Syntactic versus Semantic Conversion

At first blush, it may seem very straightforward to convert attribute values into the types we want. We can either check the type information at runtime using the .NET Framework's language support, or look up schema information (either programmatically or by hand, referring to the reference material). Using this, we should be able to convert any data type into a meaningful representation.

Unfortunately, this is not always straightforward. While we can certainly determine syntax via type information, it is a much more difficult (and interesting) problem to determine semantics. For example, let's say we encounter an attribute that contains binary data. We can easily convert this into a byte array using the techniques we have presented here, but what does the binary data actually mean? It could represent a GUID (objectGUID), a security identifier or SID (objectSID), an X509 certificate (userCertificate), a JPEG file (jpegPhoto), or practically anything else. Another good example is a LargeInteger syntax value. Windows often uses these to represent dates in FILETIME format (pwdLastLet), but also uses them to represent time intervals (lockoutDuration) and sometimes just uses them to represent really big numbers (uSNChanged). So, how can we determine this information?

In the general case, we cannot. There is simply not enough information stored in the schema or available from the .NET type system at runtime to make these kinds of judgments. At some level, we have to "know" what the attribute data means so that we can interpret it in a more meaningful way.

At some point, we will find ourselves in a position where we must make semantic interpretations about LDAP data. Every interesting problem will involve this kind of work to some degree or another. The more general the problem we are trying to solve, the more difficult this exercise will become.

Part I: Fundamentals

Introduction to LDAP and Active Directory

Introduction to .NET Directory Services Programming

Binding and CRUD Operations with DirectoryEntry

Searching with the DirectorySearcher

Advanced LDAP Searches

Reading and Writing LDAP Attributes

Active Directory and ADAM Schema

Security in Directory Services Programming

Introduction to the ActiveDirectory Namespace

Part II: Practical Applications

User Management

Group Management

Authentication

Part III: Appendixes

Appendix A. Three Approaches to COM Interop with ADSI

Appendix B. LDAP Tools for Programmers

Appendix C. Troubleshooting and Help

Index



The. NET Developer's Guide to Directory Services Programming
The .NET Developers Guide to Directory Services Programming
ISBN: 0321350170
EAN: 2147483647
Year: 2004
Pages: 165

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net