In the previous seven posts we learned how to construct an Active Directory Data Access Layer. In today’s post we will use the AD DAL to create an Active Directory Query tool. AD Query will allow us to select, insert, update and delete objects in Active Directory with a familiar intuitive interface. Best of all, AD Query will demonstrate just how easy it is to work with Active Directory now that we have implemented the DataBase Access Layer.
March 20, 2011
March 19, 2011
AdDataAdapter: Managing Active Directory Data
The DbDataAdapter defines a standard interface to manage read, write and delete actions against a data source from a single class. The DbDataA
dapter uses the DbConnection and DbCommand classes to access and manage the data. In today’s post we will create the AdDataAdapter so that we can more easily manage Active Directory data.
March 18, 2011
AdDataReader: Providing Controlled Access to AD Values
Today we will implement the DbDataReader class which enforces a contract that defines how to make data available to applications. (more…)
March 17, 2011
AdCommand: Running Active Directory Queries
In our previous posts we learned how to connect to Active Directory and how to parse SQL statements. In today’s post we will cover the classes required to implement the DBCommand interface. The DBCommand interface that will be implemented will use the AdComandTextParser to build the DirectoryEntry and DirectorySearcher objects which will be used by the AdDataReader to read the results from Active Directory.
March 14, 2011
Strategies to Reduce the Risk of Code Injection Attacks
In 2007 Symantec reported that 80% of web hacks utilized a variant of the cross-site attack. Hackers use a cross-site attack to run their own code in another website that is trusted by the unsuspecting user. The cross-site attack is a type of code injection attack. In today’s post we will review the various types of code injection attacks and discuss multiple strategies to mitigate the risk of unintentionally becoming the host for the attack or the target of the attack.
March 12, 2011
AdCommandTextParser: Parsing SQL Statements
The most difficult task in the construction of the Active Directory Data Access Layer was parsing the SQL Statements so that the information would be easily accessible to populate the DirectorySearcher object. In today’s post we will review the capabilities of the parser followed by the sql statement parsing code.
March 9, 2011
Argument Validation
I wanted to take a small break from the Active Directory Data Access Layer to discuss a best practice that should be considered when constructing a code library. The first priority when constructing a reusable code base is the class diagram. The structure of the classes and the names of the methods impact how easily a class library can be to implement. Equally important is the careful attention to detail for argument values.
March 6, 2011
AdConnection: Enforcing Active Directory Communication Best Practices
On the one hand, to avoid running out of memory requires disposing of your Active Directory objects as soon as you are done with them. On the other hand, if you dispose of all Active Directory objects you will run out of communication ports. In today’s post we will create an Active Directory Connection object aptly named, AdConnection, that will ensure shared connections are used while reducing the risk of running out of memory.
March 5, 2011
Active Directory Connection Strings
The first step to creating a data access layer involves defining how to connect to the data store. Today’s post will begin with a review of the various options available when connecting to a domain controller. We will end by implementing the DbConnectionStringBuilder class which is responsible for translating a connection string into properties and property values into a connection string.
February 28, 2011
Active Directory Data Access Layer
In the previous post, Reading Data in Active Directory, we learned how to query Active Directory using OLEDB and .Net Directory Services. We learned that the OLEDB option is simple but has two big restrictions: we are limited to 1,000 objects in a search and we are restricted to single-valued attributes. We also learned how to get past those limitations using Directory Services.
In today’s post we begin our journey to create a data access layer for Active Directory that allows us to query Active Directory using a SQL-like syntax without the paging limit and without the single-valued restriction. Best of all this new data access layer will make it easier to integrate Active Directory management into all of our VS.Net products. When we are done we will use our new Active Directory Data Access Provider to easily construct our own custom, Active Directory Query Analyzer web page.
Larry Steinle 