More of an architectural question really, but relates to using code in the DirectoryServices .NET namespace:

I know that we can use server binding using code like this:

DirectoryEntry GetDirectoryEntry(string str)


DirectoryEntry de = new DirectoryEntry();

de.AuthenticationType = (AuthenticationTypes.Secure | AuthenticationTypes.FastBind | AuthenticationTypes.ServerBind);

de.Path = str;

return de;


We have a web page that reads and saves data via DirectoryServices namespace and DirectoryEntry objects.

If you do not use the "ServerBind" AuthenticationTypes option, and you extend to 2 domain controllers hosting an Active Directory (which we are planning to do), when the page re-posts it may fetch data from the other domain controller , which will not have received the data update yet by replication. The page will obviously then reload data as if the save had not persisted. However the above code with "Serverbind" will never spread the load across the 2 servers.

How can you ensure that load balancing can occur if you are always binding to a particular server It is just a question of partitioning your web servers to use a particular server hosting the ActiveDirectory via configuration

Has anybody else managed these "pseudo-transactions" using Active Directory whilst still achieving a level of load spread across the Active Directory domain controllers

I believe an additional problem is that if we were to configure the Web Servers vertically above a particular DC hosting an AD (e.g. so WebServer1 uses ADServer1 and WebServer2 users ADServer2 and the ServerBind option), if we use SQL Server based session state you cannot guarentee that the post-backs (when you read back your saves you just made) will be from the same web server (I think !)

Many thanks for any suggestions!


Re: .NET Base Class Library Using DirectoryServices namespace on multiple domain controllers

Martin Xie - MSFT

You'll need to post it at for better responses.

Thank you Gary for your active participation!