Directory Services |
The ldap_sasl_bind is an asynchronous function that authenticates a client to the LDAP server using SASL.
ULONG ldap_sasl_bind( LDAP* ExternalHandle, const PCHAR DistName, const PCHAR AuthMechanism, const BERVAL* cred, PLDAPControlA* ServerCtrls, PLDAPControlA* ClientCtrls, int* MessageNumber );
If the function succeeds, the return value is LDAP_SUCCESS.
If the function fails, it returns an error code. For more information, see Return Values.
The ldap_sasl_bind routine binds to an LDAP server using the Simple Authentication and Security Layer (SASL) protocol. The bind operation identifies a client to the directory server by providing a distinguished name and some type of authentication credentials. The authentication method being used determines the particular type of credential, and is specified by the AuthMechanism argument. This is passed as a string in the form of "GSSAPI", "GSS-SPNEGO", "DIGEST-MD5", and so on. This function can be used to pass arbitrary credentials to the server, so the application must be ready to interpret the response sent back from the server.
Note The Microsoft LDAP client uses a default timeout value of 120 seconds (2 minutes) for each bind-response roundtrip. This timeout value can be changed using the LDAP_OPT_TIMELIMIT session option. Other operations do not have a timeout unless specified using ldap_set_option.
Client: Included in Windows XP and
Windows 2000 Professional.
Server: Included in Windows Server 2003 and
Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension
on Windows NT 4.0 SP6a and Windows 95/98/Me.
Unicode: Implemented as Unicode and ANSI versions on all
platforms.
Header: Declared in Winldap.h.
Library: Use Wldap32.lib.
Functions, Return Values, ldap_sasl_bind_s, ldap_bind_s, ldap_bind, ldap_simple_bind_s, ldap_simple_bind, SEC_WINNT_AUTH_IDENTITY