IADsOpenDSObject

The IADsOpenDSObject interface is designed to supply a security context for binding to a directory object. It enables you to specify client credentials. Use this interface to bind to an ADSI object when you must supply credentials for authentication.

Adaxes ADSI provider maintains the security context in its cache. Once authenticated, the credentials are used for all operations on this object and its child objects for the duration of the current process. This credential caching model applies to binding to different objects as well, provided that the binding takes place within the same connection and process.

Calling OpenDSObject yields a cache handle. Releasing this cache handle releases the security context as well.

Inheritance: IDispatch

Methods

  • Method

  • Description

  • OpenDSObject()

  • Binds to an ADSI object using the given credentials.

Details

OpenDSObject()

Binds to an ADSI object using the given credentials.

object OpenDSObject(string adsPath, 
                    string username,
                    string password, 
                    int authOptions)

Parameters

  • adsPath – the ADS path of the ADSI object.
  • username – the username of the account which will be used to bind to the object.
  • password – the account password.
  • authOptions – the authentication flags taht specify the binding options. For more information, see ADS_AUTHENTICATION_ENUM.

Remarks

The method uses the default credentials when username and password are set to null.

This method should not be used just to validate user credentials.

The OpenDSObject method maintains the authenticated and encrypted user credentials in the cache. Cached credentials may be used in subsequent operations for binding to any other directory objects. ADSI client applications should not cache the credentials supplied by the user. Instead, they should rely on the ADSI infrastructure to perform caching. To use the cached credentials, password and username must remain unchanged in any subsequent calls of OpenDSObject.

The credentials passed to the OpenDSObject method are used only with the particular object bound to and do not affect the security context of the calling thread.

The username parameter accepts either of the following formats:

  • Pre-Windows 2000 username (e.g. DOMAIN\johnsmith)
  • User principal name (UPN) (e.g. johnsmith@Domain.com)

Requirements

Minimum required version: 2009.1

See also

© Softerra 2022. All rights reserved.
Send feedback