DirectoryEntry Objects

  • Article

In System.DirectoryServices, each object in the directory is represented by the DirectoryEntry object. DirectoryEntry creates an entry object in memory; it does not actually create the object in the directory until the CommitChanges method is called. The advantage to this is that you can retrieve directory information for access from a client application and read or modify that information locally before reconnecting to the server to save modified information to the directory. This keeps the server performing at peak efficiency.

Each network resource is represented in the directory as an object and each directory object, as previously stated, is represented as a DirectoryEntry in your client application.

Directory entry objects have the following characteristics:

  • Name. The object name is also known as the relative distinguished name (RDN). The format for the RDN uses the syntax key=value. For example, in the following diagram, the RDN for a user object is CN=Jeff Smith. Be aware that spaces are excluded.
  • Parent. Network objects are hierarchical and have a parent object until you reach the root object, which is the domain object, sometimes called the domain head, at the top of the hierarchy.
  • Path. The directory object path is also known as the distinguished name (DN). The distinguished name is constructed with the object name preceded by the names of each parent object up to the root object. For example, for the user object CN=Jeff Smith, the DN begins with the root object and follows the path to the user object, as follows: DC=Fabrikam,DC=COM,OU=Sales,CN=Jeff Smith. Paths use a syntax defined by the LDAP specification. For more information about the proper syntax for the path, see Binding Strings. The path is used in a binding string created with the DirectoryEntry object.

Object path model

While the previous information is applicable to any LDAP directory object that you connect to using System.DirectoryServices, there are some things that are specific to Active Directory Domain Services. One feature of Active Directory Domain Services objects is that they must contain a globally unique identifier (GUID). While the values for different attributes on the object may be modified, the GUID is immutable.

The following code example shows how to create a DirectoryEntry and write its path, name and GUID. In this example, DirectoryEntry is binding to the root of the domain to which this user is currently connected.

Imports System.DirectoryServices
'...
Dim entry As New DirectoryEntry()
Console.WriteLine(entry.Path)
Console.WriteLine(entry.Name)
Console.WriteLine(entry.Guid)

using System.DirectoryServices;
//...
DirectoryEntry entry = new DirectoryEntry();
Console.WriteLine(entry.Path);
Console.WriteLine(entry.Name);
Console.WriteLine(entry.Guid);

See Also

Reference

System.DirectoryServices
DirectoryEntry

Concepts

Getting Started in System.DirectoryServices
Binding Strings

Send comments about this topic to Microsoft.

Copyright © 2007 by Microsoft Corporation. All rights reserved.