You want to programmatically access Active Directory using the Directory Services Markup Language (DSML). DSML is the answer for all programmers who have been longing for an XML-based interface to query and access a directory.

To use DSML with Active Directory, you have to install the Windows DSML client (DSFW) on a Windows 2000 or Windows Server 2003 computer that is running IIS. The DSML client can be downloaded from the following site: http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/dsml.asp. If you are installing the client on a Windows 2000 machine, you will also need to make sure MSXML 3.0 SP2 is installed.

After the client is installed, you can perform DSML queries against that server, which will translate the calls into LDAP queries to Active Directory. No additional software needs to be installed on domain controllers to support DSML.

The following code shows a DSML request for the RootDSE:

<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/">
        <se:Body xmlns="urn:oasis:names:tc:DSML:2:0:core">
                <batchRequest>
                        <searchRequest dn="" scope="baseObject">
                                <filter>
                                        <present name="objectclass"/>
                                </filter>
                        </searchRequest>
                </batchRequest>
        </se:Body>
</se:Envelope>

DSML is an XML alternative to using LDAP to access and manage a directory server. The Oasis standards body has driven the development of DSML (http://www.oasis-open.org/committees/dsml/ ) and now most directory vendors support it as of ...