle the advanced scenarios and build the types of applications you need.

Outside of this book, we endeavor to support our readers by making examples, errata, additional topics, and tools available on our companion web site,

What Is Covered?

The book primarily focuses on programming LDAP with the System.DirectoryServices namespace. At times, we address the new additions to .NET, System.DirectoryServices.ActiveDirectory (SDS.AD) and System.DirectoryServices.Protocols (SDS.P), when there is functionality or a scenario that is not addressed with System.DirectoryServices, although complete coverage of all of the new bits will require another book.

We take the approach of covering both the 1.1 and 2.0 versions of the .NET Framework. We realize that many developers will be working in both environments for years to come. Even for developers who may never use older versions, it is useful to learn the newer features by understanding the previous shortcomings.

The book also focuses on Microsoft’s primary LDAP directory service product, Active Directory, with a fair amount of coverage of ADAM as well. While we do not provide specific examples of targeting non-Microsoft directories, we do try to point out the issues that are most likely to affect you, and how to avoid them.

The book is divided into two parts. Part I (Chapters 1-9) is all about the fundamentals of LDAP programming. It introduces the key concepts and provides a solid foundation upon which to build any type of directory services application. Part II (Chapters 10-12) is about applying the fundamentals from Part I to real-world problems and provides more of a “cookbook” approach. The topics in these last chapters come from what we see developers wrestling with everyday and our own experiences as we struggled to learn this.

Chapter 1 introduces the basic concepts of LDAP and discusses the key directory services that the book focuses on, Active Directory and ADAM. In Chapter 2, we continue the introduction with a survey of the APIs available for programming LDAP using the .NET Framework and discuss how they relate to each other.

Starting with Chapters 3 and 4, we cover the basic mechanics of accessing Active Directory or ADAM. In Chapter 3, we focus in detail on connecting to the directory, as well as creating, moving, renaming, and deleting objects. Chapter 4 covers the basics of searching. Searching is the fundamental activity of LDAP programming, so a solid grounding is essential.

Chapter 5 continues with the searching theme, but goes into detail on the advanced topics. The 2.0 release of the .NET Framework has added a host of new searching features, so we cover all of these here and provide complete samples.

Chapter 6 focuses on the intricacies of reading and writing attributes in the directory. We discuss all of the different attribute syntaxes, including the ones that tend to give developers the most trouble.

Chapter 7 covers LDAP schema and extensions, explaining key points that the enterprise developer should know for designing new schema.

We delve into the Windows security model in Chapter 8, addressing not only LDAP security and how it integrates with Windows security, but also the challenges of the security context in the ASP.NET environment. We will show you how to use Kerberos delegation and teach you common issues to look for. We also cover access control lists (ACLs) in Active Directory and ADAM and discuss the code access security (CAS) model in the .NET Framework, as well as how it applies to directory services programming.

Chapter 9 explores System.DirectoryServices.ActiveDirectory. This new namespace was introduced with .NET 2.0 and included many new capabilities for managing Active Directory and ADAM. We focus on one of the most useful features, the Locator service built into Active Directory that finds domain controllers on the network.

In Chapters 10, 11, and 12, we shift our focus from fundamentals to practical solutions for common problems. Some of these scenarios are advanced, but by this point, we should have you prepared to tackle them. Chapter 10 discusses user management in detail and provides a wealth of useful samples, as well as real answers to common problems. Chapter 11 covers group management in detail. We conclude in Chapter 12 with a variety of different approaches for authentication with LDAP, including a discussion of the alternatives.

We also include three appendices. Appendix A shows some different approaches for doing COM interop in .NET. COM interop is often required when working with these technologies, so it is useful to know the options here. Appendix B provides our list of “must-have” tools for LDAP programmers working with Active Directory and ADAM. Finally, Appendix C attempts to provide a cross-reference of common errors to topics in the book that deal with those problems. If you are stuck and need an answer fast, Appendix C might help you to use the book more effectively. We also tell you how to get in touch with us if you can’t find what you are looking for here.

Target Audience

This book was written with the .NET enterprise appli...

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.6 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See all 20 customer reviews
You can take code out of this book and use it with understanding.
Tauqir G. Chaudhry
It should be easy enough for a programmer at the level of this book's intended audience to make the C# to VB translation.
This book is a guidebook that will help you understand your choices before you set out.
James M. Stearns

Most Helpful Customer Reviews

18 of 18 people found the following review helpful By Michael on June 20, 2006
Format: Paperback
This book is for all of you who need to write Active Directory based programs for .NET and ASP.NET.

