| Directory Services |
The ldap_set_option function sets options on connection blocks. For more information about structures, see Data Structures.
ULONG ldap_set_option( LDAP* ld, int option, void* invalue );
If the function succeeds, the return value is LDAP_SUCCESS.
If the function fails, it returns an error code. For more information, see Return Values.
Call ldap_set_option to access the LDAP structure that represents an LDAP session. Do not attempt to modify the LDAP data structure directly.
For more information and a description of optional settings that apply to an LDAP session, see Session Options. For more information about flags, see DsGetDcName.
It is now possible to digitally sign or encrypt all of your LDAP traffic to and from a Windows 2000 LDAP server using the Kerberos authentication protocol. This new feature provides integrity and confidentiality required by some applications. Be aware that using Secure Sockets Layer (SSL) will give you the same benefits, but requires extensive certificate enrollments for the server and, sometimes, for the client.
To enable signing and sealing, you have to turn on one of the following options prior to calling ldap_bind_s with LDAP_AUTH_NEGOTIATE for the bind method.
#define LDAP_OPT_SIGN 0x95 #define LDAP_OPT_ENCRYPT 0x96
To turn off signing and sealing, close the connection by calling ldap_unbind() on the connection handle.
Multithreading: Calls to ldap_set_option are unsafe because it affects the connection as a whole. Use caution if threads share connections.
Client: Included in Windows XP and
Windows 2000 Professional.
Server: Included in Windows Server 2003 and
Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension
on Windows NT 4.0 SP6a and Windows 95/98/Me.
Header: Declared in Winldap.h.
Library: Use Wldap32.lib.
DsGetDcName, Functions, LDAP, ldap_get_option, Return Values, Setting Session Options