14

Can anybody explain the difference between using LdapConnection/SearchRequest and DirectoryEntry/DirectorySearcher for Searching users in ActiveDirectory.

Which one is best suited for interacting with AD?

Terry Gardner
  • 10,957
  • 2
  • 28
  • 38
Biju Thomas
  • 1,079
  • 3
  • 14
  • 27
  • 2
    That's a good question. I've always used DirectoryEntry for AD and LdapConnection for generic Ldap solutions but I have never compared them. – empi Oct 07 '13 at 10:25
  • @empi Hi I need your help on this , can you help? LdapConnection Vs DirectoryEntry stuff – CodeConstruct Jul 21 '19 at 15:41

1 Answers1

8

In most cases, you should use DirectoryEntry/DirectorySearcher (System.DirectoryServices or S.DS) to interact with AD. It allows you to get things done more easily with fewer code. But for LdapConnection/SearchRequest (System.DirectoryServices.Protocols or S.DS.P), it provides more control as it offers lower level LDAP access. For LDAP compliant directories other than AD, it's good to use S.DS.P.

With S.DS.P, in general you will need to write more code to achieve the same thing when compared to S.DS.

For example, for a paged search in S.DS.P, you need to handle the request and response for EACH PAGE of results. But in S.DS, you only need to set the DirectorySearcher.PageSize and then you get all the results in all pages from DirectorySearcher.FindAll().

There are things that you must use S.DS.P, like the phantom root search or you want to handle the "more data is available" manually. But those situation are not common, at least not needed in my years of S.DS coding.

baldpate
  • 1,707
  • 1
  • 14
  • 23