Now I am learning Active Directory. The first time I write a technical Article To apply a line of lyrics.
1. Why is it called an active directory?
When I first got started with the term "Active Directory", I was confused. I don't know what the difference between the Active Directory and the general Windows Directory (folder) is. How is the active directory, after learning for a while, I figured out this.
A folder only represents the location and hierarchy of a file on the disk. After a file is generated, the Directory of the file is relatively fixed, that is, its attributes are relatively fixed, is static. This directory represents only the storage location of all files in this directory and the total size of all files, and does not produce any other information, which affects the efficiency of the overall use of directories, that is, it affects the overall efficiency of the system and makes the overall management of the system complicated.
The Active Directory is called "active" because it can associate and map "active", such as finding a user name, it can be associated with all the basic information such as its account, birth information, e-mail, and phone number, although the files that make up the information may be different. Different applications at the same time Program This information can also be shared between them, which reduces the waste of system development resources and improves the utilization efficiency of system resources.
The Active Directory includes two aspects: Directory and directory-related services. A directory is a physical container that stores various objects. From a static perspective, the Active Directory is essentially different from the "directory" and "folder" we have known before, A directory is only an object and an entity. The directory service is a service that makes all the information and resources in the directory play a role. The active directory is a distributed directory service, information can be distributed across multiple computers to ensure quick access.
Active directories are mainly used in distributed environments. In a distributed environment, various information is required to be easily accessed and read by various applications. The Active Directory provides an access path for information in the distributed environment. It provides a public region to store various information in the distributed environment and locate the information. From the developer's perspective, the activity directory can be understood as a "Database" that stores the specific resource information required by the application ". The Active Directory also optimizes the reading and query of these resource information.
2. Basic Terms of the Active Directory
2.1 objects
The information entity of the Active Directory, which can be shared by a user, a printer, or a network. Objects contain mandatory and optional attributes that describe them.
2.2 containers and non-containers
The Resource Information in the Active Directory is organized into a hierarchy. Every entity in this hierarchy is referred to
Object . In other words, when creating objects in the Active Directory, they are created in a hierarchy. This structure consists of two types of objects: container (
Container ) And non-container (
Non-container ).
Container Can accommodate
Non-container Or lower-level
Container . While
Non-container So it is often
Leaf Or
Leaf object . After the Active Directory is installed, the operating system has automatically created many iner by default, such as users and builtin.
2.3 adspath, dn, rdn
The hierarchical path in the Active Directory is called
Adspath , Can be used to uniquely identify an object (another way to uniquely identify an object is to use guid ).
Adspath LDAP: // dc = Microsoft, Dc = com. For example, if a domain is named mydomain. Local
Adspath LDAP: // dc = mydomain, Dc = Local. DC is the abbreviation of domain component, which is only used to represent the root of the domain. DN is the abbreviation of Distinguished Name (unique identifier), and rdn is the abbreviation of relative distinguished name (relative unique identifier. The dn is used to uniquely represent an object name in a complete directory information tree, while the rdn is unique to represent its name in the parent container of the object. The following is an example: in mydomain. in the local domain, the adspath of the super-level administrator account in the user container is LDAP: // Cn = administrator, Cn = users, Dc = mydomain, Dc = local, and its dn is (note that no more
LDAP :// This prefix): Cn = administrator, Cn = users, Dc = mydomain, Dc = Local, whose rdn is (that is, the name in the users container): Cn = administrator. CN is the abbreviation of common name.
3. Install the Active Directory
Run "Run dcpromo" at "Server 2003" to enter the Installation Wizard. The command is the same as that for "Uninstall the wizard.
4. Use C #. Net to access the Active Directory
1. Add directoryservices reference
2. Example
Using system;
Using system. Collections. Generic;
Using system. text;
Using system. directoryservices;
Namespace addemo
{
Class Program
{
/// <Summary>
/// Obtain
/// </Summary>
/// <Param name = "ARGs"> </param>
Static void main (string [] ARGs)
{
Directoryentry de = new directoryentry ("LDAP: // Cn = users, Dc = tiger, Dc = com ");
Console. writeline ("name:" + De. Name); // get the common name (public name)
Console. writeline ("Path:" + De. Path); // obtain adspath to uniquely identify objects in a domain
Console. writeline ("guid:" + De. guid); // obtain the guid that can be uniquely identified.
Console. writeline ("username:" + De. username );
Console. writeline ("type:" + De. schemaclassname );
Console. writeline ("nativeguid:" + De. nativeguid );
Foreach (directoryentry OBJ in De. Children)
{
// Console. Write ("Name: {0} \ t", obj. Name );
Console. writeline ("Path:" + obj. Path );
}
Console. readkey ();
}
}
}
