We are using ADAM to secure our application. ADAM is a lightweight Active Directory implementation that you can use as a security information repository. The ActiveDirectoryMembershipProvider in ASP.NET will work with ADAM as well as Active Directory so you can use it to secure your ASP.NET Web applications and WCF services.

Anyways... I wanted to add the creation of our ADAM application partition to our installer. I started searching for ways to programmatically do this and found an old (2004) article on Craig McMurtry's blog to do it. The article had some code but it was ActiveDS (ADSI COM API) code that made me shudder. Then I remembered the namespace that I had seen a few months ago called System.DirectoryServices.ActiveDirectory . Eureka! This namespace was introduced in .NET 2.0. There are a number of classes in there for programmatically working with AD and ADAM. Here is a sample...

DirectoryContext context = new DirectoryContext(DirectoryContextType.DirectoryServer, "myhost:389");

ApplicationPartition partition = new ApplicationPartition(context, "CN=myapp,DC=mydomain,DC=local", "container");

partition.Save();

The code above is only an excerpt. There are a number of exceptions that can be thrown here so please RTFM.
 
One thing I noticed is that I could only get this to work with partition names that contained domain components (DC=*). For example, if you try to create an application partition with the distinguished name of "O=MyOrg" the ApplicationPartition ctor will throw an ArgumentException stating the distinguished name is invalid. The ADAM instance installer allows you to do this, however, so I don't know why this is invalid via the object model.