Looking through some of the new 3.5 stuff I stumbled over a new assembly named “System.DirectoryServices.AccountManagement” – that caught my attention.

The whole namespace reminds a little bit of ADSI – an API tailored to create user, group and machine accounts (local and domain). There are some easy to use classes for common tasks. Have a look yourself.

Two examples of things that can be achieved with S.DS.AM are:

Verifying the password of a user:

public static bool ValidateCredentials(string username, string password, ContextType type)
    return new PrincipalContext(type).ValidateCredentials(username, password);

Checking if a given user is a member of some group:

public static bool IsUserInGroup(string username, string groupname, ContextType type)
    PrincipalContext context = new PrincipalContext(type);

    UserPrincipal user = UserPrincipal.FindByIdentity(
    GroupPrincipal group = GroupPrincipal.FindByIdentity(
        context, groupname);

    return user.IsMemberOf(group);

In both cases the ContextType could be either Machine, Domain or a ADAM database…

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s