Directory Programming .NET

Hi,
I'm using C# and the DirectoryEntry class to access the Windows Server 2003 ADS by LDAP.
After ~3000 successful requests I get an "The server is not operational" COMException (ErrorCode: -2147016646) when connecting or accessing a DirectoryEntry object. Resuming execution without doing anything else, the code will run for a few seconds to stop again raising the same error.
I figured out that there are thousands of TCP ports in waiting status. As a quick(!) fix I extended my LDAP function to avoid more than 100 open LDAP connections at the same time by reconnecting them (changing Path property):

        static private Int32 DirectoryEntryIndex = -1;
        static private DirectoryEntry[] DirectoryEntryList = new DirectoryEntry[100];

        static public DirectoryEntry GetDirectoryEntry(String ObjectString)
        {
            DirectoryEntryIndex++;
            if (DirectoryEntryIndex == 100)
                DirectoryEntryIndex = 0;

            if (DirectoryEntryList[DirectoryEntryIndex] == null)
                DirectoryEntryList[DirectoryEntryIndex] = new DirectoryEntry();

            if(ObjectString.StartsWith("LDAP://", StringComparison.OrdinalIgnoreCase))
                DirectoryEntryList[DirectoryEntryIndex].Path = ObjectString;
            else
                DirectoryEntryList[DirectoryEntryIndex].Path = GetDirectoryEntryStringWithDC(ObjectString);

            return DirectoryEntryList[DirectoryEntryIndex];
        }

But it doesn't them to work as it opens thousands of ports, too. I read about a solution using the NativeObject property here but didn't understand how to implement it.
Can anyone tell me how to solve this problem?

Thanks,
Renate

Other than attempting to DOS your Active Directory, what is it that you are actually trying to do?  Rather than fix this particular code, I think we may be able to suggest an alternative route.

---

Ryan Dunn
Extemporaneous Mumblings
The .NET Developer's Guide to Directory Services Programming

Actually, this function just adds the "LDAP://SERVER/" and the "DC=domain,DC=tld" and creates a connection to the ADS (and that's the only place where DirectoryEntry objects are created and connected). It is used by functions which add about 1000 users, 300 groups, add the users to some groups (~10 per user), adjust some properties etc. so that there are probably thousands of single LDAP requests.
To sum up, I'm trying to add users from an external database to the Active Directory using DirectoryEntry objects. All functions build a string (e.g. "CN=MyPerson,OU=TypeA,OU=Users"), call GetDirectoryEntry and use the returned DirectoryEntry to add children, modify properties etc.
"netstat -a", called when the COMException occurs, shows hundreds of open TCP ports which connect to the (local) LDAP server. It's only my guess that .NET runs out of free ports an throws an Exception.
The problem is: I have to execute this amount of LDAP requests but I don't know how to optimze it.

Thanks,
Renate

I don't think you showed the GetDirectoryEntryWithDC function.

Generally speaking, this type of problem can be hard to fix in SDS as the connection caching mechanism ADSI tries to use is totally hidden from you.  Essentially, it WILL try to use an open LDAP connection if you connect to the same server with the same credentials as a connection that is already open.  It looks like that is NOT happening for you for some reason.  :)

Sometimes you can fix this by opening a single DE object first and keeping it open for the duration of the program.  However, sometimes these problems are hard to fix.

We actually do have a whole topic on this in Ch 3 of the book, but it does not always result in getting the problem resolved, just understood a little better.

If you want to take total control, you can switch to SDS.Protocols.  You get your own LdapConnection object there that you can reuse to perform multiple requests on and basically never have this problem as long as you are careful to only open one.  However, you would have to rewrite all your code to go in this direction.

Thanks to you two, I think I got it working.
I added a DirectoryEntry object which is kept open. Then I figured out that changing the Path property instead of creating a new DirectoryEntry seems to be an additional reason for opening so many ports.
I don't really understand but it runs perfect now. ;)

Renate