how to use ADWS with .Net RRS feed

All replies

  • I did some research and managed to make an ADWS (Active Directory Web Services) connection from a .NET application work. I thought I should share that information.
    This is how I connected to ADWS from a .NET application:

    - Create a file "ADWS.wsdl" with the Full WSDL which can be found here http://msdn.microsoft.com/en-us/library/dd304094(v=PROT.10).aspx
    - Generate the config and proxy class using: svcutil /config:"App.config" /out:"Proxy.cs" "ADWS.wsdl" (from VS console)
    - Add the proxy.cs to your .NET project (I used a simple WinForms Application created with VS 2010)
    - Add an "Application Configuration File" to your project; use the XML from "App.config" generated before

    As the custom binding generated by svcutil does not work, the binding from the ADWS server config has to be used in the config file.
    The server bindings can be found here:
    It should look like this:
            <binding name="ActiveDirectoryWebServicesNetTcpBindingConfiguration"
                     receiveTimeout="00:10:00" >
              <readerQuotas maxArrayLength="16384"
                            maxDepth="10" />

    - Add the "netTcpBinding" above to the <bindings> section of your config file.
    - change the client endpoint configuration at the bottom of your config file to use "netTcpBinding" instead of the custom binding
    It should look like this now:
          <endpoint binding="netTcpBinding"
              contract="AccountManagement" name="NetTcpBinding_AccountManagement_AccountManagement"
              address="net.tcp://YOURDC.YOURDOMAIN.net:9389/ActiveDirectoryWebServices/Windows/AccountManagement" />
          <endpoint binding="netTcpBinding"
              contract="TopologyManagement" name="NetTcpBinding_TopologyManagement_TopologyManagement"
              address="net.tcp://YOURDC.YOURDOMAIN.net:9389/ActiveDirectoryWebServices/Windows/TopologyManagement" />

    Now you can connect to ADWS, e.g.:

    //sample code to connect to an ADWS service
    AccountManagementClient ac = new AccountManagementClient();
    //use impersonation; credentials will be used to authenticate towards the LDAP (AD) server
    ac.ClientCredentials.Windows.AllowedImpersonationLevel =System.Security.Principal.TokenImpersonationLevel.Impersonation;
    ActiveDirectoryPrincipal[] arP = ac.GetADGroupMember("ldap:389", "CN=Administrators,CN=Builtin,DC=YOURDOMAIN,DC=net", "DC=YOURDOMAIN,DC=net", true);

    In order to add some debugging to server and/or client follow the instructions given here: http://blogs.msdn.com/b/adpowershell/archive/2009/10/05/how-to-view-soap-xml-messages-to-and-from-ad-webservices-and-powershell.aspx

    Monday, February 21, 2011 11:43 AM
  • What is YOURDC.YOURDOMAIN.net ?

    Tuesday, January 17, 2012 8:52 PM
  • Hello,

    the MSDN forum is the better place for this kind of question.


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    • Proposed as answer by Patris_70 Wednesday, January 18, 2012 12:20 AM
    Tuesday, January 17, 2012 9:22 PM
  • Hi Frank FSC,

    Thank You for sharing this because it is helped me a lot..

    What methods we will use to get the assigned roles to the user and related info plz share if possible

    Thanks in Advance

    Thursday, April 27, 2017 1:23 AM