How the Delinea Windows API Relies on COM Interfaces

On Windows computers, the Delinea API supports the Component Object Model (COM) interface. The Component Object Model (COM) interface enables you to create objects that can interact with Active Directory or be used in other applications. These are re-usable objects that can provide access to all of the Delinea data stored in Active Directory. The objects can be used in any program written in .NET or COM-enabled languages. You can, therefore, create or modify applications to use these objects in COM-aware languages such as VBScript and PowerShell or .NET-compliant languages such as C#. The object model used to access the data is the same, but the specific syntax required depends on the programming language you choose to use.

The objects that make up the Delinea Windows API rely on the underlying interfaces provided by Microsoft’s Active Directory Service Interfaces (ADSI). ADSI provides the base-level functions that permit applications to read and write data in Active Directory. The purpose of the Delinea Windows API is to provide a higher level of abstraction for performing Delinea-specific tasks than would be available if you were to call ADSI functions directly.

The following figure illustrates how the Delinea Windows API provides a layer of abstraction between the raw ADSI functions and the Access Manager console and other applications.

The Active Directory schema defines how all of the objects and attributes in the database are stored. When you add Delinea data to the Active Directory database, how that data is stored depends on the Active Directory schema you have installed. The Delinea Windows API, however, provides a logical view of the data, eliminating the need to know the details of how data is stored in different schemas when performing common administrative tasks. The Delinea Windows API also provides a simpler interface for accessing the well-defined set of UNIX objects that must be operated on than that offered by the general purpose ADSI. In fact, when you perform administrative tasks with the Access Manager console MMC snap-in, the console uses the same Delinea Windows API objects documented in this guide to manipulate the data.

Therefore, with the Delinea Windows API and any commonly-used Windows programming language, you can write scripts or programs that perform a wide range of tasks using Delinea data, including programs that automatically create and manage Delinea zones or update user, group, or computer properties.

You can use ADSI directly instead of using the Delinea Windows API, if you prefer. For more detailed information about the objects and attributes used in Active Directory when different schemas are used, see Data Storage for Delinea Zones.