To fill out the trio of my System.DirectoryServices resource postings, I wanted to point you to an excellent MSDN Magazine article, "Look it Up: Managing Directory Security Principals in the .NET Framework 3.5," to learn about the System.DirectoryServices.AccountManagement namespace which is available in the .NET Framework 3.5. To whet your appetite, the authors, Joe Kaplan and Ethan Wilansky, state:
"This new namespace has three primary goals: to simplify principal management operations across the three directory platforms [Active Directory Domain Services (AD DS), Active Directory Lightweight Directory Services (AD LDS, formerly named ADAM) and the local Security Account Manager (SAM)], to make principal management operations consistent regardless of the underlying directory, and to provide reliable results for these operations so you are not required to know each and every one of the caveats and special cases.
By waiting a few years for the .NET landscape to gel, Microsoft has actually outdone its previous work in ADSI by providing an even better API for these features that takes advantage of .NET capabilities while also providing much better support for new directory platforms such as AD LDS."
Whereas SDS.P is for the pedal-to-metal LDAP developer and SDS.AD is for managing Active Directory components, SDS.AM is for the developer that needs to work with security principals, creating user accounts and groups, managing group memberships, simplified searching and more - this namespace is for you. A code sample accompanies the article so you can get right to work.
Other resource links: