The Active Directory Provider namespace implements directory support if you use Active Directory to provide directory services. The Active Directory Provider namespace calls the underlying Active Directory Provider to modify Active Directory objects.
You can use the Active Directory Provider namespace to create, delete, move, rename or change properties on objects. You can also use it to get and set Active Directory properties on objects and to modify passwords, Access Control Lists (ACLs), and group membership of objects.
The Active Directory Provider namespace implements the following procedures.
| Procedure | Description |
|---|---|
| Create Object | Creates an object of the specified schema class for the specified container. |
| Delete Object | Deletes the specified object. |
| Evaluate | Evaluates a simple expression and returns a regular expression. For example, you can use it to build and modify the values for an object's user AccountControl property. |
| Get DACL | Returns the discretionary access control list (DACL) for the specified object. |
| Get Properties | Returns one or more properties for an object. |
| Get SACL | Returns the system access control list (SACL) for the specified object. |
| Group Add | Adds an object to a group. |
| Group IsMember | Checks whether an object is part of the specified group. |
| Group Members | Returns the members of the specified group. |
| Group Remove | Removes an object from a group. |
| Lookup Account from SID | Returns the account name and Active Directory domain from a security identifier (SID). |
| Make Path Domain Controller Specific | Forces a Lightweight Directory Access Protocol (LDAP) path to be domain-controller specific. |
| Make Path Domain Specific | Modifies a given LDAP path to point to the Active Directory domain for the path's Domain Name System (DNS) host. |
| Move Object | Moves the specified object. |
| Path from DN | Converts an LDAP path to a distinguished name (also known as DN). |
| Path from RN | Expands an object's relative name (RN) to its LDAP path. |
| Path to DN | Converts an LDAP path to a distinguished name (also known as DN). |
| Rename Object | Renames the specified object. |
| Search | Performs a directory search. |
| Set Properties | Sets one or more properties for an object. |
| Translate Name | Converts names between different Microsoft Win32 naming conventions. |
| Update ACL | Updates the access control lists (ACLs) for the specified object. |
| User Change Password | Changes user passwords. |
| User Groups | Lists the groups for a user. |
| User Set Password | Sets a user's initial password. |
| Verify UPN | Verifies that the user principal name (UPN) has a valid UPN suffix (any characters after the @ symbol) and returns an error if it does not. More precisely, this procedure verifies that the suffix of the given UPN is in the given list of UPN suffixes. |
The Microsoft Provisioning Framework Software Development Kit (SDK) contains additional resources to help you implement the Active Directory Provider namespace. For more information on the SDK and how to use it, see Microsoft Provisioning Framework SDK.