The voice of bitter experience: As anyone who has tried to learn how to program against Active Directory or ADAM knows, the on-line information at MSDN is extraordinarily confusing, not least because Microsoft has introduced several different technologies to access Active Directory--Native LDAP, System.DirectoryServices, System.DirectoryServices.ActiveDirectory, System.DirectoryServices.Protocols, Windows Management Instrumentation (WMI), ADSI, and the Net* and Ds* APIs. MSDN's sample code, once you get beyond the basics, is mostly written in C++ and/or VB script. Trust me, you don't want to go there without a knowledgeable mentor at your side. This book can be your guide.

Both of the authors have a welcome presence on Active Directory forums and in the blogosphere. They are well-known as the go-to guys for Active Directory questions. The book reflects their practical experience responding to programmers' reasonable but difficult questions, such as "What's the best way to determine a user's effective group memberships, taking group nesting into account". I couldn't find this answer on MSDN.

The book's first two chapters sort out the confusion about the many layers of Active directory programming in lucid, well-organized prose.

Then, chapter-by-chapter, the book explains how to do just about anything a sane .NET programmer would want to do: CRUD operations, searching, schema, user and group management, authentication, and COM interop. Each sub-topic is succinct, explains advantages and disadvantages of various techniques, and contains code snippets that are valuable and easy to drop into your own code.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
8 of 9 people found the following review helpful By Raar on June 30, 2006
Format: Paperback
The .NET Developer's Guide to Directory Services Programming provides valuable insight in how to properly write .NET applications that use Active Directory or ADAM. It covers pretty much everything you need to know, to be effective in programming against a Directory Service using both .NET 1.1 and .NET 2.0.

The book is very well written and provides sample code around any topic that it touches upon (download here: [...] ). Both the samples from the book (raw format) and a complete .NET Solution are provided that a developer can leverage to develop their own applications. The site also provides an active forum where you can post questions and problems around the topic. The level of support Ryan and Joe provide is remarkable. In fact, for most searches on Active Directory problems on google, you would find that in many cases, one of the authors is involved in the thread working towards a solution.

The book starts out with a general explanation of LDAP and Active Directory. This is a high level overview of the concepts and terminology around Directory Services, LDAP, Domains etc. It also explains what different approaches to interacting with Directories are available to the programmer. Once the concepts have been explained, the book continues with CRUD operations. As you read this chapter, you will find the true value of the book. Not only does it contain all the information you'll need to program against a Directory Service, but it also points out many of the common pitfalls that a developer runs into when writing an application. The book also goes beyond what the .NET Framework provides to reveal what is actually happening under the hood, when this is appropriate. By doing that, the authors shed some light on why certain logic should be implemented in a particular way.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 5 people found the following review helpful By James M. Stearns on November 5, 2006
Format: Paperback
As other reviewers have noted, programming directory services is a complicated niche. This book provided a light and compass to a developer passing through this territory containing some rather strange-looking flora and fauna.

My company's .NET-based application makes limited use of directory services. When migrating it to .NET 2.0, tens of warnings were generated when referencing the ActiveDs COM library, such as "could not convert the signature" and "At least one of the arguments for 'IPrivateDispatch.ADSIGetIDsOfNames' can not be marshaled". While the warnings did not affect application behavior, ignoring warnings encourages a mindset that could cause a developer to disregard real danger.

This book provided two different ideas to fix the warnings. Both avoided the need to reference the entire ActiveDs.dll library. One idea was to use the enhanced .NET 2.0 classes directly to determine a user's group memberships (my particular need, addressed in Chapter 10). The other was to declare COM Interops for the subset of ActiveDs functionality actually needed (Appendix A). I ended up using the second alternative. The authors provided an example and a reference to a free third-party tool that generated the needed declarations.

Other applications will use directory services more extensively, so their voyage may be more intricate. This book is a guidebook that will help you understand your choices before you set out. I commend the authors for their knowledge of this arcane area and their enthusiasm and ability to understandably share their knowledge.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Most Recent Customer Reviews

What Other Items Do Customers Buy After Viewing This Item?