Different between GetObject("WinNT://" & domain) and GetObject("LDAP://" & domain)

hi, I just want to know what is the different  between GetObject("WinNT://" & domain) and GetObject("LDAP://" & domain)?

Thanks.
LVL 3
Abdu_AllahAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

craskinCommented:
LDAP was built for email gateways to communicate with the domain. the GetObject WinNT is the back-door of sorts right into the domain. you still can't retreive passwords with it, but you can do basically the same things in both of them, just with different commands.
0
Raju SrivatsavayeSoftware EngineerCommented:
("WinNT://" & domain) seems to be Windows NT Authetication user domain

("LDAP://" & domain) is LDAP server domain(Its an active directory used mostly internally for storing email addresses and logins etc..)
0
Abdu_AllahAuthor Commented:
>you still can't retreive passwords

I can change paswords, add user, delete user etc , look here: http://dev.coadmin.dk/Resources/ADSI%20SDK%205%20HTML/winnt.htm#bind_domain
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

craskinCommented:
but you can't get a password from the domain. there isn't any method available (that i've ever heard of) including the active directory MMC snapin that will display a user's password.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ihenryCommented:
This simple question can have lots of explanation :o)

In active directory domains, there are more things can be done with the object returned with LDAP syntax than the one with WinNT. But you can't use the LDAP provider in NT domains nor can you use it to manage local computer accounts. In this case, use WinNT instead. LDAP provider supports hierarchical structure in which you can group objects into logical units, e.g. Organization Units or into Security units like Global Security Groups. On the other hand, WinNT supports a flat namespace and is blinds to the hierarchy of objects. There are also some incompability issues in attributes naming and usage. E.g. displayName, scriptPath and userAccountControl attributes are recognized only by LDAP. With WinNT, those attributes are called displayName, scriptPath and userAccountControl.

Some good reading.
http://msdn.microsoft.com/library/en-us/adsi/adsi/adsi_ldap_provider.asp
http://msdn.microsoft.com/library/en-us/adsi/adsi/adsi_winnt_provider.asp

From .NET Framework programming standpoint, you are always better off using the System.DirectoryServices API than the traditional COM GetObject syntax. The API can give all you need to explore your active directory forest.

http://msdn.microsoft.com/library/en-us/sds/sds/portal.asp


Henry
0
Abdu_AllahAuthor Commented:
I want to access domains information(Such as domains' users etc) using Active Directory so which one should I use?
0
Abdu_AllahAuthor Commented:
[Points raised to 500]
0
ihenryCommented:
LDAP
0
Abdu_AllahAuthor Commented:
Why? GetObject("WinNT://" & domain) does not work on AD or what?!
0
ihenryCommented:
It also works on active directory domains, it's just hat LDAP provider provides more facilities compare to WinNT.

E.g. in Win2K or Win2K3 AD domains
-  you can't reset password with WinNT
-  you can't change password with WinNT
etc.
0
Abdu_AllahAuthor Commented:
I returned back the points to 500 since they are in different TA and different participants.
0
Abdu_AllahAuthor Commented:
I increased the points after the discussion raised many other branched questions which they are different somehow in the two threads...this is why I increased the points. please return them back to 500
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.