AuthenticationTypes 枚举


AuthenticationTypes 枚举指定在 System.DirectoryServices 中使用的身份验证类型。The AuthenticationTypes enumeration specifies the types of authentication used in System.DirectoryServices. 此枚举有一个允许其成员值按位组合的 FlagsAttribute 属性。This enumeration has a FlagsAttribute attribute that allows a bitwise combination of its member values.

此枚举有一个 FlagsAttribute 属性,允许按位组合成员值。

public enum class AuthenticationTypes
public enum AuthenticationTypes
type AuthenticationTypes = 
Public Enum AuthenticationTypes


Anonymous 16

未执行任何身份验证。No authentication is performed.

Delegation 256

启用 Active Directory 服务接口 (ADSI) 来委托用户的安全上下文,它是在各个域之间移动对象所必需的。Enables Active Directory Services Interface (ADSI) to delegate the user's security context, which is necessary for moving objects across domains.

Encryption 2

将加密签名附加到消息中,该签名既标识发送方,也确保消息未在传送中修改。Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit.

FastBind 32

指定 ADSI 将不会尝试查询 Active Directory 域服务 objectClass 属性。Specifies that ADSI will not attempt to query the Active Directory Domain Services objectClass property. 因此,只有所有 ADSI 对象支持的基接口才会公开。Therefore, only the base interfaces that are supported by all ADSI objects will be exposed. 对象支持的其他接口将不可用。Other interfaces that the object supports will not be available. 用户可以使用此选项来提高仅涉及基接口方法的一系列对象操作的性能。A user can use this option to boost the performance in a series of object manipulations that involve only methods of the base interfaces. 但是,ADSI 不验证服务器上是否实际存在任何请求对象。However, ADSI does not verify if any of the request objects actually exist on the server. 有关详细信息,请参阅 上 MSDN Library 中的主题“用于批量编写/修改操作的快速绑定选项”。For more information, see the topic "Fast Binding Option for Batch Write/Modify Operations" in the MSDN Library at 有关 objectClass 属性的详细信息,请参阅 上 MSDN Library 中的主题“对象类”。For more information about the objectClass property, see the "Object-Class" topic in the MSDN Library at

None 0

相当于零,表示在 LDAP 提供程序中使用基本身份验证(简单绑定)。Equates to zero, which means to use basic authentication (simple bind) in the LDAP provider.

ReadonlyServer 4

对于 WinNT 提供程序,ADSI 尝试连接到域控制器。For a WinNT provider, ADSI tries to connect to a domain controller. 对于 Active Directory 域服务,此标记指示无服务器绑定不需要可写服务器。For Active Directory Domain Services, this flag indicates that a writable server is not required for a serverless binding.

Sealing 128

使用 Kerberos 将数据加密。Encrypts data using Kerberos. Secure 标记也必须设置为使用密封。The Secure flag must also be set to use sealing.

Secure 1

请求安全身份验证。Requests secure authentication. 当设置此标记后,WinNT 提供程序将使用 NTLM 来对客户端进行身份验证。When this flag is set, the WinNT provider uses NTLM to authenticate the client. Active Directory 域服务使用 Kerberos(并可能使用 NTLM)来对客户端进行身份验证。Active Directory Domain Services uses Kerberos, and possibly NTLM, to authenticate the client. 当用户名和密码为 null 引用(Visual Basic 中为 Nothing)时,ADSI 将使用调用线程的安全上下文来绑定到对象,该上下文是应用程序运行的用户帐户的安全上下文或调用线程模拟的客户端用户帐户的安全上下文。When the user name and password are a null reference (Nothing in Visual Basic), ADSI binds to the object using the security context of the calling thread, which is either the security context of the user account under which the application is running or of the client user account that the calling thread is impersonating.

SecureSocketsLayer 2

将加密签名附加到消息中,该签名既标识发送方,也确保消息未在传送中修改。Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit. Active Directory 域服务要求安装证书服务器来支持安全套接字层 (SSL) 加密。Active Directory Domain Services requires the Certificate Server be installed to support Secure Sockets Layer (SSL) encryption.

ServerBind 512

如果 ADsPath 包含服务器名称,请在使用 LDAP 提供程序时指定此标记。If your ADsPath includes a server name, specify this flag when using the LDAP provider. 请勿将此标记用于包含域名的路径或无服务器的路径。Do not use this flag for paths that include a domain name or for serverless paths. 如果在指定服务器名称的同时没有指定此标记,则会导致不必要的网络通讯量。Specifying a server name without also specifying this flag results in unnecessary network traffic.

Signing 64

验证数据完整性,以确保接收的数据与发送的数据相同。Verifies data integrity to ensure that the data received is the same as the data sent. Secure 标记还必须设置为使用签名。The Secure flag must also be set to use signing.


安全标志可以与其他标志(如 ReadonlyServer、FastBind)结合使用。The Secure flag can be used in combination with other flags such as ReadonlyServer, FastBind.

无服务器绑定指的是,客户端尝试绑定到 Active Directory 域服务对象,而不在绑定字符串中显式指定 Active Directory 域服务服务器的进程,例如:Serverless binding refers to a process in which a client attempts to bind to an Active Directory Domain Services object without explicitly specifying an Active Directory Domain Services server in the binding string, for example:


这是可能的,因为轻型目录访问协议(LDAP)提供程序依赖于 Windows 2000 的定位器服务来寻找最佳的客户端域控制器(DC)。This is possible because the Lightweight Directory Access Protocol (LDAP) provider relies on the locator services of Windows 2000 to find the best domain controller (DC) for the client. 但是,客户端必须在 Active Directory 域服务域控制器上有一个帐户才能利用无服务器绑定功能,无服务器绑定所使用的域控制器将始终位于默认域(域与执行绑定的线程的当前安全上下文相关联。However, the client must have an account on the Active Directory Domain Services domain controller to take advantage of the serverless binding feature, and the domain controller that is used by a serverless bind will always be located in the default domain (the domain associated with the current security context of the thread that's doing the binding).


Novell Netware 目录服务(NDS)系统提供程序不支持这些选项。None of these options are supported by the Novell Netware Directory Service (NDS) system provider.