Larry Steinle

February 28, 2011

Active Directory Data Access Layer

Filed under: Active Directory,VS.Net,Web — Larry Steinle @ 1:27 pm
Tags: , , ,

In the previous post, Reading Data in Active Directory, we learned how to query Active Directory using OLEDB and .Net Directory Services. We learned that the OLEDB option is simple but has two big restrictions: we are limited to 1,000 objects in a search and we are restricted to single-valued attributes. We also learned how to get past those limitations using Directory Services.

In today’s post we begin our journey to create a data access layer for Active Directory that allows us to query Active Directory using a SQL-like syntax without the paging limit and without the single-valued restriction. Best of all this new data access layer will make it easier to integrate Active Directory management into all of our VS.Net products. When we are done we will use our new Active Directory Data Access Provider to easily construct our own custom, Active Directory Query Analyzer web page.


February 27, 2011

Reading Data in Active Directory

Filed under: Active Directory,VS.Net — Larry Steinle @ 9:06 pm
Tags: , ,

There are three ways to get data from Active Directory programmatically. There is the Active Directory COM APIs, ADsDSoObject OLEDB driver, or .Net Directory Services. Both the OLEDB driver and the .Net Directory Services are wrappers around the COM APIs. In today’s post I will demonstrate how to read data using the OLEDB driver and the .Net Directory Services object model.


February 21, 2011

AD Path Helper

Filed under: Active Directory,RegEx,VS.Net — Larry Steinle @ 11:57 am
Tags: , ,

In the previous post, Introduction to Active Directory, we learned that ADSI paths are used to organize objects in Active Directory. A path consists of a protocol, host name, port number and distinguished name (DN). A DN consists of one or more relative distinguished names (RDN). An RDN is a simple key/value type. Today we will create three helper classes to ensure that our paths are well-formed with escaped special characters. (more…)

February 20, 2011

Introduction to Active Directory

Filed under: Active Directory — Larry Steinle @ 11:56 pm

For the next set of posts I will focus on managing data in Active Directory. Today’s post will introduce basic Active Directory concepts that will form the foundation for future posts.


Use Regular Expressions to Detect SQL Code Injection

Filed under: RegEx,Security,SQL Server,VS.Net,Web — Larry Steinle @ 12:26 am
Tags: , ,
To gain unauthorized access and possibly control of another companies information hackers employ a technique called SQL Code Injection. This simple technique involves entering a sql statement inside a text box and submitting the request. When the server processes the page it can be tricked into executing the injected code. The best strategy to block SQL Code Injection is to use a stored procedure. For the times when you simply must use inline sql statements we will learn how to detect and block SQL Code Injection with the help of a few, simple, regular expressions.


February 9, 2011

Use Regular Expressions to Clean SQL Statements

Filed under: RegEx,SQL Server — Larry Steinle @ 9:00 pm
Tags: ,
When writing programs that use inline SQL statements I prefer to format the sql statements for readability with solid comments in the sql statement. Sometimes the formatting or comments gets in the way during processing and must be removed. In this article I will demonstrate how to remove formatting and comments from a SQL Statement using Regular Expressions.

Create a free website or blog at